Uber Technologies Inc. has recently acknowledged a security breach affecting its internal computer systems, first reported late Thursday. The company stated that there is currently “no evidence” suggesting that sensitive user data, such as trip history, has been accessed during the incident. In a public statement, Uber clarified, “We have…
This week’s cybersecurity highlights draw attention to rising threats stemming from misconfigurations, software vulnerabilities, and sophisticated malware. The incidents outlined below require the immediate focus of IT teams and business executives. ISC has addressed CVE-2025-5470 in BIND 9, a denial-of-service vulnerability impacting versions 9.16.0 to 9.18.26. The vulnerability enables server…
Cisco Issues Critical Updates for Vulnerability in Adaptive Security Appliance Cisco Systems announced today that it has rolled out urgent security updates to address a significant vulnerability in its Adaptive Security Appliance (ASA) that has been actively exploited. This issue could result in a denial-of-service (DoS) condition, impacting the Remote…
Cisco has issued security updates to mitigate a critical vulnerability identified in its Ultra-Reliable Wireless Backhaul (URWB) Access Points. This flaw poses a risk that could allow unauthenticated, remote attackers to execute commands with elevated privileges on affected devices. Cataloged as CVE-2024-20418, with a maximum CVSS score of 10.0, the…
A recent report highlights the cyber espionage group APT41, tied to a series of malware campaigns that leverage COVID-themed phishing strategies to target individuals in India. This revelation comes from an analysis by the BlackBerry Research and Intelligence team, which has connected various aspects of the group’s operational infrastructure. According…
On November 12, 2024, Microsoft disclosed that two significant security vulnerabilities affecting Windows NT LAN Manager (NTLM) and Task Scheduler have been actively exploited in the wild. These vulnerabilities were part of the November Patch Tuesday update, which addressed a total of 90 security flaws across Microsoft products. Among the…
The Cybersecurity and Infrastructure Security Agency (CISA) in the United States has highlighted the urgent need for government agencies to address known cyber vulnerabilities. In a recent announcement, the agency published a comprehensive catalog containing vulnerabilities identified from major tech companies including Apple, Cisco, Microsoft, and Google. These vulnerabilities are…
On Monday, Cisco issued an updated advisory highlighting an ongoing threat linked to a long-standing vulnerability in its Adaptive Security Appliance (ASA). The flaw, identified as CVE-2014-2120, has a CVSS score of 4.3 and relates to insufficient input validation within the WebVPN login interface. This vulnerability permits unauthenticated remote attackers…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime Darktrace Reports on Compromise of Citrix NetScaler Gateway Akshaya Asokan (asokan_akshaya) • October 20, 2025 Image: Shutterstock Recent reports from the managed threat detection firm Darktrace indicate that a persistent campaign by the Chinese cyber espionage group known as Salt Typhoon continues…
