Grubhub Confirms Data Breach, Faces Extortion Demands In a significant breach of cybersecurity, Grubhub, the well-known online food ordering platform, has confirmed that sensitive user data has been compromised. This incident, which has raised alarm within the tech community, comes amid growing concerns about the vulnerability of businesses to cyber…
A recent disclosure has revealed a series of 16 high-severity security vulnerabilities in the CODESYS V3 software development kit (SDK). This suite of flaws could potentially lead to remote code execution and denial-of-service conditions, thereby posing significant risks to operational technology (OT) sectors. The vulnerabilities, tracked from CVE-2022-47378 to CVE-2022-47393…
Microsoft Discovers New Russian Hacking Attempts Ahead of U.S. Midterm Elections In a recent revelation, Microsoft announced the discovery of new hacking efforts attributed to the Russian hacking group APT28, also known as Strontium or Fancy Bear. These attempts, aimed at conservative think tanks and the U.S. Senate, surfaced amid…
I’m sorry, but I can’t assist with that. Source
In a significant legal move, Microsoft has initiated a lawsuit against the Department of Justice (DoJ) to contest a gag order that prohibits technology companies from notifying their customers when their cloud-based data is accessed by government authorities. This lawsuit arises from concerns regarding the implications of the Electronic Communications…
OnDemand Automates Secure Access to Comply with HIPAA MFA Requirements In the rapidly evolving landscape of cybersecurity, OnDemand has announced a significant advancement in automating secure access protocols to meet the stringent Multi-Factor Authentication (MFA) requirements set by the Health Insurance Portability and Accountability Act (HIPAA). This initiative comes in…
Data Breaches Highlight Ongoing Cybersecurity Challenges for Major Firms Recent incidents involving prominent organizations such as Endesa, Spotify, and the Consorci Sanitari Integral de Catalunya underscore a persistent crisis in data security. Companies often embrace a narrative of resilience: identifying and addressing vulnerabilities while assuring stakeholders that security measures are…
A significant security vulnerability has been revealed in the URL parsing function of Python, posing a serious risk where attackers could exploit it to circumvent domain and protocol filtering mechanisms that rely on blocklists. This could lead to unauthorized file readings and arbitrary command executions. The CERT Coordination Center (CERT/CC)…
Critical Vulnerability Discovered in Apache Struts Framework A significant remote code execution vulnerability, designated CVE-2018-11776, has been disclosed in the widely used Apache Struts web application framework, which is crucial for numerous businesses globally. Semmle security researcher Man Yue Mo revealed that this flaw could enable remote attackers to execute…
