Veeam Addresses Critical Vulnerability in Backup & Replication Software Veeam has announced crucial security updates to its Backup & Replication software in response to a severe vulnerability that could facilitate remote code execution. The flaw, identified as CVE-2025-23120, is rated with a Critical Severity level, carrying an alarming CVSS score…
A sophisticated threat actor known as Mustang Panda has been implicated in a wave of spear-phishing attacks directed at key sectors including government, education, and research from May to October 2022. According to a recent report by cybersecurity firm Trend Micro, the targeted regions include countries in the Asia Pacific,…
Events, Governance & Risk Management, Nullcon Live Bug Bounty Event Reveals New Testing Advantages Aseem Jakhar • September 15, 2025 Patricia Leppert, Team Manager of Customer Trust and Security, TeamViewer; Raphaël Arrouas, Independent Ethical Hacker As cyber threats escalate in sophistication, organizations are discovering significant benefits from direct collaboration between…
A new cyber campaign named RevivalStone has been attributed to the China-linked threat actor known as Winnti, targeting Japanese firms in the manufacturing, materials, and energy sectors as recently as March 2024. This initiative, as outlined by Japanese cybersecurity firm LAC, coincides with activities tracked by Trend Micro as Earth…
In a significant disclosure, Google has confirmed that hackers successfully established a counterfeit account within its Law Enforcement Request System (LERS), a vital channel utilized by authorities globally to submit official data requests. This breach, first reported by BleepingComputer, highlights the increasingly sophisticated methods that cybercriminals employ to penetrate secure…
Recent reports from the SANS Internet Storm Center indicate that two recently patched security vulnerabilities in the Cisco Smart Licensing Utility are being actively targeted by malicious actors. The vulnerabilities have been classified as critical, underscoring the urgency for businesses to address these issues promptly. The flaws identified are CVE-2024-20439…
Daixin Team Compromises AirAsia’s Data in Ransomware Incident In a significant cybersecurity breach, the Daixin Team, a cybercrime group, has published sensitive data linked to AirAsia, a prominent Malaysian low-cost airline. This development follows a ransomware attack that occurred on November 11 and 12, during which the airline’s network was…
Government, Healthcare, Industry Specific Funding: A Solution to Planned Cuts in Rural Health Under the Big Beautiful Bill? Marianne Kolbasuk McGee (HealthInfoSec) • September 15, 2025 HHS’ Rural Health Transformation program grants $50 billion over five years, including cybersecurity funding. However, will this be sufficient for rural healthcare providers impacted…
Russia Conducts Hypersonic Missile Test Amid Rising Tensions with NATO In a notable display of military capability, Russia launched a 3M22 Zircon hypersonic missile from the frigate Admiral Golovko in the Barents Sea, strategically located near NATO borders. This launch occurs against a backdrop of escalating tensions between Russia and…
