Stargazer Goblin Exploits GitHub for Malware Distribution An ongoing cyber threat has emerged from a group known as Stargazer Goblin, which has established an extensive network of fraudulent GitHub accounts for the distribution of various types of information-stealing malware. Over the past year, this operation is estimated to have generated…
Staffing Firms Among Victims of Data Breaches In recent developments, several staffing firms have reported significant data breaches, raising concerns about the security of sensitive information within the recruitment industry. The incidents underscore persistent vulnerabilities that businesses face as they increasingly rely on digital systems for managing candidate data and…
Recent Exploitation of Vulnerability in SolarWinds Serv-U Software Poses Risk to Sensitive Data A significant high-severity vulnerability affecting SolarWinds Serv-U file transfer software has recently emerged, drawing the attention of cybersecurity experts and malicious actors alike. The flaw, identified as CVE-2024-28995, boasts a CVSS score of 8.6 and relates to…
A recent cybersecurity alert has revealed that the Iranian state-sponsored hacking group known as MuddyWater has deployed a newly identified command-and-control framework named MuddyC2Go, targeting the telecommunications sectors in Egypt, Sudan, and Tanzania. Detectives at Broadcom’s Symantec Threat Hunter Team are monitoring this group under the designation Seedworm, but they…
In a troubling development for cybersecurity, Fortinet, in collaboration with Mandiant, has uncovered a widespread exploitation of FortiManager devices linked to CVE-2024-47575. This vulnerability has compromised over 50 systems across various sectors, with the threat group known as UNC5820 leveraging the flaw to facilitate data theft and unauthorized access. The…
A recent cyber attack has targeted ZicroDATA, a technology service provider, leading to the unauthorized exposure of sensitive data related to Australian visa holders. The breach has compromised a range of information, including personal identifiers such as full names, phone numbers, dates of birth, driving license information, passport numbers, and…
The landscape of cyber threats is evolving significantly as the 2024 U.S. Election approaches, prompting urgent discussions among cybersecurity experts. Recent events spotlight concerns surrounding cyberwarfare and nation-state attacks, fraud management and cybercrime, and the vital role of government measures in mitigating these risks. Assessing the Risks of Cyberthreats and…
The Growing Importance of Penetration Testing Checklists In the face of an increasingly complex threat landscape, the role of penetration testing (pentesting) checklists has never been more crucial for organizations aiming to safeguard their assets. As cyber attackers become more sophisticated, the attack surface—encompassing both internal and external vulnerabilities—continues to…
An Indian court has ordered Star Health and Allied Insurance Company to disclose details concerning a recent data leak that enabled the creation of unauthorized chatbots on Telegram. This ruling aims to facilitate the removal of these chatbots, which have raised significant privacy and security concerns. The court seeks to…
