Cybercrime, Fraud Management & Cybercrime, Government Also: Ongoing Challenges at CISA, LevelBlue’s Acquisition of Cybereason Anna Delaney (annamadeline) • October 17, 2025 Clockwise, from top left: Anna Delaney, Mathew Schwartz, Chris Riotta, and Michael Novinson This week’s panel of ISMG editors delved into the FBI’s recent operation targeting the Scattered…
Cybercriminals have increasingly turned their attention to airlines, drawn by the vast amounts of personal data these companies collect. Among the most sought-after information are passports and government identification, which pose a significant risk for long-term identity theft. According to Incogni, a company specializing in data privacy and removal, leaks…
A critical security vulnerability affecting Apple’s iOS and macOS has recently been reported and subsequently patched. This flaw allowed potential exploitation of the Transparency, Consent, and Control (TCC) framework, posing a significant risk of unauthorized access to sensitive user data. Designated as CVE-2024-44131 with a CVSS score of 5.3, the…
Recent research has unveiled an advanced malware campaign characterized by its use of legitimate code signing certificates to elude cybersecurity measures. This stealthy approach aims to deploy notorious payloads such as Cobalt Strike and BitRAT across compromised systems. The loader, identified as “Blister” by Elastic Security experts, exhibits an alarming…
In a significant development within the realm of national security, a former employee of the U.S. National Security Agency (NSA), Jareh Sebastian Dalke, has admitted guilt over charges related to the attempted transmission of classified defense information to an individual he believed to be a Russian agent. This case sheds…
Government, Industry Specific Swalwell Expresses Concerns Over CISA Staffing Cuts Exposing Nation to Cyber Threats Chris Riotta (@chrisriotta) • October 16, 2025 Rep. Eric Swalwell, D-Calif., at a news conference at the U.S. Capitol on July 28, 2022. (Image: Phil Pasquini/Shutterstock) Rep. Eric Swalwell, a senior House Democrat, is demanding…
Sensitive Patient Information Compromised in SimonMed Imaging Data Breach In a recent cybersecurity incident, SimonMed Imaging has reported a significant data breach affecting the personal information of over 1.2 million individuals. The breach necessitates urgent attention from healthcare providers and business owners alike, as it underscores the vulnerabilities prevalent in…
Recent cybersecurity reports indicate a significant vulnerability affecting numerous servers running the Prometheus monitoring and alerting toolkit. Security researchers have identified that thousands of these servers are susceptible to data leakage, denial-of-service (DoS), and remote code execution (RCE) attacks. Experts from Aqua Security, Yakir Kadkoda and Assaf Morag, disclosed that…
A sophisticated cyber intrusion attributed to a China-based threat group, identified as Aquatic Panda, has been detected leveraging severe vulnerabilities in the Apache Log4j logging system. This attack vector enabled the adversaries to execute various post-exploitation activities, including reconnaissance operations and credential harvesting from their targets. The cybersecurity firm CrowdStrike…
