The breach occurred after a file transfer program used by the company was hacked. Welltok works with health service providers, maintaining online wellness programs and holding databases with patient data.
The incident affected multiple systems, including eFiling, electronic payment, and case management systems. The affected services are still offline. The incident also involved a data breach, with hackers threatening to leak stolen data.
The Clop ransomware gang claimed responsibility for the attack, highlighting the increasing threat posed by ransomware groups to bar associations and other organizations.
Microsoft has discovered a supply chain attack carried out by North Korean hackers. The attack involved attaching a malicious file to a legitimate software installer. The attack was attributed to the hacking group known as Diamond Sleet.
Due to the incident, users may experience difficulties accessing Blender’s services and sites, and should be cautious of downloading from third-party sources to avoid malware infections.
A new Mirai-based botnet called InfectedSlurs has been discovered by Akamai, using two zero-day vulnerabilities to infect routers and video recorder devices. First observed in October 2023, the botnet is believed to be active since at least 2022.
The company has not provided any specific details about the nature of the incident, but customers are advised to monitor their accounts for suspicious activity. It is unclear whether all or a few selected New Relic customers are at risk.
Researchers from Blackwing Intelligence and Microsoft’s MORSE have discovered a way to bypass fingerprint authentication on three popular laptops with Windows Hello, namely the Dell Inspiron 15, Lenovo ThinkPad T14s, and Microsoft Surface Pro X.
The US Secret Service and various reporting portals tied the criminals’ laundering efforts to multiple wallet addresses. The seized proceeds were returned in the stablecoin Tether.
A proof-of-concept exploit has been released for a critical zero-day vulnerability in Windows SmartScreen. The vulnerability, identified as CVE-2023-36025, allows attackers to bypass Windows Defender SmartScreen checks and execute malicious code.