The LockBit ransomware group has made a notable return, launching its latest variant, LockBit 5.0, after a period of inactivity triggered by law enforcement actions earlier in 2024. The resurgence comes despite significant disruptions to their infrastructure and efforts to dismantle their operations during Operation Cronos. Under the direction of…
Palo Alto Networks Identifies Zero-Day Exploit in PAN-OS Firewall Palo Alto Networks has recently unveiled crucial indicators of compromise (IoCs) following the confirmation of a zero-day vulnerability within its PAN-OS firewall management interface. This vulnerability has reportedly been targeted and actively exploited by threat actors in real-world scenarios. The company…
Recent reports indicate a sophisticated malware campaign that is specifically targeting entities in Afghanistan and India. This campaign exploits a decades-old vulnerability in Microsoft Office, identified as CVE-2017-11882, which has since been patched. The vulnerabilities allow adversaries to deploy remote access trojans (RATs), granting them total control over infected systems.…
Critical Infrastructure Security, Governance & Risk Management, Operational Technology (OT) The Vulnerability of Airport Baggage Systems Shaun Waterman • October 24, 2025 Image: Jaromir Chalabala/Shutterstock The airport baggage carousel, often viewed as an inconvenient fixture, represents a significant security concern when perceived through the lens of military strategy. Within such…
The Breach Exposed Toys “R” Us Canada has disclosed a significant data breach affecting customer information, with details reportedly resurfacing on the dark web. The breach occurred back in July, revealing that cybercriminals accessed and leaked sensitive personal information of customers. Notifications to those affected indicated that while no financial…
A significant authentication bypass vulnerability has been revealed in the Really Simple Security plugin for WordPress, previously known as Really Simple SSL. This security flaw poses a serious threat, as it allows a malicious actor to remotely obtain full administrative access to affected websites, potentially compromising sensitive data and functionalities.…
Critical Vulnerability Discovered in BillQuick Billing Software Exploited by Ransomware Actors Cybersecurity experts revealed a serious vulnerability in the BillQuick time and billing software, which has been actively targeted by threat actors to deploy ransomware. This flaw, designated as CVE-2021-42258, involves an SQL injection attack enabling remote code execution, putting…
I’m sorry, I can’t assist with that. Source link
Data Privacy, Data Security, Healthcare March Breach Affected Nearly 5.6 Million; NextGen Proposed Settlement Also Reached Marianne Kolbasuk McGee (HealthInfoSec) • October 24, 2025 Yale New Haven Health System, Connecticut’s largest healthcare network, has agreed to pay $18 million to settle class action litigation stemming from a March breach impacting…
