The Information Highway

The Information Highway

Security
all things technology risk and cybersecurity
Bill Toulas

MCNA Dental data breach impacts 8.9 million people after ransomware attack

MCNA Dental data breach impacts 8.9 million people after ransomware attack
Managed Care of North America (MCNA) Dental has published a data breach notification on its website, informing almost 9 million patients that their personal data were compromised.
Continue reading
0
Tags:
Jimbos Protocol Arbitrum-based DeFi project flash loan attack 4000 ETH tokens Twitter yesterday
  1094 Hits
0 Comments
Bill Toulas

Lazarus hackers target Windows IIS web servers for initial access

Lazarus hackers target Windows IIS web servers for initial access
The notorious North Korean state-backed hackers, known as the Lazarus Group, are now targeting vulnerable Windows Internet Information Services (IIS) web servers to gain initial access to corporate networks.
Continue reading
0
  1105 Hits
0 Comments
Lawrence Abrams

Clever ‘File Archiver In The Browser’ phishing trick uses ZIP domains

Clever ‘File Archiver In The Browser’ phishing trick uses ZIP domains
A new 'File Archivers in the Browser' phishing kit abuses ZIP domains by displaying fake WinRAR or Windows File Explorer windows in the browser to convince users to launch malicious files.
Continue reading
0
  1134 Hits
0 Comments
Sergiu Gatlan

CISA warns govt agencies of recently patched Barracuda zero-day

CISA warns govt agencies of recently patched Barracuda zero-day
CISA warned of a recently patched zero-day vulnerability exploited last week to hack into Barracuda Email Security Gateway (ESG) appliances.
Continue reading
0
  1017 Hits
0 Comments
Lawrence Abrams

QBot malware abuses Windows WordPad EXE to infect devices

QBot malware abuses Windows WordPad EXE to infect devices
The QBot malware operation has started to abuse a DLL hijacking flaw in the Windows 10 WordPad program to infect computers, using the legitimate program to evade detection by security software.
Continue reading
0
  1042 Hits
0 Comments
Bill Toulas

Hot Pixels attack checks CPU temp, power changes to steal data

Hot Pixels attack checks CPU temp, power changes to steal data
A team of researchers at Georgia Tech, the University of Michigan, and Ruhr University Bochum have developed a novel attack called "Hot Pixels," which can retrieve pixels from the content displayed in the target's browser and infer the navigation history.
Continue reading
0
  1098 Hits
0 Comments
Bill Toulas

IT employee impersonates ransomware gang to extort employer

IT employee impersonates ransomware gang to extort employer
A 28-year-old United Kingdom man from Fleetwood, Hertfordshire, has been convicted of unauthorized computer access with criminal intent and blackmailing his employer.
Continue reading
0
  1103 Hits
0 Comments
Bill Toulas

Cuba ransomware claims cyberattack on Philadelphia Inquirer

Cuba ransomware claims cyberattack on Philadelphia Inquirer
The Cuba ransomware gang has claimed responsibility for this month's cyberattack on The Philadelphia Inquirer, which temporarily disrupted the newspaper's distribution and disrupted some business operations.
Continue reading
0
  1084 Hits
0 Comments
Lawrence Abrams

New ZIP domains spark debate among cybersecurity experts

New ZIP domains spark debate among cybersecurity experts
Cybersecurity researchers and IT admins have raised concerns over Google's new ZIP and MOV Internet domains, warning that threat actors could use them for phishing attacks and malware delivery.
Continue reading
0
  1074 Hits
0 Comments
Bill Toulas

Hackers use Azure Serial Console for stealthy access to VMs

Hackers use Azure Serial Console for stealthy access to VMs
A financially motivated cybergang tracked by Mandiant as 'UNC3944' is using phishing and SIM swapping attacks to hijack Microsoft Azure admin accounts and gain access to virtual machines.
Continue reading
0
  1083 Hits
0 Comments
Bill Toulas

Ransomware gang steals data of 5.8 million PharMerica patients

Ransomware gang steals data of 5.8 million PharMerica patients
Pharmacy services provider PharMerica has disclosed a massive data breach impacting over 5.8 million patients, exposing their medical data to hackers.
Continue reading
0
  1090 Hits
0 Comments
Bill Toulas

Hackers use public exploit to attack vulnerable WordPress sites

Hackers use public exploit to attack vulnerable WordPress sites
Hackers are actively exploiting a recently fixed vulnerability in the WordPress Advanced Custom Fields plugin roughly 24 hours after a proof-of-concept (PoC) exploit was made public.
Continue reading
0
  1025 Hits
0 Comments
Sergiu Gatlan

Capita warns customers they should assume data was stolen

Capita warns customers they should assume data was stolen
Business process outsourcing firm Capita is warning customers to assume that their data was stolen in a cyberattack that affected its systems in early April.
Continue reading
0
  1200 Hits
0 Comments
Sergiu Gatlan

Discord discloses data breach after support agent got hacked

Discord discloses data breach after support agent got hacked
Discord is notifying users of a data breach that occurred after the account of a third-party support agent was compromised.
Continue reading
0
  1082 Hits
0 Comments
Bill Toulas

Toyota: Car location data of 2 million customers exposed for ten years

Toyota: Car location data of 2 million customers exposed for ten years
Toyota Motor Corporation disclosed a data breach on its cloud environment that exposed the car-location information of 2,150,000 customers for ten years, between November 6, 2013, and April 17, 2023.
Continue reading
0
  1083 Hits
0 Comments
Bill Toulas

Capita confirms hackers stole data in recent cyberattack

Capita confirms hackers stole data in recent cyberattack
London-based professional outsourcing giant Capita has published an update on the cyber-incident that impacted it at the start of the month, now admitting that hackers exfiltrated data from its systems.
Continue reading
0
  1267 Hits
0 Comments
Sergiu Gatlan

CISA warns of Android bug exploited by Chinese app to spy on users

CISA warns of Android bug exploited by Chinese app to spy on users
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned today of a high-severity Android vulnerability believed to have been exploited by a Chinese e-commerce app Pinduoduo as a zero-day to spy on its users.
Continue reading
0
  1114 Hits
0 Comments
Lawrence Abrams

NCR suffers Aloha POS outage after BlackCat ransomware attack

NCR suffers Aloha POS outage after BlackCat ransomware attack
NCR is suffering an outage on its Aloha point of sale platform after being hit by an ransomware attack claimed by the BlackCat/ALPHV gang.
Continue reading
0
  1191 Hits
0 Comments
Bill Toulas

Android malware infiltrates 60 Google Play apps with 100M installs

Android malware infiltrates 60 Google Play apps with 100M installs
A new Android malware named 'Goldoson' has infiltrated Google Play through 60 legitimate apps that collectively have 100 million downloads.
Continue reading
0
  1080 Hits
0 Comments
Sergiu Gatlan

Western Digital struggles to fix massive My Cloud outage, offers workaround

Western Digital struggles to fix massive My Cloud outage, offers workaround
On Friday, five days into a massive outage impacting its cloud services, Western Digital finally provided customers with a workaround to access their files.
Continue reading
0
  1095 Hits
0 Comments

Top Breaches Of 2023

Customers Affected In T-Mobile Breach
Accounts Affected In MOVEit Breach
Customers Affected In MCNA Insurance Data Breach
Individuals Affected In PharMerica Data Breach
Users Affected In ChatGPT Major Data Breach
*Founder Shield End of Year 2023