The stolen data includes raw genotype data, health reports, and information from DNA Relatives and Family Tree profiles, potentially exposing personal and ancestral information of affected customers.
3rd Party Risk Management , Application Security , Governance & Risk Management HHS: Compromise at Large Pharma Software and Services Firm Puts Entities at Risk Marianne Kolbasuk McGee (HealthInfoSec) • January 25, 2024 Federal authorities warn that a self-hosted version of remote access product ScreenConnect from ConnectWise was compromised in 2023 at a […]
The vulnerability, tracked as CVE-2023-6933, allows unauthenticated attackers to inject a PHP object, potentially leading to code execution, data access, file manipulation, or denial of service.
An ongoing campaign of malicious ads has been targeting Chinese-speaking users with lures for popular messaging applications such as Telegram or LINE with the intent of dropping malware. Interestingly, software like Telegram is heavily restricted and was previously banned in China. Many Google services, including Google search, are also either restricted or heavily censored in […]
NZ spinner pays tribute to the innovators of the past New Zealand’s James Barrett makes superbly crunchy, musclebound but nuanced techno under the name Keepsakes, as well as running the prolific Haven label. To help celebrate the release of his five track ‘Blunt Clout Trauma’ 12″ for Oaks, he’s created a vinyl only mix paying […]
Jan 25, 2024NewsroomFileless Malware / Endpoint Security Cybersecurity researchers have uncovered an updated version of a backdoor called LODEINFO that’s distributed via spear-phishing attacks. The findings come from Japanese company ITOCHU Cyber & Intelligence, which said the malware “has been updated with new features, as well as changes to the anti-analysis (analysis avoidance) techniques.” LODEINFO […]
Medieval castles stood as impregnable fortresses for centuries, thanks to their meticulous design. Fast forward to the digital age, and this medieval wisdom still echoes in cybersecurity. Like castles with strategic layouts to withstand attacks, the Defense-in-Depth strategy is the modern counterpart — a multi-layered approach with strategic redundancy and a blend of passive and […]
Multiple local governments are dealing with cyberattacks, including ransomware incidents, this week, causing outages and problems for county hospitals, libraries and other local services. Bucks County, Pennsylvania — home to nearly 650,000 people — said on Wednesday that it is still grappling with a cybersecurity incident that has knocked out the Emergency Communications’ Department’s computer-aided […]
The code embedded inside devices that bridges interactions between hardware and software is frequently exposed to security vulnerabilities, but lawmakers and federal officials have not paid enough attention to them, a national security think tank analysis argues. The report, released Wednesday by the Foundation for Defense of Democracies, contends that firmware vulnerabilities remain largely unaddressed, […]