Student Medical Records Exposed After LAUSD Breach

"Hundreds" of special education students' psych records have turned up on the Dark Web. School records like these are covered by FERPA, not HIPAA, so parents have little recourse.

Cyberattack on Dole Causes Temporary Salad Shortage

The produce company said it suffered a ransomware attack earlier this month.

US Military Emails Exposed via Cloud Account

A DoD email server hosted in the cloud (and now secured) had no password protection in place for at least two weeks.

Inglis Retires as National Cyber Director Ahead of Biden's Cybersecurity EO

The long-time NSA and cyber specialist says he's exiting the public sector.

Not Stoked: Burton Snowboards' Online Orders Disrupted After Cyberattack

The snow sports specialist is investigating to see what caused the operations-disrupting "cyber incident."

ESXi Ransomware Update Outfoxes CISA Recovery Script

New ESXiArgs-ransomware attacks include a workaround for CISA's decryptor, researchers find.

Atlassian: Leaked Data Stolen via Third-Party App

SiegedSec threat group leaked data that Atlassian says was taken from app used to coordinate in-office resources.

Oligo Security Takes Aim at Open Source Vulnerabilities

The startup's software helps organizations secure their containers in the cloud by teasing out which packages are running and which are vulnerable.

GAO Calls for Improved Data Privacy Protections

US federal watchdog agency outlines key measures for better protecting sensitive data under the federal government's control.

What Purple Teams Wish Companies Knew

Here are some of the easily avoidable mistakes most companies made last year, gleaned from hundreds of cybersecurity engagements by red and blue teams.

Expel Tackles Cloud Threats With MDR for Kubernetes

The new managed detection and response platform simplifies cloud security for Kubernetes applications.

Oakland City Services Struggle to Recover From Ransomware Attack

Fire emergency, 911 services functioning, along with Oakland financial systems, city says.

Hospitals Sued for Using Meta's Ad-Tracking Code, Violating HIPAA

Lawsuits say hospitals using Meta Pixel code violated patient privacy — sharing conditions, medications, and more with Facebook.

9 Scammers Busted for 5M Euro Phishing Fraud Ring

The network is alleged to have operated 100 bank accounts and stolen millions from American people and companies.

Russian Hackers Disrupt NATO Earthquake Relief Operations

Killnet claims DDoS attack against NATO Special Operations Headquarters, Strategic Airlift Capability, and more.

Google Cloud Connects Chronicle to Health ISAC Feed

Members of the Health-ISAC can ingest threat indicators directly into Chronicle to investigate whether the threat is present in their environment.

Reddit Breached With Stolen Employee Credentials

Reddit code, internal documents, dashboards, and business systems were compromised in the cyberattack.

Cryptographers Decode Secret Letters of Mary, Queen of Scots

Nearly a half-millennium after her execution, encrypted letters from the imprisoned royal offer a fascinating look into early cryptography.

NIST Picks IoT Standard for Small Electronics Cybersecurity

NIST announces that it will use Ascon as a cryptography standard for lightweight IoT device protection.

Jailbreak Trick Breaks ChatGPT Content Safeguards

Jailbreak command creates ChatGPT alter ego DAN, willing to create content outside of its own content restriction controls.

GAO Calls for Action to Protect Cybersecurity of Critical Energy, Communications Networks

Enhanced industrial control systems cybersecurity for energy and communications sector among top recommendations in new GAO cybersecurity assessment.

Cloud Apps Still Demand Way More Privileges Than They Use

Hackers can't steal a credential that doesn't exist.

DPRK Using Unpatched Zimbra Devices to Spy on Researchers

Lazarus Group used a known Zimbra bug to steal data from medical and energy researchers.

New Banking Trojan Targeting 100M Pix Payment Platform Accounts

New malware demonstrates how threat actors are pivoting toward payment platform attacks, researchers say.

Keeping KillNet at Bay: Use the IP Address Blocklist

Security teams can use a blocklist containing tens of thousands of proxy IP addresses used by the pro-Russian hacktivist group to defend their organizations from DDoS attacks.

Global Ransomware Attack on VMware EXSi Hypervisors Continues to Spread

The fresh "ESXiArgs" malware is exploiting a 2-year-old RCE security vulnerability (tracked as CVE-2021-21974), resulting in thousands of unpatched servers falling prey to the campaign.

MITRE Releases Tool to Design Cyber-Resilient Systems

Engineers can use the Cyber Resiliency Engineering Framework Navigator to visuzalize their cyber-resiliency capabilities.

Patch Critical Bug Now: QNAP NAS Devices Ripe for the Slaughter

QNAP NAS devices are vulnerable to CVE-2022-27596, which allows unauthenticated, remote SQL code injection.

CISA to Open Supply Chain Risk Management Office

A new supply chain risk management office aims to help public and private sectors implement recent CISA policies and guidance.

Google Fi Users Caught Up in T-Mobile Breach

Google Fi mobile customers have been alerted that their SIM card serial numbers, phone numbers, and other data were exposed in T-Mobile hack.

Checkmarx Launches Threat Intelligence for Open Source Packages

The new API incorporates threat intelligence research and employs machine learning to identify threats in the supply chain.

Poser Hackers Impersonate LockBit in SMB Cyberattacks

Recent cyberattacks against SMBs across Europe have been traced back to copycat groups using leaked LockBit locker malware.

Facebook Bug Allows 2FA Bypass Via Instagram

The Instagram rate-limiting bug, found by a rookie hunter, could be exploited to bypass Facebook 2FA in vulnerable apps, researcher reports.

Enterprises Don't Know What to Buy for Responsible AI

Organizations are struggling to procure appropriate technical tools to address responsible AI, such as consistent bias detection in AI applications.

Critical RCE Lexmark Printer Bug Has Public Exploit

A nasty SSRF bug in Web Services plagues a laundry list of enterprise printers.

Dutchman Detained for Dealing Details of Tens of Millions of People

The accused sold an enormous data set stolen from the Austrian radio and television licensing authority — to an undercover cop.

German Government, Airports, Banks Hit With Killnet DDoS Attacks

After Berlin pledged tanks for Ukraine, some German websites were knocked offline temporarily by Killnet DDoS attacks.

Zacks Investment Research Hack Exposes Data for 820K Customers

Zacks Elite sign-ups for the period 1999–2005 were accessed, including name, address, email address, phone number, and the password associated with Zacks.com.

GoTo Encrypted Backups Stolen in LastPass Breach

Encrypted backups for several GoTo remote work tools were exfiltrated from LastPass, along with encryption keys.

Skyhawk Security Launches Multicloud Runtime Threat Detection and Response Platform

Skyhawk Synthesis extends cloud security misconfiguration detection across multiple clouds, the company says — throwing cloud security posture management in for free.

Wallarm Aims to Reduce the Harm From Compromised APIs

API Leak Management software discovers exposed API keys and other secrets, blocks their use, and monitors for abuse, the company says.

Pair of Galaxy App Store Bugs Offer Cyberattackers Mobile Device Access

Devices running Android 12 and below are at risk of attackers downloading apps that direct users to a malicious domain.

FanDuel Sportsbook Bettors Exposed in Mailchimp Breach

Amid all the NFL playoff action, FanDuel has sent an email warning to gamblers that their data was exposed in its third-party breach, putting them at risk for phishing attacks.

Massive Adware Campaign Shuttered

Mainly Apple iOS in-app ads were targeted, injecting malicious JavaScript code to rack up phony views.

Data Security in Multicloud: Limit Access, Increase Visibility

Ensuring that data can be easily discovered, classified, and secured is a crucial cornerstone of a data security strategy.

Sophos Cuts Jobs to Focus on Cybersecurity Services

Layoffs intended to cut costs, help company shift its focus on cybersecurity services, Sophos says.

ChatGPT Could Create Polymorphic Malware Wave, Researchers Warn

The powerful AI bot can produce malware without malicious code, making it tough to mitigate.

Okta Expands No-Code Offerings for Identity Cloud

With Actions Integrations, Okta is expanding its no-code offerings to help administrators manage and customize their identity workflow.

OT Cybersecurity Leader Paul Brager Passes Away

The IT security executive led ICS/OT, IT/OT integration, and other security programs, as well as diversity and inclusion efforts in the industry.

Intel Processor UEFI Source Code Leaked

Exposed code included private key for Intel Boot Guard, meaning it can no longer be trusted, according to a researcher.

Zimbra RCE Bug Under Active Attack

A flaw in unpatched Zimbra email servers could allow attackers to obtain remote code execution by pushing malicious files past filters.

Cybersecurity Will Account for Nearly One-Quarter of AI Software Market Through 2025

A boom in artificial intelligence-powered detection and remediation tools pushes security spending to the top of the AI market, according to Forrester.

Patch Now: Fortinet FortiGate & FortiProxy Contain Critical Vuln

The bug is under active exploitation; Fortinet issued a customer advisory urging customers to apply its update immediately.

macOS Archive Utility Bug Lets Malicious Apps Bypass Security Checks

Exploit allows unsigned and unnotarized macOS applications to bypass Gatekeeper and other security, without notifying the user.

Russian Hackers Shut Down US State Government Websites

Russian-speaking cyberattackers boast they are behind disruption of Colorado, Kentucky, and Mississippi government websites.

Ikea Smart Light System Flaw Lets Attackers Turn Bulbs on Full Blast

With just one malformed Zigbee frame, attackers could take over certain Ikea smart lightbulbs, leaving users unable to turn the lights down.

NullMixer Dropper Delivers a Multimalware Code Bomb

In one shot, Trojan dropper NullMixer installs a suite of downloaders, banking Trojans, stealers, and spyware on victims' systems.

Aussie Telco Telstra Breached, Reportedly Exposing 30,000 Employees' Data

The Telstra cyber incident comes just weeks after its main rival Optus suffered a major compromise of its customer database.

Former NSA Employee Faces Death Penalty for Selling Secrets

Suspect allegedly thought he was swapping secrets with a foreign government for crypto — but the contact turned out to be an FBI agent.

Worried About the Exchange Zero-Day? Here's What to Do

While organizations wait for an official patch for the two zero-day flaws in Microsoft Exchange, they should scan their networks for signs of exploitation and apply these mitigations.