Orbitz Data Breach Exposes Nearly 880,000 Payment Card Numbers Orbitz, a Chicago-based online travel agency and a subsidiary of Expedia, has disclosed a significant data breach affecting its legacy website. Approximately 880,000 payment card numbers have been compromised, potentially exposing customers’ sensitive financial information. Founded as a travel fare aggregator,…
New Machine-Led Security Approach Aims to Enhance Cyber Defense In the wake of increasing cyber threats, security teams find themselves grappling with an overwhelming amount of data noise, hindering their ability to focus on genuine threats. This operational complexity, combined with the evolving sophistication of adversaries who leverage artificial intelligence,…
A fraudulent website posing as Bangladesh’s official e-apostille platform has compromised sensitive data belonging to over 1,100 individuals, raising alarms among cybersecurity experts. This incident is being characterized as one of the most significant failures in digital governance in recent years. Documents that have surfaced online include national identification cards,…
The Lazarus Group, a North Korean cybercriminal entity, has launched a significant global campaign leveraging vulnerabilities in Log4j to facilitate the deployment of previously unknown remote access trojans (RATs). This operation, termed “Operation Blacksmith” by Cisco Talos, employs a range of malware families written in DLang, notably including a RAT…
Targeted Cyber-Espionage Campaign Hits Aerospace and Military Sectors Cybersecurity researchers have unveiled a sophisticated cyber-espionage campaign that specifically targets aerospace and military organizations across Europe and the Middle East. This initiative, termed “Operation In(ter)ception,” reportedly aimed to infiltrate and monitor key personnel within these firms while also attempting to extract…
In a shocking turn of events, Facebook’s market value has plummeted by over $60 billion in just two days, eclipsing the market capitalization of Tesla and approaching three times that of Snapchat. This drastic decline follows revelations that British data analytics firm Cambridge Analytica illicitly obtained and misused personal data…
Presented by SentinelOne 60 mins Many identity governance platforms were designed in a time when access was contained within isolated systems and governance consisted mainly of periodic reviews. However, the landscape has significantly evolved; today, access encompasses a range of applications, including ERP, HCM, and various SaaS products. As a…
SEOUL, Dec. 21 (Yonhap) — In a significant development, South Korea’s state-run consumer agency has mandated SK Telecom Co. to compensate each affected user following a major data breach earlier this year. The authority has ordered the telecommunications giant to provide 100,000 won (approximately US$67) to every user impacted by…
Apache Software Foundation has issued a security advisory regarding a critical vulnerability within the Struts 2 open-source web application framework, posing a significant risk for remote code execution (RCE). This vulnerability, designated as CVE-2023-50164, stems from inadequate “file upload logic” that permits unauthorized path traversal. If exploited, attackers can upload…
