Transformations in Healthcare Driven by Digitalization Bring Cybersecurity Risks The healthcare industry is experiencing significant transformation due to the surge in digitalization. Traditional paper-based methods are rapidly being replaced by electronic systems, facilitated by advancements in process automation, artificial intelligence, telehealth, and remote monitoring of medical devices. This substantial shift…
On Thursday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) updated its Known Exploited Vulnerabilities (KEV) catalog with a recently patched critical vulnerability affecting Palo Alto Networks’ Expedition tool. CISA’s action follows evidence suggesting that the flaw is actively being exploited, posing significant risks to organizations relying on this software.…
A significant security breach has come to light, involving the exposure of 183 million email accounts along with their corresponding passwords. This data, reportedly stemming from a malware-driven theft, has been added to the renowned breach-notification platform, Have I Been Pwned, run by cybersecurity expert Troy Hunt. Following its discovery…
The Cybersecurity and Infrastructure Security Agency (CISA) in the United States has highlighted the urgent need for government agencies to address known cyber vulnerabilities. In a recent announcement, the agency published a comprehensive catalog containing vulnerabilities identified from major tech companies including Apple, Cisco, Microsoft, and Google. These vulnerabilities are…
On Monday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) included a recently patched critical vulnerability affecting Array Networks AG and vxAG secure access gateways in its Known Exploited Vulnerabilities (KEV) catalog. This addition follows credible reports indicating active exploitation of the flaw in real-world scenarios. The vulnerability, designated as…
Government, Industry Specific CISA Budget and Staffing Cuts Undermine National Cyber Readiness, Officials Warn Chris Riotta (@chrisriotta) • October 22, 2025 Mark Montgomery, senior director of the Center on Cyber and Technology Innovation, October 22, 2025. (Image: FDD/ISMG) The Cyberspace Solarium Commission has reported a significant setback in U.S. federal…
Attack Surface Management, Security Operations Administering Response to NTLM Vulnerability Exploitation Greg Sirico • October 21, 2025 Image: Afansev Ivan/Shutterstock The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert regarding an actively exploited vulnerability in the Server Message Block (SMB) protocol. This flaw, identified as CVE-2025-33073, has…
On Monday, Cisco issued an updated advisory highlighting an ongoing threat linked to a long-standing vulnerability in its Adaptive Security Appliance (ASA). The flaw, identified as CVE-2014-2120, has a CVSS score of 4.3 and relates to insufficient input validation within the WebVPN login interface. This vulnerability permits unauthenticated remote attackers…
Recent advisories issued by cybersecurity agencies in both Australia and the United States have exposed critical vulnerabilities present in web applications that could be exploited by cybercriminals, risking data breaches and the theft of sensitive information. The joint advisory particularly underscores the threat posed by Insecure Direct Object Reference (IDOR)…
