A security researcher has demonstrated an innovative phishing attack that takes advantage of Google’s debatable decision to offer risky top-level domains (TLDs) such as ZIP, for use on websites and email addresses. At the beginning of the month, Google expanded the internet’s namespace by adding eight new TLDs, namely .dad, .phd, .prof, .esq, .foo, .zip, … The post New ZIP . . .
MCNA Admits LockBit Ransomware Stole Data of 8.9M People
Managed Care of North America, one of the largest dental care service providers in the United States, has admitted that the LockBit cyberattack the threat actors disclosed in early March 2023 has impacted almost 9 million people. The healthcare organization posted a notice of a breach on its website and shared a sample with the … The post MCNA Admits LockBit Ransomware Stole . . .
BlackCat Ransomware Says It Snatched Millions of Medical Records
The BlackCat ransomware group, also known as ‘ALPHV,’ has claimed responsibility for the cyberattack that caused problems earlier in the month to Norton Healthcare, a healthcare provider that operates over 40 clinics and hospitals in the U.S. state of Kentucky. The hackers claim to hold millions of medical records stolen from the healthcare system’s network, … The post BlackCat . . .
Facebook Fined €1.2 Billion for Transferring EU User Data to the US
The Irish Data Protection Commission (DPC) has imposed a record-breaking fine of €1,200,000 on Meta, Facebook’s parent company, for GDPR (General Data Protection Regulations) violations. The violation concerns Facebook’s practice of transferring the data of EU-based users on US-based servers, hosting that data indefinitely, and processing it without restrictions, very likely . . .
Hackers Can Retrieve Master Passwords from KeePass Memory
KeePass, a widely-used open-source password manager, saves user input in retrievable memory strings, including master passwords that protect the user’s credentials. The problem stems from how KeePass handles user-typed content in forms, creating memory strings containing all the master password’s characters except for the first one. The vulnerability, now tracked as . . .