Tuesday, August 15, 2023

Millions of Americans' health data stolen after MOVEit hackers targeted IBM | TechCrunch

Millions of Americans had their sensitive medical and health information stolen after hackers exploited a zero-day vulnerability in the widely used MOVEit file transfer software raided systems operated by tech giant IBM.

In a data breach notification to those affected, Colorado’s HCPF said that the data was compromised because IBM, one of the state’s vendors, “uses the MOVEit application to move HCPF data files in the normal course of business."

logo
Publisher: TechCrunch
Date: 2023-08-14T14:35:36 00:00
Author: Carly Page
Twitter: @TechCrunch
Reference: (Read more) Visit Source



North Korean Hackers Suspected in New Wave of Malicious npm Packages

"Due to the sophisticated nature of the attack and the small number of affected packages, we suspect this is another highly targeted attack, likely with a social engineering aspect involved in order to get targets to install these packages," the company said .

The malware then pings and waits for further instructions every 45 seconds, which are subsequently decoded and executed.

logo
Publisher: The Hacker News
Author: https www facebook com thehackernews
Twitter: @TheHackersNews
Reference: (Read more) Visit Source



Lapsus$ hackers took SIM-swapping attacks to the next level

The U.S. government released a report after analyzing simple techniques, e.g. SIM swapping, used by the Lapsus$ extortion group to breach dozens of organizations with a strong security posture.

Lapsus$ is described as a loosely-organized group formed mainly of teenagers, with members in the U.K. and Brazil that acted between 2021 and 2022 for notoriety, financial gain, or for fun. However, they also combined techniques of various complexity with “flashes of creativity.

Publisher: BleepingComputer
Twitter: @BleepinComputer
Reference: (Read more) Visit Source



Bugs in transportation app Moovit gave hackers free rides | TechCrunch

Hackers could have hijacked the user accounts of a popular transportation app and used them to get free rides and access people's personal information, according to a security researcher.

This whole chain of exploits could have been performed without the target ever finding out, apart from seeing unwanted charges on their credit card. Attias called it "the perfect attack."

logo
Publisher: TechCrunch
Date: 2023-08-13T20:30:09 00:00
Author: Lorenzo Franceschi Bicchierai
Twitter: @TechCrunch
Reference: (Read more) Visit Source



No comments:

Post a Comment

Popular Posts