Data thieves heisted the HSA provider's data repository for 4.5 million people's HR information, including employer and dependents intel.
| | | LATEST SECURITY NEWS & COMMENTARY | | Cyberattackers Accessed HealthEquity Customer Info via Third Party Data thieves heisted the HSA provider's data repository for 4.5 million people's HR information, including employer and dependents intel. Smart Cars Share Driver Data, Prompting Calls for Federal Scrutiny Two US senators accuse carmakers of deceptive language and shifty practices in sharing and resale of driver data. Ransomware Gangs Exploit ESXi Bug for Instant, Mass Encryption of VMs With sufficient privileges in Active Directory, attackers only have to create an "ESX Admins" group in the targeted domain and add a user to it. Microsoft: Azure DDoS Attack Amplified by Cyber-Defense Error The sustained cyberattack, likely made worse by a mitigation snafu, disrupted several Azure cloud services for nearly eight hours on July 30. India-Linked SideWinder Group Pivots to Hacking Maritime Targets The nation-state espionage group known for attacking Pakistan has expanded its reach to targets in Egypt and Sri Lanka. CrowdStrike 'Updates' Deliver Malware & More as Attacks Snowball The fake updates are part of a phishing and fraud surge that is both more voluminous and more targeted that the usual activity around national news stories. Dynamically Evolving SMS Stealer Threatens Global Android Users A network of more than 2,600 Telegram bots has helped exfiltrate one-time passwords and data from devices for more than two years. North Koreans Target Devs Worldwide With Spyware, Job Offers DEV#POPPER is back, looking to deliver a comprehensive, updated infostealer to coding job seekers by way of a savvy social engineering gambit. Security Firm Accidentally Hires North Korean Hacker, Did Not KnowBe4 A software engineer hired for an internal IT AI team immediately became an insider threat by loading malware onto his workstation. Siri Bug Enables Data Theft on Locked Apple Devices Malicious actors could potentially exploit this vulnerability if they gain physical access to a user's device. 7 Sessions Not to Miss at Black Hat USA 2024 This year's conference will be a treasure trove of insights for cybersecurity professionals. The CrowdStrike Meltdown: A Wake-up Call for Cybersecurity The incident serves as a stark reminder of the fragility of our digital infrastructure. By adopting a diversified, resilient approach to cybersecurity, we can mitigate the risks and build a more secure digital future. MORE NEWS / MORE COMMENTARY | | | | | | PRODUCTS & RELEASES | | Protect AI Acquires SydeLabs to Red Team Large Language Models Cowbell Secures $60 Million Series C Funding From Zurich Insurance Group AI-Driven Executive Impersonations Emerge As Significant Threat to Business Payment Processes Heimdal Security Presents its Latest Report on Brute-Force Cyberattacks Lakera Raises $20M Series A to Secure Generative AI Applications ESET Reveals Latest Cloud-Native Authentication Solution MORE PRODUCTS & RELEASES |
| | | EDITORS' CHOICE | Make Your Voice Heard! Tell Dark Reading about your cybersecurity budget challenges and concerns, such as a rise in cyberattacks, ransomware, or attacks on software supply chains and partners. Take our survey, and you could could win one of 10 $50 Amazon gift cards to be given away through a random drawing.
LATEST FROM THE EDGE
Google Will Not Remove Third-Party Cookies From Chrome Cookies aren't going away, after all. After years of saying it will do so, Google has decided to not remove third-party cookies from Chrome. LATEST FROM DR TECHNOLOGY
Could Intel Have Fixed Spectre & Meltdown Bugs Earlier? Intel works closely with academic researchers on hardware flaws and coordinates efforts with other vendors to roll out fixes for emerging vulnerabilities. That wasn't always the case. LATEST FROM DR GLOBAL
'Zeus' Hacker Group Strikes Israeli Olympic Athletes in Data Leak Security presence has been heightened in Paris to ensure that the Games are safe, and Israeli athletes have been provided with even more protection. |
|
| | | | | | | | |
|
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
| | To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here. | | Thoughts about this newsletter? Give us feedback. |
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: | | If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. | | We take your privacy very seriously. Please review our Privacy Statement. |
|
| |
