Federal contractor Health Net Federal Services (HNFS) and parent company Centene Corporation will pay an $11m fine to settle allegations that the company lied about meeting federal cybersecurity standards. Prosecutors said the company, which administered the Tricare healthcare programme, falsely certified compliance with certain cybersecurity controls, failed to scan for vulnerabilities, and did not address security flaws. The fine forms part of the Department of Justice’s 2021 initiative to root out cyber-related fraud among federal contractors.
SPAWNCHIMERA Malware Exploits Ivanti Buffer Overflow Vulnerability by Applying a Critical Fix
The SPAWNCHIMERA malware exploits a vulnerability in Ivanti Connect Secure, allowing it to evade detection and patch the vulnerability itself, preventing other exploit attempts. The
