In the wake of the extensive data breach at Equifax—attributed to vulnerabilities within the Apache Struts framework—Cisco has launched a comprehensive investigation into its products utilizing this popular open-source web application framework. This move comes as Apache Struts has been identified as hosting several critical vulnerabilities, including two remote code…
Black Hat, Cybercrime, Events Also: macOS Malware Insights, Cybercrime Trends, Spoofing Railway Technology Mathew J. Schwartz (euroinfosec) • December 17, 2025 Image: Mathew J. Schwartz In December, London transforms into a hub for cybersecurity experts during the annual Black Hat Europe conference. Celebrating its 25th year, the event featured nearly…
Groundwork Initiated for Data Protection Board as IT Secretary Announces Online Office Software In a significant move towards strengthening cybersecurity infrastructure, groundwork has commenced for the establishment of a new data protection board, according to IT Secretary Krishnan. This initiative aims to enhance the protection of personal and sensitive data…
A new variant of the Vega ransomware family, designated as Zeppelin, has recently emerged, specifically targeting technology and healthcare sectors across Europe, the United States, and Canada. This development raises significant concerns in the cybersecurity community, especially for organizations reliant on technology infrastructure and sensitive data handling. Interestingly, Zeppelin appears…
Massive Data Breach at Equifax: A Case Study in Cybersecurity Failures The extensive data breach at Equifax, which exposed the highly sensitive information of approximately 143 million individuals, can be attributed to a significant vulnerability in the Apache Struts framework. This flaw, which was patched more than two months prior…
Professional Certifications & Continuous Training, Recruitment & Reskilling Strategy, Training & Security Leadership Job Seekers Must Exhibit Good Judgment and Trustworthiness Beyond Technical Skills Brandy Harris • December 24, 2025 Image: Shutterstock Cybersecurity interviews can often be misinterpreted by candidates, regardless of their level of experience. Many approach these…
The Korea Consumer Agency has mandated SK Telecom, South Korea’s leading mobile carrier, to provide compensation to users impacted by a recent cybersecurity breach, representing a pivotal regulatory action in the telecom sector. The agency’s decision follows a class-action complaint from affected parties who allege that their personal information was…
Zero-Day Vulnerability in Zimbra Email Software Exploited by Multiple Threat Actors A recently identified zero-day vulnerability in the Zimbra Collaboration email software has been exploited by four distinct groups to compromise sensitive email data, user credentials, and authentication tokens. This flaw, designated as CVE-2023-37580, has garnered attention due to its…
Cybercriminals Innovate Their Strategies: A Growing Threat to Sensitive Data Recent developments in cybersecurity indicate a significant uptick in cybercriminal activity, characterized by increasingly sophisticated techniques targeting sensitive information across various sectors. Cyber adversaries are continuously evolving, adapting their methods to exploit vulnerabilities in systems that handle critical data, including…
