-
1 week ago | 
cpomagazine.com | Alicia Hope
Oracle Health a subsidiary of Austin, Texas-based tech giant Oracle, suffered a health data breach that potentially exposed the sensitive information of patients. Kansas, Missouri-based Oracle Health is a software-as-a-service (SaaS) firm providing Electronic Health Records (EHR) and business management information systems for various healthcare providers.
-
2 weeks ago | 
cpomagazine.com | Alicia Hope
The Cybersecurity and Infrastructure Security Agency (CISA) is warning about cybercriminals and state-sponsored threat actors using the Fast Flux DNS evasion technique to avoid detection. The attackers use the tactic to obfuscate their locations and “create resilient, highly available command and control (C2) infrastructure” for subsequent malicious operations.
-
2 weeks ago | 
cpomagazine.com | Alicia Hope
The State Bar of Texas is notifying members of a data breach that leaked sensitive information after a ransomware group breached its systems and accessed some files. With over 100,000 licensed attorneys, the State Bar of Texas is ranked the second-largest bar association in the country. It is a self-regulating body for legal professionals that operates within a framework set by the Supreme Court of the Lone Star state.
-
2 weeks ago | 
cpomagazine.com | Alicia Hope
The UK’s data privacy watchdog, the Information Commissioner’s Office (ICO), has imposed a £3.07 million ($3.95 million) fine on a software provider for the 2022 ransomware attack that disrupted various NHS services. The attack attributed to the LockBit ransomware group affected Advanced Health and Care Limited, a subsidiary of Advanced Computer Software Group Ltd, and exposed the personal information of 79,404.
-
2 weeks ago | 
cpomagazine.com | Alicia Hope
Chinese APT group Weaver Ant breached and maintained a foothold on a large Asian telco network for four years using compromised Zyxel CPE routers for cyber espionage. “Based on our analysis, we assess that the group behind this intrusion—tracked by Sygnia as Weaver Ant—aimed to gain and maintain continuous access to telecommunication providers and facilitate cyber espionage by collecting sensitive information,” the researchers stated.
-
3 weeks ago | 
cpomagazine.com | Alicia Hope
A large-scale cyber attack has hit Ukraine’s state railway operator, Ukrzaliznytsia, affecting passenger and freight operations and resulting in long queues as passengers waited to buy tickets. Ukrzaliznytsia, the country’s largest transporter, said the cyber incident affected online services, including the mobile app that most passengers depend on to purchase tickets. However, the railway continued to operate normally despite various setbacks occasioned by the cyber attack.
-
3 weeks ago | 
cpomagazine.com | Alicia Hope
Over 300 malicious apps involved in ad fraud and credentials and credit card data theft have been installed over 60 million times from Google Play Store over the past year. “Threat Lab has identified over 180 app IDs since early 2024 as part of the Vapor scheme, collectively amassing over 56 million downloads and generating over 200 million bid requests daily, with no real functionality delivered to users,” IAS Threat Lab stated.
-
3 weeks ago | 
cpomagazine.com | Alicia Hope
A data breach affecting Pennsylvania’s largest workers and teachers’ union, the Pennsylvania State Education Association (PSEA), has exposed the personal information of over half a million individuals. PSEA is a labor union that represents over 517,487 individuals, including public school teachers, higher education faculty members, school support staff, and retired educators across the Keystone State.
-
1 month ago | 
cpomagazine.com | Alicia Hope
State-sponsored hackers from traditional U.S. adversaries are exploiting Windows shortcut files to steal data in a cyber espionage campaign dating back to at least 2017. Trend Micro researchers Peter Girnus and Aliakbar Zahravi detailed how 11 state-linked advanced persistent threat actors (APTs) from Russia, China, Iran, and North Korea are exploiting the security flaw dubbed ZDI-CAN-25373 to execute malicious commands.
-
1 month ago | 
cpomagazine.com | Alicia Hope
NTT Communications Corporation (NTT) warns that a data breach exposed the details of nearly 18,000 corporate customers after hackers gained access to its systems. Ranked 55th in the Fortune Global 500, Tokyo-based NTT is the world’s fourth-largest telecommunications company with over $100 billion in annual revenue. It provides phone and network services to over 100,000 global enterprise clients in over 190 countries and regions.
