Recent discoveries have unveiled severe vulnerabilities within CocoaPods, a dependency manager essential for iOS and macOS application development. These security flaws could lead to significant supply chain attacks, jeopardizing numerous applications. The exploit allows attackers to alter the software update process, inserting harmful payloads into applications. Developers must remain vigilant and adopt robust security practices […]
Researchers have identified a new ransomware group called Volcano Demon responsible for two recent successful attacks on companies in the manufacturing and logistics sectors.
In the early part of 2024, the FakeBat loader, also known as EugenLoader or PaykLoader, emerged as a significant threat utilizing the drive-by download technique to spread malware.
The US Department of Health and Human Services has levied a fine of $950,000 from the Heritage Valley Health System in Pennsylvania. It must address potential HIPAA violations after a ransomware attack in 2017.
Industry groups are seeking further clarification on delegation processes and want a clear statement that covered entities without a business associate relationship with Change Healthcare are not obliged to notify patients.
According to a survey by Rockwell Automation, vehicle and automotive supply manufacturers ranked cybersecurity as their biggest external concern. Cyberattacks resulted in $11.8 billion in damages during the first half of 2023 alone.
Hackers are using polyglot files, which can fit into multiple file formats and evade detection by endpoint detection and response systems. Research indicates that some commercial EDR tools have a 0% detection rate for malicious polyglots.
The ruling may lead to legal challenges against recent cybersecurity regulations, including the 2023 cyber incident reporting requirements by the Securities and Exchange Commission (SEC).
Cybersecurity firm Rapid7 has announced to acquired Noetic Cyber, a startup specializing in cyber asset attack surface management (CAASM). The terms of the deal were not disclosed.
According to a new analysis by Comparitech, the average ransom demand per ransomware attack in the first half of 2024 was over $5.2m (£4.1m). This was calculated from 56 known ransom demands issued by threat actors during that period.