Recently, cybersecurity experts identified and disclosed a critical vulnerability in a widely used online travel service, which specializes in hotel and car rentals. This vulnerability, now patched, allowed adversaries to take control of user accounts, posing a significant risk to millions of airline customers. According to Salt Labs, a firm…
In a coordinated effort, at least three advanced persistent threat (APT) groups have initiated spear-phishing campaigns, exploiting the ongoing Russo-Ukrainian conflict as a pretext for distributing malware and extracting sensitive information. These campaigns have been attributed to the groups El Machete, Lyceum, and SideWinder, targeting sectors such as energy, finance,…
Government, Industry Specific, Next-Generation Technologies & Secure Development Also: Implications of the UK’s $7B Bitcoin Case, Vectra’s Acquisition of Netography Chris Riotta (@chrisriotta) • October 3, 2025 From left: Chris Riotta, Michael Novinson, and Mathew Schwartz In this week’s analysis, ISMG editors evaluate the ramifications of the U.S. government shutdown…
In today’s fast-paced digital landscape, IT leaders must remain vigilant against the continuously evolving threats in the realm of cybersecurity. As attacks become more sophisticated and prevalent, the challenge arises: how can one devise proactive and agile strategies that effectively mitigate risks while optimizing the value of cybersecurity investments? Recent…
WICHITA, Kan. (KWCH) – Recent federal data reveals a significant rise in fraudulent activities impacting businesses, which collectively lose billions annually to scams. Such financial losses often reverberate through the marketplace, ultimately affecting consumers with increased prices. While many associate scams primarily with individual consumers, businesses are increasingly falling victim…
Critical Vulnerability in Zyxel Devices Under Active Exploitation Cybersecurity experts have issued urgent warnings regarding a severe zero-day vulnerability affecting Zyxel CPE Series devices, with reports of ongoing exploitation attempts. Dubbed CVE-2024-40891, this command injection vulnerability enables attackers to execute arbitrary commands on compromised devices, potentially resulting in full system…
Recent cybersecurity investigations have revealed a sophisticated operation attributed to a threat actor associated with Hamas’s cyber warfare division. This intricate campaign has been designed to target high-profile Israeli individuals working in delicate sectors such as defense, law enforcement, and emergency services. According to cybersecurity firm Cybereason, the attackers employed…
Encryption & Key Management, Geo Focus: The United Kingdom, Geo-Specific U.K. Home Office Issues New Request for Apple Backdoor Access Akshaya Asokan (asokan_akshaya) • October 3, 2025 The Apple logo on a storefront in London (Image: Shutterstock) The U.K. Home Office has reportedly renewed its request to Apple, seeking backdoor…
Cybersecurity professionals are on high alert as a group with alleged connections to the notorious Cl0p ransomware gang has been sending a series of emails to businesses, threatening to expose data purportedly stolen from Oracle’s E-Business Suite. This software is widely used for managing critical business operations, including finance and…
