Carly Page
Reporter, Cybersecurity
The Latest from Carly Page
FBI operation tricked thousands of computers infected by Qakbot into uninstalling the malware
A U.S. government operation has dismantled the infrastructure of the notorious Qakbot malware, which officials say caused “hundreds of millions” of dollars of damage worldwide. In an announcement
Mom’s Meals says data breach affects 1.2 million customers
Mom’s Meals, a meal delivery service for people with chronic health conditions, has confirmed a data breach affecting more than 1.2 million individuals. In a data breach notice filed this week w
MOVEit, the biggest hack of the year, by the numbers
The mass-exploitation of MOVEit Transfer software has rapidly cemented itself as the largest hack of the year so far. While the full impact of the attack will likely remain untold for months to come,
FBI says North Korean hackers preparing to cash out after high-profile crypto hacks
The U.S. government said it believes North Korean hackers are preparing to cash out millions of dollars stolen during a spate of high-profile crypto hacks. On Tuesday, the FBI warned cryptocurrency co
Hackers exploit WinRAR zero-day bug to steal funds from broker accounts
Cybercriminals are exploiting a zero-day vulnerability in WinRAR, the venerable shareware archiving tool for Windows, to target traders and steal funds. Cybersecurity company Group-IB discovered the v
Ivanti warns customers another zero-day is under active attack
U.S. software giant Ivanti has scrambled to patch another zero-day vulnerability under active attack. The vulnerability, tracked as CVE-2023-38035 with a vulnerability severity rating of 9.8 out of 10
Tesla says data breach impacting 75,000 employees was an insider job
Tesla has said that insider wrongdoing was to blame for a data breach affecting more than 75,000 company employees. Tesla, the electric car maker owned by Elon Musk, said in a data breach notice filed
CISA says hackers are exploiting a new file transfer bug in Citrix ShareFile
Hackers are exploiting a newly discovered vulnerability in yet another enterprise file transfer software, the U.S. government’s cybersecurity agency has warned. CISA on Wednesday added a vulnerabili
Millions of Americans’ health data stolen after MOVEit hackers targeted IBM
Millions of Americans had their sensitive medical and health information stolen after hackers exploited a zero-day vulnerability in the widely used MOVEit file transfer software raided systems operate
The MOVEit mass hacks hold a valuable lesson for the software industry
While zero-day exploits are hard to defend against, the software industry must come together and do more to improve security across the board.
UK cybersecurity giant NCC Group is making more layoffs
U.K. cybersecurity giant NCC Group has confirmed it’s making more layoffs, just months after it slashed its workforce by 7%. The Manchester, U.K.-based company is undergoing its second round of layo
Cybersecurity giant Rapid7 announces sweeping layoffs as losses mount
U.S. cybersecurity giant Rapid7 has announced plans to lay off 18% of its workforce, affecting more than 400 global employees. In a regulatory filing, the Boston-based cybersecurity company said its r
Electoral Commission hack exposed data of 40 million UK voters
The personal information of approximately 40 million U.K. voters was exposed to hackers for more than a year after the Electoral Commission fell victim to a “complex cyberattack.” The Electoral Co
Colorado warns hackers stole 16 years of public school data in ransomware attack
Colorado’s state government has warned students and teachers that hackers may have accessed their personal information — dating as far back as 2004. In a notice on its website, the Colorado De
Health data of 1.7 million Oregon residents accessed by MOVEit hackers
Hackers behind the mass-exploitation of a vulnerability in the popular corporate file transfer tool MOVEit Transfer have accessed the protected health information of 1.7 million Oregon citizens. Perfo
Russia-backed hackers used Microsoft Teams to breach government agencies
Russian state-sponsored hackers posed as technical support staff on Microsoft Teams to compromise dozens of global organizations, including government agencies. Microsoft security researchers said on
US, Norway say hackers have been exploiting Ivanti zero-day since April
Hackers exploited a zero-day flaw in Ivanti’s mobile endpoint management software undetected for at least three months, U.S. and Norwegian cybersecurity agencies have warned. It was confirmed last w
Researchers claim US-registered cloud host facilitated state-backed cyberattacks
A little-known cloud company provided web hosting and internet services to more than two dozen different state-sponsored hacking groups and commercial spyware operators, according to researchers at cy
US government contractor says MOVEit hackers accessed health data of ‘at least’ 8 million individuals
U.S. government services contracting giant Maximus has confirmed that hackers exploiting a vulnerability in MOVEit Transfer accessed the protected health information of as many as 11 million individua
CardioComm, a provider of ECG monitoring devices, confirms cyberattack downed its services
CardioComm Solutions, a Canadian provider of consumer and professional-grade heart monitoring technologies, has been downed by an ongoing cybersecurity incident. The Toronto-based organization said on