3rd Party Risk Management, Cybercrime, Fraud Management & Cybercrime Salesforce Revokes Gainsight Authentication Tokens Akshaya Asokan (asokan_akshaya) • November 20, 2025 Image: The Bold Bureau/Shutterstock Salesforce, a leading customer relationship management platform based in the United States, has informed customers of potential data theft by hackers exploiting vulnerabilities in a…
On Thursday, the Securities and Exchange Commission (SEC) announced the dismissal of its case against SolarWinds and its Chief Information Security Officer, Tim Brown, in relation to the company’s response to a significant Russian cyberespionage campaign that was revealed in 2020. This incident affected at least nine federal agencies and…
A significant vulnerability has been identified in Magento, with threat actors exploiting this flaw to implant a persistent backdoor in e-commerce platforms. This attack leverages the CVE-2024-20720 vulnerability (CVSS score: 9.1), categorized by Adobe as indicative of “improper neutralization of special elements,” which can lead to arbitrary code execution. The…
Distributed Denial of Service (DDoS) attacks have emerged as a significant cybersecurity threat, designed to overwhelm and incapacitate websites by flooding them with excessive traffic. The primary objective of these attacks is to render targeted websites inoperable, leading to severe disruptions in service and potential revenue loss. Over the last…
Everest Ransomware Group Targets Petrobras in Data Breach The Everest ransomware group has recently made headlines with two separate postings on its dark web leak site, both involving Petrobras, the Brazilian multinational corporation predominantly owned by the state and a major player in the petroleum sector headquartered in Rio de…
Online guitar education platform TrueFire has reportedly experienced a significant data breach involving a “Magecart” style attack. This incident raises concerns over the potential exposure of sensitive customer information, including personal and payment card details. TrueFire, a leading online resource for guitar enthusiasts with over one million registered users, grants…
Blockchain & Cryptocurrency, Cryptocurrency Fraud, Fraud Management & Cybercrime Also: Obama Twitter Hacker Ordered to Forfeit $5.3 Million Rashmi Ramesh (rashmiramesh_) • November 20, 2025 Image: Shutterstock Information Security Media Group provides a weekly overview of cybersecurity incidents in the digital asset sector. Recently, the co-founders of Samourai Wallet and…
Salesforce recently issued a security advisory alerting users to unauthorized access to customer data via third-party applications provided by Gainsight. This breach not only raises alarm bells across the user base but also highlights persistent vulnerabilities associated with OAuth integrations—an area already marked by significant data breaches within the Salesforce…
Cybersecurity Alert: Vulnerabilities Found in D-Link NAS Devices Open Doors to Exploitation Recent findings reveal that threat actors are actively exploiting security weaknesses affecting approximately 92,000 D-Link network-attached storage (NAS) devices exposed to the internet. The vulnerabilities, identified as CVE-2024-3272 and CVE-2024-3273, are categorized with high CVSS scores of 9.8…
