Cybersecurity News


45M Medical Imaging Files Left Accessible Online

A range of medical images, including X-rays and CT scans, were exposed on more than 2,140 unprotected servers, researchers report.
15 December 2020

Nowhere to Hide: Don't Let Your Guard Down This Holiday Season

Nowhere to Hide: Don't Let Your Guard Down This Holiday Season Harden your defenses to ensure that your holiday downtime doesn't become an open door for cyber threats.
15 December 2020

SolarWinds Hack Could Affect 18K Customers

The still-unfolding breach at network management software firm SolarWinds may have resulted in malicious code being pushed to nearly 18,000 customers, the company said in a legal filing on Monday. Meanwhile, Microsoft should soon have some idea which and how many SolarWinds customers were affected, as it recently took possession of a key domain name used by the intruders to control infected systems.
15 December 2020

45 Million Medical Images Left Exposed Online

45 Million Medical Images Left Exposed Online A six-month investigation by CybelAngel discovered unsecured sensitive patient data available for third parties to access for blackmail, fraud or other nefarious purposes.
15 December 2020

Agent Tesla Keylogger Gets Data Theft and Targeting Update

Agent Tesla Keylogger Gets Data Theft and Targeting Update The infamous keylogger has shifted its targeting tactics and now collects stored credentials for less-popular web browsers and email clients.
15 December 2020

Millions of Unpatched IoT, OT Devices Threaten Critical Infrastructure

Millions of Unpatched IoT, OT Devices Threaten Critical Infrastructure Industrial, factory and medical gear remain largely unpatched when it comes to the URGENT/11 and CDPwn groups of vulnerabilities.
15 December 2020

The Private Sector Needs a Cybersecurity Transformation

Cybersecurity must get to the point where it's equated with actually stopping an attack by identifying the methods the bad guys use and taking those methods away.
15 December 2020

Ransomware and IP Theft: Top COVID-19 Healthcare Security Scares

Ransomware and IP Theft: Top COVID-19 Healthcare Security Scares From ransomware attacks that crippled hospitals, to espionage attacks targeting COVID-19 vaccine supply chain, Beau Woods discusses the top healthcare security risks.
15 December 2020

Academics turn RAM into WiFi cards to steal data from air-gapped systems

AIR-FI technique can send stolen data at speeds of up to 100 b/s to WiFi receivers at a distance of a few meters.
15 December 2020

Pornhub suspends over 10 million videos to eradicate illegal content

Roughly 13.5 million videos hosted on Pornhub are now reduced to only 2.9 million.
15 December 2020

18,000 Organizations Possibly Compromised in Massive Supply-Chain Cyberattack

Nation-state attackers used poisoned SolarWinds network management software updates to distribute malware; US government orders federal civilian agencies to immediately power down the technology.
14 December 2020

Spotify Changes Passwords After Another Data Breach

Spotify Changes Passwords After Another Data Breach This is the third breach in the past few weeks for the world’s most popular streaming service.
14 December 2020

Ex-Cisco Employee Convicted for Deleting 16K Webex Accounts

Ex-Cisco Employee Convicted for Deleting 16K Webex Accounts The insider threat will go to jail for two years after compromising Cisco's cloud infrastructure.
14 December 2020

DHS Among Those Hit in Sophisticated Cyberattack by Foreign Adversaries – Report

DHS Among Those Hit in Sophisticated Cyberattack by Foreign Adversaries – Report The attack was mounted via SolarWinds Orion, in a manual and targeted supply-chain effort.
14 December 2020

Microsoft Office 365 Credentials Under Attack By Fax ‘Alert’ Emails

Microsoft Office 365 Credentials Under Attack By Fax ‘Alert’ Emails Emails from legitimate, compromised accounts are being sent to numerous enterprise employees with the aim of stealing their O365 credentials.
14 December 2020

2021 Security Budgets: Top Priorities, New Realities

2021 Security Budgets: Top Priorities, New Realities An unprecedented 2020 has shaken up security leaders' usual list of must-have technologies. What's on the horizon? They share with us their spending plans for 2021.
14 December 2020

SEC filings: SolarWinds says 18,000 customers were impacted by recent hack

In SEC documents filed today, SolarWinds said it notified 33,000 customers of its recent hack, but that only 18,000 used a trojanized version of its Orion platform.
14 December 2020

New Windows Trojan Steals Browser Credentials, Outlook Files

New Windows Trojan Steals Browser Credentials, Outlook Files The newly discovered Python-based malware family targets the Outlook processes, and browser credentials, of Microsoft Windows victims.
14 December 2020

U.S. Treasury, Commerce Depts. Hacked Through SolarWinds Compromise

Communications at the U.S. Treasury and Commerce Departments were reportedly compromised by a supply chain attack on SolarWinds, a security vendor that helps the federal government and a range of Fortune 500 companies monitor the health of their IT networks. Given the breadth of the company's customer base, experts say the incident may be just the first of many such disclosures.
14 December 2020

Startups Should Do Things That Don't Scale, but Security Isn't One of Them

Emerging businesses that don't embrace scalable security do so at their own peril.
14 December 2020