Tag: service
-
Ransomware attack on ChipSoft knocks EHR services offline across hospitals in the Netherlands and Belgium
Dutch healthcare IT firm ChipSoft suffered a ransomware attack, forcing services and its HiX platform offline, impacting hospitals and patients. ChipSoft, a major Dutch provider of EHR systems, was hit by a ransomware attack that forced it to take its website and digital services offline, disrupting access for hospitals, healthcare providers, and patients. EHR (Electronic…
-
Breach of Confidence: 10 April 2026
I spent most of one day this week trying to access a perfectly ordinary online service and felt like I was applying for witness protection. By the end of it, I’d supplied a password, a code, a backup code, a second email, and what felt like several pieces of emotional verification. We are constantly told……
-
How Acronis and SuperOps help MSPs work smarter with integrated cyber protection
The integration between Acronis and SuperOps was built to address these challenges head-on. By connecting cyber protection services directly into the SuperOps ecosystem, MSPs gain better visibility, fewer handoffs between tools and more consistent service delivery, while maintaining strong security standards. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/how-acronis-and-superops-help-msps-work-smarter-with-integrated-cyber-protection/
-
Dutch hospitals face disruptions after ransomware attack on software provider ChipSoft
A ransomware attack on Dutch healthcare software vendor ChipSoft has forced the company to disable parts of its digital services used by hospitals and patients across the Netherlands, the national cybersecurity center for the healthcare sector said. First seen on therecord.media Jump to article: therecord.media/chipsoft-ransomware-attack-disrupts-dutch-hospitals
-
Fake BTS Tour Ticket Scams Target Fans Worldwide
Cybercriminals are exploiting the massive hype around BTS’s return to the global stage by launching a wave of fake ticketing websites targeting fans across multiple countries. The K-pop group recently reunited after nearly four years, during which members completed mandatory military service in South Korea. Their upcoming “ARIRANG” world tour has triggered overwhelming demand and…
-
The cyber winners and losers in Trump’s 2027 budget
Tags: cisa, communications, compliance, corporate, cyber, cybersecurity, defense, government, group, infrastructure, international, network, office, risk, service, strategy, threatFigure 1- Top gainers in Trump’s 2027 budget. Compilation from OMB cross-cut tables. CSOSeveral smaller agencies, including the EPA, Department of Education, Tennessee Valley Authority, Federal Mine Safety and Health Review Commission, and the US Army Corps of Engineers, also stand to post modest gains under the 2027 budget. Losers: DHS, VA, and research programs…
-
New React Server Components Flaw Could Let Attackers Trigger DoS
A newly disclosed high-severity vulnerability in React Server Components could allow unauthenticated attackers to trigger a Denial of Service (DoS) condition. Tracked as CVE-2026-23869, this flaw poses a significant risk to web applications using specific server-side rendering packages. Because the exploit requires no privileges and involves low attack complexity, threat actors can easily target vulnerable…
-
MuddyWater Uses Russian MaaS in New ChainShell Attack
MuddyWater is now weaponizing a Russian malware-as-a-service (MaaS) platform to run a new operation dubbed “ChainShell”, blending Iranian state targeting with commercially developed cybercrime tooling. The assessment is based on a misconfigured command”‘and”‘control (C2) web server, 15 malware samples, and a previously undocumented JavaScript/Node.js payload named ChainShell. Investigators conclude that MuddyWater is running at least…
-
GitLab Security Update Fixes High-Severity CVE-2026-5173, 11 Other Flaws
GitLab has rolled out a major security update to address a series of vulnerabilities impacting both its Community Edition (CE) and Enterprise Edition (EE) platforms. The GitLab security update resolves multiple flaws, including high-severity issues that could be exploited to disrupt services or gain unintended access to system functionality. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/gitlab-security-update-cve-2026-5173/
-
What to Know About CyberAv3ngers: The IRGC-Linked Group Targeting Critical Infrastructure
Tags: access, advisory, ai, attack, authentication, automation, backup, cctv, chatgpt, cisa, communications, compliance, control, credentials, crypto, cve, cyber, cybersecurity, data, data-breach, defense, detection, dns, email, exploit, finance, firewall, flaw, government, group, healthcare, infrastructure, intelligence, international, Internet, iot, iran, kev, leak, linux, malicious, malware, mitigation, mitre, monitoring, network, office, openai, password, radius, resilience, risk, router, service, siem, software, strategy, switch, technology, threat, tool, update, vpn, vulnerability, vulnerability-managementAn Iran-affiliated threat group has evolved from defacing water utility displays to deploying custom ICS malware and exploiting Rockwell Automation PLCs across multiple U.S. critical infrastructure sectors. Key takeaways: CyberAv3ngers is a state-directed threat group operating under Iran’s IRGC Cyber-Electronic Command. The U.S. Treasury sanctioned six named officials in February 2024 and the State Department…
-
Iranian attacks on US critical infrastructure puts 3,900 devices in crosshairs
Censys researchers warned that thousands of devices are exposed to the Iranian government’s campaign targeting energy, water, and U.S. government services and facilities. First seen on cyberscoop.com Jump to article: cyberscoop.com/iran-attackers-industrial-ot-government-energy-water-censys/
-
New VENOM phishing attacks steal senior executives’ Microsoft logins
Threat actors using a previously undocumented phishing-as-a-service (PhaaS) platform called “VENOM” are targeting credentials of C-suite executives across multiple industries. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-venom-phishing-attacks-steal-senior-executives-microsoft-logins/
-
Healthcare IT solutions provider ChipSoft hit by ransomware attack
Dutch healthcare software vendor ChipSoft has been impacted by a ransomware attack that forced the company to take offline its website and digital services for patients and healthcare providers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/healthcare-it-solutions-provider-chipsoft-hit-by-ransomware-attack/
-
Cloudflare ‘actively adjusting’ quantum priorities in wake of Google warning
Tags: android, attack, awareness, browser, chrome, ciso, communications, compliance, computer, computing, crypto, cryptography, cybersecurity, data, encryption, google, government, group, Hardware, infrastructure, Internet, ml, mobile, regulation, risk, service, strategy, technology, threat, vulnerabilityNational Institute of Standards and Technology (NIST) has set a 2030 deadline for depreciating legacy encryption algorithms ahead of their planned retirement in 2035.Late last month Google brought forward its own post-quantum cryptography (PQC) deadline a year to 2029 because advances in quantum computers mean that legacy encryption and digital signature systems are at greater…
-
SASE für das KI-Zeitalter
Island, die Plattform für Enterprise-Work und Entwickler des Enterprise-Browsers, präsentiert eine grundlegend neue Secure-Access-Service-Edge (SASE) -Architektur. Ihr Kern: das Konzept des ‘Perfect Packet”. Es wurde für eine Arbeitswelt entwickelt, in der KI-Agenten, verteilte Remote-Teams und lokale Tools das Büro als Zentrum der Arbeit abgelöst haben. Das Ergebnis: Bis zu 90 Prozent des Datenverkehrs laufen direkt…
-
Russia accuses former Radio Free Europe journalist of aiding cyberattacks for Ukraine
In a statement to state-owned media, the FSB said the suspect joined a Telegram channel controlled by the Security Service of Ukraine (SBU) and passed information about a local print publication covering Russia’s war in Ukraine. First seen on therecord.media Jump to article: therecord.media/russia-accuses-radio-free-europe-journalist-aiding-ukraine-cyberattack
-
Russia accuses former Radio Free Europe journalist of aiding cyberattacks for Ukraine
In a statement to state-owned media, the FSB said the suspect joined a Telegram channel controlled by the Security Service of Ukraine (SBU) and passed information about a local print publication covering Russia’s war in Ukraine. First seen on therecord.media Jump to article: therecord.media/russia-accuses-radio-free-europe-journalist-aiding-ukraine-cyberattack
-
Russia accuses former Radio Free Europe journalist of aiding cyberattacks for Ukraine
In a statement to state-owned media, the FSB said the suspect joined a Telegram channel controlled by the Security Service of Ukraine (SBU) and passed information about a local print publication covering Russia’s war in Ukraine. First seen on therecord.media Jump to article: therecord.media/russia-accuses-radio-free-europe-journalist-aiding-ukraine-cyberattack
-
Turning Email Authentication into a Revenue Engine: Why Australian MSPs Can’t Afford to Ignore DMARC-as-a-Service
Originally published at Turning Email Authentication into a Revenue Engine: Why Australian MSPs Can’t Afford to Ignore DMARC-as-a-Service by Tim Sergent. By Allan Richards, Global MSP Lead at EasyDMARC … First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/turning-email-authentication-into-a-revenue-engine-why-australian-msps-cant-afford-to-ignore-dmarc-as-a-service/
-
The Cybersecurity Readiness Gap: Why 90% of Companies Are Still Unprepared in 2026
The Cybersecurity Readiness Gap: Why 90% of Companies Are Still Unprepared in 2026 The cybersecurity landscape of 2026 is defined by a staggering paradox: while organizations are investing more than ever in defense, the “readiness gap” continues to widen. Despite the availability of advanced tools, 90% of organizations still rely on passwords as their primary…The…
-
Your MCP Server Is a Resource Server Now. Act Like It.
TL;DR, Without an identity layer, AI agents accessing enterprise tools create real exposure: data exfiltration through unscoped access, audit failures when no one can trace which user authorized which tool call, and lateral movement when a compromised agent inherits a service account’s permissions. This post shows how to deploy an identity gateway with OPA… First…
-
Weak at the seams
Tags: advisory, ai, attack, automation, business, cloud, compliance, control, crowdstrike, cybersecurity, data, data-breach, endpoint, exploit, finance, firewall, framework, healthcare, infrastructure, insurance, Internet, network, resilience, risk, service, supply-chain, technology, tool, update, vulnerability, windows, zero-dayThe normal choices are the dangerous ones: Consider the stack a typical large enterprise was running in 2024: One vendor for ERP and supply chain, another for perimeter enforcement, another for networking and another for endpoint protection. Standard choices, responsibly made. Within a twelve-month window, each of those categories experienced significant disruptions, from zero-day exploits…
-
Weak at the seams
Tags: advisory, ai, attack, automation, business, cloud, compliance, control, crowdstrike, cybersecurity, data, data-breach, endpoint, exploit, finance, firewall, framework, healthcare, infrastructure, insurance, Internet, network, resilience, risk, service, supply-chain, technology, tool, update, vulnerability, windows, zero-dayThe normal choices are the dangerous ones: Consider the stack a typical large enterprise was running in 2024: One vendor for ERP and supply chain, another for perimeter enforcement, another for networking and another for endpoint protection. Standard choices, responsibly made. Within a twelve-month window, each of those categories experienced significant disruptions, from zero-day exploits…
-
Signature Healthcare Cyberattack Causes Service Disruptions, Treatment Delays
A Signature Healthcare cyberattack has disrupted critical hospital systems at Signature Healthcare and Signature Healthcare Brockton Hospital, affecting patient care, laboratory testing, pharmacy services, and administrative operations. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/signature-healthcare-cyberattack/
-
GitLab Addresses Multiple Vulnerabilities Linked to DoS and Code Injection
GitLab has rolled out a crucial security update to fix multiple vulnerabilities across its Community Edition (CE) and Enterprise Edition (EE) platforms. Organizations utilizing self-managed GitLab instances are strongly advised by GitLab security experts to apply these updates immediately to prevent potential exploitation. Customers utilizing GitLab Dedicated or the cloud-hosted GitLab.com services are already protected…
-
Capita’s troubled Civil Service Pension Scheme hit by data breach
A data breach affecting 138 members of the Civil Service Pension Scheme piles pressure on the service’s administrator, Capita, amid ongoing issues. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366641501/Capitas-troubled-Civil-Service-Pension-Scheme-hit-by-data-breach
-
Questions raised about how LinkedIn uses the petabytes of data it collects
CSOonline. “We do disclose that we scan for browser extensions in our privacy policy, in order to detect abuse and provide defense for site stability.” When asked whether it uses that data solely to do those things, LinkedIn did not reply. The key person behind the allegations calls himself Steven Morrell (not his legal name, which…
-
Arelion employs NETSCOUT Arbor DDoS protection products
Tags: ai, attack, automation, business, cyber, cyberattack, cybersecurity, ddos, defense, detection, government, infrastructure, intelligence, Internet, mitigation, monitoring, network, risk, router, service, strategy, tactics, technology, threat“As a Tier-1 Internet carrier supporting the majority of global Internet traffic, this continued collaboration reflects our ongoing investment in best-of-breed network security solutions to protect the technology ecosystem. Our partnership combines Arelion’s global network performance and NETSCOUT’s leading Arbor DDoS attack protection solutions to provide world-class experiences for our customers.” Scott Nichols, Chief Commercial…
-
6 Winter 2026 G2 Leader Badges prove this DDoS protection stands out
Leader Enterprise DDoS ProtectionMomentum Leader DDoS ProtectionRegional Leader (Asia) DDoS ProtectionLeader DDoS ProtectionLeader Web SecurityArbor Sightline was also recognized as a leader in enterprise network management. NETSCOUTWhat NETSCOUT Customers Are Saying About TMS“The Arbor Threat Mitigation System allows us to defend not only our internal systems, but our customers.”, Darren G.”“NETSCOUT delivers unmatched network visibility…
-
How botnet-driven DDoS attacks evolved in 2H 2025
Tags: ai, attack, botnet, dark-web, ddos, defense, dns, finance, government, group, infrastructure, intelligence, international, Internet, iot, jobs, law, LLM, mitigation, network, resilience, risk, service, strategy, tactics, threat, tool, usa, vulnerabilityMassive attack capacity: Demonstration attacks peaked at 30Tbps and 4 gigapackets per second, primarily launched by Internet of Things (IoT) botnets such as Aisuru and TurboMirai variants.AI integration: The use of AI, including dark-web large language models (LLMs), moved from emerging trend to operational reality, making sophisticated attacks accessible to a wider range of threat actors.Persistent threat…