New Vulnerability Risks Driver Signature Enforcement on Windows Systems A recently uncovered attack method exposes vulnerabilities in Microsoft’s Driver Signature Enforcement (DSE) on fully updated Windows systems, enabling potential OS downgrade attacks. This breakthrough allows cybercriminals to load unsigned kernel drivers, paving the way for the deployment of custom rootkits.…
The prominent global IT consultancy firm Accenture has recently fallen victim to a ransomware attack attributed to the LockBit group. This incident marks yet another significant breach in a landscape already troubled by high-profile cybercrimes, particularly as the cybercriminal marketplace continues to adjust following the takedown of similar influential groups…
Data Breach Report: Telstra Targeted Following Optus Incident Australia’s largest telecommunications provider, Telstra, has reported a data breach linked to a third-party platform, just under two weeks after a similar incident affected rival company Optus. This breach has raised significant concerns regarding the security of employee data, although company officials…
Healthcare, Industry Specific, Litigation HCA Healthcare Reaches Multimillion-Dollar Settlement Following 2023 Data Breach Marianne Kolbasuk McGee (HealthInfoSec) • October 31, 2025 HCA Healthcare has agreed to settle a class action lawsuit stemming from a 2023 email breach impacting approximately 11.3 million patients. (Image: HCA) This week, a federal court in…
The cybersecurity landscape is shaken by the emergence of a newly identified malware dubbed Airstalk, which researchers attribute to a suspected nation-state threat group. This malware employs enterprise management tools in unconventional ways, highlighting vulnerabilities in third-party ecosystems, particularly those supporting the global outsourcing sector. Its stealth and sophistication signal…
In a concerning development nearly six years after the initial discovery of the Spectre vulnerability affecting modern CPU architectures, recent research indicates that both AMD and Intel’s latest processors remain at risk of speculative execution attacks. This revelation emerges from a study conducted by researchers at ETH Zürich, highlighting vulnerabilities…
Microsoft has reported a sophisticated year-long phishing campaign characterized by a remarkable ability to evade detection. The attackers exhibited a pattern of altering their obfuscation and encryption strategies approximately every 37 days, employing various techniques, including Morse code, to obscure their activities while extracting user credentials. The phishing attempts typically…
In a significant shift in policy, the Federal Communications Commission (FCC) plans to vote in November on the repeal of a key ruling that mandates telecom providers to bolster the security of their networks. This move responds to lobbying efforts from major Internet service providers, raising concerns among cybersecurity experts…
In a significant ruling, a federal jury in the United States has convicted former Uber Chief Security Officer, Joseph Sullivan, for failing to disclose a data breach that occurred in 2016. This breach compromised sensitive information pertaining to both customers and drivers, with Sullivan accused of actively attempting to obscure…
