The U.S. government is warning healthcare and public health care organizations to be on alert for attacks by North Korean state-sponsored hackers using Maui ransomware to target the sector. The alert, issued by the Federal Bureau of Investigation, the Cybersecurity and Infrastructure Agency and the Department of the Treasury, states that multiple ransomware attacks using ...

Apple Inc. today previewed a new security feature that automatically locks down system functionality that could be hijacked in “highly targeted cyberattacks.” Called Lockdown Mode, the feature, described by Apple as a “groundbreaking security capability,” offers specialized protection to users who may be at risk of highly targeted cyberattacks from private companies developing state-sponsored mercenary ...

Marriott International Inc. has suffered yet another data breach, the second time the hotel chain has had data stolen this year. First reported today by DataBreaches.net, an unnamed hacking group claimed to have stolen roughly 20 gigabytes of data. The data, including credit card information and personally identifiable information on guests and workers, was stolen from ...

Researchers have discovered a supply chain attack that uses packages hosted on the Node Package Manager, the manager for the Node.js JavaScript platform. Detailed today by Reverse Engineer Karlo Zanki at Reversing Labs Inc., the software supply chain attack involves more than two dozen NPM packages that contain obfuscated JavaScript. The packages are designed to steal ...

Cryptocurrency lending provider Nexo has signed a term sheet to acquire rival lending firm Vauld, two days after Vauld suspended services amid financial challenges. The indicative or nonbinding term sheet grants Nexo a 60-day exclusive exploratory period related to the intended acquisition of Vauld, pending a satisfactory outcome of the initiated due diligence process. Upon ...

The U.S. Department of Commerce’s National Institute of Standards and Technology today said it has chosen four encryption tools designed to protect against quantum computer attacks for a planned post-quantum cryptographic standard. Of the four chosen tools, one — CRYSTAL-Kiber — offers general encryption, while the remaining three — CRYSTAL-Dilithium, Falcon and Sphincs+ — offer ...

Security intelligence firm LogRhythm Inc. today announced the launch of a new version of its security information and event management platform with new features to help security teams. LogRhythm says its SIEM Platform 7.9, in conjunction with updates to LogRhythm NDR and LogRhythm UEBA, helps security teams overcome everyday obstacles by accelerating threat response, improving workflows and simplifying ...

Decentralized finance protocol startup Crema Finance has temporarily suspended services after a hacker stole $8.78 million in cryptocurrency from the company. Crema offers a concentrated liquidity protocol or CLMM that provides services for traders and crypto liquidity providers. Liquidity protocol providers offer a solution to illiquid markets by offering rewards to liquidity providers to swap ...

Unknown hackers have claimed to have stolen data on as many as a billion mainland Chinese residents and are attempting to sell the data on a hacking forum. The data is alleged to have been stolen from the Shanghai National Police database and is said to total 22 terabytes. The data includes names, addresses, national ...

Singapore-based cryptocurrency trading and lending platform provider Vauld has suspended all withdrawals, trading and deposits due to what it describes as “financial challenges.” In a blog post today, the company said the financial issues are the result of volatile market conditions and financial difficulties with key business partners. Vauld also cited the current market climate leading ...