Late last week, FlexMLS and Matrix, two of the nation’s largest multiple listing services (MLS), fell victim to data breaches that have raised significant concerns among their members. The breaches reportedly compromised member login credentials, leading to a wave of…
July 11, 2025
Cyber Attack / Vulnerability Alert
A recently uncovered critical security vulnerability affecting Wing FTP Server is currently being exploited, as reported by Huntress. Known as CVE-2025-47812 (CVSS score: 10.0), this flaw involves improper handling of null (‘\0’) bytes within the server’s web interface, leading to potential remote code execution. The issue has been resolved in version 7.4.4. According to CVE.org’s advisory, “The user and admin web interfaces mishandle ‘\0’ bytes, allowing for the injection of arbitrary Lua code into user session files.” This can enable the execution of arbitrary system commands with the privileges of the FTP service, which defaults to root or SYSTEM. Alarmingly, the vulnerability can also be exploited through anonymous FTP accounts. A detailed analysis of this security issue became public in late June 2025, thanks to RCE Security researcher Julien Ahrens.
Critical Security Flaw in Wing FTP Server Under Active Attack On July 11, 2025, cybersecurity firm Huntress reported that a serious vulnerability in the Wing FTP Server, classified as CVE-2025-47812, is currently being exploited in the wild. This flaw bears…
Aeroflot Faces Major Disruption Following Suspected Cyberattack On Monday, Aeroflot, Russia’s largest airline, experienced significant operational disruptions, cancelling approximately 40 flights due to what the airline referred to as a “technical failure.” However, multiple reports, aided by statements from Russian…
Critical Infrastructure Security, Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime Aeroflot Targeted by Belarusian Hackers Using Wiper Malware Mathew J. Schwartz (euroinfosec) • July 28, 2025 Image: Media_works/Shutterstock Aeroflot, Russia’s state-owned airline, has canceled numerous flights following a cyberattack…
Allianz Life has recently disclosed that a significant data breach has compromised the personal information of 1.4 million customers. The security incident was detected on July 16, 2025, prompting immediate communication to the Maine Attorney General the subsequent day. The…
Data Breach Notification, Data Security, Incident & Breach Response Seemant Sehgal • July 16, 2025 With 25 years of experience in the cybersecurity sector, I have witnessed firsthand the evolution of vulnerability management (VM) from traditional scanning methods to integrated…
Allianz Life Insurance Company of North America has confirmed a substantial data breach that has compromised the personal information of approximately 1.4 million customers. Based in Minneapolis and a subsidiary of the global insurance leader Allianz SE, headquartered in Munich,…
Focused Skill Building: Addressing Key Problems in Cybersecurity Roles In the ever-evolving field of cybersecurity, ongoing education is imperative; it doesn’t cease upon securing a position or following a career path. Instead, the need for targeted learning intensifies as professionals…
AT&T has agreed to a $177 million settlement in response to two significant data breaches that compromised the personal information of customers, as reported by CNET. The settlement will provide compensation to both current and former customers affected by at…
A woman from Arizona, Christina Marie Chapman, has been sentenced to over eight years in prison for her pivotal involvement in a fraudulent scheme that funneled upwards of $17 million to North Korea. According to the U.S. Department of Justice…
