The U.S. Cybersecurity and Infrastructure Security Agency (CISA) reported on Monday the addition of a significant security vulnerability pertaining to Roundcube email software to its Known Exploited Vulnerabilities (KEV) catalog. This extension is based on confirmed instances of active exploitation. Identified as CVE-2023-43770 with a CVSS score of 6.1, the…
Recent cybersecurity research has unveiled a sophisticated credential-stealing malware, implemented using AutoHotkey (AHK), targeting financial institution clients across the US and Canada. This campaign, ongoing since early 2020, emphasizes the alarming trend of cybercriminals employing customized tools for data theft. Among the victims are customers of several prominent banks, including…
Emerging Privacy Solutions in Telecommunications Raise Questions About Cybersecurity In the evolving landscape of telecommunications, a new venture named Phreeli is gaining attention for its promise of enhanced privacy for users. Wilcox, an advocate for consumer privacy, reflects on his long-standing efforts to maintain anonymity in an age of data…
Massive Data Breach Exposed at Citrix, Targeting U.S. Government and Corporate Networks In a concerning revelation last weekend, Citrix, a prominent provider of enterprise software that serves the U.S. military, the FBI, and various governmental agencies, announced a significant data breach of its internal network. The intrusion, attributed to “international…
Amit Chaudhry Takes Charge at Cloudflare Leading Innovation in Product and Solutions Marketing Amit Chaudhry has recently assumed the role of Product and Solutions Marketing Leader at Cloudflare, bringing over 25 years of extensive experience in enterprise AI and product marketing. His career has spanned key positions at industry giants…
Title: Urgent Action Required: Claim Your Share of AT&T’s $177 Million Data Breach Settlement Before Time Runs Out In a recent significant development, AT&T has announced a substantial settlement of $177 million related to a major data breach that exposed sensitive customer information. Business owners and individuals affected by this…
Microsoft Confirms Source Code Access in SolarWinds Attack On Thursday, Microsoft disclosed that threat actors linked to the SolarWinds supply chain attack successfully accessed a limited number of internal accounts within the company. This unauthorized access allowed these sophisticated, nation-state actors to escalate their reach inside Microsoft’s internal network, although…
Barts Health NHS Trust has confirmed a significant data breach attributable to the Cl0p ransomware group, which exploited a vulnerability within Oracle E-Business Suite to access files from one of its invoice databases. This breach has led to the exposure of sensitive information related to payments for medical treatment and…
A hacker operating under the alias Gnosticplayers has surfaced once again, now offering a new trove of stolen data. This latest release includes records from six previously unreported websites, adding to his extensive inventory of compromised information that, to date, involves details of approximately 890 million online accounts harvested from…
