Change Healthcare cyberattack caused $872 million loss
UnitedHealth Group reported an $872 million impact on its Q1 earnings due to the ransomware attack disrupting the U.S. healthcare system since February. Despite the…
Month: April 2024
Understanding the Implications & Guarding Privacy- Axios Security Group
In a digital age where information is the new currency, the recent global hack has once again highlighted the urgent need for enhanced cybersecurity measures.…
US Senate to Vote on a Wiretap Bill That Critics Call ‘Stasi-Like’
The United States Senate is poised to vote on legislation this week that, for the next two years at least, could dramatically expand the number…
Personal Data Exposed in Massive Global Hack
In a digital age where information is the new currency, the recent global hack has once again highlighted the urgent need for enhanced cybersecurity measures.…
Cyber Attack on Cisco Duo breaches its multifactor authentication
Cisco Duo, which was acquired by Cisco in 2018, has notified its user base about a potential breach in its database stemming from a compromise…
PuTTY vulnerability can be exploited to recover private keys (CVE-2024-31497)
A vulnerability (CVE-2024-31497) in PuTTY, a popular SSH and Telnet client, could allow attackers to recover NIST P-521 client keys due to the “heavily biased”…
AWS, Google, and Azure CLI Tools Could Leak Credentials in Build Logs
Apr 16, 2024NewsroomCloud Security / DevSecOps New cybersecurity research has found that command-line interface (CLI) tools from Amazon Web Services (AWS) and Google Cloud can…
Cisco warns of large-scale brute-force attacks against VPN services
Cisco warns about a large-scale credential brute-forcing campaign targeting VPN and SSH services on Cisco, CheckPoint, Fortinet, SonicWall, and Ubiquiti devices worldwide. A brute force…
Cisco Duo provider breached, SMS MFA logs compromised
Hackers have managed to compromise a telephony provider for Duo, the Cisco-owned company providing secure access solutions, and steal MFA (multi-factor authentication) SMS message logs…
OpenJS Foundation Targeted in Potential JavaScript Project Takeover Attempt
Apr 16, 2024NewsroomSupply Chain / Software Security Security researchers have uncovered a “credible” takeover attempt targeting the OpenJS Foundation in a manner that evokes similarities…
Post Office boss signed off hush money to cover up smoking gun
A former Post Office senior executive agreed the suffering of subpostmasters could have been avoided if the organisation had investigated reported IT problems rather than…
PuTTY SSH client flaw allows recovery of cryptographic private keys
A vulnerability tracked as CVE-2024-31497 in PuTTY 0.68 through 0.80 could potentially allow attackers with access to 60 cryptographic signatures to recover the private key…