In a concerning development for cybersecurity in 2024, Jake Williams, Vice President of Research and Development at Hunter Strategy and a former NSA hacker, expressed disbelief at the emergence of command injection vulnerabilities in secure remote access products, particularly those…
A significant cyber incident involving the United States Department of the Treasury has come to light, involving an alleged breach by hackers linked to a Chinese Advanced Persistent Threat (APT) group. This attack, confirmed by the Treasury in an official…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime, Network Firewalls, Network Access Control Hackers Exploit PAN-OS Vulnerability Shortly After Its Announcement Akshaya Asokan (asokan_akshaya) • December 30, 2024 A Palo Alto firewall. (Image: Palo Alto) A suspected cyber espionage effort…
Marriott Faces Federal Action Over Major Data Breaches Affecting Millions The U.S. Federal Trade Commission (FTC) announced on Wednesday that Marriott International and its subsidiary, Starwood Hotels & Resorts Worldwide, will be mandated to implement an information security program as…
Chinese State-Sponsored Hacking of U.S. Treasury Workstations: A Major Incident The U.S. Treasury Department recently reported a significant security breach, revealing that Chinese hackers gained access to its workstations via a third-party cloud service. This alarming incident, which the department…
The United States government has unveiled a set of proposed cybersecurity regulations aimed at mitigating the ramifications of health data breaches. These new rules are designed to bolster the safeguarding of sensitive health information amid a significant uptick in high-profile…
The recent developments in passkey technology highlight significant challenges faced by users, particularly regarding cross-platform functionality and ease of access. A new feature announced allows users to create passkeys directly on security keys, a move that aims to enhance user…
On Saturday, a wave of complex cyberattacks targeted nine websites belonging to the Italian government, leading to significant disruptions across critical digital services. Among the compromised sites were the Ministry of Foreign Affairs and the official platforms for Milan’s principal…
Governance & Risk Management, Operational Technology (OT) Attackers Exploiting OS Command Injection Vulnerability Prajeet Nair (@prajeetspeaks) • December 30, 2024 An industrial router crafted by Four-Faith (Image: Four-Faith) A high-severity command injection vulnerability is currently being exploited by malicious actors…
New Cybersecurity Regulations Projected to Cost Healthcare Sector $9 Billion in First Year In response to escalating data breach threats, the Biden administration is proposing a series of stringent cybersecurity regulations aimed at healthcare organizations across the United States. These…
