In the current landscape of heightened cyber threats, it is imperative for organizations to robustly protect against cyberattacks. Traditional penetration testing has its merits but often presents challenges such as high costs and limited frequency. Automated internal and external network pentesting emerges as a transformative solution, equipping entities to proactively…
A new malware botnet known as PseudoManuscrypt has emerged, targeting industrial and government organizations, particularly within military-industrial entities and research laboratories. Reports indicate that this malware strain has compromised approximately 35,000 Windows systems throughout the current year. The nomenclature for PseudoManuscrypt draws parallels to the well-known Manuscrypt malware, associated with…
Live Webinar: Streamline Your DevOps with Efficient Application Security Testing
Thank you for registering with ISMG Enhance your profile and stay informed. Select Title LevelAnalytics/Architecture/EngineeringAttorney/General Counsel/CounselAssociate Vice President (AVP)Board MemberC-Level ExecutiveC-Level – OtherChief Communications Officer (CCO)Chief Executive Officer (CEO)/PresidentChief Financial Officer (CFO)ChairpersonChief Information Officer (CIO)Chief Information Security Officer (CISO)/Chief Security Officer (CSO)CISO/CSO/CIOChief Operating Officer (COO)Chief Risk Officer (CRO)Chief Technology Officer…
Live Webinar: Streamline Your DevOps with Efficient Application Security Testing
Massive Cybersecurity Breach Hits Envoy Air, A Wake-Up Call for Aviation Industry In a significant cybersecurity incident, Envoy Air, a regional airline operating under the American Eagle brand, has been targeted as part of a broader breach affecting several major players in the aviation sector, including Qantas, Aeroflot, and Vietnam…
Security Updates Released for Ivanti Products Addressing Critical Vulnerabilities Ivanti has issued security updates aimed at rectifying several severe vulnerabilities in its Cloud Services Application (CSA) and Connect Secure offerings, vulnerabilities that could potentially facilitate privilege escalation and remote code execution. The concern arises from multiple critical flaws present in…
On Friday, the Apache Software Foundation (ASF) released version 2.17.0 of its widely adopted logging library, Log4j, addressing a new vulnerability that malicious actors can exploit for denial-of-service (DoS) attacks. This vulnerability is identified as CVE-2021-45105, rated with a CVSS score of 7.5, and affects all iterations of the tool…
Passwords are integral to safeguarding organizational data, yet their inherent vulnerabilities often lead to significant security risks. As users juggle a multitude of credentials, many resort to unsafe practices, such as creating weak passwords or reusing the same password across multiple accounts, which undermines security protocols. The prevalence of password…
Data Security, Finance & Banking, Industry Specific Details on Breach Notification Service: Victim Count in Peer-to-Peer Lending Marketplace Mathew J. Schwartz (euroinfosec) • October 17, 2025 Image: Shutterstock/Prosper In a significant breach, hackers reportedly accessed personal information of over 17 million users from Prosper, a peer-to-peer lending platform. The incident…
Envoy Air, a fully owned subsidiary of American Airlines, has confirmed it has been targeted in a cyber attack that compromised vulnerabilities within Oracle’s E-Business Suite (EBS). This incident highlights a pressing concern regarding the cybersecurity posture of enterprise software within the aviation industry. The breach came to light through…
