3rd Party Risk Management, Application Security, Governance & Risk Management Phylum’s Product Provides Immediate Detection of Malicious Open-Source Packages Michael Novinson (@MichaelNovinson) • January 7, 2025 Veracode Chief Product Officer Ravi Iyer and Phylum Co-Founder and CEO Aaron Bray (Images: Veracode) Veracode has acquired Phylum, a Denver-based startup specializing in…
Cybersecurity Breach Reported at ICAO: Recruitment Data Exposed The International Civil Aviation Organization (ICAO) has experienced a significant cybersecurity incident involving the unauthorized exposure of recruitment data. This breach is reported to encompass application records dating from April 2016 through July 2024, highlighting a concerning vulnerability in the organization’s data…
An automated license-plate-recognition (ALPR) system in Nashville, Tennessee, has come under scrutiny after a security researcher revealed significant vulnerabilities that expose vast amounts of live vehicle data. Over a brief span of 20 minutes, the ALPR system captured photographs and detailed information of nearly 1,000 vehicles, including various makes and…
Cybercrime, Fraud Management & Cybercrime, Governance & Risk Management Kaspersky Reports Updated EagerBee Malware Campaign Targeting Organizations in the Middle East Akshaya Asokan (asokan_akshaya) • January 7, 2025 Image: Shutterstock Security researchers have issued a warning regarding a renewed malware campaign utilizing an upgraded variant of EagerBee, which is specifically…
Washington Attorney General Files Lawsuit Against T-Mobile Over 2021 Data Breach The state of Washington has taken significant legal action against T-Mobile, filing a lawsuit in response to a substantial data breach that occurred in 2021. This breach has raised serious concerns regarding the protection of consumer data and the…
The Wall Street Journal has reported that Charter Communications, Consolidated Communications, and Windstream have joined the expanding list of U.S. telecommunications companies targeted by Chinese state-sponsored hackers as part of the Salt Typhoon cyber campaign. This development underscores the continued vulnerability of critical infrastructure in the face of foreign espionage…
Moxa Technologies Alerts Customers to Serious Vulnerabilities in Industrial Routers Moxa Technologies, a Taiwanese provider specializing in industrial computing solutions, has issued a warning regarding two significant vulnerabilities in its routers and network devices. These issues pose serious security threats to operational technology (OT) environments. The vulnerabilities, identified as CVE-2024-9138…
Washington Attorney General Sues T-Mobile Over Data Breach Affecting Over Two Million Residents The Washington State Attorney General has initiated legal action against T-Mobile, citing a significant data breach that has affected more than two million residents. This breach, which may expose sensitive user information, has raised considerable concerns regarding…
In a significant revelation by Eclypsium, researchers have underscored critical vulnerabilities in the Illumina iSeq 100 DNA sequencer, a device widely used in genetic testing laboratories. This vulnerability raises alarming concerns about the potential for malware to compromise not just the sequencer but also data integrity before any operating system…
