The attacks hit at least 50 organizations from a wide variety of industries in two waves, on December 2nd and between December 11th and 18th, according to a Mandiant report published today.

The National Institute of Standards and Technology is seeking public comment as it plans to update its 2008 guidance for implementing the HIPAA Security Rule, which went into effect 20 years ago.

During this two-month period, threat actors had modified the legitimate Codecov Bash Uploader tool to exfiltrate environment variables from Codecov customers’ CI/CD environments.

Over 40 apps – with more than a total 100 million downloads – had hardcoded private AWS keys embedded within them, putting their internal networks and their users’ data at risk of cyberattacks.

The victim, Melbourne-based Schepisi Communications, is a partner of Telstra that supplies phone numbers and cloud storage services on behalf of the telecommunications giant.

JupiterOne, a cybersecurity management automation startup, today closed a $30 million Series B round led by Sapphire Ventures, with participation from previous investors Bain Capital Ventures.

Scripps Health, a hospital network based in San Diego, was hit by a cyberattack over the weekend, forcing some critical-care patients to be diverted, according to the San Diego Union-Tribune.

FortiGuard Labs has discovered yet another COVID-themed lure designed to compel unsuspecting victims to click on what appears to be an innocuous link that leads to a malicious zip file attachment.

The company said today that it has closed on a deal to buy German secure access service edge or SASE firm Secucloud GmbH. That company is now a fully owned subsidiary of Aryaka.

The alleged data breach which has been seen and analyzed by Hackread.com includes full names, IP addresses, email addresses, Bcrypt passwords, Telegram messenger IDs, etc.