A newly identified security vulnerability in Microsoft Windows has been exploited by the Lazarus Group, a state-sponsored hacking collective with ties to North Korea. The flaw, designated as CVE-2024-38193, has been characterized as a privilege escalation vulnerability impacting the Windows…
Cyber Espionage Campaign Targets Telecom Operators in Asia Cyber espionage groups linked to China have been identified as responsible for an extensive intrusion campaign that has affected several telecommunications operators within an unnamed Asian country, with activity dating back to…
Data Breach Exposes Personal Information of Hundreds of Thousands of Comcast Customers Comcast, one of the largest internet service providers in the United States, has confirmed a significant data breach that has compromised the personal information of over 237,000 customers.…
Since its inception, Generative AI has significantly transformed productivity within enterprises, streamlining processes such as software development, financial analysis, business strategy formulation, and customer interaction. Nonetheless, this surge in efficiency brings substantial risks, notably regarding the possibility of sensitive data…
American Water has recently reported a significant cybersecurity incident that has disrupted its computer networks and systems, impacting its customer portal and billing functions. The company, which is the United States’ largest publicly traded water and wastewater utility, based in…
A recent report from Homeland Security Investigations (HSI), published on October 4, 2024, indicates significant advancements in the recovery of funds linked to ransomware activities. HSI officials have successfully tracked and recovered approximately $4.3 billion in cryptocurrency payments associated with…
On February 14, 2023, a significant data breach affecting over 237,000 customers of Comcast was reported, underscoring the vulnerabilities associated with third-party vendor relationships in the cybersecurity landscape. The recently disclosed incident involved the theft of sensitive personal data, including…
The Cybersecurity and Infrastructure Security Agency (CISA) has recently added a significant vulnerability related to Jenkins to its Known Exploited Vulnerabilities (KEV) catalog due to its exploitation in ransomware attacks. This vulnerability, designated as CVE-2024-23897 with a critical CVSS score…
In a recent analysis by Rapid7, a new malvertising campaign has emerged that exploits trojanized installers for widely used software like Google Chrome and Microsoft Teams to deploy a backdoor known as Oyster. This malicious software, which is also referred…
A sophisticated hacking group, known as Salt Typhoon and believed to be linked to China, has infiltrated major U.S. telecom providers AT&T, Verizon, and Lumen Technologies, compromising wiretap systems crucial for criminal investigations. The breach raises significant national security concerns…
