Daily Cyber Brief
Hackers leak Australian health records, Mississippi election website knocked out by DDoS attack, and malicious chrome extension allows attackers to collect victims data...
Cybersecurity
Hackers on Wednesday began leaking sensitive medical records stolen from an Australian health insurer with nearly 10 million customers, including the prime minister, after the firm refused to pay a ransom. Medibank told investors that a "sample" of data from some 9.7…
VMware has revealed a terrible trio of critical-rated flaws in Workspace ONE Assist for Windows – a product used by IT and help desk staff to remotely take over and manage employees' devices. The flaws are all rated 9.8 out of 10 in CVSS severity. A miscreant…
Several Mississippi state websites were knocked offline during today’s midterm election in what was the most significant digital disruption of the day, though more could be on the way as ballots are counted. A distributed denial-of-service (DDoS) attack took down the…
November's Patch Tuesday also falls on election day in the US, so let's hope that democracy fares better than Microsoft, which reported six of today's bugs are already being exploited in the wild by miscreants. Another 22 vulnerabilities in the Windows giant's products have been…
A LockBit 3.0 ransomware affiliate is using phishing emails that install the Amadey Bot to take control of a device and encrypt devices. According to a new AhnLab report, the threat actor targets companies using phishing emails with lures pretending to be job application…
A new Chrome browser botnet named 'Cloud9' has been discovered in the wild using malicious extensions to steal online accounts, log keystrokes, inject ads and malicious JS code, and enlist the victim's browser in DDoS attacks. The Cloud9 browser botnet is effectively a…
As insurance companies struggle to stay afloat amid rising cyber claims, Swiss Re has recommended a public-private partnership insurance scheme with one option being a government-backed fund to help fill the coverage gap. Global cyber insurance premiums hit…
European Union governments have used “spyware on their citizens for political purposes and to cover up corruption and criminal activity,” according to a new draft report from a committee of the European Parliament. Released on Tuesday, the 159-page report was…
Citrix is urging customers to install security updates for a critical authentication bypass vulnerability in Citrix ADC and Citrix Gateway. Under specific configurations, the three vulnerabilities can enable attackers to gain unauthorized access to the device, perform…
Experian and T-Mobile US have reached separate settlements with 40 states in America following a pair of data security breaches in 2012 and 2015. The settlement will net authorities $16 million, along with assurances it won't happen again. Experian will be…