SolarWinds has recently addressed a series of critical security vulnerabilities within its Access Rights Manager (ARM) software that pose significant risks to users. These vulnerabilities could be exploited by malicious actors to gain unauthorized access to sensitive information or to execute arbitrary code, making this a pressing concern for businesses…
On Friday, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced the imposition of sanctions against Hudhayfa Samir ‘Abdallah al-Kahlut, a 39-year-old individual linked to Hamas, due to his involvement in orchestrating cyber influence operations. Al-Kahlut, who is also known by the name Abu Ubaida, has served as…
In an alarming development, the capability of real-time deepfakes has expanded far beyond high-profile individuals and public personalities. Research conducted at New York University by Mittal in collaboration with professors Chinmay Hegde and Nasir Memon introduces a possible solution to combat AI-generated impersonations in video calls. Their proposed approach involves…
Title: Exposed Databases Reveal 4.6 Million Illinois Voter Records, Raising Security Concerns in Election Data Management In a significant breach of election data security, cybersecurity expert Jeremiah Fowler has exposed 4.6 million sensitive records, including voter details, from misconfigured databases linked to a single county in Illinois. These records, which…
Data Breach Exposes Millions of Hotel Customers’ Sensitive Information A significant data breach at Prestige Software, a provider of hotel reservation systems, has potentially compromised the sensitive information of millions of hotel customers. The breach was uncovered by cybersecurity research firm Website Planet, which reported that the company’s Cloud Hospitality…
Emerging Threat Actor CeranaKeeper Targets Southeast Asia in Data Exfiltration Campaigns A novel cyber threat actor, dubbed CeranaKeeper, has been implicated in a series of data exfiltration attacks focused on Southeast Asian nations, according to Slovak cybersecurity firm ESET. The firm reported that campaigns aimed at governmental organizations in Thailand…
An analytical review of cyber claims trends from Allianz. Cyber claims have shown a notable rise over the past year, significantly fueled by an increase in incidents related to data and privacy breaches, as stated by Allianz Commercial in its latest annual report on the cyber risk outlook. The frequency…
Emerging Threat: SocGholish Malware Exploits BOINC for Malicious Activities The cybersecurity landscape has recently encountered a troubling update regarding the behavior of the JavaScript downloader malware known as SocGholish (also referred to as FakeUpdates), further exacerbating existing risks for businesses reliant on digital operations. This malware has evolved to deliver…
Palo Alto Networks has issued urgent hotfixes in response to a critical security vulnerability affecting its PAN-OS software that is currently being exploited in live environments. This vulnerability, identified as CVE-2024-3400, has received the highest severity rating with a CVSS score of 10.0. It involves a command injection flaw within…
