This week, a reader expressed concern over receiving multiple notifications regarding data breaches that may impact their accounts. Over the past few months, they have reported receiving six written notices from various companies, all of which are offering complimentary identity monitoring services through different providers. The reader seeks clarity on…
GitHub has announced a series of critical security updates addressing three vulnerabilities impacting its Enterprise Server (GHES) product. Among these, one flaw is particularly severe and could potentially allow unauthorized users to obtain site administrator privileges. The vulnerability, designated as CVE-2024-6800, has been rated with a CVSS score of 9.5,…
In a significant law enforcement initiative dubbed Operation MORPHEUS, approximately 600 servers utilized by cybercriminal syndicates were dismantled, disrupting a critical component of the infrastructure linked to the Cobalt Strike tool. This crackdown, coordinated by Europol, particularly targeted unlicensed and outdated versions of the Cobalt Strike framework between June 24…
In a recent development reported by AFP, French authorities have been alerted to a potential data breach, raising concerns over the security of sensitive information. The incident underscores the continuing threat that data breaches pose to organizations across various sectors, especially in a digitally connected world. While specific details regarding…
Cybersecurity experts have reported a significant vulnerability within the LiteSpeed Cache plugin for WordPress, one of the platform’s most commonly used caching solutions, boasting over five million active installations. This flaw, identified as CVE-2024-28000, has the potential to enable unauthenticated individuals to obtain administrator access to affected WordPress sites, posing…
New Botnet ‘Zergeca’ Threatens Cybersecurity Landscape with Advanced DDoS Capabilities Cybersecurity experts have identified a new botnet named Zergeca, which exhibits significant potential to launch distributed denial-of-service (DDoS) attacks. Written in the Golang programming language, the botnet derives its name from a reference to the term "ootheca," which appears in…
T-Mobile Reaches Settlement Over Data Breaches Amounting to $31.5 Million In a recent development, T-Mobile USA has agreed to a settlement of $31.5 million connected to allegations of multiple data breaches that compromised the personal information of millions of customers. The settlement aims to address concerns surrounding the effectiveness of…
Google has announced a series of security updates to address a critical vulnerability in its Chrome browser, identified as CVE-2024-7971. This vulnerability involves a type confusion flaw affecting the V8 JavaScript and WebAssembly engine and has reportedly been actively exploited by malicious actors. According to the National Vulnerability Database (NVD),…
The GootLoader malware continues to pose significant risks as cybercriminals exploit it to deploy new payloads onto infected systems. This malware has seen active use by threat actors aiming to target various organizations, particularly in legal and professional sectors, as reported by the cybersecurity firm Cybereason. Recent analysis from Cybereason…
