The new rules come in the wake of the Change Healthcare breach, which exposed the electronic personal health information of about 100 million Americans.
The post HHS Proposes Major Overhaul of HIPAA Security Rule in the Wake of Change Healthcare Breach appeared first on Security Boulevard.
A new ransomware group called FunkSec claimed 85 victims in December but its members appear to be lesser-skilled hackers using generative AI and inflated attack numbers to bolster their capabilities and reputation, according to Check Point researchers.
The post FunkSec: A New Ransomware Group Buoyed by AI appeared first on Security Boulevard.
The number of internet-facing Ivanti Connect Secure instances vulnerable to attack via CVE-2025-0282 has fallen from 2,048 to 800 in the last four days, the Shadowserver Foundation shared today. In the meantime, UK domain registry Nominet became the first publicly known victim of attackers exploiting the recently patched Ivanti zero-day. CVE-2025-0282 zero-day attacks CVE-2025-0282 is a stack-based buffer overflow vulnerability that allowed unauthenticated attackers to breach VPN appliances used by a number of (still publicly … More →
The post UK domain registry Nominet breached via Ivanti zero-day appeared first on Help Net Security.
Have you ever had your lunch interrupted by a sudden barrage of security alerts? That’s exactly what happened to one of our clients when a frantic call from their Security Operations Center revealed a flood of suspicious emails. The culprit? A brand-new cyberattack mimicking the notorious Black Basta group’s latest technique—and it hit with lightning […]
The post Inside a 90-Minute Attack: Breaking Ground with All-New AI Defeating Black Basta Tactics first appeared on SlashNext.
The post Inside a 90-Minute Attack: Breaking Ground with All-New AI Defeating Black Basta Tactics appeared first on Security Boulevard.
TL;DR — Email addresses in stealer logs can now be queried in HIBP to discover which websites they've had credentials exposed against. Individuals can see this by verifying their address using the notification service and organisations monitoring domains can pull a list back via a new
Microsoft Threat Intelligence has uncovered a critical macOS vulnerability that allowed attackers to bypass Apple’s System Integrity Protection (SIP). Known as CVE-2024-44243, this vulnerability could be exploited to load third-party kernel extensions, resulting in severe security implications for macOS users. Apple released a patch for this vulnerability as part of its December 11, 2024, security […]
The post Critical macOS Vulnerability Lets Hackers to Bypass Apple’s System Integrity Protection appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.