Microsoft has issued a warning about a sophisticated scam known as “Payroll Pirate,” which is currently targeting employees by redirecting their paycheck deposits into accounts controlled by fraudsters. This attack begins with the compromise of employee profiles on platforms like…
John Hanley of IBM Security outlines four crucial insights from the widely recognized annual Cost of a Data Breach Report 2023. Overview of the IBM Cost of a Data Breach Report The annual IBM Cost of a Data Breach Report…
Shuffle, a prominent player in the crypto betting sector, has announced a significant data breach that compromised the personal information of a substantial portion of its user base. The source of this breach has been traced back to Fast Track,…
Cybercriminals are exploiting a recently identified vulnerability affecting GFI KerioControl firewalls. This flaw, if successfully leveraged, may enable remote code execution (RCE) by malicious actors. The vulnerability, listed as CVE-2024-52875, pertains to a carriage return line feed (CRLF) injection attack,…
A sophisticated botnet known as PseudoManuscrypt has been actively targeting Windows systems in South Korea since May 2021, employing tactics similar to those used by the malware CryptBot. This trend has raised significant concerns within the cybersecurity community. A report…
Encryption & Key Management, Fraud Management & Cybercrime, Governance & Risk Management Medusa Ransomware Group Linked to Exploitation of Recently Patched Zero-Day Vulnerability Mathew J. Schwartz (euroinfosec) • October 10, 2025 Image: Shutterstock/ISMG Recent cyberattacks have targeted Fortra’s GoAnywhere managed…
Apple has significantly escalated its bug bounty program, now offering a maximum payout of $2 million for software exploits that could facilitate spyware attacks. This announcement was made by Ivan Krstić, Apple’s vice president of security engineering and architecture, during…
Cybersecurity researchers have uncovered a malicious WordPress plugin capable of creating unauthorized administrator accounts and injecting harmful JavaScript code designed to siphon credit card information. This activity is linked to a broader Magecart campaign specifically targeting e-commerce platforms, as reported…
Key Takeaways: 59% of organizations have reported Managed File Transfer (MFT) security incidents, largely due to governance and encryption shortfalls. The GoAnywhere zero-day exploit laid bare serious vulnerabilities exploited by attackers to deploy ransomware. Implementing robust governance and integrated security…
Palo Alto Networks Releases Critical Software Patches for Expedition Tool Palo Alto Networks has announced the rollout of crucial software patches aimed at mitigating multiple security vulnerabilities in its Expedition migration tool. Among these flaws, a significant one has been…
