Recent research has highlighted a critical vulnerability in the Rhysida ransomware, allowing experts to reconstruct encryption keys and decrypt compromised data. This groundbreaking discovery was made by researchers from Kookmin University and the Korea Internet and Security Agency (KISA), who published their findings last week. The team noted that through…
A critical vulnerability has been identified in the SolarWinds Orion software, which may have been exploited by threat actors as a zero-day to deliver the SUPERNOVA malware across targeted environments. This discovery highlights significant risks for organizations utilizing this widely adopted system monitoring and management tool. The CERT Coordination Center…
Unsecured Database Exposes Personal Data of Nearly Half a Million Indians A significant data breach has been uncovered by cybersecurity researcher Bob Diachenko, revealing an unsecured server that has compromised the sensitive personal information of approximately 458,388 individuals in Delhi, India. The exposed database, identified as “GNCTD,” holds 4.1 GB…
Active Directory, Fraud Management & Cybercrime, Ransomware Presented by Commvault 60 mins Many organizations remain oblivious to their vulnerabilities, particularly regarding Active Directory (AD), a critical component that initiates approximately 90% of cyberattacks. The risks associated with prolonged downtime are significant, ranging from data loss to potential legal ramifications and…
Less Than Two Weeks Remaining: Claiming Up to $7,500 from AT&T’s $177 Million Data Breach Settlement In a significant development within the cybersecurity sector, AT&T has agreed to a substantial $177 million settlement related to a major data breach affecting millions of customers. This incident, which compromised sensitive user data,…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) reported on Monday the addition of a significant security vulnerability pertaining to Roundcube email software to its Known Exploited Vulnerabilities (KEV) catalog. This extension is based on confirmed instances of active exploitation. Identified as CVE-2023-43770 with a CVSS score of 6.1, the…
Recent cybersecurity research has unveiled a sophisticated credential-stealing malware, implemented using AutoHotkey (AHK), targeting financial institution clients across the US and Canada. This campaign, ongoing since early 2020, emphasizes the alarming trend of cybercriminals employing customized tools for data theft. Among the victims are customers of several prominent banks, including…
Emerging Privacy Solutions in Telecommunications Raise Questions About Cybersecurity In the evolving landscape of telecommunications, a new venture named Phreeli is gaining attention for its promise of enhanced privacy for users. Wilcox, an advocate for consumer privacy, reflects on his long-standing efforts to maintain anonymity in an age of data…
Massive Data Breach Exposed at Citrix, Targeting U.S. Government and Corporate Networks In a concerning revelation last weekend, Citrix, a prominent provider of enterprise software that serves the U.S. military, the FBI, and various governmental agencies, announced a significant data breach of its internal network. The intrusion, attributed to “international…
