Major Cybersecurity Breach Leads to Substantial Penalty for Australian Clinical Labs Australian Clinical Labs Limited (ACL), a prominent private pathology service provider in Australia, has been ordered to pay a total of A$5.8 million (approximately US$3.8 million) in penalties, alongside A$400,000 for legal costs, following court approval of a settlement…
A newly discovered security vulnerability in Windows NT LAN Manager (NTLM) has been exploited in a zero-day attack, with suspected ties to Russian threat actors targeting Ukraine. This vulnerability, designated as CVE-2024-43451 and rated with a CVSS score of 6.5, allows attackers to possibly expose a user’s NTLMv2 hash. Microsoft…
A new hacking group reportedly aligned with Iranian national interests has been observed executing a password spraying campaign aimed at defense technology companies in the U.S., European Union, and Israel. This campaign has also extended to regional ports of entry in the Persian Gulf and maritime companies operating in the…
In a significant cybersecurity incident, the Everest ransomware group has revealed that it has targeted two new victims: Dublin Airport and Air Arabia. This development follows the group’s recent announcement regarding a breach of AT&T Careers, where they claimed to have stolen personal records of approximately 576,000 applicants and employees.…
GoTo, Formerly LogMeIn, Reports Data Breach Affecting User Data GoTo, the parent company of LastPass and formerly known as LogMeIn, disclosed on Tuesday a significant data breach involving the theft of encrypted backups of customer information. This incident, which occurred in November 2022, involved unauthorized actors accessing data from a…
Human Risk in 2025: Combatting AI-Driven Insider Threats As we look ahead to 2025, the cybersecurity landscape is increasingly shaped by the sophisticated capabilities of artificial intelligence. One of the most pressing concerns for organizations is the rise of AI-powered insider threats. These threats, originating from individuals within an organization…
Cybersecurity Must Be a Priority for Business Owners: A Call to Action Amid Rising Threats In today’s digital landscape, the importance of safeguarding online passwords cannot be overstated. If you’ve paused to think about your last password update, it’s likely been far too long, underscoring a widespread issue: cybersecurity often…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a warning on Thursday regarding the discovery of two vulnerabilities in the Palo Alto Networks Expedition software. These vulnerabilities are currently being exploited in the wild, heightening concerns for users and organizations that manage their network infrastructures with this tool. In…
On Thursday, Google’s Threat Analysis Group (TAG) revealed that it is currently monitoring over 270 state-sponsored threat actors operating across more than 50 countries. Since the beginning of 2021, TAG has issued approximately 50,000 alerts concerning phishing and malware attempts tied to these government-backed actors. This represents a 33% increase…
