Recent findings by security researchers have uncovered a severe remote code execution vulnerability within the widely used Apache Struts web application framework. This flaw allows remote attackers to execute arbitrary code on compromised servers, posing significant risks to organizations leveraging this technology. Apache Struts, a free and open-source Model-View-Controller (MVC)…
Across various digital communication strategies, from completely open to highly secure, a fundamental principle remains, similar to that of a Signal conversation: the security of information is tied to the least secure device that accesses it. As you evaluate your threat model, assess the devices and accounts within your group…
The infamous hacking collective known as Dragonfly has resurfaced, renewing its focus on targeting energy sector companies in the United States and Europe. Having been active since at least 2011, this well-resourced group is notorious for its sophisticated cyber-espionage campaigns aimed at critical infrastructure, particularly within the energy domain. Research…
Crackas With Attitude Hacking Group Member Sentenced for Targeting U.S. Officials A key member of the notorious hacking group known as Crackas With Attitude has received a five-year prison sentence for his involvement in a series of high-profile cyber intrusions. This group gained notoriety in 2015 for compromising the personal…
In a recent development within the realm of cybersecurity, UpGuard researchers uncovered a substantial data breach involving a publicly accessible database that potentially contained an extensive array of sensitive personal information belonging to Americans. Greg Pollock, director of research at UpGuard, expressed a mix of fatigue and surprise after discovering…
Recent investigations by security firm FireEye have revealed a sophisticated cyber espionage campaign orchestrated by an Iranian hacking group identified as Advanced Persistent Threat 33 (APT33). This group has been targeting critical sectors, including aerospace, defense, and energy, in the United States, Saudi Arabia, and South Korea since at least…
Cybersecurity Alert: CCleaner Hack Targets Major Tech Firms A group of unidentified hackers recently compromised the download server of CCleaner, a widely used system optimization application, to distribute a harmful version of the software. This malicious version affected at least 20 significant technology companies, functioning as a conduit for a…
SEC Cyber Breach Unveils Vulnerabilities in Corporate Filing System This month has seen significant cybersecurity events, not least a recent revelation from the U.S. Securities and Exchange Commission (SEC), the premier regulatory body overseeing the nation’s securities markets. The SEC has disclosed that hackers infiltrated its financial document filing system,…
Over the past 15 years, password managers have transitioned from a specialized tool used primarily by tech enthusiasts to a vital security resource widely adopted by consumers. Recent data indicates that approximately 94 million adults in the U.S., equivalent to nearly 36% of the population, are utilizing these tools. Password…