November 2023 - Page 3 of 4 - Cyber Security Minute

Cyberattack Forces San Diego Hospital to Divert Patients

Issued by: DataBreach Today

A San Diego public hospital is diverting ambulances and patients to other facilities as it deals with a cyberattack detected early Thursday. The medical center is the latest among a growing roster of regional healthcare providers forced to suddenly shift patients to neighboring entities due to a cybersecurity crisis. Tri-City Medical Center is an acute…

Malware & Threats

DDoS attack leads to significant disruption in ChatGPT services

Issued by: Security Affairs

OpenAI confirmed earlier today that the outage suffered by ChatGPT and its API on Wednesday was caused by a distributed denial-of-service (DDoS) attack. “We are dealing with periodic outages due to an abnormal traffic pattern reflective of a DDoS attack. We are continuing work to mitigate this.” reads the update posted by OpenAI on its…

Malware & Threats

Ontario Hospitals Expect Monthlong Ransomware Recovery

Issued by: DataBreach Today

A shared IT services provider and its five Ontario member hospitals say their recovery from a Daixin Team ransomware attack in October could last into December as the group rebuilds its IT network. Meanwhile, the outage will continue to disrupt patient services, including diagnostics and treatments. TransForm Shared Service Organization and the regional hospitals to…

Malware & Threats

Ransomware Mastermind Uncovered After Oversharing on Dark Web

Issued by: Dark Reading

When researchers responded to an ad to join up with a ransomware-as-a-service (RaaS) operation, they wound up in a cybercriminal job interview with one of the most active threat actors in the affiliate business, who turns out to be behind at least five different strains of ransomware. Meet “farnetwork,” who was unmasked after giving over…

Application Security

Facebook tops security ratings among social networks

Issued by: CSO Online

Facebook is the most secure social networking site among the major players, thanks to improved privacy controls and support for more secure two-factor authentication technology, but the social media sector as a whole remains vulnerable to different types of account takeover. According to a study released Tuesday by access management vendor Cerby, the biggest area…

Malware & Threats

North Korea’s BlueNoroff APT Debuts ‘Dumbed Down’ macOS Malware

Issued by: Dark Reading

North Korean state hackers have debuted a fresh Mac malware targeting users in the US and Japan, which researchers characterize as “dumbed down” but effective. An arm of the DPRK’s notorious Lazarus Group, BlueNoroff has been known to raise money for the Kim regime by targeting financial institutions — banks, venture capital firms, cryptocurrency exchanges…

Vulnerabilities

Cisco patches serious flaws in Firepower and Identity Services Engine

Issued by: CSO Online

Cisco released several patches for high and critical vulnerabilities affecting several products like its Firepower network security devices, Identity Services Engine (ISE)) network access control platform, and Adaptive Security Appliance (ASA). The US Cybersecurity and Infrastructure Security Agency (CISA) issued an alert urging administrators to deploy the available patches because “a cyber threat actor could…

Vulnerabilities

Aqua Security Introduces Industry-First Kubernetes Vulnerability Scanning With Trivy KBOM

Issued by: Dark Reading

Aqua Security, the pioneer in cloud native security, today announced its open source solution Trivy now supports vulnerability scanning for Kubernetes components in addition to Kubernetes Bill of Materials (KBOM) generation. Now, companies can better understand the components within their Kubernetes environment and how secure they are in order to substantially reduce risk. Kubernetes has…

Software Security

‘KandyKorn’ macOS Malware Lures Crypto Engineers

Issued by: Dark Reading

The infamous North Korean advanced persistent threat (APT) group Lazarus has developed a form of macOS malware called “KandyKorn,” which it is using to target blockchain engineers connected to cryptocurrency exchanges. According to a report from Elastic Security Labs, KandyKorn has a full-featured set of capabilities to detect, access, and steal any data from the…