Cyberattack on Iranian National Media Uncovered: Wiper Malware Deployed In late January 2022, a sophisticated cyberattack against the Islamic Republic of Iran Broadcasting (IRIB), a key player in the country’s national media landscape, was confirmed to involve the deployment of…
Data Breach Notification, Data Privacy, Data Security Australian Clinical Labs Fined $5.8 Million for 2022 Data Theft Incident Marianne Kolbasuk McGee (HealthInfoSec) • October 9, 2025 An Australian court has mandated a $5.8 million penalty against Australian Clinical Labs for…
In September 2025, SonicWall disclosed a data breach affecting its cloud backup service, initially indicating that fewer than 5% of its clients were impacted. However, this assessment has evolved as SonicWall, in collaboration with incident response firm Mandiant, has confirmed…
In a recent development highlighting the growing concerns surrounding youth involvement in cybercrime, two adolescents linked to the notorious LAPSUS$ hacking group received sentences for their participation in a series of high-profile cyberattacks on various corporations. Among the targeted firms…
Security Flaw in Oracle E-Business Suite Exposes Multiple Organizations to Cyber Threats On October 10, 2025, a report from Google Threat Intelligence Group (GTIG) and Mandiant confirmed a significant zero-day exploitation of a security vulnerability in Oracle’s E-Business Suite (EBS)…
Critical Vulnerability in Aviatrix Controller Exploited for Malicious Activities A recently uncovered severe security vulnerability in the Aviatrix Controller, a cloud networking platform, has drawn significant attention due to its active exploitation in the wild. Security firm Wiz has reported…
Targeted Attacks on Vulnerable Microsoft SQL Servers Uncovered Recent cybersecurity reports indicate that threat actors are actively exploiting vulnerable internet-facing Microsoft SQL (MS SQL) Servers as part of a disturbing new campaign. This effort aims to install the Cobalt Strike…
Governance & Risk Management, Security Operations, Vulnerability Assessment & Penetration Testing (VA/PT) Pentera Acquires DevOcean to Enhance Attack Simulation and Remediation Michael Novinson (MichaelNovinson) • October 9, 2025 Amitai Ratzon, co-founder and CEO, Pentera (Image: Pentera) Pentera has announced the…
Discord has reported a significant security breach involving the potential exposure of government identification images belonging to approximately 70,000 users. These IDs, which were submitted as proof of age in accordance with the platform’s usage requirements, were compromised via a…
Google Cloud has addressed a significant medium-severity security vulnerability within its platform that could potentially allow an attacker with access to a Kubernetes cluster to escalate their privileges. This flaw was associated with the Fluent Bit logging container, and Google…
