Cyberattack Mimics Black Basta Tactics, Compromises Client Email Security In a recent cybersecurity incident, a wave of malicious emails, closely resembling the strategies employed by the infamous Black Basta ransomware group, targeted a client of SlashNext. Spanning a rapid 90-minute period, over 1,165 nefarious emails inundated the inboxes of 22…
Fortinet, a notable player in the American cybersecurity landscape, is currently in the spotlight due to alarming reports suggesting that it may have inadvertently exposed its customers to a serious cyber risk. This situation escalated when Arctic Wolf, a competing firm, publicly disclosed the details of the threat, igniting a…
Critical Infrastructure Security, Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime US Cyber Defense Agency Was Not Initially Aware of Hackers Involved in Salt Typhoon Chris Riotta (@chrisriotta) • January 15, 2025 Director of the Cybersecurity and Infrastructure Security Agency, Jen Easterly, remarked that the Chinese “Salt Typhoon” breach of…
On December 24, 2024, Governor Kathy Hochul of New York enacted significant amendments to both the state’s private-sector and government agency data breach notification laws. These revisions to the General Business Law § 899-aa and New York State Technology Law § 208 introduce strict new timelines and a broadened scope…
Ransomware incidences have recently surged, drawing attention to an emerging player in the cybercrime landscape. A group identifying itself as FunkSec has captured headlines by asserting responsibility for over 80 cyberattacks throughout December 2024, a claim underscored by a report from Check Point Software Technologies. FunkSec differentiates itself from other…
Endpoint Security, Hardware / Chip-level Security, Internet of Things Security CFP Board Members Discuss AI, Hardware Access and Emerging Trends for Nullcon 2025 Rahul Neel Mani (@rneelmani) • January 15, 2025 Neelu Tripathi, principal AppSec consultant and security researcher at Thoughtworks; and Anant Shrivastava, founder of Cyfinoid Research As cybersecurity…
Solara Medical Supplies Agrees to $3M Settlement Over HIPAA Violations In a significant case highlighting the vulnerabilities in the healthcare sector, Solara Medical Supplies has agreed to pay $3 million to settle allegations of violations pertaining to the Health Insurance Portability and Accountability Act (HIPAA), specifically concerning security and breach…
Title: Major Vulnerabilities Uncovered in VPN Solutions: A Call for Zero Trust Adoption In recent developments, the cybersecurity sector has been rocked by critical vulnerabilities discovered in leading virtual private network (VPN) solutions provided by two significant vendors. These findings have illuminated the inherent weaknesses in conventional VPN architectures and…
Cloud Security, Cybercrime, Fraud Management & Cybercrime Ransomware Group ‘Codefinger’ Targets Cloud-Based Resources Prajeet Nair (@prajeetspeaks) • January 14, 2025 Image: Shutterstock A ransomware campaign has been identified targeting Amazon S3 buckets, aiming to exploit the sensitive data stored within them. The attackers utilize AWS’s server-side encryption with customer-specific keys,…
