For around four years, Forest Blizzard (also known as Fancy Bear or APT28) has utilized a custom tool targeting a specific vulnerability in the Windows Print Spooler service (CVE-2022-38028). Named GooseEgg, this tool enables hackers to execute remote code, install backdoors, and steal credentials by granting them SYSTEM-level permissions.
UnitedHealth Group expects the cyberattack on its Change Healthcare unit to cost up to $1.6 billion this year but maintains its 2024 earnings forecast, indicating a less severe impact than anticipated.
A recently issued report by the International Monetary Fund (IMF) reveals that financial service enterprises have endured significant losses totaling $12 billion over the past twenty years due to cyber assaults.
In a recent alarming development, the US Department of Health has issued a stern warning to hospitals across the nation about a new wave of cyber threats targeting their IT help desks. The advisory comes amidst growing concerns over the vulnerability of healthcare institutions to malicious cyber activities.
According to a recent webcast by the North American Electric Reliability Corporation (NERC), there's a concerning trend of increasing vulnerability to cyberattacks within the U.S. power grids. The number of potential weak points in both virtual and physical infrastructure is rising, with approximately 60 new susceptibilities identified each day. NERC executives noted that these vulnerabilities, which are areas in software or hardware prone to exploitation by cyber criminals, expanded from 21,000-22,000 at the close of 2022 to a range of 23,000-24,000 last year.
Cybersecurity experts and insurance professionals are issuing warnings about the escalating utilization of artificial intelligence (AI) tools by cybercriminals and nation-state cyber operators.
Last month, a federal agency responsible for cybersecurity found itself targeted in a hacking incident, leading to the shutdown of two critical computer systems, according to a spokesperson for the agency and sources familiar with the matter speaking to CNN.
The Biden administration's latest fiscal blueprint, unveiled on Monday, doesn't present significant increases in cybersecurity funding, marking a departure from expectations within the cybersecurity community.