The prolific Clop ransomware gang has named dozens of corporate victims it claims to have hacked in recent weeks after exploiting a vulnerability in several enterprise popular file transfer products developed by U.S. software company Cleo. In a post on its dark web leak site, seen by TechCrunch, the Russia-linked Clop gang listed 59 organizations […]
On Tuesday, the United Nations Security Council held a meeting to discuss the dangers of commercial spyware, which marks the first time this type of software — also known as government or mercenary spyware — has been discussed at the Security Council. The goal of the meeting, according to the U.S. Mission to the UN,
Governments call for spyware regulations in UN Security Council meeting Read More »
U.S. school districts affected by the recent cyberattack on edtech giant PowerSchool have told TechCrunch that hackers accessed “all” of their historical student and teacher data stored in their student information systems. PowerSchool, whose school records software is used to support more than 50 million students across the United States, was hit by an intrusion
Change Healthcare, the UnitedHealth-owned healthtech company that lost more than 100 million people’s sensitive health data in a ransomware attack last year, said on Tuesday that the company has “substantially” completed notifying affected individuals about the massive data breach. The February 2024 ransomware attack on Change Healthcare, one of the biggest processors of patient billing
UnitedHealth hid its Change Healthcare data breach notice for months Read More »
Security researchers say malicious hackers have been exploiting a newly discovered vulnerability in Fortinet firewalls to break into corporate and enterprise networks. In an advisory published Tuesday, security product maker Fortinet confirmed that a critical-rated vulnerability in its FortiGate firewalls, tracked as CVE-2024-55591, is “being exploited in the wild.” Fortinet made patches available, but security
Hackers are exploiting a new Fortinet firewall bug to breach company networks Read More »
U.S. authorities have confirmed that they disrupted the operations of a Chinese state-backing hacking group, which infiltrated millions of computers worldwide to steal data as part of a years-long espionage campaign. The Department of Justice and the FBI said on Tuesday that they had successfully deleted the malware planted by the China-backed hacking group, known
U.K. public sector and critical infrastructure organizations could be banned from making ransom payments under new proposals from the U.K. government. The U.K.’s Home Office launched a consultation on Tuesday that proposes a “targeted ban” on ransomware payments. Under the proposal, public sector bodies — including local councils, schools, and NHS trusts — would be
UK plans to ban public sector organizations from paying ransomware hackers Read More »
Toward the end of 2023, an Israeli security researcher from Tel Aviv said that he was approached on LinkedIn with an opportunity to work abroad with “good pay.” He said that the company’s HR department told him that it was a “legitimate” offensive security company that was starting from scratch in Barcelona, Spain. But during
How Barcelona became an unlikely hub for spyware startups Read More »
A hack and data breach at location data broker Gravy Analytics is threatening the privacy of millions of people around the world, whose smartphone apps unwittingly revealed their location data collected by the data giant. The full scale of the data breach isn’t yet known, but the alleged hacker has already published a large sample
A breach of a data broker’s trove of location data threatens the privacy of millions Read More »
Nominet, the U.K. domain registry that maintains .co.uk domains, has experienced a cybersecurity incident that it confirmed is linked to the recent exploitation of a new Ivanti VPN vulnerability. In an email to customers, seen by TechCrunch, Nominet warned of an “ongoing security incident” under investigation. Nominet said hackers accessed its systems via “third-party VPN
UK domain giant Nominet confirms cybersecurity incident linked to Ivanti VPN hacks Read More »
