Following Microsoft’s recent release of a mitigation tool aimed at addressing cyberattacks targeting on-premises Exchange servers, the company reported that 92% of the internet-facing servers affected by the ProxyLogon vulnerabilities have been patched. This marks a substantial improvement of 43% from the previous week, closing a tumultuous period rife with…
Incident Analysis: Potential Security Risks in Cryptocurrency Dealings In a recent episode highlighting the intersection of cryptocurrency and business negotiations, Kent Halliburton, co-founder and CEO of Sazmining, found himself in a precarious situation while at the Rosewood Hotel in Amsterdam. While handling an envelope containing 10,000 euros, he began to…
Joomla Faces Data Breach Affecting 2,700 Users Joomla, a leading open-source content management system (CMS), recently reported a significant data breach impacting approximately 2,700 users of its Resources Directory (JRD) website, resources.joomla.org. The breach compromises personal user data, including full names, business addresses, email addresses, phone numbers, and encrypted passwords.…
Data Privacy, Data Security, Healthcare Sensitive Data of Nearly 470,000 Patients and Employees Potentially Exposed on Dark Web Marianne Kolbasuk McGee (HealthInfoSec) • November 18, 2025 Omni Family Health, a nonprofit operating approximately 40 community health centers in California, has reached a $6.5 million settlement over a 2024 cyber incident…
Privacy Commissioner Raises Concerns Following Alberta Student Data Breach In a recent development alarming to many in the cybersecurity community, the Privacy Commissioner has issued a statement regarding serious findings from an investigation into a data breach involving student information in Alberta. This breach highlights not only the vulnerabilities inherent…
Recent investigative findings from cybersecurity firm Binarly have uncovered a critical security vulnerability in the Lighttpd web server, commonly employed in baseboard management controllers (BMCs) produced by major vendors such as Intel and Lenovo. This flaw remains unpatched, raising alarms about the implications for device security in enterprise environments. The…
A renewed campaign backed by the North Korean government is targeting cybersecurity researchers through sophisticated social engineering tactics involving malware. This resurgence was detailed in a recent report from Google’s Threat Analysis Group (TAG). According to TAG, the attackers established a fictitious security firm named SecuriElite and created multiple social…
Massive Data Exposure on WhatsApp Highlights Privacy Vulnerabilities In a significant development for data privacy, researchers from Austria have demonstrated that a systematic check of WhatsApp’s contact discovery feature has led to the exposure of an estimated 3.5 billion phone numbers associated with users of the messaging platform. This capability…
Indian Government Addresses Security Flaw in Digilocker Service The Indian Government has confirmed the resolution of a significant vulnerability within its secure document wallet service, Digilocker. This flaw potentially allowed unauthorized remote access, enabling attackers to bypass mobile one-time passwords (OTPs) and gain unauthorized sign-in access to other users’ accounts.…
