The OpenWrt Project, an open-source initiative providing a Linux-based operating system for embedded devices, has pushed a critical patch to cover flaws that expose its firmware update server to malicious exploitation. The vulnerability, tracked as CVE-2024-54143, affects the OpenWrt sysupgrade server and exposes users to potential risks of installing compromised firmware images. An OpenWrt bulletin […]
Medical devices company Artivion on Monday disclosed a ransomware attack that knocked some of its systems offline, causing disruption to order and shipping processes. Headquartered in Atlanta, Georgia, Artivion manufactures and distributes aortic-centric cardiac and vascular medical products, including mechanical human heart valves, implantable cardiac and vascular human tissues, stent grafts, and surgical sealants. The […]
Taiwan-based QNAP Systems over the weekend announced patches for multiple QTS and QuTS Hero vulnerabilities demonstrated at the Pwn2Own Ireland 2024 hacking contest. At Pwn2Own, participants earned tens of thousands of dollars for QNAP product exploits, and one entry even earned white hat hackers $100,000, but it involved chaining not only QNAP but also TrueNAS […]
The ransomware attack that hit Blue Yonder last month may have also involved the theft of a significant amount of files. Arizona-based Blue Yonder, whose supply chain management software is used by major companies in the US and elsewhere, revealed on November 21 that its managed services hosted environment had been experiencing disruptions due to […]
Deloitte has issued a statement in response to a ransomware group’s claims regarding the theft of a significant amount of information belonging to the company. The ransomware group calling itself Brain Cipher listed Deloitte UK on its Tor-based website last week, claiming to have obtained over one terabyte of data (they claim this is the […]
Belgian and Dutch authorities announced the arrest of eight individuals suspected of participating in a fraud scheme that included phishing, online scams, money laundering, and other illegal activities. On December 3, as part of an investigation started in 2022, law enforcement agencies in the two countries conducted 17 searches and seized electronic devices, cash, luxury […]
Anna Jaques Hospital is notifying over 316,000 individuals that their personal information was compromised in a December 2023 data breach. The incident was identified on Christmas day last year and resulted in the hospital diverting patients from its emergency rooms after its health record system was shut down. Anna Jaques initially disclosed the data breach […]
The European Union said Friday it sent TikTok an urgent request for more information about Romanian intelligence files suggesting that Moscow coordinated influencers on its platform to promote an election candidate who became the surprise front-runner in the nation’s presidential election. The 27-nation bloc’s executive branch is using its sweeping digital rulebook to scrutinize the […]
SecurityWeek’s cybersecurity news roundup provides a concise compilation of noteworthy stories that might have slipped under the radar. We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape. Each week, we curate and present a collection of noteworthy developments, […]
Data privacy and AI governance platform provider Ethyca on Thursday announced raising $10 million in a funding round that brings the total raised by the company to over $37 million. Led by Aspenwood Ventures and AVP, the investment round was completed shortly after the company added Axios, Mozilla, Ramp, and Remitly to its customer list. […]