SolarWinds has announced critical patches for a newly discovered security vulnerability in its Web Help Desk (WHD) application. This flaw potentially allows remote, unauthorized users to access and modify data within vulnerable systems. According to SolarWinds, the vulnerability—designated as CVE-2024-28987—is categorized with a CVSS score of 9.1, classifying it as…
Record DDoS Attack Mitigated by OVHcloud In April 2024, French cloud service provider OVHcloud successfully mitigated an unprecedented distributed denial-of-service (DDoS) attack, reportedly peaking at a staggering 840 million packets per second (Mpps). This incident surpasses the previous record of 809 million Mpps, which was inflicted on a significant European…
A significant cybersecurity incident has reportedly allowed a foreign government to breach the systems of the Dutch police force, resulting in the exposure of contact information for nearly 63,000 law enforcement officers. This breach, confirmed to have occurred on September 26, 2024, has prompted heightened concerns regarding state-sponsored hacking and…
On October 4, 2024, the Judicial Panel on Multidistrict Litigation announced a significant decision to consolidate numerous lawsuits linked to major data breaches involving Snowflake Inc., a prominent cloud service provider, based in the District of Montana. This centralization pertains not only to the incidents affecting Snowflake’s clients but also…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently added a significant security vulnerability affecting Versa Director to its Known Exploited Vulnerabilities (KEV) catalog, following evidence of active exploitation. This medium-severity flaw, identified as CVE-2024-39717 with a CVSS score of 6.6, is categorized as a file upload vulnerability, specifically…
Cybersecurity Webinar: Addressing the Growing Threat of Identity Theft In a rapidly evolving digital landscape, identity theft has transcended the traditional image of stolen credit cards. Cybercriminals have now employed sophisticated methods to breach organizations, putting valuable credentials—and entire systems—at severe risk. Recent trends have shown a surge in malicious…
The Rise of Generative AI and Associated Cybersecurity Risks The swift proliferation of Generative AI (GenAI) tools in both personal and business contexts has significantly outstripped the development of adequate security protocols. Business practitioners are often under immense pressure to implement GenAI solutions rapidly, leading to security considerations sometimes being…
Mondelez Global Workers Pursue $750,000 Settlement Over Data Breach On October 4, 2024, attorneys representing workers from Mondelez Global LLC filed a motion in an Illinois federal court, seeking judicial approval for a $750,000 settlement. This agreement aims to resolve proposed class action lawsuits related to data privacy that have…
Traccar GPS System Exposed to Critical Vulnerabilities Leading to Remote Code Execution Recent disclosures have unveiled two significant security vulnerabilities within the open-source Traccar GPS tracking system, potentially allowing unauthenticated attackers to execute remote code under specific circumstances. These vulnerabilities, identified by Horizon3.ai researcher Naveen Sunkavally, are primarily path traversal…
