A Russian botnet group called Prometei is exploiting unpatched Microsoft Exchange Server vulnerabilities to mine cryptocurrency across the world, a new report by security firm Cybereason finds.
Rapid7 has acquired Velociraptor, an open-source endpoint-monitoring organization and community that will continue to operate as a stand-alone entity while the security firm adopts some of its technology. Meanwhile, Zscaler had announced a deal to buy Trustdome.
An advanced persistent threat group gained long-term access to an unnamed entity's network through its Ivanti Pulse Secure VPN and SolarWinds' Orion server and then installed Supernova malware, according to the U.S. Cybersecurity and Infrastructure Security Agency.
Has the CEO of inaccessible Turkish cryptocurrency exchange Thodex exit-scammed, fleeing the country with $2 billion worth of his customers' assets? So say critics, and police have launched an investigation. But the CEO, Faruk Fatih Ozer, who's in Albania, has vowed to clear his name and restore users' funds.
The latest edition of the ISMG Security Report features an analysis of ransomware gang REvil’s threat to release stolen Apple device blueprints unless it receives a massive payoff. Also featured: discussions of the importance of a “shift left” strategy and efforts to secure cryptocurrencies.
The American College of Emergency Physicians says a "malware" attack affected tens of thousands of the group's current and former members as well as members of three other emergency medical professional organizations.
The Justice Department is creating a task force to tackle the growing threat of ransomware and related extortion schemes. The new group will target the "ransomware criminal ecosystem as a whole," which means prosecuting those behind the attacks as well as those who launder money that's extorted.
Joker malware has targeted more than 500,000 Android devices across the world through malicious apps in AppGallery, the official app store of Huawei, according to the security firm Doctor Web.
The REvil - aka Sodinokibi - ransomware gang is threatening to release stolen Apple device blueprints unless it receives a massive payoff. The extortion threat - with a reported $50 million opening demand - was unveiled hours before Apple made a series of major new product announcements.
SonicWall has patched three zero-day vulnerabilities in the hosted and on-premises versions of its Email Security product after attackers began exploiting them last month. Attackers can exploit the flaws to access email and pivot deeper into organizations' systems, FireEye Mandiant reports.
The U.S. Cybersecurity and Infrastructure Security Agency, Ivanti and FireEye report that federal agencies and other entities have been compromised by two attack groups, with one possibly acting on behalf of the Chinese government. The groups are exploiting vulnerabilities in Ivanti's Pulse Connect Secure.
Given the surge in the use of telehealth during the COVID-19 pandemic - and expectations for continued growth - the Healthcare and Public Health Sector Coordinating Council has unveiled guidance on safeguarding patient data during remote care encounters.
About 70 major health data breaches have been added to the federal tally in the last four weeks as ransomware attacks have persisted and breaches at vendors have affected clients.
A Ukrainian national who admitted to working as a system administrator and IT manager for the notorious FIN7 cybercriminal gang, which has been involved in the theft of millions of payment cards, has been sentenced to 10 years in federal prison.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.