A significant security vulnerability has been identified in the LayerSlider plugin for WordPress, posing a serious risk of unauthorized data exposure. This flaw, known as CVE-2024-2879, has been assigned a critical CVSS score of 9.8, indicating its severity. The vulnerability allows unauthenticated attackers to leverage SQL injection techniques to potentially…
Organizations Increase Use of AI and Automation to Mitigate Data Breaches In 2024, the IBM Cost of a Data Breach Report has highlighted a significant and concerning trend: the global average cost of a data breach has escalated to $4.88 million, reflecting the escalating complexity and impact of cyber incidents.…
A vulnerability classified as high-severity has been discovered in the LiteSpeed Cache plugin for WordPress, which is currently being exploited by cybercriminals to forge unauthorized administrator accounts on affected websites. This alert originated from WPScan, which detailed that the flaw, identified as CVE-2023-40000 with a CVSS score of 8.3, is…
The FBI has issued a warning that North Korean cyber actors may seek to liquidate more than $40 million in stolen cryptocurrency. This announcement surfaced on Tuesday amid ongoing investigations into recent blockchain activities linked to a group identified by U.S. authorities as TraderTraitor, also known colloquially as Jade Sleet.…
On Thursday, a federal judge in Grand Rapids, Michigan, sentenced Richard Densmore, a 47-year-old Army veteran, to 30 years in federal prison for his involvement with the criminal network known as 764. Densmore was apprehended in late January at a residence in Kaleva, Michigan, where he resided with his grandmother.…
Breach Notification, Cybercrime, Fraud Management & Cybercrime Did Data Theft at Law Firm Also Compromise Information of Other Clients? Marianne Kolbasuk McGee ( HealthInfoSec) • November 7, 2024 Law firm Thompson Coburn reports a cyber incident affecting patient data for its client, Presbyterian Healthcare Services (Image: Thompson Coburn) Thompson Coburn,…
Nokia has confirmed that a recent investigation into allegations of a data breach linked to its operations revealed that the leaked source code, which surfaced on a hacker forum, originates from a third-party vendor. Importantly, the company asserts that neither its internal systems nor customer data has been compromised in…
A new variant of malware known as Whiffy Recon is being deployed via the SmokeLoader loader malware on compromised Windows systems. This new strain’s primary function is to conduct geolocation scans every minute by triangulating the infected device’s position through nearby Wi-Fi access points, utilizing Google’s geolocation API for accuracy.…
CloudSEK has indicated that the Androxgh0st botnet has undergone significant evolution, integrating with the notorious Mozi botnet to exploit a multitude of vulnerabilities across web applications and Internet of Things (IoT) devices. This development underscores a broader trend in cyber threats, prompting an urgent need for organizations to understand the…
