A serious vulnerability has been uncovered in the Amazon Elastic Container Registry (ECR) Public Gallery, which could have been leveraged for various attacks, as reported by the cybersecurity firm Lightspin. The flaw poses critical risks, enabling malicious actors to delete images stored in the gallery or replace them with versions…
In recent developments following notorious ransomware threats like WannaCry and Petya, a sophisticated new strain of malware has emerged, specifically targeting Android users through deceptive applications on the Google Play Store. This new malware, known as LeakerLocker, diverges from conventional ransomware methods by not encrypting files. Instead, it stealthily gathers…
In a startling cybersecurity incident, Gawker Media, the parent company of prominent blogs such as Gizmodo, Lifehacker, and Jezebel, has fallen victim to a significant data breach perpetrated by the hacker group known as Gnosis. The breach involved unauthorized access to Gawker’s source code and the company’s content management system,…
Webinar Announcement: Leveraging AI for Streamlined Incident Response In an age where cyber threats are increasingly sophisticated, the significance of a rapid and robust incident response cannot be overstated. A forthcoming webinar titled “AI for Faster, Defensible Incident Response” aims to address the evolving challenges faced by organizations in safeguarding…
Morocco’s Social Security Database Breached in Significant Cyberattack In a notable incident in the realm of cybersecurity, Morocco’s social security database has been compromised, revealing critical vulnerabilities within governmental digital infrastructures. This breach represents a significant concern for both public and private sectors regarding the growing threats posed by cybercriminals…
On Tuesday, the U.S. National Security Agency (NSA) issued a warning regarding a cyber threat from a group known as APT5, or Bronze Fleetwood, which has been actively exploiting a zero-day vulnerability in Citrix Application Delivery Controller (ADC) and Gateway systems. This security flaw, cataloged as CVE-2022-27518, represents a critical…
Cyber Attack on Deutsche Telekom: A Guilty Plea from a Key Suspect A 29-year-old man, identified by authorities as “Daniel K.,” has pleaded guilty in a German court to charges related to the hacking of over one million Deutsche Telekom routers. This incident marks a significant breach in the telecommunications…
A significant cybersecurity breach has been reported involving the theft of thousands of Social Security numbers from a New York state agency. The incident centers around a subcontractor who had been engaged in computer infrastructure upgrades for the Office of Temporary Disability Assistance, which oversees the evaluation of Social Security…
Explore topics like Governance & Risk Management, IT Risk Management, and Machine Identities. Presented by Optiv + CyberArk 60 Minutes As the lifespan of digital certificates dwindles to a mere 47 days, traditional manual processes struggle to keep up with the crucial demands of modern machine identity management. Tasks once…