A significant cybersecurity threat has emerged involving a botnet orchestrated by hackers linked to the Chinese government. This network, comprised of thousands of compromised routers, cameras, and other Internet-connected devices, has been employed to execute sophisticated password spray attacks targeted at users of Microsoft’s Azure cloud service. The warning about…
Leadership & Executive Communication, Training & Security Leadership, Video CIO Alex Gallo Discusses Managing Digital Transformation, Security, and Lifelong Learning Anna Delaney (annamadeline) • November 1, 2024 Alex Gahlo, CIO and CyberEdBoard member In a landscape increasingly defined by rapid digital transformation, Alex Gallo, a member of CyberEdBoard and Chief…
Black Basta Ransomware Targets Critical Infrastructure Globally The Black Basta ransomware-as-a-service (RaaS) group has made a significant impact since its inception in April 2022, successfully compromising over 500 private and critical infrastructure entities across North America, Europe, and Australia. Recent joint advisories released by leading cybersecurity authorities, including the Cybersecurity…
In 2023, personal identification data has become alarmingly less private, with a staggering 81% of Americans experiencing a compromise of their information through various data breaches. This revelation comes from James E. Lee, chief operating officer of the Identity Theft Resource Center, a California-based nonprofit that aims to mitigate the…
On Tuesday, Ivanti addressed several critical security vulnerabilities within its Endpoint Manager (EPM), which could potentially be exploited to achieve remote code execution in specific scenarios. The vulnerabilities, which include six categorized under CVE-2024-29822 through CVE-2024-29827, possess a Common Vulnerability Scoring System (CVSS) score of 9.6. These flaws primarily stem…
Cyberattacks Disrupt Ukrainian Telecommunications Amid Ongoing Conflicts Recent reports from the Computer Emergency Response Team of Ukraine (CERT-UA) indicate that threat actors have compromised the operations of at least 11 telecommunications service providers in Ukraine between May and September 2023. This wave of cyber intrusions is being tracked under the…
As the 2024 presidential election in the United States approaches, recent disclosures by WIRED highlight concerning evaluations from the US government regarding the integrity and security of the electoral process. Information obtained by the nonprofit organization Property of the People indicates that a report from the Department of Homeland Security…
Plastic Surgery Clinic Faces $500K HIPAA Fine Following Ransomware Attack A South Dakota-based plastic surgery clinic has recently found itself at the center of a discussion around cybersecurity and regulatory compliance after paying a ransom of $53,000 to regain access to critical data locked by a ransomware attack. Dr. James…
SolarMarker Malware Continues to Evolve, Targeting Multiple Sectors Recent investigations by Recorded Future have revealed the complex infrastructure behind the SolarMarker malware, a notorious information-stealing threat. The actors responsible for this malware have created a multi-tiered system designed to complicate law enforcement’s efforts to neutralize it. This infrastructure is divided…
