This week’s healthcare data breach roundup includes several ransomware attack and data theft incidents, led by details on the cyberattack and outage at East Tennessee Children's Hospital.
Millions of banking customers could have had their accounts compromised by the exploitation of a server-side request forgery vulnerability in a major financial technology platform's API.
A marked uptick in activity for Indonesian phishing-as-a-service group SPM55 has researchers at threat intelligence firm DomainTools sounding the alarms.
The Lapsus$ hack of Okta compromised multiple healthcare providers, prompting an HHS threat report detailing the extortion group’s tactics and detailing needed proactive security.
BleepingComputer reports that some Palo Alto Networks firewall, XDR, and VPN offerings have been impacted by a high-severity OpenSSL vulnerability, tracked as CVE-2022-0778, which could be exploited to prompt a denial of service condition.
Threat actors have been leveraging the novel FFDroider information stealer to exfiltrate browser-stored credentials and cookies and proceed in compromising targets' social media accounts, according to BleepingComputer.
Ukraine's State Service of Special Communication and Information Protection has issued a warning regarding new cyberattacks from the UAC-0094 threat cluster that have been targeting Telegram accounts, The Hacker News reports.
Intego researchers revealed that while Apple has already released emergency patches to address actively exploited zero-day code execution flaws in macOS Monterey, iPadOS, and iOS, tracked as CVE-2022-22676 and CVE-22674, it has failed to remediate the vulnerabilities in Big Sur, Catalina, and older macOS versions, reports SecurityWeek.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
