Three prominent American banks have recently reported serious data breaches, compromising sensitive personal and account information for hundreds of customers. Citizens Bank, Truist Bank, and First National Bank have confirmed that they have fallen victim to these security incidents and have communicated the details to affected clients and appropriate regulatory…
A recently identified vulnerability in VMware ESXi hypervisors has been under active exploitation by several ransomware groups, raising significant concerns among cybersecurity experts. The flaw, detailed under CVE-2024-37085 and assigned a CVSS score of 6.8, enables attackers to bypass Active Directory integration authentication, thus granting them illicit administrative access to…
Polish Government Institutions Targeted in Sophisticated Malware Attack Linked to Russian Group APT28 In a significant cybersecurity incident, Polish government institutions have fallen victim to a large-scale malware campaign orchestrated by APT28, a nation-state actor associated with Russia. This sophisticated attack involves a multi-faceted approach, utilizing deceptive email tactics designed…
Massive Data Breach at Game Freak Exposes Pokémon Secrets Game Freak, the acclaimed developer of the Pokémon franchise, has suffered a significant data breach, now dubbed the “Teraleak.” This incident has purportedly revealed nearly 1 terabyte of sensitive data, including source code, unreleased projects, concept art, and canceled games. The…
Data Breach at Star Health Sparks Regulatory and Legal Concerns On October 11, The Exchange sought clarification from Star Health and Allied Insurance Company Limited regarding a troubling news item detailing an alleged data breach. Reports indicate that a senior executive at the company improperly sold the personal data of…
A serious security vulnerability has been identified in Rockwell Automation’s ControlLogix 1756 devices. This flaw poses the risk of allowing attackers to bypass crucial security measures, thereby executing programming and configuration commands for common industrial protocols, known as CIP (Common Industrial Protocol). Named CVE-2024-6242, this vulnerability has been assigned a…
Understanding Continuous Threat Exposure Management (CTEM): A Comprehensive Overview Continuous Threat Exposure Management (CTEM) provides a strategic framework designed to help organizations continually evaluate and manage cyber risks. This approach deconstructs the intricate process of addressing security threats into five clear stages: Scoping, Discovery, Prioritization, Validation, and Mobilization. Each stage…
In this week’s cybersecurity newsletter, we bring you a comprehensive overview of the current threats facing organizations globally, focusing on the latest cybersecurity incidents and the mitigation strategies that business owners should be aware of. The digital landscape is continually evolving, and understanding these threats is crucial to safeguarding sensitive…
Microsoft’s Smart App Control and SmartScreen Found Vulnerable to Exploitation Recently, cybersecurity researchers have identified critical vulnerabilities within Microsoft’s Windows Smart App Control (SAC) and SmartScreen features, which may grant threat actors an opportunity for initial access to targeted systems without triggering security alerts. This discovery raises concerns about the…
