The Breach News

Experts Discover Common Codebase Connecting Morpheus and HellCat Ransomware Payloads

Recent investigations into the operations of HellCat and Morpheus ransomware have uncovered significant overlaps in their coding, suggesting a collaboration or shared framework among these cybercriminal entities. According to analysis conducted by SentinelOne, artifacts submitted to the VirusTotal scanning platform in late December 2024 indicate that the ransomware payloads used…

Read MoreExperts Discover Common Codebase Connecting Morpheus and HellCat Ransomware Payloads

Dior Facing Legal Action in China Over Unauthorized Foreign Data Transfers

In May 2023, French luxury fashion house Dior faced a significant data breach, prompting scrutiny from regulatory authorities. This incident led to Dior’s Shanghai subsidiary being the first foreign entity prosecuted under China’s Personal Information Protection Law (PIPL), highlighting a shift in the enforcement of data privacy regulations in the…

Read MoreDior Facing Legal Action in China Over Unauthorized Foreign Data Transfers

Elastic Issues Urgent Patch for Critical Remote Code Execution Vulnerability in Kibana

Critical Kibana Vulnerability Exposes Users to Code Execution Risk Elastic has released urgent security updates following the discovery of a critical vulnerability in Kibana, the visualization dashboard for Elasticsearch. This flaw, officially labeled as CVE-2025-25015, is particularly concerning due to its high CVSS score of 9.9 out of a possible…

Read MoreElastic Issues Urgent Patch for Critical Remote Code Execution Vulnerability in Kibana

Apple Launches iOS Update for Older iPhones to Address Actively Exploited Security Flaw

Apple Inc. has recently rolled out critical security updates for legacy iPhone, iPad, and iPod touch devices, focusing on patching a significant vulnerability that has been found to be actively exploited. This flaw, designated as CVE-2022-32893, has garnered a CVSS score of 8.8 and represents an out-of-bounds write issue in…

Read MoreApple Launches iOS Update for Older iPhones to Address Actively Exploited Security Flaw

Universal ZTNA: Ensuring Secure Access and SASE in the Pursuit of Comprehensive Federal Digital Trust Webinar.

Exploring Universal Zero Trust Network Access for Enhanced Federal Digital Trust In an era where data security is paramount, an upcoming ISMG webinar, sponsored by Cisco, promises to delve into Universal Zero Trust Network Access (ZTNA) and its significance in fostering digital trust within federal operations. Scheduled for a 60-minute…

Read MoreUniversal ZTNA: Ensuring Secure Access and SASE in the Pursuit of Comprehensive Federal Digital Trust Webinar.

How Long for Hackers to Breach Modern Hashing Algorithms?

Understanding Modern Password Security and Attack Techniques As user accounts face escalating threats, passwords continue to serve as the frontline defense against unauthorized access. Recent trends in password security reveal a shift towards prioritizing password length over complexity, as outlined in the National Institute of Standards and Technology (NIST) guidelines.…

Read MoreHow Long for Hackers to Breach Modern Hashing Algorithms?

Webinar: Discover How ASPM Shifts Application Security from Reactive to Proactive

In today’s rapidly evolving cyber landscape, many organizations find themselves grappling with outdated security tools that fail to provide comprehensive protection. This common challenge leaves systems vulnerable to sophisticated threats, prompting a need for more effective strategies. To address these issues, Application Security Posture Management (ASPM) emerges as a promising…

Read MoreWebinar: Discover How ASPM Shifts Application Security from Reactive to Proactive

Infrastructure Utilized in Cisco Hack Also Aimed at Workforce Management Solutions

In early 2022, an attack infrastructure targeting Cisco was also utilized in an attempted breach of an unnamed workforce management solutions holding company. This attempted intrusion occurred just one month prior to the Cisco incident, highlighting a strategy employed by cybercriminals to exploit vulnerabilities in various sectors. According to cybersecurity…

Read MoreInfrastructure Utilized in Cisco Hack Also Aimed at Workforce Management Solutions