Pandora, the globally recognized jewellery brand, has announced that it fell victim to a cyber attack that led to unauthorized access to certain customer data. The breach, which was communicated to customers via email, originated from a third-party platform rather than Pandora’s internal systems, raising concerns about the security of…
Artificial Intelligence & Machine Learning, Data Security, Next-Generation Technologies & Secure Development Allegations of Improper Data Collection Aren’t New for Perplexity Rashmi Ramesh (rashmiramesh_) • August 5, 2025 Image: Shutterstock Perplexity, an artificial intelligence firm, is embroiled in allegations of circumventing established internet protocols for data acquisition. Cloudflare has accused…
Columbia University recently experienced a significant data breach that exposed the personal information of 1.8 million individuals, including Social Security numbers. This incident not only disrupted critical IT operations for several days but also serves as a pivotal moment for cybersecurity within higher education. The ramifications of the breach are…
Published: July 21, 2025
Category: Enterprise Security / Zero Day
Even the most secure environments are at risk as attackers bypass elaborate defenses—not with elaborate exploits, but by leveraging weak configurations, outdated encryption, and unprotected trusted tools. These stealthy attacks evade detection by blending into normal operations, exploiting gaps in monitoring and assumptions of safety. What once appeared suspicious now seems routine, thanks to modular techniques and automation that mimic legitimate behavior.
The critical issue? Our control is not only being tested; it’s being silently compromised. This week’s updates shed light on how default configurations, blurred trust boundaries, and exposed infrastructures are transforming standard systems into vulnerabilities.
Microsoft has rolled out patches for two security vulnerabilities in SharePoint Server that have been actively exploited, impacting numerous organizations globally. Details on the exploitation surfaced…
Weekly Security Brief: SharePoint Vulnerability, Chrome Exploit, macOS Spyware, and NVIDIA Toolkit RCE July 21, 2025 In the realm of cybersecurity, recent developments indicate that attackers are increasingly circumventing traditional defenses by exploiting seemingly benign vulnerabilities. These intrusions often rely on outdated security configurations, weak encryption, and unprotected trusted tools…
Published: July 21, 2025
Category: Enterprise Security / Zero Day
Even the most secure environments are at risk as attackers bypass elaborate defenses—not with elaborate exploits, but by leveraging weak configurations, outdated encryption, and unprotected trusted tools. These stealthy attacks evade detection by blending into normal operations, exploiting gaps in monitoring and assumptions of safety. What once appeared suspicious now seems routine, thanks to modular techniques and automation that mimic legitimate behavior.
The critical issue? Our control is not only being tested; it’s being silently compromised. This week’s updates shed light on how default configurations, blurred trust boundaries, and exposed infrastructures are transforming standard systems into vulnerabilities.
Microsoft has rolled out patches for two security vulnerabilities in SharePoint Server that have been actively exploited, impacting numerous organizations globally. Details on the exploitation surfaced…
Dec 27, 2024
Cyber Attack / Data Theft
The cyber threat group known as Cloud Atlas has been detected utilizing a newly identified malware named VBCloud in its attack campaigns throughout 2024. According to Kaspersky researcher Oleg Kupreev, victims are infected through phishing emails containing a malicious document that exploits a vulnerability in the formula editor (CVE-2018-0802) to download and run malware code. Notably, over 80% of the targets are based in Russia, with additional victims reported in Belarus, Canada, Moldova, Israel, Kyrgyzstan, Turkey, and Vietnam. Cloud Atlas, also known as Clean Ursa, Inception, Oxygen, and Red October, is an unidentified threat actor group that has been operational since 2014. In December 2022, the group was tied to cyber attacks on Russia, Belarus, and Transnistria, deploying a PowerShell-based backdoor called PowerShower.
Cloud Atlas Unleashes VBCloud Malware: Majority of Targets Located in Russia December 27, 2024 Cyber Attack / Data Theft Recent observations have revealed that the cyber threat group known as Cloud Atlas has deployed an emerging malware variant referred to as VBCloud in a series of targeted attacks throughout 2024.…
Dec 27, 2024
Cyber Attack / Data Theft
The cyber threat group known as Cloud Atlas has been detected utilizing a newly identified malware named VBCloud in its attack campaigns throughout 2024. According to Kaspersky researcher Oleg Kupreev, victims are infected through phishing emails containing a malicious document that exploits a vulnerability in the formula editor (CVE-2018-0802) to download and run malware code. Notably, over 80% of the targets are based in Russia, with additional victims reported in Belarus, Canada, Moldova, Israel, Kyrgyzstan, Turkey, and Vietnam. Cloud Atlas, also known as Clean Ursa, Inception, Oxygen, and Red October, is an unidentified threat actor group that has been operational since 2014. In December 2022, the group was tied to cyber attacks on Russia, Belarus, and Transnistria, deploying a PowerShell-based backdoor called PowerShower.
Governance & Risk Management, Operational Technology (OT) Security Experts Advocate for Coordinated Autonomy Instead of Complete Integration Suparna Goswami (gsuparna) • August 4, 2025 Image: Shutterstock The divide between IT and OT teams can be likened to two groups speaking entirely different languages. While IT departments focus on data integrity…
Ransomware Attack on Arkansas Oncology Group Impacts Over 113,000 Patients In a significant data breach, the Arkansas Oncology Group reported a ransomware attack affecting approximately 113,500 individuals. This incident, as detailed by the HIPAA Journal, underscores the increasing threats posed by cybercriminals in the healthcare sector, which frequently stores sensitive…
Hackers Exploiting SharePoint Zero-Day Since July 7 to Steal Keys and Ensure Ongoing Access
July 22, 2025
Vulnerability / Threat Intelligence
A recently revealed critical vulnerability in Microsoft SharePoint has been actively exploited since July 7, 2025, according to Check Point Research. The cybersecurity firm detected initial attacks targeting a major unnamed Western government, with activities escalating on July 18 and 19 across government, telecommunications, and software sectors in North America and Western Europe. Check Point identified the exploitation efforts originating from three separate IP addresses—104.238.159[.]149, 107.191.58[.]76, and 96.9.125[.]147—one of which was previously associated with the exploitation of vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM) appliances (CVE-2025-4427 and CVE-2025-4428). “We are witnessing an urgent and active threat: a critical zero-day vulnerability in SharePoint on-premises is being exploited globally, endangering thousands of organizations,” stated Lotem Finkelstein, Director of Threat Intelligence at Check Point.
Hackers Exploit SharePoint Zero-Day Vulnerability Since July 7 to Hijack Credentials and Ensure Ongoing Access July 22, 2025 Vulnerability / Threat Intelligence A critical vulnerability in Microsoft SharePoint has come to light, and reports indicate that it has been under active exploitation since July 7, 2025. Findings from Check Point…
Hackers Exploiting SharePoint Zero-Day Since July 7 to Steal Keys and Ensure Ongoing Access
July 22, 2025
Vulnerability / Threat Intelligence
A recently revealed critical vulnerability in Microsoft SharePoint has been actively exploited since July 7, 2025, according to Check Point Research. The cybersecurity firm detected initial attacks targeting a major unnamed Western government, with activities escalating on July 18 and 19 across government, telecommunications, and software sectors in North America and Western Europe. Check Point identified the exploitation efforts originating from three separate IP addresses—104.238.159[.]149, 107.191.58[.]76, and 96.9.125[.]147—one of which was previously associated with the exploitation of vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM) appliances (CVE-2025-4427 and CVE-2025-4428). “We are witnessing an urgent and active threat: a critical zero-day vulnerability in SharePoint on-premises is being exploited globally, endangering thousands of organizations,” stated Lotem Finkelstein, Director of Threat Intelligence at Check Point.
Geo Focus: The United Kingdom, Geo-Specific, Government Dominic Trott of Orange Cyberdefense Discusses Challenges Facing Investors Amid Geopolitical Tensions Akshaya Asokan (asokan_akshaya) • August 4, 2025 Dominic Trott, Director of Strategy and Alliances, Orange Cyberdefense The United Kingdom has consistently supported startups and nurtured successful enterprises; however, cybersecurity startups in…
