Tenable researchers found vulnerabilities in Microsoft's Azure Health Bot Service that threat actors could have used to access sensitive data. Healthcare organizations can build and deploy Artificial Intelligence (AI)-powered virtual health assistants using the Azure Health Bot Service. Some of these chatbots may need access to sensitive patient information to do their jobs. Tenable discovered a data connection feature that lets bots interact with external data sources.

The Computer Emergency Response Team of Ukraine (CERT-UA) recently announced that more than 100 Ukrainian government computers have been compromised following a mass phishing campaign.  It was noted that the attackers impersonated the Security Service of Ukraine in the emails to lure targets into clicking on a malicious link that leads to ANONVNC malware being downloaded onto the device.

A team of researchers from Germany's CISPA Helmholtz Center for Information Security discovered an architectural flaw, codenamed "GhostWrite," affecting the Chinese chip company T-Head's XuanTie C910 and C920 RISC-V CPUs. Attackers could exploit the bug to gain unrestricted access to vulnerable devices. The GhostWrite vulnerability is a direct CPU bug embedded in the hardware instead of a side-channel or transient execution attack.

The most successful team in DEF CON's Capture-the-Flag (CTF) competition history, Carnegie Mellon University's (CMU) "Plaid Parliament of Pwning" (PPP), won its third consecutive title, earning its eighth victory. DEF CON's flagship competition gathers cybersecurity professionals, researchers, and students to break each other's systems, steal virtual flags, and accumulate points while protecting their own systems. As cyberattacks rise worldwide, such events allow top cybersecurity engineers to compete and learn new techniques.

The company Nightfall AI found that secrets such as passwords and Application Programming Interface (API) keys were most often found in GitHub. Every year, about 350 total secrets are exposed per 100 employees. Thirty-five percent of the discovered API keys were still active, increasing vulnerability to privilege escalation attacks, data leaks, and breaches.

Nearly 2.7 billion records of personal information for people in the US were leaked on a popular hacking forum. The records include names, Social Security numbers (SSNs), known physical addresses, and more. The leaked data is alleged to have come from National Public Data, a company that collects and sells access to personal data for background checks, criminal record searches, and private investigations. This article continues to discuss the leak of 2.7 billion data records by hackers.

Adobe recently released fixes for 72 security vulnerabilities across multiple products and warned that Windows and macOS users are at risk of code execution, memory leaks, and denial-of-service attacks. The company noted that the patches address critical security defects in Adobe Acrobat and Reader, Illustrator, Photoshop, InDesign, Adobe Commerce, and Dimension and is warning that the most severe of these vulnerabilities could allow attackers to take complete control of a target machine.

The Federal Bureau of Investigation (FBI) has partnered with law enforcement in the UK and Germany to dismantle Information Technology (IT) infrastructure linked to the ransomware group called "Dispossessor" or "Radar." According to the FBI, the group targets small and medium-sized businesses (SMBs) in the production, development, education, healthcare, financial services, and transportation sectors. This article continues to discuss the dismantling of the Radar/Dispossessor ransomware. 

AMD has issued firmware updates to address a nearly two-decade-old silicon-level vulnerability called "SinkClose" in its EPYC data center processors and Ryzen line of processors for PCs and embedded systems. The flaw impacts a processor component that protects System Management Mode (SMM), an execution mode more privileged than kernel-level mode. According to the IOActive researchers who discovered the privilege escalation vulnerability, it is an "unpatchable" issue. If exploited, it enables an attacker to install malware on a system that would be nearly impossible to remove.

Kootenai Health has recently disclosed a data breach impacting over 464,000 patients after their personal information was stolen and leaked by the 3AM ransomware operation.  The organization is notifying patients who received care at its facilities that it detected a cyberattack in early March 2024, which disrupted certain IT systems.  The company stated that the ongoing investigation shows that the cybercriminals gained unauthorized access to Kootenai's systems on February 22, 2024, allowing the threat actors ten days to roam the network and steal sensitive data.