Critical Infrastructure Under Siege: CISA Warns of Active Exploits Targeting Manufacturing Software The Cybersecurity and Infrastructure Security Agency (CISA) has issued a grave warning regarding ongoing cyberattacks targeting a widely utilized manufacturing operations management platform developed by French multinational Dassault Systèmes. This marks the second alert from CISA in just…
Title: Cybersecurity Alert: Latest Claims of Gmail Security Breach Debunked In a recent development concerning online security, Google has officially dismissed assertions of a Gmail security breach purported to affect millions of users. The allegations, which gained traction through various online channels, have been categorized as unfounded, underscoring the necessity…
Cisco has issued security updates to mitigate a critical vulnerability identified in its Ultra-Reliable Wireless Backhaul (URWB) Access Points. This flaw poses a risk that could allow unauthenticated, remote attackers to execute commands with elevated privileges on affected devices. Cataloged as CVE-2024-20418, with a maximum CVSS score of 10.0, the…
A sophisticated advanced persistent threat (APT) has been identified as the perpetrator behind a series of global cyberattacks targeting hotels, various governmental entities, international organizations, engineering firms, and law offices. This campaign has come to the attention of cybersecurity experts worldwide. The Slovak cybersecurity firm ESET has attributed these attacks…
In a recent regulatory action, the French data protection authority, Commission nationale de l’informatique et des libertés (CNIL), has imposed a €600,000 fine on Électricité de France (EDF) for non-compliance with the European Union’s General Data Protection Regulation (GDPR). This penalty highlights ongoing challenges companies face in protecting sensitive consumer…
The Everest ransomware group, notorious for its cybercriminal activities, has reportedly leaked a database purportedly belonging to AT&T Carrier, the official recruitment platform for the telecommunications giant. This platform is primarily used by applicants and employees for job applications, resume submissions, and managing career information. In a further unsettling development,…
California Implements New Laws Addressing Pay Transparency, Layoffs, and Data Security In a significant legislative move, California has enacted new laws aimed at enhancing workplace protections and transparency regarding pay, layoffs, and data security breaches. This legislative package comes at a time when data vulnerabilities and employee rights are in…
On Thursday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) updated its Known Exploited Vulnerabilities (KEV) catalog with a recently patched critical vulnerability affecting Palo Alto Networks’ Expedition tool. CISA’s action follows evidence suggesting that the flaw is actively being exploited, posing significant risks to organizations relying on this software.…
New Malware Uncovered Linked to Nobelium’s Supply Chain Attacks On Wednesday, cybersecurity researchers unveiled a previously unreported backdoor likely developed by Nobelium, the advanced persistent threat group responsible for last year’s SolarWinds supply chain attack. This latest malware, codenamed “Tomiris” by Kaspersky, further expands an arsenal of hacking tools employed…
