November 2, 2023 at 02:13PM U.S. mortgage lending company Mr. Cooper experienced a cyberattack that led to the shutdown of its IT systems, including its online payment portal. Customers were unable to log in and pay their mortgages or loans. Mr. Cooper confirmed the cyberattack and initiated response protocols, including shutting down certain systems. The … Read more
November 2, 2023 at 11:39AM Okta has notified approximately 5,000 employees that a file containing their personal information was stolen in a breach on one of their third-party vendors, Rightway Healthcare. The breach occurred on September 23, but was only discovered on October 12. Okta has found no evidence of the personal information being misused … Read more
November 2, 2023 at 11:19AM Boeing is investigating a cyberattack on its parts and distribution business by the LockBit ransomware gang. The incident did not affect flight safety, and the company is collaborating with law enforcement for an ongoing investigation. The Boeing services website is currently down due to technical issues. The ransomware gang claimed … Read more
November 2, 2023 at 11:11AM Cloud identity management provider Okta has warned around 5,000 current and former employees that their personal information may have been exposed in a data breach affecting healthcare coverage provider Rightway Healthcare. The breach, which occurred on September 23, 2023, compromised a file containing names, Social Security numbers, and health insurance … Read more
November 1, 2023 at 06:52PM A cybercriminal group called Alphv, also known as BlackCat, claims to have stolen data from Advarra, a firm that helps run medical trials. The group gained access to an executive’s account by SIM swapping their cellphone number. The attackers have threatened to leak the stolen data if a ransom is … Read more
November 1, 2023 at 10:54AM F5 is warning administrators of their BIG-IP devices about skilled hackers exploiting recently disclosed vulnerabilities. These hackers erase signs of their access and achieve stealthy code execution. Two critical vulnerabilities were identified, and F5 has urged admins to apply available security updates. The vulnerabilities allow for authentication bypass and SQL … Read more
October 31, 2023 at 04:10PM The US Securities and Exchange Commission (SEC) has filed a lawsuit against SolarWinds’ former Chief Information Security Officer (CISO), Timothy Brown, alleging that he failed to disclose critical information about the cyberattack on the company’s software supply chain. The lawsuit is seen as a rare instance of a regulatory body … Read more
October 30, 2023 at 05:56PM SolarWinds has been charged by the SEC for allegedly hiding cybersecurity issues from investors before the December 2020 APT29 breach. The SEC claims the company failed to disclose the risks and only shared broad information. The SEC also alleges that SolarWinds’ Chief Information Security Officer knew about the vulnerabilities but … Read more
October 30, 2023 at 04:01PM The U.S. Federal Trade Commission (FTC) has amended the Safeguards Rules to require non-banking financial institutions, such as mortgage brokers and investment firms, to report data breaches within 30 days. The goal is to enhance data security and protect customer information. Companies must disclose incidents impacting 500 or more consumers, … Read more
October 30, 2023 at 10:53AM Stanford University is investigating a cybersecurity incident after being attacked by the Akira ransomware group. The group claimed to have stolen 430 GB of data. The attack appears to be limited to the Department of Public Safety. This is the third ransomware attack on Stanford in recent years. Akira is … Read more