A coalition of international cybersecurity organizations, spearheaded by the UK’s National Cyber Security Centre (NCSC), has publicly implicated three technology firms based in China in a sustained global cyberattack campaign. In a recent advisory, the NCSC and partners from twelve nations—including the United States, Australia, Canada, New Zealand, Czech Republic,…
This week, TransUnion announced a significant cybersecurity incident that has compromised the personal information of over 4.4 million individuals. The breach, which occurred on July 28, was uncovered two days later, leading to notification letters being dispatched to affected consumers starting August 26. In the notification letter, TransUnion informed recipients…
Microsoft Resolves 78 Vulnerabilities, Including 5 Actively Exploited Zero-Days; CVSS 10 Flaw Affects Azure DevOps Server
May 14, 2025
Endpoint Security / Vulnerability
Microsoft has released updates addressing 78 security vulnerabilities across its software, including five zero-days currently being exploited in the wild. Among these flaws, 11 are classified as Critical, 66 as Important, and one as Low in severity. The patches include 28 vulnerabilities that enable remote code execution, 21 related to privilege escalation, and 16 classified as information disclosure issues. This release also coincides with fixes for eight security flaws found in the Chromium-based Edge browser since last month’s Patch Tuesday. The details of the actively exploited vulnerabilities are as follows:
Microsoft Addresses 78 Security Flaws, Including Five Active Exploits; Azure DevOps Server Affected On May 14, 2025, Microsoft released critical updates aimed at remedying a total of 78 security vulnerabilities discovered across its software portfolio. Notably, among these vulnerabilities are five zero-days that have been actively exploited in the wild,…
Microsoft Resolves 78 Vulnerabilities, Including 5 Actively Exploited Zero-Days; CVSS 10 Flaw Affects Azure DevOps Server
May 14, 2025
Endpoint Security / Vulnerability
Microsoft has released updates addressing 78 security vulnerabilities across its software, including five zero-days currently being exploited in the wild. Among these flaws, 11 are classified as Critical, 66 as Important, and one as Low in severity. The patches include 28 vulnerabilities that enable remote code execution, 21 related to privilege escalation, and 16 classified as information disclosure issues. This release also coincides with fixes for eight security flaws found in the Chromium-based Edge browser since last month’s Patch Tuesday. The details of the actively exploited vulnerabilities are as follows:
April 4, 2023
Cryptocurrency / Cyber Attack
A sophisticated supply chain attack on 3CX has led to a second-stage implant specifically targeting a select number of cryptocurrency firms. Kaspersky, a Russian cybersecurity company, has been monitoring this adaptable backdoor, known as Gopuram, since 2020. They noted a surge in infections coinciding with the March 2023 3CX breach. Gopuram’s main purpose is to connect to a command-and-control (C2) server, enabling attackers to interact with the victim’s file system, initiate processes, and execute up to eight in-memory modules. The malware has ties to North Korea, as it has been found on victim machines alongside AppleJeus, another backdoor linked to the Korean-speaking Lazarus group, which previously targeted a cryptocurrency company in Southeast Asia in 2020. This recent focus on cryptocurrency firms underscores a troubling trend.
Cryptocurrency Firms Targeted in Advanced 3CX Supply Chain Attack On April 4, 2023, cybersecurity reports emerged detailing a sophisticated supply chain attack targeting the 3CX communication software, with a specific focus on a select group of cryptocurrency companies. The cyber threat actors employed a second-stage implant, which has been internally…
April 4, 2023
Cryptocurrency / Cyber Attack
A sophisticated supply chain attack on 3CX has led to a second-stage implant specifically targeting a select number of cryptocurrency firms. Kaspersky, a Russian cybersecurity company, has been monitoring this adaptable backdoor, known as Gopuram, since 2020. They noted a surge in infections coinciding with the March 2023 3CX breach. Gopuram’s main purpose is to connect to a command-and-control (C2) server, enabling attackers to interact with the victim’s file system, initiate processes, and execute up to eight in-memory modules. The malware has ties to North Korea, as it has been found on victim machines alongside AppleJeus, another backdoor linked to the Korean-speaking Lazarus group, which previously targeted a cryptocurrency company in Southeast Asia in 2020. This recent focus on cryptocurrency firms underscores a troubling trend.
Governance & Risk Management, Operational Technology (OT), Video CISO Tammy Klotz Highlights Peer Support Ahead of ManuSec 2025 Cecilia Limonta • August 15, 2025 Tammy Klotz, CISO, Trinseo In the realm of manufacturing, organizations encounter a myriad of challenges in securing their Operational Technology (OT) and Information Technology (IT) systems.…
The developer of Passwordstate, a robust password management solution tailored for enterprises, has issued an urgent alert for users to implement a critical update addressing a significant security vulnerability. This flaw, if exploited, could permit unauthorized access to sensitive administrative functionalities within the vaults managed by the platform. The discovered…
April 11, 2025
Cybercrime / Security Breach
Understanding IABs: Initial Access Brokers (IABs) focus on breaching computer systems and networks and then selling that access to other criminals. This specialization allows them to dedicate their efforts to exploiting vulnerabilities, using techniques like social engineering and brute-force attacks. By selling access rather than carrying out ransomware attacks themselves, IABs significantly lower their risks. They leverage their skills in infiltrating networks, simplifying the attack process for their buyers.
This business model not only helps IABs maintain a lower profile and reduce risks but also allows them to profit from their technical expertise. Primarily operating on dark web forums and in underground markets, IABs may work independently or as part of larger operations, such as Ransomware-as-a-Service (RaaS) groups. They serve as a vital component of the cybercrime ecosystem, connecting various players in this illicit landscape.
Initial Access Brokers Adjust Strategies, Offering Increased Access at Reduced Rates April 11, 2025 — Cybercrime / Security Breach Recent developments in the cybercrime landscape reveal a shift in tactics employed by Initial Access Brokers (IABs). These individuals or groups have carved out a niche in facilitating unauthorized access to…
April 11, 2025
Cybercrime / Security Breach
Understanding IABs: Initial Access Brokers (IABs) focus on breaching computer systems and networks and then selling that access to other criminals. This specialization allows them to dedicate their efforts to exploiting vulnerabilities, using techniques like social engineering and brute-force attacks. By selling access rather than carrying out ransomware attacks themselves, IABs significantly lower their risks. They leverage their skills in infiltrating networks, simplifying the attack process for their buyers.
This business model not only helps IABs maintain a lower profile and reduce risks but also allows them to profit from their technical expertise. Primarily operating on dark web forums and in underground markets, IABs may work independently or as part of larger operations, such as Ransomware-as-a-Service (RaaS) groups. They serve as a vital component of the cybercrime ecosystem, connecting various players in this illicit landscape.
Federation of Independent Financial Advisors Raises Alarm over NSE Mutual Fund Platform In a recent development, the Federation of Independent Financial Advisors (FIFA), an influential body representing mutual fund distributors, sub-brokers, and independent financial advisors, has expressed serious concerns regarding the mutual fund platform operated by the National Stock Exchange…
April 5, 2023
Endpoint / Network Security
Each year, hundreds of millions of malware attacks occur globally, leaving businesses to contend with the fallout from viruses, worms, keyloggers, and ransomware. Malware poses a significant threat and drives many organizations to seek cybersecurity solutions. However, simply focusing on malware protection isn’t sufficient. A comprehensive strategy is essential.
Businesses must first defend against malware infiltrating their networks. Then, they should implement systems and processes that minimize the potential damage in case a user device becomes infected. This proactive approach not only helps in thwarting and mitigating the effects of malware but also fortifies defenses against various other threats, including credential theft via phishing, insider risks, and supply chain vulnerabilities.
Element 1: Comprehensive Malware Protection and Web Filtering
The first step…
Fortify Your Organization: Simplifying Ransomware Prevention April 5, 2023 In the ever-evolving landscape of cybersecurity, organizations face an alarming increase in malware incidents yearly, with hundreds of millions of attacks reported globally. Ransomware, alongside viruses, worms, and keyloggers, has emerged as a significant threat, propelling businesses to seek comprehensive cybersecurity…
April 5, 2023
Endpoint / Network Security
Each year, hundreds of millions of malware attacks occur globally, leaving businesses to contend with the fallout from viruses, worms, keyloggers, and ransomware. Malware poses a significant threat and drives many organizations to seek cybersecurity solutions. However, simply focusing on malware protection isn’t sufficient. A comprehensive strategy is essential.
Businesses must first defend against malware infiltrating their networks. Then, they should implement systems and processes that minimize the potential damage in case a user device becomes infected. This proactive approach not only helps in thwarting and mitigating the effects of malware but also fortifies defenses against various other threats, including credential theft via phishing, insider risks, and supply chain vulnerabilities.
Element 1: Comprehensive Malware Protection and Web Filtering
The first step…
