The Lazarus Group, a North Korean cybercriminal entity, has launched a significant global campaign leveraging vulnerabilities in Log4j to facilitate the deployment of previously unknown remote access trojans (RATs). This operation, termed “Operation Blacksmith” by Cisco Talos, employs a range of malware families written in DLang, notably including a RAT…
Targeted Cyber-Espionage Campaign Hits Aerospace and Military Sectors Cybersecurity researchers have unveiled a sophisticated cyber-espionage campaign that specifically targets aerospace and military organizations across Europe and the Middle East. This initiative, termed “Operation In(ter)ception,” reportedly aimed to infiltrate and monitor key personnel within these firms while also attempting to extract…
In a shocking turn of events, Facebook’s market value has plummeted by over $60 billion in just two days, eclipsing the market capitalization of Tesla and approaching three times that of Snapchat. This drastic decline follows revelations that British data analytics firm Cambridge Analytica illicitly obtained and misused personal data…
Presented by SentinelOne 60 mins Many identity governance platforms were designed in a time when access was contained within isolated systems and governance consisted mainly of periodic reviews. However, the landscape has significantly evolved; today, access encompasses a range of applications, including ERP, HCM, and various SaaS products. As a…
SEOUL, Dec. 21 (Yonhap) — In a significant development, South Korea’s state-run consumer agency has mandated SK Telecom Co. to compensate each affected user following a major data breach earlier this year. The authority has ordered the telecommunications giant to provide 100,000 won (approximately US$67) to every user impacted by…
Apache Software Foundation has issued a security advisory regarding a critical vulnerability within the Struts 2 open-source web application framework, posing a significant risk for remote code execution (RCE). This vulnerability, designated as CVE-2023-50164, stems from inadequate “file upload logic” that permits unauthorized path traversal. If exploited, attackers can upload…
The U.S. government has filed a superseding indictment against Julian Assange, the founder of WikiLeaks, alleging his involvement with hacking groups such as LulzSec and Anonymous. This updated indictment expands on the previous 18-count charges, initially levied in May 2019, though it does not introduce new allegations. The Department of…
A recent incident has underscored the extent of data collection by Facebook, particularly concerning its Messenger application installed on Android devices. Reports indicate that until late last year, Facebook was collecting users’ contact lists, SMS, and call history data without explicit user consent, raising serious privacy concerns. The situation gained…
Scott MacDonald: Leader in Cybersecurity and Risk Management at PwC Principal, Cyber, Risk and Regulatory Scott MacDonald serves as a Principal in PwC’s Cybersecurity practice, boasting two decades of expertise in large-scale Identity and Access Management (IAM) initiatives, particularly within the healthcare sector. His career has been marked by the…
