Data thieves heisted the HSA provider's data repository for 4.5 million people's HR information, including employer and dependents intel.
Follow Dark Reading:
 August 01, 2024
LATEST SECURITY NEWS & COMMENTARY
Cyberattackers Accessed HealthEquity Customer Info via Third Party
Data thieves heisted the HSA provider's data repository for 4.5 million people's HR information, including employer and dependents intel.
Smart Cars Share Driver Data, Prompting Calls for Federal Scrutiny
Two US senators accuse carmakers of deceptive language and shifty practices in sharing and resale of driver data.
Ransomware Gangs Exploit ESXi Bug for Instant, Mass Encryption of VMs
With sufficient privileges in Active Directory, attackers only have to create an "ESX Admins" group in the targeted domain and add a user to it.
Microsoft: Azure DDoS Attack Amplified by Cyber-Defense Error
The sustained cyberattack, likely made worse by a mitigation snafu, disrupted several Azure cloud services for nearly eight hours on July 30.
India-Linked SideWinder Group Pivots to Hacking Maritime Targets
The nation-state espionage group known for attacking Pakistan has expanded its reach to targets in Egypt and Sri Lanka.
CrowdStrike 'Updates' Deliver Malware & More as Attacks Snowball
The fake updates are part of a phishing and fraud surge that is both more voluminous and more targeted that the usual activity around national news stories.
Dynamically Evolving SMS Stealer Threatens Global Android Users
A network of more than 2,600 Telegram bots has helped exfiltrate one-time passwords and data from devices for more than two years.
North Koreans Target Devs Worldwide With Spyware, Job Offers
DEV#POPPER is back, looking to deliver a comprehensive, updated infostealer to coding job seekers by way of a savvy social engineering gambit.
Security Firm Accidentally Hires North Korean Hacker, Did Not KnowBe4
A software engineer hired for an internal IT AI team immediately became an insider threat by loading malware onto his workstation.
Siri Bug Enables Data Theft on Locked Apple Devices
Malicious actors could potentially exploit this vulnerability if they gain physical access to a user's device.
7 Sessions Not to Miss at Black Hat USA 2024
This year's conference will be a treasure trove of insights for cybersecurity professionals.
The CrowdStrike Meltdown: A Wake-up Call for Cybersecurity
The incident serves as a stark reminder of the fragility of our digital infrastructure. By adopting a diversified, resilient approach to cybersecurity, we can mitigate the risks and build a more secure digital future.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Patch Now: ServiceNow Critical RCE Bugs Under Active Exploit
One threat actor claims to have already gathered email addresses and associated hashes from more than 110 remote IT management databases.

Unexpected Lessons Learned From the CrowdStrike Event
How your organization can leverage the disruptive CrowdStrike update to become more resilient.

Millions of Devices Vulnerable to 'PKFail' Secure Boot Bypass Issue
Several vendors for consumer and enterprise PCs share a compromised crypto key that should never have been on the devices in the first place.

Criminal Hackers Add GenAI Credentials to Underground Markets
According to the study, around 400 stolen GenAI credentials are being sold by threat actors per day.

MORE
PRODUCTS & RELEASES
EDITORS' CHOICE
Make Your Voice Heard!
Tell Dark Reading about your cybersecurity budget challenges and concerns, such as a rise in cyberattacks, ransomware, or attacks on software supply chains and partners. Take our survey, and you could could win one of 10 $50 Amazon gift cards to be given away through a random drawing.

LATEST FROM THE EDGE

Google Will Not Remove Third-Party Cookies From Chrome
Cookies aren't going away, after all. After years of saying it will do so, Google has decided to not remove third-party cookies from Chrome.
LATEST FROM DR TECHNOLOGY

Could Intel Have Fixed Spectre & Meltdown Bugs Earlier?
Intel works closely with academic researchers on hardware flaws and coordinates efforts with other vendors to roll out fixes for emerging vulnerabilities. That wasn't always the case.
LATEST FROM DR GLOBAL

'Zeus' Hacker Group Strikes Israeli Olympic Athletes in Data Leak
Security presence has been heightened in Paris to ensure that the Games are safe, and Israeli athletes have been provided with even more protection.
WEBINARS
WHITE PAPERS
FEATURED REPORTS
View More Dark Reading Reports >>
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.