Latest from Zack Whittaker
The remote access giant linked the cyberattack to government-backed hackers working for Russian intelligence, known as APT29.
Security
US charges Russian civilian for allegedly helping GRU spies target Ukrainian government systems with data-destroying malware
3 days ago
U.S. prosecutors say the WhisperGate cyberattack was designed to “sow concern” among Ukrainian civil society ahead of Russia’s invasion.
Car dealerships and auto shops around the U.S. enter a second week of disruption following cyberattacks at software maker CDK.
Featured Article
Change Healthcare confirms ransomware hackers stole medical records on a ‘substantial proportion’ of Americans
The February ransomware attack on UHG-owned Change Healthcare stands as one of the largest-ever known digital thefts of U.S. medical records.
6:30 am PDT • June 21, 2024
CDK said it “does not have an estimated time frame” for recovery, as car dealerships and auto shops face continued outages.
Security
UK national accused of hacking dozens of US companies arrested in Spain
7:10 am PDT • June 18, 2024
TechCrunch has learned that the arrested hacker is the alleged leader of the group that masterminded the Twilio hacks in 2022.
Security
Mandiant says hackers stole a ‘significant volume of data’ from Snowflake customers
9:05 am PDT • June 10, 2024
The security firm said the attacks targeting Snowflake customers is “ongoing,” suggesting the number of affected companies may rise.
Featured Article
What Snowflake isn’t saying about its customer data breaches
As another Snowflake customer confirms a data breach, the cloud data company says its position “remains unchanged.”
6:40 pm PDT • June 7, 2024
Security
Hundreds of Snowflake customer passwords found online are linked to info-stealing malware
4:00 pm PDT • June 5, 2024
Snowflake is the latest company in a string of high-profile security incidents and sizable data breaches caused by the lack of MFA.
Featured Article
Live Nation confirms Ticketmaster was hacked, says personal information stolen in data breach
Live Nation says its Ticketmaster subsidiary was hacked. A hacker claims to be selling 560 million customer records.
3:13 pm PDT • May 31, 2024
Security
Zero-day flaw in Check Point VPNs is ‘extremely easy’ to exploit
11:30 am PDT • May 30, 2024
Check Point is the latest security vendor to fix a vulnerability in its technology, which it sells to companies to protect their networks.
Security
Spyware maker pcTattletale says it’s ‘out of business’ and shuts down after data breach
1:45 pm PDT • May 28, 2024
The spyware maker’s founder, Bryan Fleming, said pcTattletale is “out of business and completely done,” following a data breach.
pcTattletale’s website was briefly defaced and contained links containing files from the spyware maker’s servers, before going offline.
Security
US pharma giant Cencora says Americans’ health information stolen in data breach
6:40 am PDT • May 24, 2024
About half a million patients have been notified so far, but the number of affected individuals is likely far higher.
Featured Article
Spyware found on US hotel check-in computers
Several hotel check-in computers are running a remote access app, which is leaking screenshots of guest information to the internet.
11:05 am PDT • May 22, 2024
Featured Article
Two Santa Cruz students uncover security bug that let anyone do their laundry for free
CSC ServiceWorks provides laundry machines to thousands of residential homes and universities, but the company ignored requests to fix a security bug.
9:05 am PDT • May 17, 2024
Featured Article
‘Got that boomer!’: How cybercriminals steal one-time passcodes for SIM swap attacks and raiding bank accounts
Estate is an invite-only website that has helped hundreds of attackers make thousands of phone calls aimed at stealing account passcodes, according to its leaked database.
5:05 am PDT • May 13, 2024
Security
US Patent and Trademark Office confirms another leak of filers’ address data
12:44 pm PDT • May 8, 2024
The federal government agency responsible for granting patents and trademarks is alerting thousands of filers whose private addresses were exposed following a second data spill in as many years. The…
U.S. realty trust giant Brandywine Realty Trust has confirmed a cyberattack that resulted in the theft of data from its network. In a filing with regulators on Tuesday, the Philadelphia-based…
Security
Change Healthcare hackers broke in using stolen credentials — and no MFA, says UHG CEO
4:25 am PDT • April 30, 2024
UnitedHealth’s CEO said in congressional testimony that the portal used by the hackers to break into Change Healthcare was not protected with a basic security feature.
Security
Health insurance giant Kaiser will notify millions of a data breach after sharing patients’ data with advertisers
12:42 pm PDT • April 25, 2024
Kaiser, one of the largest healthcare organizations in the United States, said it was notifying 13.4 million members of a data breach earlier in April.
Featured Article
Security bugs in popular phone-tracking app iSharing exposed users’ precise locations
The location-sharing app iSharing, which has 35 million users, fixed vulnerabilities that exposed users’ personal information and precise location data.
7:01 am PDT • April 24, 2024
Featured Article
UnitedHealth says Change hackers stole health data on ‘substantial proportion of people in America’
The health tech giant processes 15 billion health transactions a year, and handles health information for about half of all Americans.
3:35 pm PDT • April 22, 2024
Security
US government downgrades bug in Chirp Systems app that contained hardcoded password
12:05 pm PDT • April 22, 2024
CISA said Chirp Systems ignored the federal agency and the reporting security researcher.
Security
Lawmakers vote to reauthorize US spying law that critics say expands government surveillance
6:00 am PDT • April 20, 2024
House and Senate lawmakers passed a bill reauthorizing the controversial Section 702 powers under FISA, which allows U.S. spy agencies to conduct warrantless searches of Americans’ communications.
Featured Article
Your Android phone could have stalkerware — here’s how to remove it
This simple guide helps you identify and remove common consumer-grade spyware apps from your Android phone.
2:15 pm PDT • April 19, 2024
Featured Article
Hackers are threatening to leak World-Check, a huge sanctions and financial crimes watchlist
The hackers say they have stolen 5.3 million records from the World-Check database, used by companies and banks for screening potential customers.
10:05 am PDT • April 18, 2024
Security
Palo Alto Networks’ firewall bug under attack brings fresh havoc to thousands of companies
9:10 am PDT • April 17, 2024
Organizations are urged to patch their Palo Alto firewalls after researchers discover evidence of malicious exploitation dating back to late March.
Security
Omni Hotels says customers’ personal data stolen in ransomware attack
7:19 am PDT • April 16, 2024
A ransomware gang called Daixin has taken credit for the breach, and claimed to steal millions of customer records dating back to 2017.
Security
Change Healthcare stolen patient data leaked by ransomware gang
12:38 pm PDT • April 15, 2024
This is the second group to demand a ransom payment from Change Healthcare to prevent the release of stolen patient data in as many months.
