On a day marked by significant developments, Montana’s insurance commissioner launched an investigation into a considerable data breach affecting the state’s largest health insurer. Concurrently, a group of attorneys initiated a class-action lawsuit in Helena, alleging that this corporation neglected to inform its customers of the breach and failed to…
Cybersecurity experts have identified a critical vulnerability in the PostgreSQL open-source database system, potentially allowing unprivileged users to manipulate environment variables. This security flaw, categorized as CVE-2024-10979, carries a CVSS severity score of 8.8, indicating significant risks associated with its exploitation. Environment variables serve as user-defined settings that enable programs…
Telecom Sector Under Siege by LightBasin Recent investigations into cyber threats have revealed that an advanced adversary known as LightBasin is behind a series of attacks targeting the telecommunications industry. This sophisticated group is primarily focused on extracting highly specific data, such as subscriber information and call metadata, which aligns…
A Sydney resident has been handed an 18-month Community Correction Order (CCO) and directed to perform 100 hours of community service following an attempt to exploit the 2022 Optus data breach. This individual, who was 19 at the time of the arrest in October 2022 and is now 20, engaged…
Modern IGA for the AI Era: Critical Insights for Business Owners In the rapidly evolving landscape of cybersecurity, businesses must remain vigilant, particularly in the face of sophisticated threats that leverage advances in artificial intelligence. Recent incidents highlight the increasingly complex challenges organizations encounter, underscoring the need for a proactive…
Massive Data Breach Exposes 183 Million Email Accounts A significant data breach has recently come to light, compromising the personal information associated with approximately 183 million email accounts. This incident raises serious concerns for users and underscores the ongoing challenges businesses face in protecting sensitive data from cyber threats. The…
A security vulnerability in Fortinet’s FortiClient for Windows has been exploited by the threat group known as **BrazenBamboo**, allowing them to extract VPN credentials using a modular framework named **DEEPDATA**. This exploitation was disclosed by Volexity, which reported the zero-day vulnerability’s emergence in July 2024. BrazenBamboo is also linked to…
Two Eastern European nationals have received prison sentences in the United States for their involvement in “bulletproof hosting” services used by cybercriminals to distribute malware and target financial institutions between 2009 and 2015. Pavel Stassi, aged 30 from Estonia, has been sentenced to 24 months in prison, while Aleksandr Shorodumov,…
On February 5, 2023, Reddit confirmed it fell victim to a security breach that allowed unauthorized actors to access internal documentation, source code, and certain business systems. This incident underscores ongoing vulnerabilities in organizational security protocols, particularly as cybercriminals refine their tactics. The social news aggregation platform indicated the intrusion…
