The Senate Finance Committee Chair is requesting additional details regarding the recent cyberattack on Change Healthcare, highlighting ongoing concerns about the security of sensitive healthcare information. This incident comes amidst a growing number of cyber incidents targeting the healthcare sector, underscoring its vulnerability in the face of advancing cyber threats.…
OpenSSH Vulnerability Exposes Critical Risk to Linux Systems In a significant development for cybersecurity, the maintainers of OpenSSH have issued urgent security updates addressing a severe vulnerability that may allow unauthenticated remote code execution with root-level access on glibc-based Linux systems. This vulnerability, designated CVE-2024-6387 and dubbed "regreSSHion," resides within…
A $2 million contract between the United States Immigration and Customs Enforcement (ICE) and Israeli spyware firm Paragon Solutions has been halted and is now subject to a compliance review. This pause has drawn attention as it serves as an early evaluation of the Biden administration’s executive order aimed at…
Artificial Intelligence & Machine Learning, Governance & Risk Management, Next-Generation Technologies & Secure Development New Vulnerability Tool Uncovers Flaws in OpenAI and Nvidia APIs Used in GitHub Projects Akshaya Asokan (@asokan_akshaya) • October 21, 2024 Protect AI utilizes Anthropic’s Claude LLM to operate the vulnerability detection tool. (Image: Shutterstock) In…
The Crown Prosecution Service (CPS) of the UK has come under scrutiny after it lost DVDs containing sensitive interviews with child sex abuse victims during a postal transfer. This incident highlights ongoing vulnerabilities in data handling practices among organizations entrusted with sensitive information. The organization has been fined £325,000 for…
In a recent incident highlighting the fragility of sensitive data security in major corporations, Disney has become the latest victim of a significant data breach. The attack was executed by a hacktivist group named NullBulge, which managed to infiltrate Disney’s internal communications within its Slack messaging platform, extracting over 1.2…
Legislation & Litigation , Standards, Regulations & Compliance 2023 Cybersecurity Breach Impacted 1.9 Million Patients and Employees Marianne Kolbasuk McGee (HealthInfoSec) • October 21, 2024 Great Expressions Dental Centers (Image: Shutterstock) In a significant data breach, Great Expressions Dental Centers, a Michigan-based dental organization operating 250 offices across nine states,…
The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) has imposed sanctions on six individuals affiliated with the Iranian intelligence agency, attributed to cyberattacks targeting critical infrastructure in the United States and globally. This action underscores rising concerns related to cyber threats posed by state-sponsored actors. The individuals sanctioned…
Internet Archive Faces Repeated Cybersecurity Challenges Amid Major Breaches In October 2024, the Internet Archive, a non-profit organization founded by Brewster Kahle to safeguard the digital history of the internet, encountered significant security setbacks resulting in multiple data breaches. The first incident, occurring on October 9, involved both a data…
