Category Security

Wirral University Teaching Hospital (WUTH) NHS Trust has downgraded a recent cybersecurity incident from a major incident to a business continuity incident as recovery efforts continue. Patient services remain disrupted following a cybersecurity incident which occurred on 25 November. In…

Dec 04, 2024Ravie LakshmananVulnerability / Software Security A critical security vulnerability has been disclosed in SailPoint’s IdentityIQ identity and access management (IAM) software that allows unauthorized access to content stored within the application directory. The flaw, tracked as CVE-2024-10905, has…

The Federal Trade Commission (FTC) has banned data brokers Gravy Analytics and Mobilewalla from collecting, using or selling sensitive location data that reveals Americans’ visits to places like healthcare facilities, military bases and religious institutions. The settlements, announced on Tuesday, also…

The Russia-linked advanced persistent threat (APT) group known as Turla has been linked to a previously undocumented campaign that involved infiltrating the command-and-control (C2) servers of a Pakistan-based hacking group named Storm-0156 to conduct its own operations since 2022. The…

Ransomware attacks on manufacturing companies have caused an estimated $17bn in downtime since 2018. According to new figures by Comparitech, these incidents have disrupted operations at 858 manufacturers worldwide, with each day of downtime costing an average of $1.9m. This…

Many organizations struggle with password policies that look strong on paper but fail in practice because they’re too rigid to follow, too vague to enforce, or disconnected from real security needs. Some are so tedious and complex that employees post…

A single cyber-attack has impacted three healthcare organizations, including a children’s hospital, located around Liverpool in the UK. Alder Hey Children’s NHS Foundation Trust confirmed that cybercriminals gained unlawful access to data from Alder Hey Children’s Hospital, Liverpool Heart and…

Are you using the cloud or thinking about transitioning? Undoubtedly, multi-cloud and hybrid environments offer numerous benefits for organizations. However, the cloud’s flexibility, scalability, and efficiency come with significant risk — an expanded attack surface. The decentralization that comes with…

Significant security risks continue to be prevalent in open source software practices, a new report by the Linux Foundation, OpenSSF and Harvard University has found. The CENSUS III project was based on 12 million observations of free and open source…

Europol on Tuesday announced the takedown of an invite-only encrypted messaging service called MATRIX that’s created by criminals for criminal purposes. The joint operation, conducted by French and Dutch authorities under the moniker Passionflower, comes in the aftermath of an…