Apple pushed out an emergency security update for two critical zero-day flaws that attackers are using to carry out memory corruption attacks on iPhone and iPad devices. The tech giant's latest patch addressed its third zero-day vulnerability this year.
South Korean intelligence service officials have blamed North Korean hackers for targeting the country's semiconductor manufacturing companies. Hackers who gain access to chip-making technology and product designs could hurt South Korea’s leadership in the semiconductor industry.
As the fallout continues in the Change Healthcare IT outage, the U.S. healthcare ecosystem is anticipating the next bombs to drop in what's shaping up to be the worst cyberattack the sector has experienced so far. What should entities be considering as they push forward in the recovery?
Phishing attacks often feel like an unrelenting tsunami, flooding your organisation with a never-ending deluge of threats.
Traditional methods for analysing and mitigating phishing attacks are manual, repetitive and error-prone. These workflows slow the speed at which you can mitigate a spear-phishing attack and...
With nearly 350 billion emails sent every day, many containing sensitive data and plans, it's a worrying fact that more than 90% of all successful cyber-attacks start with a phishing email.
The widespread use of LLMs has enabled cyber-criminals to launch sophisticated phishing attacks at scale, which evade...
Hornetsecurity purchased French email security vendor Vade to expand its geographic footprint and protection capabilities around Microsoft 365 for small and midsized businesses. The acquisition of Vade will allow the joint company to have a strong presence in Europe's two most important markets.
The Treasury Department announced sanctions against Intellexa, the maker of a popular package of spyware tools and technologies known as Predator that has been used to target U.S. officials, journalists and policy experts, according to a news release on Tuesday.
German Minister of Defense Boris Pistorius on Tuesday said the recent leak of intercepted military data was the result of an "application error" and not caused by a system compromise by Russian hackers. Pistorius also said the country is continuing to examine the incident further.
The administrators of the BlackCat ransomware-as-a-service group claim law enforcement has shut down their operation. But experts and affiliates accuse the group's leadership of running an exit scam on the heels of a $22 million ransom payment by a recent victim - Optum's Change Healthcare unit.
The healthcare sector should have plenty of experience responding to data security incidents and breaches, especially in light of the record number of breaches reported last year. But when leaders are dealing with an incident, response plans can go awry. Experts offer tips for avoiding mishaps.
Researchers have created a zero-click, self-spreading worm that can steal personal data through applications that use chatbots powered by generative artificial intelligence. Dubbed Morris II, the malware uses a prompt injection attack vector to trick AI-powered email assistant apps.
A cyber threat actor is shifting tactics from conventional malware delivery to a targeted focus on acquiring NT LAN Manager authentication information to potentially collect sensitive data and perform other malicious actions. The campaigns have targeted hundreds of organizations globally.
German police say they arrested operators behind one of the largest cybercrime underground marketplaces in the country and seized its domains as part of a two-year-long investigation into the group. Police arrested three suspected operators of the platform, including the alleged site admin.
Two weeks into a major cyberattack-induced outage at its Change Healthcare business, UnitedHealth Group is offering short-term financial aid to some healthcare providers whose cash flows may be running short because of the disruption in insurance payments. But not everyone is impressed.
The rapid rise of artificial intelligence technologies poses new risks. Enterprises using AI must regularly scan for prompt injection attacks, implement transparency in the supply chain and reinforce built-in software controls to serve their company's security needs, Microsoft said.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.