According to new research by theHIPAA Journal, the start of 2021 has seen a 48% reduction in the month-on-month healthcare data breaches of 500 or more records in the United States.
Compared to 62 incidents of data breaches reported in December last year, only 32 such incidents were reported in the first month this year. However, it is also important to note that though this number is…
The Zerologon vulnerability gained spotlight around late September 2020. By then, Microsoft had already released a partial patch for the flaw. However, most Active Directory admins chose to ignore the incomplete patch fearing it might cause network issues, despite it being recommended by Microsoft and the the U.S. Cybersecurity and Infrastructure Security Agency (CISA).
If you weren’t aware…
A ransomware attack on California DMV’s third party vendor, Automatic Funds Transfer Services Inc. In February may have potentially put millions of customer data at risk. Following the attack, the DMV said that it halted all data transfer operations to the Seattle-based company and immediately notified law enforcement officers including the Federal Bureau of Investigation.
“AFTS does not…
Sequoia Capital, a venture capital firm based in California’s Silicon Valley informed its investors that after an employee’s email fell victim to a successful phishing attack, some personal and financial information may have been accessed by a third-party, according to Axios.
A Sequoia spokesperson said that law enforcement was notified and they have hired leading cybersecurity experts to…
Early this month, Google published astable channel updatefor Chrome for Desktop. The new version (88.0.4324.150) released by Google for Windows, Mac, and Linux contains a critical bugfix for a zero-day vulnerability that was exploited in the wild.
This zero-day, labeled CVE-2021-21148, is a “heap overflow” memory corruption bug in the V8— Google Chrome’s open-source…
Earlier last week Kia Motors USA was experiencing a nationwide IT outage. The outage started on 13th February when the Kia Owners Portal went offline and began displaying the following error message on their website: “Kia is experiencing an IT service outage that has impacted some internal networks.”
As per BleepingComputer reports, Kia Motors USA had reportedly been with a DoppelPaymer…
In a recent announcement, Microsoft said that certain subscribers to the Microsoft Defender for Microsoft 365 service can now access a new “attack simulation training” feature. The feature first introduced at the RSA conference last year has finally been made available to customers. The feature is a result of Microsoft collaborating with Terranova Security in an attempt to keep phishing…
Following ransomware attacks on two French hospitals late last month, French President Emmanuel Macron has promised to invest €1 billion in a national cybersecurity strategy.
The hospital at Dax and Villefranche-sur-Saône were the two hospitals hit by a file-encrypting malware that blocked the telephone systems. This severely affected the patient care provided by both the hospitals. The…
Following the SolarWinds Orion-based software attack, Microsoft last month recommended security measures for IT pros to consider.
Microsoft has been compiling a list of tips to identify such attacks at its Microsoft Security Response Center’s Solorigate page.
The articles on security recommendations were mostly written by Alex Weinert, director of identity security at Microsoft.
CISA and CrowdStrike Tools Make Detecting Compromised Microsoft 365 Accounts Easier
The Cybersecurity and Infrastructure Security Agency (CISA) recently released a PowerShell-based tool to help organizations detect compromised accounts and applications in Microsoft Azure and 365.
Following the SolarWinds attack in late 2020, which used malicious SolarWinds files that could have given…
