A recent global cyberattack has targeted critical vulnerabilities in Microsoft’s on-premises SharePoint software, affecting multiple U.S. government agencies, including the National Institutes of Health (NIH) and the National Nuclear Security Administration (NNSA). The breaches were first reported around Friday, July 18, prompting swift action from the impacted organizations and a…
The Federal Bureau of Investigation (FBI), in collaboration with the Cybersecurity and Infrastructure Security Agency (CISA), the Department of Health and Human Services (HHS), and the Multi-State Information Sharing and Analysis Center (MS-ISAC), has issued a critical alert regarding the intensified activities of the Interlock ransomware group. This group is…
Governance & Risk Management, Patch Management Microsoft Rolls Out Emergency Patches for Authentication-Bypassing Attacks Prajeet Nair (@prajeetspeaks), Mathew J. Schwartz (euroinfosec) • July 21, 2025 Image: Shutterstock In a concerning development, cybersecurity experts have reported that attackers are exploiting two zero-day vulnerabilities in on-premises Microsoft SharePoint installations. This activity allows…
Bitcoin Depot, Inc., a leading cryptocurrency ATM operator, has reported a significant data breach affecting approximately 27,000 users. This incident highlights ongoing vulnerabilities within the fintech sector, especially for platforms that facilitate digital asset transactions. Discovered on June 23, 2024, the breach indicated unauthorized access to sensitive customer data. By…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime Iranian-Linked Hackers Claim to Have Obtained 100GB of Emails from Trump’s Inner Circle Chris Riotta (@chrisriotta) • July 2, 2025 A Tehran billboard depicting ballistic missiles aimed at Israel, dated May 3, 2024. (Image: saeediex/Shutterstock) Recent warnings from national security analysts indicate…
On Wednesday, the Cybersecurity and Infrastructure Security Agency (CISA) identified CVE-2024-54085 as a newly recognized vulnerability actively being exploited in the wild. While the specifics surrounding this vulnerability remain undisclosed, its implications have raised significant concern among cybersecurity experts. Research conducted by Eclypsium highlighted the wide-ranging repercussions of these exploits.…
Artificial Intelligence & Machine Learning, Fraud Management & Cybercrime, Government Also: CISA’s Leadership Crisis; Why AI’s Confident Errors Demand Urgent Oversight Anna Delaney (annamadeline) • June 20, 2025 Clockwise, from top left: Anna Delaney, Tony Morbin, Chris Riotta and Mathew Schwartz In the latest update from Information Security Media Group…
Government, Industry Specific, Training & Security Leadership Sean Plankey’s CISA Nomination Faces Further Delays Amid Rising Tensions Chris Riotta (@chrisriotta) • June 16, 2025 Sean Plankey, nominee for the U.S. Cybersecurity and Infrastructure Security Agency. President Donald Trump’s nomination of Sean Plankey to lead the Cybersecurity and Infrastructure Security Agency…
Cybersecurity experts and business leaders are on heightened alert following the recent confirmation of a breach at a utility billing software provider, which has its origins in unpatched vulnerabilities associated with the SimpleHelp Remote Monitoring and Management (RMM) platform. The breach has unveiled critical weaknesses that have been exploited by…
