Officials at Oregon Health & Science University have apologized to employees after a fake phishing test drew complaints about raising false hopes.
OHSU Apologizes After Phishing Test Draws Complaints
North Korea APT Lazarus Targeting Chemical Sector
Threat hunters at Symantec have spotted signs that North Korea’s Lazarus APT group is targeting companies in the chemical sector in an ongoing cyberespionage campaign that includes fake job lures and clever social engineering.
Juniper Networks Patches Vulnerabilities in Contrail Networking, Junos OS
Juniper Networks this week announced the release of patches for more than 30 vulnerabilities across its portfolio, including severe flaws in Contrail Networking and Junos OS.
House Panels Probe Gov’t Use of Facial Recognition Software
Two House committees have launched an investigation into the government’s use of facial recognition software that was most recently used by the Internal Revenue Service, but stopped after complaints from lawmakers and privacy advocates.
Conti Ransomware Gang Claims Cyberattack on Wind Turbine Giant Nordex
The Conti ransomware gang has claimed responsibility for a cyberattack that forced wind turbine giant Nordex to shut down internal systems on March 31.
The incident, the company revealed in early April, was identified at an early stage, but resulted in multiple systems across Nordex’s branches being taken offline.
New ‘Enemybot’ DDoS Botnet Targets Routers, Web Servers
A recently identified DDoS botnet has targeted several router models and various types of web servers by exploiting known vulnerabilities, Fortinet warns.
Google Patches Third Actively Exploited Chrome Zero-Day of 2022
A Chrome 100 update that Google announced on Thursday resolves two vulnerabilities in the popular browser, including one already exploited in the wild.
U.S. Gov Blames North Korea Hackers for $600M Cryptocurrency Heist
The U.S. government says the recent $600 million Ronin Validator cryptocurrency heist was conducted by Lazarus Group, the notorious hacking outfit linked to the North Korean government.
Critical Code Execution Flaw Haunts VMware Cloud Director
Cloud computing and virtualization technology firm VMWare on Thursday rolled out patches for an extremely critical security flaw in the VMWare Cloud Director product, warning that unpatched systems are at risk of remote code execution attacks.
Cloud Security Startup DoControl Raises $30 Million
Cloud data security startup DoControl has closed a $30 million Series B funding round that brings the total raised by the company to $43 million.
The financing round was led by Insight Partners, with additional investments from Cardumen Capital, CrowdStrike Falcon Fund, RTP Global, and StageOne Ventures.
