On Thursday, Microsoft disclosed that a group of Russian state-sponsored threat actors, linked to a cyber attack on its systems in late November 2023, has been targeting additional organizations. The company is now in the process of notifying affected entities. This announcement follows Hewlett Packard Enterprise’s revelation that it fell…
Recent investigations have revealed critical vulnerabilities within public records systems that are essential for managing voter registrations and legal filings utilized by courts and government agencies. These flaws have potentially allowed malicious users to manipulate voter registration databases, as well as add, delete, or alter official documents. In a comprehensive…
In today’s digital landscape, the growing threat of cybercrime is exemplified by the prevalence of ransomware attacks. These illicit intrusions encrypt sensitive data, making it inaccessible until a ransom is paid, often exacerbating financial losses for victims. This raises an important question regarding defensive strategies: can offline data storage mitigate…
Governance & Risk Management, Patch Management, Vulnerability Assessment & Penetration Testing (VA/PT) Security Flaw in Popular Policy Management Tool Exposes Users to Credential Theft Anviksha More (AnvikshaMore) • October 22, 2024 Image: Shutterstock A recently addressed security vulnerability in a widely utilized tool for managing security policies poses a significant…
Sports Direct Fails to Notify Employees of Major Data Breach: A Warning Sign for Cybersecurity Preparedness Retailer Sports Direct, embroiled in controversy, has come under scrutiny for failing to inform its approximately 30,000 employees about a significant data breach that occurred last autumn. Hackers gained unauthorized access to sensitive employee…
Russian National Sentenced for Selling Stolen Credentials on Dark Web Marketplace In a significant development in cybersecurity enforcement, Georgy Kavzharadze, a 27-year-old Russian citizen, has received a three-year and four-month prison sentence in the United States for his role in trafficking stolen financial information and personally identifying information (PII) through…
A recent survey conducted by PricewaterhouseCoopers (PwC) has highlighted growing apprehensions among consumers regarding data breaches, underscoring the increasing importance of cybersecurity in today’s digital landscape. The findings reveal a heightened sense of vulnerability among users, who are becoming increasingly aware of the risks their personal data faces in the…
High-Severity Vulnerability Discovered in Vanna.AI Library Threatens Remote Code Execution Cybersecurity experts have recently uncovered a significant security vulnerability in the Vanna.AI library, which could allow attackers to achieve remote code execution via exploitative prompt injection methods. This flaw, identified as CVE-2024-5565 and rated with a CVSS score of 8.1,…
Major Disruption of Grandoreiro Malware Operatives in Brazil In a significant law enforcement operation in Brazil, authorities have arrested several individuals linked to the notorious Grandoreiro banking malware. The Federal Police of Brazil announced that they executed five temporary arrest warrants along with 13 search and seizure warrants across multiple…
