Cyber Insurance , Fraud Management & Cybercrime , Governance & Risk Management No Word Yet on Hospital Chain’s Cyber Insurance Claim, Multiple Lawsuits Pending Marianne Kolbasuk McGee (HealthInfoSec) • September 25, 2023 Image: CommonSpirit Chicago-based CommonSpirit is still waiting to hear back on its insurance claim for an October 2022 ransomware attack, but […]
The ZeroFont phishing technique exploits flaws in AI and natural language processing systems to insert hidden words or characters in emails, evading security filters and tricking recipients.
After months of hiatus, Xenomorph is back targeting thousands of banking customers across multiple countries. According to research by ThreatFabric, the campaign has been active since August and attackers are using a new variant of the Android malware that adds overlays for multiple crypto wallets, and targets over 30 banking institutions in the U.S. and […]
The infamous ALPHV ransomware group, also recognized as Black Cat hacker collective, has revealed the list of its latest victims. With a growing list of compromised entities, the group has lately honed in on three fresh targets in its most recent targeted attacks. In this latest series of cyber attacks, Clarion, Phil-Data Business Systems Inc, […]
Sep 26, 2023THNEndpoint Security / Password Microsoft is officially rolling out support for passkeys in Windows 11 today as part of a major update to the desktop operating system. The feature allows users to login to websites and applications without having to provide a username and password, instead relying on their device PIN or biometric […]
Smishing Triad Stretches Its Tentacles into the United Arab Emirates Pierluigi Paganini September 26, 2023 Resecurity research found that the ‘Smishing Triad’ cybercrime group has expanded its phishing campaign into the United Arab Emirates (UAE). Resecurity research recently found that ‘Smishing Triad,’ a group specializing in phishing scams conducted via SMS (smishing attacks), has expanded […]
Ontario’s government-funded birth registry has confirmed a data breach affecting some 3.4 million people who sought pregnancy care, including the personal health data of close to two million newborns and children across the Canadian province. BORN Ontario said in a statement on Monday that hackers copied more than a decade’s worth of data including fertility, […]
Cybersecurity experts have shed light on a new cybercrime group known as ShadowSyndicate (formerly Infra Storm) that may have leveraged as many as seven different ransomware families over the past year. “ShadowSyndicate is a threat actor that works with various ransomware groups and affiliates of ransomware programs,” Group-IB and Bridewell said in a new joint […]
The flaw, CVE-2023-32315, allows attackers to bypass authentication and create new admin accounts, enabling them to install malicious Java plugins and execute arbitrary code on compromised servers.