U.S. healthcare provider AspenPointe notified patients of a data breach stemming from a September 2020 cyberattack that enabled attackers to steal protected health information (PHI) and personally identifiable information...
The U.S. Cybersecurity and Infrastructure Security Agency is warning about a password leak that could affect vulnerable Fortinet VPNs, which could lead to possible further exploitation. The agency’s...
Three years after the first malware attacks targeting Docker, developers are still misconfiguring and exposing their Docker servers online. Towards the end of 2017, there was...
This blog post was authored by Hasherezade and Jérôme Segura On November 23, we received an alert from a partner about a resurgence of Gootkit infections...
Companies are on track to file 27% more cyber claims in 2020, one insurer estimates, while another underwriter finds five out of every 100 companies file...
Cyber attacks are on the rise during this year of uncertainty and chaos. Increased working from home, online shopping, and use of social platforms to stay connected...
A newly discovered credit card skimmer uses an innovative technique to inject highly convincing PayPal iframes and hijack the checkout process on compromised online stores. Payment...
Group-IB has identified ongoing trends where physical disruption of infrastructure is being replaced by cyber espionage from state-backed threat actors. Cybercriminals are regularly updating their intrusion tools, while...
11/30/20 Update below. This post was originally published on November 28th, 2020. It has been updated to reflect Advantech’s confirmation of the attack. Industrial automation and Industrial IoT...
A newly identified family of the information-stealing Discord malware called CursedGrabber is making rounds in open-source ecosystems. As a part of the CursedGrabber campaign, Sonatype has discovered more...