PBN reports: Mastodon, a social network based on software for servers of the same name, has been found to have a vulnerability that could have allowed attackers to read individual pieces of information. The problem was caused by inadequate filtering of the data transferred during LDAP authentication. The vulnerability allows attackers to smuggle in an…
Iran-Based Hackers Caught Carrying Out Destructive Attacks Under Ransomware Guise
Ravie Lakshmanan reports: The Iranian nation-state group known as MuddyWater has been observed carrying out destructive attacks on hybrid environments under the guise of a ransomware operation. That’s according to new findings from the Microsoft Threat Intelligence team, which discovered the threat actor targeting both on-premises and cloud infrastructures in partnership with another emerging activity cluster dubbed DEV-1084….
HIPAA: Deficient or Miscast
Matt Fisher writes: The development of new technology in healthcare and the massive expansion in sources of healthcare data have both created many complications when it comes to protecting and securing sensitive information about individuals. Inevitably, the discussion then turns to the role of HIPAA, which then turns to HIPAA not meeting current needs. A recent…
Rogers Communications data allegedly sold on a hacker forum
Vilius Petkauskas reports: Rogers’ leak includes data from the company’s active directory, including information on customers, the attackers claim. The company confirmed the leak, saying some of Rogers employees’ “business contact information” was exposed. Attackers posted an ad on a mostly Russian-speaking hacker forum, alleging the database for sale belongs to Rogers Communications, a Canadian…
New Batch of Classified Documents Appear on Social Media Sites
DNYUZ reports: A new batch of classified documents that appear to detail American national security secrets from Ukraine to the Middle East to China surfaced on social media sites on Friday, alarming the Pentagon and adding turmoil to a situation that seemed to have caught the Biden administration off guard. The scale of the leak…
Sarah D. Culbertson Memorial Hospital working to recover from cybersecurity incident
WGEM reports: Culbertson Memorial Hospital officials reported Friday the hospital had been the victim of a cyber-attack last week. Officials stated they discovered a network disruption at 3 a.m. March 30 that required information systems to be taken offline. Read more at WGEM.