The Breach News

OpenSSL Issues Updates to Address Two Critical Security Vulnerabilities

On March 26, 2021, OpenSSL maintainers released fixes for two high-severity security flaws that could lead to denial-of-service (DoS) attacks and the circumvention of certificate verification. Identified as CVE-2021-3449 and CVE-2021-3450, these vulnerabilities have been patched in the latest update (version OpenSSL 1.1.1k), made available on Thursday. CVE-2021-3449 is applicable to all OpenSSL 1.1.1 versions, while CVE-2021-3450 affects versions 1.1.1h and later. OpenSSL provides cryptographic functions that support the Transport Layer Security protocol, aiding in the secure transmission of communication over networks. According to an advisory from OpenSSL, CVE-2021-3449 poses a potential DoS risk linked to NULL pointer dereferencing, which can result in an OpenSSL TLS server crash if a client sends a malicious “ClientHello” message during the handshake process.

OpenSSL Addresses Two High-Severity Vulnerabilities March 26, 2021 OpenSSL has announced the release of critical patches aimed at addressing two high-severity vulnerabilities that pose a significant risk to its widely used cryptographic library. These flaws, identified as CVE-2021-3449 and CVE-2021-3450, could potentially enable attackers to execute denial-of-service (DoS) attacks and…

Read More

OpenSSL Issues Updates to Address Two Critical Security Vulnerabilities

On March 26, 2021, OpenSSL maintainers released fixes for two high-severity security flaws that could lead to denial-of-service (DoS) attacks and the circumvention of certificate verification. Identified as CVE-2021-3449 and CVE-2021-3450, these vulnerabilities have been patched in the latest update (version OpenSSL 1.1.1k), made available on Thursday. CVE-2021-3449 is applicable to all OpenSSL 1.1.1 versions, while CVE-2021-3450 affects versions 1.1.1h and later. OpenSSL provides cryptographic functions that support the Transport Layer Security protocol, aiding in the secure transmission of communication over networks. According to an advisory from OpenSSL, CVE-2021-3449 poses a potential DoS risk linked to NULL pointer dereferencing, which can result in an OpenSSL TLS server crash if a client sends a malicious “ClientHello” message during the handshake process.

Chinese Hackers Target White House Computer Networks

October 1, 2012

The White House confirmed Monday that a cyber attack had compromised one of its computer networks, though it reported no breach of classified systems or any evidence of lost data. The attack was said to involve systems connected to military nuclear commands and was linked to Chinese hackers. The initial report, published by The Washington Free Beacon—a conservative outlet critical of the Obama administration—characterized the breach as one of Beijing’s most audacious cyber operations against the United States and suggested a failure by the Obama administration to confront China’s ongoing cyber threats. This revelation comes amid rising tensions in Asia, as the Pentagon has positioned two U.S. aircraft carrier strike groups and Marine amphibious units near the waters surrounding Japan’s Senkaku Islands. An official referred to the incident as a “spear-phishing” attack…

Chinese Hackers Target White House Computer Networks October 1, 2012 The White House confirmed on Monday that one of its computer networks suffered a cyber attack, attributing the breach to Chinese hackers. Officials stated that while there was no evidence of access to classified systems or data loss, the incident…

Read More

Chinese Hackers Target White House Computer Networks

October 1, 2012

The White House confirmed Monday that a cyber attack had compromised one of its computer networks, though it reported no breach of classified systems or any evidence of lost data. The attack was said to involve systems connected to military nuclear commands and was linked to Chinese hackers. The initial report, published by The Washington Free Beacon—a conservative outlet critical of the Obama administration—characterized the breach as one of Beijing’s most audacious cyber operations against the United States and suggested a failure by the Obama administration to confront China’s ongoing cyber threats. This revelation comes amid rising tensions in Asia, as the Pentagon has positioned two U.S. aircraft carrier strike groups and Marine amphibious units near the waters surrounding Japan’s Senkaku Islands. An official referred to the incident as a “spear-phishing” attack…

Why Are Leading University Websites Displaying Adult Content? It’s a Matter of Poor Maintenance.

Cybersecurity Alert: Scammers Exploit University Domains to Distribute Malicious Content Recent research has uncovered significant security breaches affecting the websites of several esteemed universities, including the University of California, Berkeley (berkeley.edu), Columbia University (columbia.edu), and Washington University in St. Louis (washi.edu). According to cybersecurity researcher Alex Shakhov, attackers have successfully…

Read MoreWhy Are Leading University Websites Displaying Adult Content? It’s a Matter of Poor Maintenance.

Scattered Spider Hacker Sentenced to 10 Years, Ordered to Repay $13M for SIM Swapping Crypto Theft

A 20-year-old member of the infamous cybercrime group Scattered Spider has received a ten-year prison sentence in the U.S. for his role in a series of high-profile hacks and cryptocurrency thefts. Noah Michael Urban, who pleaded guilty to wire fraud and aggravated identity theft in April 2025, will also face three years of supervised release and is required to pay $13 million in restitution to his victims. Urban, who used multiple aliases including Sosa and King Bob, was apprehended by U.S. authorities in Florida in January 2024, following crimes committed between August 2022 and March 2023 that resulted in the theft of over $800,000. In a statement to security journalist Brian Krebs, Urban decried the sentence as unjust.

Scattered Spider Hacker Sentenced to 10 Years and $13M Restitution for SIM Swapping Scheme In a significant development within the realm of cybercrime, a 20-year-old associate of the infamous hacking collective known as Scattered Spider has been sentenced to ten years in federal prison for his involvement in a series…

Read More

Scattered Spider Hacker Sentenced to 10 Years, Ordered to Repay $13M for SIM Swapping Crypto Theft

A 20-year-old member of the infamous cybercrime group Scattered Spider has received a ten-year prison sentence in the U.S. for his role in a series of high-profile hacks and cryptocurrency thefts. Noah Michael Urban, who pleaded guilty to wire fraud and aggravated identity theft in April 2025, will also face three years of supervised release and is required to pay $13 million in restitution to his victims. Urban, who used multiple aliases including Sosa and King Bob, was apprehended by U.S. authorities in Florida in January 2024, following crimes committed between August 2022 and March 2023 that resulted in the theft of over $800,000. In a statement to security journalist Brian Krebs, Urban decried the sentence as unjust.

New Vulnerabilities May Allow Hackers to Bypass Spectre Mitigations on Linux

Cybersecurity researchers have recently unveiled two critical vulnerabilities in Linux-based systems. If exploited, these flaws could enable attackers to bypass mitigations for speculative execution attacks like Spectre and access sensitive kernel memory. Identified by Piotr Krysiuk from Symantec’s Threat Hunter team, the vulnerabilities are designated as CVE-2020-27170 and CVE-2020-27171, both with a CVSS score of 5.5. They affect all Linux kernels released before version 5.11.8. Security patches were made available on March 20, with various distributions, including Ubuntu, Debian, and Red Hat, implementing fixes. CVE-2020-27170 can disclose content from any kernel memory location, while CVE-2020-27171 enables data retrieval from a 4GB segment of kernel memory. First reported in January 2018, the Spectre and Meltdown vulnerabilities exploit weaknesses in modern CPUs to leak sensitive data.

New Vulnerabilities Raise Concerns Over Spectre Mitigations on Linux Systems On March 29, 2021, cybersecurity researchers revealed two significant vulnerabilities affecting Linux-based operating systems that could enable hackers to bypass existing protections against speculative execution attacks, including the notorious Spectre exploit. Discovered by Piotr Krysiuk from Symantec’s Threat Hunter team,…

Read More

New Vulnerabilities May Allow Hackers to Bypass Spectre Mitigations on Linux

Cybersecurity researchers have recently unveiled two critical vulnerabilities in Linux-based systems. If exploited, these flaws could enable attackers to bypass mitigations for speculative execution attacks like Spectre and access sensitive kernel memory. Identified by Piotr Krysiuk from Symantec’s Threat Hunter team, the vulnerabilities are designated as CVE-2020-27170 and CVE-2020-27171, both with a CVSS score of 5.5. They affect all Linux kernels released before version 5.11.8. Security patches were made available on March 20, with various distributions, including Ubuntu, Debian, and Red Hat, implementing fixes. CVE-2020-27170 can disclose content from any kernel memory location, while CVE-2020-27171 enables data retrieval from a 4GB segment of kernel memory. First reported in January 2018, the Spectre and Meltdown vulnerabilities exploit weaknesses in modern CPUs to leak sensitive data.

Google Alerts Users About Increase in State-Sponsored Cyber Attacks

Oct 03, 2012

“Warning: We suspect state-sponsored attackers may be trying to compromise your account or device.” This unusual notification has appeared at the top of Gmail inboxes, Google home pages, and Chrome browsers over the last three months, catching many users off guard. According to Google, these warnings are not the result of a breach within their systems or a specific attack. Since initiating alerts for potential state-sponsored activities in June, the company has detected thousands more cyberattack instances than initially expected, as reported by the New York Times. Google is now ready to send these alerts to tens of thousands more users, thanks to enhanced detection methods for suspicious activities. Mike Wiacek, a manager on Google’s information security team, noted that the company has significantly improved its understanding of attack methods and the entities behind them, leading to the rollout of new alerts starting Tuesday.

Google Alerts Users to State-Sponsored Cyber Attacks October 3, 2012 In a significant move to enhance user security, Google has begun issuing warnings about potential state-sponsored cyber threats aimed at compromising user accounts and devices. For the past three months, many Google users have noticed an unusual notification appearing at…

Read More

Google Alerts Users About Increase in State-Sponsored Cyber Attacks

Oct 03, 2012

“Warning: We suspect state-sponsored attackers may be trying to compromise your account or device.” This unusual notification has appeared at the top of Gmail inboxes, Google home pages, and Chrome browsers over the last three months, catching many users off guard. According to Google, these warnings are not the result of a breach within their systems or a specific attack. Since initiating alerts for potential state-sponsored activities in June, the company has detected thousands more cyberattack instances than initially expected, as reported by the New York Times. Google is now ready to send these alerts to tens of thousands more users, thanks to enhanced detection methods for suspicious activities. Mike Wiacek, a manager on Google’s information security team, noted that the company has significantly improved its understanding of attack methods and the entities behind them, leading to the rollout of new alerts starting Tuesday.

The Ongoing Struggle to Renew Essential US Spy Powers Remains Chaotic

Content Review: Cybersecurity Implications of Legislative Changes Recent legislative discussions surrounding the reauthorization of Section 702 of the Foreign Intelligence Surveillance Act (FISA) have ignited significant concern among cybersecurity experts and advocates for civil liberties. In a revealing critique, a senior Democratic aide described components of the proposed legislation as…

Read MoreThe Ongoing Struggle to Renew Essential US Spy Powers Remains Chaotic

Title: The Rise of Weak Passwords and Account Breaches: Insights from the 2025 Blue Report

August 21, 2025
Password Security / Identity Protection

Security professionals often focus on countering advanced adversary techniques, yet many impactful attacks stem from compromised credentials. The latest Picus Security’s Blue Report 2025 reveals that organizations still struggle to prevent password cracking and detect the misuse of compromised accounts. As we reach the midpoint of 2025, it’s evident that compromised accounts remain a significant vulnerability, emphasizing the urgent need for a proactive stance against these threats.

A Wake-Up Call: The Alarming Increase in Successful Password Cracking

The Picus Blue Report offers an annual analysis of how effectively organizations are preventing and detecting genuine cyber threats, going beyond traditional measures to highlight critical areas for improvement.

Weak Passwords and Compromised Accounts: Insights from the 2025 Blue Report August 21, 2025 Password Security / Identity Protection In an evolving landscape of cybersecurity threats, organizations often prioritize advanced adversary tactics, yet the most significant vulnerabilities frequently arise from simpler failures, namely weak passwords and compromised accounts. The latest…

Read More

Title: The Rise of Weak Passwords and Account Breaches: Insights from the 2025 Blue Report

August 21, 2025
Password Security / Identity Protection

Security professionals often focus on countering advanced adversary techniques, yet many impactful attacks stem from compromised credentials. The latest Picus Security’s Blue Report 2025 reveals that organizations still struggle to prevent password cracking and detect the misuse of compromised accounts. As we reach the midpoint of 2025, it’s evident that compromised accounts remain a significant vulnerability, emphasizing the urgent need for a proactive stance against these threats.

A Wake-Up Call: The Alarming Increase in Successful Password Cracking

The Picus Blue Report offers an annual analysis of how effectively organizations are preventing and detecting genuine cyber threats, going beyond traditional measures to highlight critical areas for improvement.

NSA Identifies New Vulnerabilities in Microsoft Exchange Servers

April 14, 2021

In its April update, Microsoft addressed a total of 114 security vulnerabilities, including one actively exploited zero-day flaw and four remote code execution issues within Exchange Server. Among these vulnerabilities, 19 are classified as Critical, 88 as Important, and one as Moderate. Notably, CVE-2021-28310 is a privilege escalation vulnerability within Win32k, currently under active exploitation, allowing attackers to execute malicious code and gain elevated privileges on affected systems. Cybersecurity firm Kaspersky, which reported the flaw to Microsoft in February, connected the zero-day exploit to the Bitter APT group, known for utilizing a similar vulnerability (CVE-2021-1732) in attacks last year. “This is an escalation of privilege (EoP) exploit likely used in conjunction with other browser exploits to bypass sandboxes or obtain system privileges for further access,” explained Kaspersky researcher Boris Larin.

NSA Uncovers New Vulnerabilities Impacting Microsoft Exchange Servers April 14, 2021 In a recent wave of updates, Microsoft addressed a total of 114 security vulnerabilities, prominent among them being a zero-day exploit and multiple remote code execution issues affecting Microsoft Exchange Servers. This April patch release is significant, as it…

Read More

NSA Identifies New Vulnerabilities in Microsoft Exchange Servers

April 14, 2021

In its April update, Microsoft addressed a total of 114 security vulnerabilities, including one actively exploited zero-day flaw and four remote code execution issues within Exchange Server. Among these vulnerabilities, 19 are classified as Critical, 88 as Important, and one as Moderate. Notably, CVE-2021-28310 is a privilege escalation vulnerability within Win32k, currently under active exploitation, allowing attackers to execute malicious code and gain elevated privileges on affected systems. Cybersecurity firm Kaspersky, which reported the flaw to Microsoft in February, connected the zero-day exploit to the Bitter APT group, known for utilizing a similar vulnerability (CVE-2021-1732) in attacks last year. “This is an escalation of privilege (EoP) exploit likely used in conjunction with other browser exploits to bypass sandboxes or obtain system privileges for further access,” explained Kaspersky researcher Boris Larin.