Category: security
VeriSource bumps up potential victim count of data breach to 4 million
VeriSource started sending out data breach notification letters and reported the February 2024 incident to Maine’s AG It now says the number of victims is four million, up from the initial 55,000 Names, addresses, and SSNs were grabbed in the attack Four million people may have had their sensitive data…
Read More
Hitachi Vantara takes down important systems following Akira ransomware attack
Hitachi Vantara, a subsidiary of Hitachi, confirmed suffering a ransomware attack Working to restore its services, it had to shut down parts of its infrastructure, affecting many clients and services The media say this is the work of the Akira ransomware operation Hitachi Vantara was forced to pull parts of…
Read More
Thousands of businesses at risk worldwide as new data exfiltration technique uncovered – here’s what you need to know
Browsers are the new frontline, but today’s DLP can’t see the real threats Data Splicing Attacks break through enterprise browser security Angry Magpie reveals how fragile the current DLP architecture is in a browser-first world A newly uncovered data exfiltration technique known as Data Splicing Attacks could place thousands of…
Read More
DragonForce ransomware group evolves new cartel business model
DragonForce is selling its ransomware as a service that can be rebranded The group will handle malware development, leak sites, and more RaaS democratizes malware – as if AI hadn’t done enough damage Inspired by drug gangs, ransomware group DragonForce is bringing a new business model to the ransomware scene,…
Read More
Medical software company database may have exposed tens of thousands of health records and PII
A breach has impacted thousands of Carolina Anesthesiology PA patients Sensitive health information and patient data was exposed This leaves anyone affected at risk of identity theft or social engineering Security researcher Jeremiah Fowler has discovered a non password-protected database, believed to be owned by Carolina Anesthesiology PA – a…
Read More
WooCommerce phishing campaign uses fake patch to lure victims into installing backdoors
Patchstack spotted a new phishing campaign targeting WooCommerce users The email warns the users about a “critical vulnerability” that must be fixed The “fix” is actually malware that creates a rogue admin account and drops stage-two malware If you are a WooCommerce user, pay attention, since there is a new…
Read More