HealthEquity Data Breach, 4.3 Million User Data Exposed
HealthEquity, Inc., a prominent health savings account administrator, has reported a data breach affecting approximately 4.3 million individuals. The breach, which occurred on March 9,…
Author: Cybernoz
DigiCert to Revoke Thousands of Certificates Following DNS Validation Error
DigiCert, a major certificate authority, to revoke thousands of SSL/TLS certificates because of a Domain Control Verification error. This could affect a lot of websites.…
X allows users to turn off GROK AI Training due to data concerns
X, the social media platform formerly known as Twitter, is introducing a new feature that allows users to opt out of its AI training program…
VMware ESXi Flaw Exploited by Ransomware Groups for Admin Access
A recently patched security flaw impacting VMware ESXi hypervisors has been actively exploited by “several” ransomware groups to gain elevated permissions and deploy file-encrypting malware.…
Mandrake Spyware Resurges With New Advanced Evasion
The Android spyware known as Mandrake has made a significant resurgence with a new variant. This Mandrake spyware has been discovered hidden in five seemingly…
Coding practices: The role of secure programming languages
Safety and quality are not features that can be added through testing — they must be integral to the design. Opting for a safer or…
Review: Action1 – Simple and powerful patch management
Although endpoint anti-malware and other security controls are now standard at the operating system level, keeping all endpoint software up-to-date and secure remains an open…
Securing remote access to mission-critical OT assets
In this Help Net Security interview, Grant Geyer, Chief Strategy Officer at Claroty, discusses the prevalent vulnerabilities in Windows-based engineering workstations (EWS) and human-machine interfaces…
Insecure file-sharing practices in healthcare put patient privacy at risk
Healthcare organizations continue to put their business and patients at risk of exposing their most sensitive data, according to Metomic. 25% of publicly shared files…
Proofpoint’s Email Protection Service Exploited to Send Millions of Phishing Emails
A massive phishing campaign dubbed “EchoSpoofing” has exploited a critical vulnerability in Proofpoint’s email protection service, allowing cybercriminals to send millions of perfectly spoofed phishing…
Ransomware Gangs Exploiting VMware ESXi Authentication Bypass Flaw
Microsoft researchers have found a critical vulnerability in VMware’s ESXi hypervisors. Ransomware operators are using this problem to attack systems. This vulnerability, CVE-2024-37085, allows threat…
Hacker Scrapes and Publishes 100,000-Line CrowdStrike IoC List
USDoD hacker scrapes and leaks a 100,000-line Indicator of Compromise (IoC) list from CrowdStrike, revealing detailed threat intelligence data. The leak, posted on Breach Forums,…