Ravie Lakshmanan reports: Cybersecurity researchers on Tuesday took the wraps off four up-and-coming ransomware groups that could pose a serious threat to enterprises and critical infrastructure, as the ripple effect of a recent spurt in ransomware incidents show that attackers are growing more sophisticated and more profitable in extracting payouts from victims. “While the ransomware…
FBI sends its first-ever alert about a ‘ransomware affiliate’
Catalin Cimpanu reports: The US Federal Bureau of Investigations has published today its first-ever public advisory detailing the modus operandi of a “ransomware affiliate.” A relatively new term, a ransomware affiliate refers to a person or group who rents access to Ransomware-as-a-Service (RaaS) platforms, orchestrates intrusions into corporate networks, encrypt files with the “rented ransomware,”…
By Design: How Default Permissions on Microsoft Power Apps Exposed Millions
The UpGuard Team writes: The UpGuard Research team can now disclose multiple data leaks resulting from Microsoft Power Apps portals configured to allow public access – a new vector of data exposure. The types of data varied between portals, including personal information used for COVID-19 contact tracing, COVID-19 vaccination appointments, social security numbers for job applicants, employee…
UT: Phishing attack exposes medical information for 12,000 patients at Revere Health
Sean Hemmersmeier reports: A healthcare employee was the subject of a phishing email attack that exposed some medical records for approximately 12,000 patients, including patients of cardiology practice in St. George, according to a press release sent out by healthcare company Revere Health on Friday. The employee’s email was breached for roughly 45 minutes on…
Chico State Students React to COVID-10 Vaccination Data Breach
Carmela Karcher reports: A data breach at Chico State University exposed the personal information of students who requested COVID-19 vaccination religious exemptions. According to the Associated Press, the information was posted on an anonymous internet message board and leaked records for about 130 students. Read more on CBS12. It’s not clear how this data got…
Poly Network confirms return of hacked funds
Teuta Franjkovic reports: The hacker who recently stole more than $600 million out of Poly Network in one of the biggest computer heists ever, has now handed over the private key for the remaining $141 million of looted cryptocurrency. […] In return, Poly Network is to honour a bounty of 161 Ether worth more than…