Cybersecurity researchers have discovered a new phishing campaign that uses fake HIV test results to gather information from victims after clicking a malicious link, targeting insurance, healthcare and pharmaceutical companies around the world. Researchers at Proofpoint uncovered the campaign, stating that the cybercriminals were impersonating Vanderbilt University Medical Center and

AMD has disclosed side-channel attacks in CPUs, and stated that they are not new. The company has been significantly downplaying the side-channel attacks that are capable of leaking potentially sensitive data from its processors released between 2011 and 2019. Researchers stated that these side-channel attacks extract sensitive information through signals

The phone carrier T-Mobile recently suffered a malicious cybersecurity attack that allowed the attacker access to T-Mobile customer account information. This is not the first time that T-Mobile has been the subject of such an attack; in 2018, 2 million customers had their information illegally accessed. T-Mobile is in the

The IT help desk ManageEngine software made by Zoho Corp has been compromised by a zero-day vulnerability that enables unauthenticated access to systems, allowing a remote attacker to launch attacks. Zoho has since released an update that addresses the vulnerability after it was discovered by Steven Seeley of Source Incite

The city of Durham, North Carolina recently shut down its network due to an attack by the Ryuk Ransomware. Ryuk is a ransomware developed by a Russian hacker that gains access to a network when someone opens a malicious email attachment. Upon gaining access, Ryuk is able to permeate network

The most recent McAfee Mobile Threat Report has revealed that four Korean transit apps were compromised in what has been deemed a “MalBus” attack. The applications had been available for over five years and had been downloaded hundreds of thousands of times, but have since been removed from the Google

According to data released by Ponemon Institute and Censinet, over half of all healthcare vendors have experienced a data breach in which protected health information was exposed. This is a costly problem that points to a flawed third party risk assessment processes. The report shows that 54% of healthcare vendors

This week, a series of enterprise data breached were disclosed, effecting the companies T-Mobile, J.Crew, and Carnival Corp. The high toll this week underscored how cybercriminals have been targeting companies recently. J.Crew stated that its customers’ information was compromised, and email addresses and passwords were obtained by an unauthorized third

Yesterday, security researchers reported a zero-day vulnerability in a Zoho enterprise product. The zero-day impacts the Zoho ManageEngine Desktop Central, an endpoint management solution. Android smartphones, Linux servers, and Mac/Windows workstations are often all controlled by Zoho ManageEngine Desktop Central. This means that the zero-day could have a large impact

On Wednesday, March 4, the Let’s Encrypt project plans to revoke more than 3 million TLS certificates after it discovered a bug hidden within its backend’s code. The bug impacted Let’s Encrypt server software, called Boulder, that the company uses to verify users and their domains before they issue a