"Exploited Chrome Zero-Day Patched by Google"

"Exploited Chrome Zero-Day Patched by Google"

A Chrome 124 update released by Google recently patches a zero-day vulnerability that has an exploit that exists in the wild. The zero-day is tracked as CVE-2024-4671, and it has been described by Google as a high-severity use-after-free bug in the Visuals component. Google did not mention any information on the attacks exploiting the vulnerability. Chrome 124.0.6367.201/.202 for Mac and Windows and Chrome 124.0.6367.201 for Linux contain the patch for CVE-2024-4671. According to Google, this is the second Chrome vulnerability of 2024 that has been exploited in malicious attacks.

Submitted by Adam Ekwall on

"Healthcare Giant Ascension Hacked, Hospitals Diverting Emergency Service"

"Healthcare Giant Ascension Hacked, Hospitals Diverting Emergency Service"

Ascension, a non-profit that runs one of the largest healthcare systems in the United States, is trying to contain a significant cyberattack currently causing disruption and “downtime procedures” at hospitals nationwide. The St Louis healthcare giant said computer systems affected include electronic health records, the MyChart patient communication portal, certain phone systems, and systems used for ordering tests, procedures, and medications. The company discovered the hack on May 8th.

Submitted by Adam Ekwall on

"MedStar Health and DocGo Reveal Data Breaches"

"MedStar Health and DocGo Reveal Data Breaches"

Two US healthcare providers have recently announced serious cybersecurity incidents in which patient information was accessed. DocGo provides mobile medical services and transportation in 26 states and the UK. The firm revealed that it recently identified unauthorized activity on its network.

Submitted by Adam Ekwall on

"Six Austrians Arrested in Multi-Million Euro Crypto Scheme"

"Six Austrians Arrested in Multi-Million Euro Crypto Scheme"

Law enforcement agencies from Austria, Cyprus, and Czechia have recently collaborated to dismantle an online cryptocurrency scam, resulting in the arrest of six Austrians allegedly behind the scheme. The investigation, supported by Europol and Eurojust, targeted the orchestrators of a cryptocurrency launched in December 2017. Europol noted that following six house searches, authorities seized over €500,000 in cryptocurrencies and €250,000 in fiat currency and froze numerous bank accounts. Additionally, two cars and a luxury property valued at €1.4m were confiscated.

Submitted by Adam Ekwall on

"University System of Georgia Says 800,000 Impacted by MOVEit Hack"

"University System of Georgia Says 800,000 Impacted by MOVEit Hack"

University System of Georgia (USG) is starting to notify 800,000 individuals that their personal and financial information was compromised in the May 2023 MOVEit hack. The data breach occurred after the Russia-linked Cl0p ransomware group exploited a vulnerability in Progress Software's MOVEit Transfer managed file transfer (MFT) software and stole data from organizations using it. USG used MOVEit to "transfer and store sensitive data" and is the latest education entity to disclose the attack's impact.

Submitted by Adam Ekwall on

"Brandywine Realty Trust Hit by Ransomware"

"Brandywine Realty Trust Hit by Ransomware"

Philadelphia-based real estate company Brandywine Realty Trust recently fell victim to a ransomware attack that disrupted some of its business applications. In a filing with the US Securities and Exchange Commission (SEC) on Monday, the real estate investment trust revealed that the incident occurred on May 1 and involved unauthorized access to portions of its IT environment.

Submitted by Adam Ekwall on

Boston CISO Dinner

"Community-Centric Leadership. This event was curated by and for the Boston Leadership Board, a group of local leaders committed to the idea that national security and critical infrastructure resiliency is strengthened through peer-to-peer knowledge sharing, diversity, and leadership development. Their collective insights and recommendations influence every aspect of this program including speakers, topics, and technology partner participation." 

Zero Trust Government

"DSI’s 2nd Annual Zero Trust Government Symposium will convene to bring together leaders, experts and implementors across the USG and DOD to highlight the current status of Zero Trust implementation efforts. Broadly, zero trust refers to a cybersecurity concept and framework that requires non-stop monitoring and constant authentication to secure critical national security information — and assumes all networks are compromised from the get-go. Federal IT leaders are under mounting pressure to meet a suite of mandated ZT cybersecurity standards and objectives by September 2024.

"China Suspected After Major MoD Payroll Breach"

"China Suspected After Major MoD Payroll Breach"

It has recently been revealed that sensitive personal and financial information belonging to UK military personnel has been compromised in a significant state-sponsored data breach. The defense secretary, Grant Schapps, is expected to make a statement in the House of Commons detailing exactly what happened. According to reports, on the morning of May 7 the hackers successfully targeted a third-party payroll provider, with mainly names and bank details exposed.

Submitted by Adam Ekwall on

"BTC-e $9bn Crypto-Money Launderer Pleads Guilty"

"BTC-e $9bn Crypto-Money Launderer Pleads Guilty"

A Russian national has recently pleaded guilty to his role in a major money laundering conspiracy tied to the infamous BTC-e cryptocurrency exchange. According to the Department of Justice (DoJ), Alexander Vinnik, 44, was one of the operators of the exchange from its launch in 2011 to when law enforcers shut it down in 2017. The DoJ noted that during that time, it processed over $9bn-worth of transactions and served over one million users worldwide, many of whom were cybercriminals looking to clean the proceeds of their illegal activity.

Submitted by Adam Ekwall on
Subscribe to