Recent cybersecurity research has uncovered intriguing potential connections between the notorious SolarWinds hack and a previously identified malware strain called Kazuar. Kaspersky’s latest analysis highlights overlapping features that suggest a link between the two malicious software architectures. The SolarWinds incident, disclosed in December 2020, was characterized by its unprecedented scale…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently highlighted a significant security vulnerability affecting JetBrains TeamCity On-Premises software, categorizing it as a known exploited vulnerability in its catalog. This classification is based on concrete evidence of active exploitation in the wild. The identified flaw, designated CVE-2024-27198, has a…
Data Privacy, Data Security, Endpoint Security Cyber Advisory Highlights Exploitation of Linked Devices in Monitoring Sensitive Communications Chris Riotta (@chrisriotta) • November 25, 2025 Image: Shutterstock The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about cyber threat actors targeting current and former high-ranking government officials, military…
In a recent cybersecurity development, Microsoft addressed critical zero-day vulnerabilities within its on-premises Exchange Server software through a series of out-of-band patches. Following these updates, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent directive alerting organizations to the “active exploitation” of these vulnerabilities. This warning follows Microsoft’s…
On Friday, Microsoft issued a grave warning regarding the active exploitation of vulnerabilities in unpatched Microsoft Exchange Servers affecting numerous organizations globally. The cyberattack campaigns reportedly compromise tens of thousands of businesses and government bodies across the United States, Europe, and Asia. The company’s security team reported a significant escalation…
Red Hat Issues Urgent Security Alert Following Backdoor Discovery in XZ Utils On Friday, Red Hat issued an urgent security alert, revealing a critical security vulnerability involving two versions of the widely-used data compression library known as XZ Utils, previously LZMA Utils. This vulnerability allows malicious actors to gain unauthorized…
Government, Healthcare, Industry Specific Also: Akira Ransomware Targets Healthcare, AI’s Sycophancy Becomes a Security Risk Anna Delaney (annamadeline) • November 21, 2025 Clockwise, from top left: Anna Delaney, Tony Morbin, Chris Riotta, and Marianne Kolbasuk McGee This week’s ISMG Editors’ Panel convened a discussion among four seasoned editors, who addressed…
Government, Industry Specific Internal Memo Reveals Staffing Crisis at CISA, Blames Trump-Era Cuts Chris Riotta (@chrisriotta) • November 18, 2025 Madhu Gottumukkala, acting director of CISA. (Image: CISA) The Cybersecurity and Infrastructure Security Agency (CISA) is grappling with a significant staffing crisis, as revealed in a recent internal memo from…
Palo Alto Networks has disclosed a significant security vulnerability affecting PAN-OS that is currently under active exploitation by cybercriminals. This flaw, designated as CVE-2024-3400 with a CVSS score of 10.0, is characterized as “intricate,” arising from the combination of two distinct bugs present in PAN-OS versions 10.2, 11.0, and 11.1.…
