Recently reported zero-day vulnerabilities in Ivanti Connect Secure (ICS) virtual private network (VPN) devices have been actively exploited to deploy a Rust-based payload known as KrustyLoader. This malicious software component is specifically designed to install the open-source Sliver adversary simulation…
Fortinet, a prominent provider of network security solutions, has recently come under scrutiny for concealing a significant vulnerability that has reportedly been exploited by attackers to execute unauthorized code on servers belonging to sensitive organizations. This silence persisted for over…
2023 Cybersecurity Breach Impacts 1.9 Million Individuals at Great Expressions Dental Centers In a significant cybersecurity incident, Great Expressions Dental Centers, a Michigan-based dental organization operating 250 locations across nine states, has reached a preliminary settlement of $2.7 million over…
Equifax Faces Wave of Lawsuits Following Major Data Breach Exposing Personal Information of Millions Equifax, one of the largest credit reporting agencies in the United States, is facing over 30 lawsuits in the wake of a significant data breach that…
Recent investigations have uncovered a significant cybersecurity vulnerability affecting approximately 15,000 applications that utilize Amazon Web Services’ (AWS) Application Load Balancer (ALB) for authentication purposes. This configuration issue could enable malicious actors to bypass access controls, thereby compromising the security…
Great Expressions Dental Centers has reached a settlement in a data breach lawsuit that totaled $2.7 million, underscoring the serious implications of cybersecurity inadequacies within the healthcare sector. The lawsuit initiated following a breach that exposed sensitive personal and medical…
GitLab Security Updates Address Critical Vulnerabilities in CI/CD Pipelines GitLab has announced a series of security updates aimed at rectifying 14 identified vulnerabilities within its software, including a severe flaw that poses a significant risk to its continuous integration and…
The U.S. government announced on Wednesday that it has taken significant action to disrupt a botnet composed of hundreds of small office and home office (SOHO) routers based in the United States. This botnet, referred to as the KV-botnet, is…
Recent discussions highlight the evolving landscape of artificial intelligence (AI) and the critical importance of regulatory measures aimed at addressing potential risks associated with increasingly sophisticated AI technologies. A US government official, who spoke under the condition of anonymity, emphasized…
Application Security, Application Security & Online Fraud, Fraud Management & Cybercrime Socket Plans to Expand Workforce Significantly Following Substantial Growth, Aiming to Accelerate Delivery of Open-Source Tools Michael Novinson (@MichaelNovinson) • October 22, 2024 Feross Aboukhadijeh, founder and CEO, Socket…
