Healthcare data breaches had the most impact in the second quarter of 2022 compared to previous years, with a 35 percent rise in the number of patient records compromised, according to Crucial Insight's H2 2022 Healthcare Data Breach Report. Based on a…

A new report from Cyber Security Works (CSW), Ivanti, Cyware, and Securin titled "2023 Spotlight Report: Ransomware Through the Lens of Threat and Vulnerability Management" highlights the need for an effective patch management approach. The report…

According to reports, an estimated 14,000 employees at a Liverpool NHS hospital trust have been informed that their data was leaked via email due to human error.  Victims received an apology letter from the hospital trust's chief executive James…

White hat hackers recently received a total of $180,000 at the Pwn2Own Miami 2023 hacking contest for exploits targeting widely used industrial control system (ICS) products.  At the ICS edition of Pwn2Own, hackers were invited to demonstrate…

According to the EU Agency for Cybersecurity (ENISA) and the Computer Emergency Response Team for the EU institutions, bodies, and agencies (CERT-EU), several Chinese state-sponsored threat groups have recently been observed targeting businesses and…

Cisco has released a patch for a critical vulnerability found in its ClamAV open-source antivirus software. Cisco said that the issue, tracked as CVE-2023-2003, could enable Remote Code Execution on vulnerable devices and was given a "critical" rating of…

Researchers at Abnormal Security have identified two groups who are using executive impersonation to carry out Business Email Compromise (BEC) attacks in at least 13 different languages. The researchers noted that while attacking targets in multiple…

According to Claroty, cyber-physical system vulnerabilities disclosed in the second half of 2022 decreased by 14 percent since reaching a peak in the same period in 2021, while vulnerabilities discovered by internal research and product security teams…

According to researchers at ESET, Chinese-speaking users are being targeted by the FatalRAT malware, which is spread via fake websites of widely-used apps. The FatalRat malware was first discovered in August 2021. It can record keystrokes, change a…

A threat group known as SiegedSec recently published a collection of employee and operations data allegedly stolen from the software workforce collaboration tool company Atlassian. Atlassian, which is known for its Trello, Jira, and Confluence brands, is…

Hackers are launching a new malware named Frebniis on Microsoft's Internet Information Services (IIS), stealthily executing commands sent via web requests. Frebniis was found by Symantec's Threat Hunter Team, who revealed that an unidentified threat…

A new variant of the Mirai botnet has been discovered using multiple security flaws to spread to Linux and Internet of Things (IoT) devices. Discovered during the second part of 2022, the latest variant has been named V3G4 by Palo Alto Networks Unit 42,…