Endpoint Security, Governance & Risk Management, Internet of Things Security Hackers Could Manipulate Settings of At-Home Life 2000 Ventilation System Marianne Kolbasuk McGee (HealthInfoSec) • December 1, 2025 The FDA has issued a “permanent recall” alert regarding Baxter’s Life 2000 ventilation system, attributed to a cyber vulnerability that endangers patient…
Recent investigations have uncovered two distinct cyber espionage groups allegedly linked to China: UNC5325 and UNC3886, both exploiting vulnerabilities in Ivanti Connect Secure VPN appliances. UNC5325 is reported to have utilized the critical vulnerability tracked as CVE-2024-21893, distributing various malware strains, including LITTLELAMB.WOOLTEA and PITDOG, among others. According to Mandiant,…
A major phishing campaign has recently been identified, targeting businesses worldwide and successfully circumventing Microsoft Office 365’s Advanced Threat Protection (ATP). This offensive has reportedly led to the credentials of over a thousand corporate employees being compromised, with origins traced back to August of the previous year. According to a…
Marriott International Faces £99 Million GDPR Fine Following 2014 Data Breach Following a record £183 million fine recently imposed on British Airways, the UK’s Information Commissioner’s Office (ICO) is now targeting Marriott International, the world’s largest hotel chain, with a proposed £99 million ($123 million) penalty. This action arises from…
Cybersecurity Spending Proposed Funding for Tech Modernization Fund Slashed to $5 Million Despite Bipartisan Backing Chris Riotta ( @chrisriotta) • December 1, 2025 Image: Shutterstock The Trump administration has urged Congress to implement significant cuts to federal cybersecurity and information technology modernization programs in fiscal year 2026. Lawmakers appear to…
Massive Data Breach at Coupang Sparks Urgent Call for Digital Privacy Reform in South Korea In a significant turn of events, South Korean President Lee Jae Myung has urged immediate reforms to enhance digital privacy standards following a devastating data breach that compromised the information of over 33 million customers…
Recent cybersecurity intelligence has revealed that the infamous Lazarus Group has exploited a newly patched privilege escalation vulnerability in the Windows Kernel as a zero-day attack. This exploit allows the adversaries to gain kernel-level access, enabling them to disable crucial security software on affected systems. The vulnerability, identified as CVE-2024-21338…
On Wednesday, Microsoft provided additional insights into the methodologies employed by the attackers behind the SolarWinds breach, one of the most intricate cybersecurity incidents in recent history. This deeper understanding is crucial as cybersecurity firms endeavor to gain a more definitive grasp of the attack’s sophisticated nature. Describing the attackers…
Flock Surveillance Systems Expose Data Handling Practices Flock, a provider of automatic license plate reading and AI-driven camera technologies, has come under scrutiny following revelations about its reliance on overseas workers from Upwork for training its machine learning algorithms. Internal documents, inadvertently disclosed, reveal that these workers review and categorize…
