Recent investigations have surfaced an attempt to breach CrowdStrike, a prominent cybersecurity firm, within the backdrop of the ongoing espionage campaign associated with SolarWinds. The intrusion was reportedly thwarted, revealing critical insights into the current landscape of cybersecurity threats. On December 15, Microsoft’s Threat Intelligence Center flagged a third-party reseller’s…
A critical vulnerability has been identified in the SolarWinds Orion software, which may have been exploited by threat actors as a zero-day to deliver the SUPERNOVA malware across targeted environments. This discovery highlights significant risks for organizations utilizing this widely adopted system monitoring and management tool. The CERT Coordination Center…
Recent cybersecurity research has unveiled a sophisticated credential-stealing malware, implemented using AutoHotkey (AHK), targeting financial institution clients across the US and Canada. This campaign, ongoing since early 2020, emphasizes the alarming trend of cybercriminals employing customized tools for data theft. Among the victims are customers of several prominent banks, including…
Emerging Privacy Solutions in Telecommunications Raise Questions About Cybersecurity In the evolving landscape of telecommunications, a new venture named Phreeli is gaining attention for its promise of enhanced privacy for users. Wilcox, an advocate for consumer privacy, reflects on his long-standing efforts to maintain anonymity in an age of data…
Microsoft Confirms Source Code Access in SolarWinds Attack On Thursday, Microsoft disclosed that threat actors linked to the SolarWinds supply chain attack successfully accessed a limited number of internal accounts within the company. This unauthorized access allowed these sophisticated, nation-state actors to escalate their reach inside Microsoft’s internal network, although…
Barts Health NHS Trust has confirmed a significant data breach attributable to the Cl0p ransomware group, which exploited a vulnerability within Oracle E-Business Suite to access files from one of its invoice databases. This breach has led to the exposure of sensitive information related to payments for medical treatment and…
Ticketmaster to Pay $10 Million for Cyber Intrusions Against Rival In a significant development in cybersecurity and corporate ethics, Ticketmaster has agreed to pay a $10 million fine after it was charged with unauthorized access to the computer systems of a competitor, CrowdSurge, between 2013 and 2015. This incident involved…
A recent security incident involving an AI image creator startup has revealed alarming vulnerabilities, with an unsecured database exposing over a million user-generated images and videos. The majority of the compromised content consisted of explicit material, including sensitive and troubling depictions of minors. This breach raises significant concerns about user…
Arrest of Suspect in Pipe Bomb Case Near US Capitol Signals Breakthrough Amid Ongoing Concerns for Cybersecurity Federal agents announced the arrest of Brian J. Cole Jr., a 30-year-old resident of Woodbridge, Virginia, charged with planting pipe bombs near the U.S. Capitol complex on January 5, 2021. This arrest represents…
