Recent Security News
-
Lockbit ransomware disrupts emergency care at German hospitals
December 27, 2023 at 04:06PM German hospital network KHO confirmed a Lockbit ransomware attack on three hospitals in Bielefeld, Rheda-Wiedenbrück, and Herford, impacting their IT systems. Patient treatment continues, but emergency care is unavailable, leading to potential delays. Investigations are ongoing, and it’s unclear if patient data was stolen. Technical restrictions are in place, but…
-
Mortgage firm LoanCare warns 1.3 million people of data breach
December 27, 2023 at 12:46PM LoanCare, a sub-servicing provider overseeing $390 billion in balances from 1.2 million loans, reported a data breach at its parent company, Fidelity National Financial. Approximately 1.3 million borrowers’ sensitive information was compromised, including names, addresses, Social Security numbers, and loan numbers. LoanCare is offering affected individuals identity monitoring services through…
-
Panasonic discloses data breach after December 2022 cyberattack
December 27, 2023 at 12:32PM Panasonic Avionics Corporation disclosed a data breach impacting an undisclosed number of individuals and their employers after its corporate network was breached over a year ago in December 2022. The breach exposed personal and health information. Panasonic is providing free identity and credit monitoring services for 24 months and is…
-
Critical Zero-Day in Apache OfBiz ERP System Exposes Businesses to Attack
December 27, 2023 at 11:18AM A new zero-day security flaw (CVE-2023-51467) in Apache OfBiz ERP system allows bypassing authentication. It stems from an incomplete patch for the CVE-2023-49070 vulnerability. Exploiting the flaw facilitates unauthorized access and potential SSRF attacks. The SonicWall Capture Labs advises updating to Apache OfBiz version 18.12.11 or later to mitigate the…
-
New Xamalicious Android malware installed 330k times on Google Play
December 27, 2023 at 11:00AM Summary: An Android backdoor, ‘Xamalicious,’ infected over 338,300 devices through malicious apps on Google Play. Though removed, infected users need manual scans. The backdoor was embedded in popular apps, and additional malware-infected devices via unofficial app stores. The backdoor accessed sensitive data, may have ad fraud capabilities, and highlights the…