The Clop ransomware-as-a-service gang said it's the actor behind a spate of hacks taking advantage of a vulnerability in Progress Software's MOVEit managed file transfer application. "We download alot [sic] of your data as part of exceptional exploit," the gang's dark web leak site says.
Ukrainian cyber defenders say they've identified a cyberespionage campaign active since mid-2022 that gained unauthorized access to "several dozen" computers. A government spokesperson said Tuesday the campaign targets government agencies and media organizations.
The Federal Trade Commission has filed an amended complaint against Kochava, as allowed by a federal judge who last month dismissed the agency's first shot at a lawsuit seeking to permanently stop the data analytics firm from selling geolocation data collected from mobile devices.
Pretexting incidents, a social engineering technique that manipulates victims into divulging information, have nearly doubled, representing 50% of all social engineering attacks, according to Verizon's 2023 Data Breach Investigations Report, which analyzed more than 16,312 security incidents.
Criminals are continuing to wield stolen credentials, compromise attacks, ransomware and social engineering to earn an illicit payday, according to Verizon's latest annual analysis of data breaches and how they happened, which finds that post-ransomware cleanup costs are rising.
In this episode of "Cybersecurity Insights," Antoinette Hodes of Check Point Research discusses the need to consolidate an organization's cybersecurity posture, gain visibility into OT and IT assets, and use cybersecurity education to increase worker safety.
Cisco took its first major step toward realizing its secure cloud vision in April with the debut of a new extended detection and response platform. The next set of enhancements around generative AI, secure access and defending applications across multiple clouds debuted Tuesday at Cisco Live 2023.
Microsoft will pay $20 million to settle a U.S. federal investigation into whether the computing giant violated children's privacy protections during the Xbox Live registration process. The Federal Trade Commission accused the company of a slew of infractions.
Federal regulators have once again smacked a healthcare provider with a HIPAA settlement involving patient protected health information that was disclosed in response to a negative online review. Manasa Health Center will pay $30,000 and implement a corrective action plan, HHS said.
The Iowa Department of Health and Human Services has reported to federal regulators its third major health data breach involving a vendor since April. This time, Iowa HHS/Medicaid says the data of nearly 234,000 individuals was compromised in a mega hack recently reported by MCNA Insurance Co.
Microsoft says an affiliate of the Russian-speaking Clop ransomware gang is behind a rash of attacks exploiting a recently patched vulnerability in Progress Software's MOVEit application. Known victims include British payroll provider Zellis, which says eight corporate customers were affected.
Despite the beating new publicly traded security companies have taken during the economic downturn, Rubrik is looking to test its luck in the public market. Reuters reported Monday the firm is working with Goldman Sachs, Barclays and Citigroup in preparation for an IPO that could take place in 2024.
In this episode of "Cybersecurity Insights," Lonnie Price of Peraton discusses the importance of partnerships between the public and private sectors to help Ukrainians with the war effort. He also shares how we can become better educated and more efficient as cyber defenders.
Microsoft is warning investors it may receive a fine from European privacy regulators adding up to at least hundreds of millions of dollars over targeted advertising on its LinkedIn social network. European authorities have shown increased willingness to use the GDPR to limit targeted advertising.