Recent Security News
-
Welltok data breach exposes data of 8.5 million US patients
November 22, 2023 at 02:09PM Healthcare SaaS provider, Welltok, has experienced a data breach, compromising the personal data of nearly 8.5 million patients in the U.S. The breach occurred after their file transfer program was hacked. Welltok offers services to health service providers, including maintaining online wellness programs and holding patient data. The breach involved…
-
Mideast Oil & Gas Facilities Could Face Cyber-Related Energy Disruptions
November 22, 2023 at 01:17PM Amidst the Israel-Gaza conflict, security experts highlight the need for Middle East oil and gas operators to remain vigilant against cyberattacks. A recent report reveals that both sectors are vulnerable, and the consequences could extend beyond the region, impacting global energy supply. If cyberattacks occur, they may go beyond the…
-
New botnet malware exploits two zero-days to infect NVRs and routers
November 22, 2023 at 12:40PM The ‘InfectedSlurs’ botnet is a new malware that exploits two zero-day vulnerabilities to infect routers and video recorder devices. It uses the hijacked devices to carry out distributed denial of service (DDoS) attacks for profit. The botnet was discovered by Akamai in late October 2023 and targets specific NVR and…
-
Idaho National Nuclear Lab Targeted in Major Data Breach
November 22, 2023 at 12:40PM The Idaho National Laboratory (INL), a US Department of Energy national lab, experienced a significant data breach on November 19. Employee information, including addresses, Social Security numbers, and bank account details, were leaked. The breach impacted the Oracle HCM system servers that support INL’s Human Resources applications. An investigation involving…
-
Researchers Discover Dangerous Exposure of Sensitive Kubernetes Secrets
November 22, 2023 at 12:30PM Researchers at Aqua Security have discovered that hundreds of organizations and open-source projects are at risk due to the public exposure of Kubernetes configuration secrets. This vulnerability poses a severe supply chain attack threat as sensitive environments in the Software Development Life Cycle (SDLC) can be accessed. Aqua Security found…