The Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) catalog to include a severe security vulnerability affecting NAKIVO Backup & Replication software. This addition arises from confirmed instances of active exploitation, prompting urgency for remedial action across affected enterprises. The specific vulnerability, identified as CVE-2024-48248,…
The Hive ransomware-as-a-service (RaaS) group has executed attacks against more than 1,300 organizations globally, amassing illicit earnings of around $100 million by November 2022. This malicious enterprise has demonstrated an extensive reach, impacting a variety of sectors, most notably healthcare and public health, as well as government facilities and critical…
Account Takeover Fraud, Anti-Money Laundering (AML), Fraud Management & Cybercrime Series C Funding to Propel R&D and Vision for Comprehensive Compliance Solutions Michael Novinson (MichaelNovinson) • September 16, 2025 Tamas Kadar and Bence Jendruszak, co-founders of Seon (Image: Seon) A Texas-based firm specializing in anti-money laundering compliance has successfully secured…
ShinyHunters has reportedly breached Kering’s systems, compromising customer data from luxury brands including Gucci, Balenciaga, and Alexander McQueen, thereby increasing the risk of scams and spear-phishing attacks. In a recent cyber incident, sensitive customer information from prominent fashion labels such as Gucci, Balenciaga, and Alexander McQueen has been compromised. The…
Recent security flaws have been uncovered in Xerox VersaLink C7025 Multifunction printers (MFPs), raising concerns about potential data breaches. These vulnerabilities could permit attackers to intercept authentication credentials through pass-back attacks linked to Lightweight Directory Access Protocol (LDAP) and SMB/FTP services. According to Rapid7 security researcher Deral Heiland, the method…
Lee Chan-jin, governor of the Financial Supervisory Service, emphasizes cybersecurity vigilance to credit card and non-bank lenders in Seoul. (FSS) Korea’s leading financial authority has issued a stern warning to credit card and non-bank lenders, emphasizing that any cybersecurity lapse will be deemed unacceptable. During a meeting with 14 chiefs…
Veeam Addresses Critical Vulnerability in Backup & Replication Software Veeam has announced crucial security updates to its Backup & Replication software in response to a severe vulnerability that could facilitate remote code execution. The flaw, identified as CVE-2025-23120, is rated with a Critical Severity level, carrying an alarming CVSS score…
A sophisticated threat actor known as Mustang Panda has been implicated in a wave of spear-phishing attacks directed at key sectors including government, education, and research from May to October 2022. According to a recent report by cybersecurity firm Trend Micro, the targeted regions include countries in the Asia Pacific,…
Events, Governance & Risk Management, Nullcon Live Bug Bounty Event Reveals New Testing Advantages Aseem Jakhar • September 15, 2025 Patricia Leppert, Team Manager of Customer Trust and Security, TeamViewer; Raphaël Arrouas, Independent Ethical Hacker As cyber threats escalate in sophistication, organizations are discovering significant benefits from direct collaboration between…
