Endpoint Security, Events, Government Panel Examines AI Innovations, Geopolitical Challenges, and Cybersecurity Leadership Anna Delaney (annamadeline) • April 30, 2025 ISMG editors Tom Field, Michael Novinson, Anna Delaney, Rahul Neel Mani, and Mathew Schwartz At the RSAC Conference 2025 in San Francisco, editors from ISMG explored pivotal discussions and emerging…
SK Telecom Under Scrutiny Amid Billions in Data Breach Costs by U.S. Telecoms Recent revelations indicate that SK Telecom is facing significant scrutiny following a wave of high-profile data breaches that have resulted in U.S. telecom companies incurring billions in losses. As telecommunications firms grapple with the aftermath of these…
Remote Desktop Protocol Vulnerability Exposes Persistent Access Risks Recent findings highlight a significant vulnerability within Windows Remote Desktop Protocol (RDP) that allows users to log in even with revoked passwords. This issue becomes particularly concerning when a Windows machine uses a Microsoft or Azure account to facilitate remote desktop access.…
Recently, Marks & Spencer (M&S), the prominent UK retailer, fell victim to a significant cyber assault that has left its operations severely compromised. The attack is believed to be orchestrated by the organized crime syndicate known as DragonForce, which utilized a highly advanced ransomware variant that severely disrupted M&S’s IT…
Fraud Management & Cybercrime, Ransomware HIPAA Protected Health Information Compromised in November 2023 Cyberattack Marianne Kolbasuk McGee (HealthInfoSec) • April 30, 2025 Image: City of Long Beach, California The City of Long Beach, California, is in the process of notifying approximately 260,000 individuals regarding a significant breach of their protected…
BreachForums Resurfaces Amid Uncertainty Following DDoS Attack In a surprising turn of events, the notorious hacking forum BreachForums has reemerged after a brief disappearance earlier this month. Security analysts suggest that this vanishing act may have been a result of a covert law enforcement operation aimed at disrupting criminal activities.…
New Research Uncovers Security Risks Posed by AI-Generated Code Recent studies have revealed alarming vulnerabilities associated with AI-generated computer code, particularly in the context of software supply chains. Researchers found that a significant portion of the code generated by large language models (LLMs) is rife with references to fictitious third-party…
As organizations increasingly adopt digital transformation initiatives, hybrid cloud environments, which combine on-premises infrastructure with public and private cloud resources, are gaining traction. The advantages of flexibility, scalability, and cost-effectiveness are significant; however, these benefits are accompanied by distinct security challenges that businesses must actively address. The integration of diverse…
Critical Infrastructure Security, Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime Salt Typhoon Highlights Significant Vulnerabilities in Telecom Networks: Minimal Progress Reported Chris Riotta (@chrisriotta) • April 30, 2025 Experts caution that U.S. telecoms remain unable to detect breaches linked to China in real time. (Image: Shutterstock) Recent…
