Data Privacy, Data Security, Healthcare EyeMed Faces $12.6 Million Fallout Over 2020 Cyber Incident with New Settlement Marianne Kolbasuk McGee (HealthInfoSec) • October 6, 2025 EyeMed Vision Care has settled for $5 million over a 2020 data breach, which has already cost the firm in regulatory fines. (Image: EyeMed) EyeMed…
The U.S. Securities and Exchange Commission (SEC) is taking a firm stance on the cybersecurity posture of Software as a Service (SaaS) providers and their clients. Publicly traded companies, referred to as ‘registrants’, are now required to disclose cyber incidents and demonstrate their readiness to manage cybersecurity threats, including those…
Cybersecurity Incident at Western Sydney University: Fraudulent Emails Impacting Graduates Western Sydney University (WSU) has issued an apology to current and former students following the distribution of fraudulent emails that falsely claimed their degrees had been revoked. In a detailed communication attributed to the Policy Compliance Board of Trustees, the…
Cybersecurity experts have recently identified an extensive campaign designed to exploit vulnerabilities in AVTECH IP cameras and Huawei HG532 routers. This initiative has been largely successful in integrating these devices into a variant of the Mirai botnet known as the Murdoc Botnet. The ongoing operations reflect a significant escalation in…
Cybersecurity firm Imperva reported on Friday that it successfully mitigated a substantial ransom distributed denial-of-service (DDoS) attack aimed at an undisclosed target, which peaked at a staggering 2.5 million requests per second (RPS). Nelli Klepfish, a security analyst at Imperva, noted the evolving nature of ransom DDoS attacks, stating, “While…
Cybercrime, Fraud Management & Cybercrime, Governance & Risk Management Growing Concerns Over Age Verification Systems as New Targets for Hackers Chris Riotta (@chrisriotta) • October 6, 2025 Image: Shutterstock A recent security breach involving a third-party customer service vendor for Discord has raised alarms among cybersecurity experts, as it appears…
Cloudflare Exposes Nation-State Cyberattack Targeting Its Infrastructure Cloudflare has disclosed that it was the target of a sophisticated cyberattack, likely orchestrated by a nation-state actor, who exploited stolen credentials to gain unauthorized access to its Atlassian server. The breach allowed the attacker to access certain documentation and a limited amount…
Red Hat, a prominent player in the enterprise software sector, is currently facing extortion threats from a hacking group known as ShinyHunters. The group has made headlines after leaking portions of stolen Customer Engagement Reports (CERs) on a data leak platform. These reports contain sensitive information that could jeopardize the…
Oracle has announced an urgent advisory urging its customers to implement the January 2025 Critical Patch Update (CPU) to resolve 318 newly identified security vulnerabilities across its product suite. This substantial release underscores the growing challenges in maintaining software security amid escalating threats. Among the vulnerabilities disclosed, the most critical…
