Collaborate Disseminate
Abigail Carrera reports: A recent cyberattack on Change Healthcare has resulted in scammers targeting Nebraska patients. Bryan Health has received multiple reports of scammers reaching out to patients claiming to be representatives from hospitals acros… Continue reading Cyberattack on Change Healthcare has scammers targeting Nebraska patients
On April 9, Twitter/X began automatically modifying links that mention “twitter.com” to redirect to “x.com” instead. But over the past 48 hours, dozens of new domain names have been registered that demonstrate how this change could be used to craft convincing phishing links — such as fedetwitter[.]com, which is currently rendered as fedex.com in tweets. Continue reading Twitter’s Clumsy Pivot to X.com Is a Gift to Phishers
Alexander Martin reports: A number of French government agencies have been hit by “intense” cyberattacks, the prime minister’s office announced on Monday. The nature of the attacks, which began on Sunday night, has not been confirmed although the descr… Continue reading French government agencies hit by cyberattacks of ‘unprecedented intensity’
On April 30, DataBreaches reported an alleged data breach involving TorchByte (formerly known as Tic Hosting Solutions). At the time, DataBreaches had been unable to reach the firm, and the Romanian data protection authority informed DataBreaches that … Continue reading Update to the Tic Hosting Solutions data incident
BakerHostetler writes: As noted back in December 2022, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) has issued dramatic guidance (often called the Bulletin) that targets the use of so-called Internet “tracking technolo… Continue reading BakerHostetler Files Amicus Brief on Behalf of 30 Hospitals and Health Systems
Jon Brodkin reports: One year after Meta sued a data-scraping company, a federal judge this week threw out Meta’s breach-of-contract claim because the defendant obtained only public data from Facebook and Instagram. Meta sued Bright Data in Janua… Continue reading Facebook suffers big loss in lawsuit against data-scraping company
Just days after prosecutors in the Eastern District of Virginia recommended that Conor Fitzpatrick, aka “Pompompurin,” be sentenced to at least 15 years in prison, District Judge Leonie M. Brinkema sentenced him to time served and supervise… Continue reading Owner of BreachedForums sentenced to time served plus 20 years supervised release with special conditions
Emma Woollacott reports: Nearly half of workers responsible for email security breaches over the last year have been sacked, according to new search, as cyber leaders begin taking a tougher stance amid a surge in attacks. Research from cyber security f… Continue reading Four-in-ten employees sacked over email security breaches as firms tackle “truly staggering” increase in attacks
Bill Toulas of Bleeping Computer reported on a recent Arctic Wolf Labs investigation that caught my eye. Arctic Wolf investigated two cases where victims of the Royal and Akira ransomware gangs who had paid ransoms were subsequently approached by threa… Continue reading Follow-on extortion campaign: confirmation of some findings by Arctic Wolf
KrebsOnSecurity celebrates its 14th year of existence today! I promised myself this post wouldn’t devolve into yet another Cybersecurity Year in Review. Nor do I wish to hold forth about whatever cyber horrors may await us in 2024. But I do want to thank you all for your continued readership, encouragement and support, without which I could not do what I do. Continue reading Happy 14th Birthday, KrebsOnSecurity!