Massive healthcare breaches prompt US cybersecurity rules overhaul
Source: Bleeping Computer
The U.S. Department of Health and Human Services (HHS) has proposed updates to the Health Insurance Portability and Accountability Act of 1996 (HIPAA) to enhance the security of patient health data. These changes aim to address a surge in healthcare data breaches and cyberattacks, including ransomware incidents. The proposed rules would require healthcare organizations to encrypt protected health information, implement multifactor authentication, and segment networks to prevent lateral movement by attackers.
US Treasury Department breached through remote support platform
Source: Bleeping Computer
Chinese state-sponsored threat actors breached the U.S. Treasury Department by exploiting vulnerabilities in a remote support platform provided by BeyondTrust. The department was informed of the breach on December 8, 2024, and has classified it as a major cybersecurity incident. BeyondTrust identified two zero-day vulnerabilities, CVE-2024-12356 and CVE-2024-12686, which the attackers used to gain unauthorized access.
Dozens of Chrome Browser Extensions Hijacked by Data Thieves
Source: Infosecurity Magazine
In late December 2024, a significant cybersecurity incident emerged involving the hijacking of at least 36 Google Chrome browser extensions, potentially compromising the data of approximately 2.6 million users. The attack was first detected when the extension for cybersecurity startup Cyberhaven was compromised following a phishing attack on December 24.
US Issues Final Rule for Protecting Personal Data Against Foreign Adversaries
Source: Security Week
The U.S. Department of Justice (DoJ) has issued a final rule implementing Executive Order 14117, aimed at mitigating the risks associated with foreign adversaries accessing and exploiting Americans' sensitive personal data. This rule targets countries such as China, Russia, North Korea, Iran, Cuba, and Venezuela, as well as specific individuals and entities classified as 'covered persons'.
Cisco Confirms Authenticity of Data After Second Leak
Source: Security Week
Cisco has confirmed that 4 gigabytes of data leaked by a hacker are authentic and pertain to a previously disclosed security incident. The hacker, known as IntelBroker, had earlier claimed to have obtained 800 gigabytes of files from Cisco's DevHub environment, which serves as a resource center providing source code, scripts, and other content to customers.