A new ransomware threat called Codefinger is targeting Amazon Web Services (AWS) S3 users, leveraging AWS’s server-side encryption with customer-provided keys (SSE-C). Once attackers gain account credentials—often through reused or weak passwords—they encrypt user data with AES-256 keys that are not stored on AWS, making recovery impossible without the attacker’s key.
Continue Reading
In December 2024, Chinese state-sponsored hackers breached the U.S. Treasury Department by exploiting a vulnerability in a third-party cybersecurity provider, BeyondTrust.
Continue Reading
A ransomware attack in September 2024 on multiple medical institutions in Lubbock and El Paso, Texas, compromised the data of over 1.4 million patients.
Continue Reading
The White House confirmed that a Chinese hacking campaign has affected at least eight U.S. telecommunications firms and dozens of countries, granting Beijing access to private communications, including texts and calls of some senior U.S. officials and political figures.
Continue Reading
Columbus, Ohio confirmed that a ransomware attack in July 2024 compromised the personal data of 500,000 people.
Continue Reading
Casio confirmed it experienced a cyberattack on October 5, 2024, which caused system failures and service disruptions.
Continue Reading
Security company ADT has disclosed a second cybersecurity incident in two months, involving the theft of encrypted employee account data. According to an SEC filing, the breach was discovered on October 2, 2024
Continue Reading
Halliburton, one of the world’s largest energy companies, has confirmed a cyberattack that led to hackers accessing and stealing company data. The company took some systems offline and is now investigating the scope of the breach and its impact on operations.
Continue Reading
National Public Data (NPD), a Florida-based background check company, has confirmed a massive data breach involving 2.9 billion records, including names, addresses, Social Security numbers, phone numbers, and email addresses.
Continue Reading
A cyberattack has disrupted Seattle-Tacoma International Airport (Sea-Tac) since Saturday, affecting websites, email, phones, Wi-Fi, and terminal screens. Authorities have shared few details, only citing “nefarious characters” as a possible cause, with no known motive or timeline for resolution.
Continue Reading
