Updates

Fake AI Photo Editor Scam Exposed

Cybercriminals are targeting social media users by hijacking pages and rebranding them to mimic popular AI photo editors. They post malicious links leading victims to download ITarian software, disguised as a photo editor, which grants them remote access to the victim’s devices. This access allows attackers to steal sensitive information …

Read More

Phishing Targets OneDrive Users Globally

A sophisticated phishing campaign is targeting Microsoft OneDrive users, aiming to trick them into executing a malicious PowerShell script. The attack begins with an email containing an .html file that simulates a OneDrive error page. The fake page urges users to fix a DNS issue by following specific steps. If …

Read More

Healthcare Data Security Faces Serious Threats

Healthcare organizations are vulnerable to data breaches due to insecure file-sharing practices. Metomic reports that 25% of publicly shared files and 68% of private files shared externally contain Personal Identifiable Information (PII). 77% of private files shared internally hold sensitive data. Failing to update or remove access permissions leaves organizations …

Read More

AI Cuts Data Breach Costs

IBM’s 2024 Cost of a Data Breach Report shows a 10% rise in the global average cost of breaches, now at $4.88 million. However, organizations using AI and automation saved $2.2 million on average, highlighting the financial benefits of these technologies. As breaches grow more disruptive, AI plays a crucial …

Read More

Fortune 50 Firm Pays Dark Angels Record $75M Ransom

A Fortune 50 company paid $75 million to the Dark Angels ransomware group, setting a new record for ransom payments. Zscaler ThreatLabz revealed massive payout, which broke the previous record of $40 million held by CNA. The company hasn’t been officially named, many speculate it’s Cencora, a pharmaceutical giant hit …

Read More

PowerShell Backdoor Threat Found

Walmart’s Cyber Intelligence Team has discovered an unknown PowerShell backdoor linked to a new variant of the Zloader/SilentNight malware. This sophisticated backdoor provides threat actors with access to systems for reconnaissance and deployment of additional malware. It employs advanced obfuscation techniques, making detection challenging. The backdoor’s discovery highlights a broader …

Read More

Data Breach Hits HealthEquity Users

HealthEquity has revealed that a data breach at a third-party vendor compromised the personal and health information of 4.3 million individuals. The breach, identified on March 25, exposed protected health information (PHI) and personally identifiable information (PII) stored in an unstructured data repository outside of HealthEquity’s core systems. Attackers gained …

Read More

Senators Challenge Car Data Privacy

Senators Ron Wyden and Ed Markey have called on the Federal Trade Commission (FTC) to investigate the car data privacy practices of major car manufacturers. Their investigation revealed that companies like Hyundai, General Motors, and Honda have been sharing and selling drivers’ data, including location information, often through deceptive consent …

Read More

Cybersecurity Crisis in Columbus

The city of Columbus, Ohio, is working diligently to restore its systems following a significant cybersecurity incident. The attack has disrupted multiple resident-facing IT services, although essential services like 911 and employee payroll remain operational. The city first alerted the public through a brief Facebook statement, and officials have since …

Read More

Ransomware and BEC Attacks Surge in 2024 Cyber Incidents

In the second quarter of 2024, ransomware and business email compromise (BEC) attacks constituted 60% of all cyber incidents, as reported by Cisco Talos. Technology was the most targeted sector, accounting for 24% of incidents, reflecting a 30% increase from the previous quarter. Attackers are focusing on tech firms as …

Read More