A recent malware campaign has emerged, exploiting two zero-day vulnerabilities that enable remote code execution (RCE) to integrate routers and video recording devices into a Mirai-based distributed denial-of-service (DDoS) botnet. According to an advisory from Akamai, “The payload specifically targets routers and network video recorders (NVRs) with default admin credentials,…
Governance & Risk Management , Operational Technology (OT) Presented by Claroty 60 mins Healthcare organizations are increasingly grappling with a cybersecurity crisis that poses severe threats to operational resilience, financial stability, and patient safety. This crisis has transitioned from a theoretical concern to a pressing reality, revealing vulnerabilities within the…
A serious vulnerability has been uncovered in Oracle’s enterprise identity management system, posing risks of severe exploitation by remote, unauthenticated attackers. This flaw, identified as CVE-2017-10151, has been given the highest possible CVSS score of 10, indicating it is both critical and easily exploitable without the need for any user…
Governance & Risk Management Presented by ISMG 60 The cybercrime landscape is projected to escalate into a $10.5 trillion industry by 2025, with an annual growth rate of about 15%. Once primarily a concern for large enterprises, mid-sized businesses are increasingly being targeted. Reportedly, nearly half of all cyberattacks are…
Uber’s Concealed Data Breach Exposed Personal Information of 57 Million Users Uber Technologies Inc. has found itself in the spotlight yet again, this time due to revelations surrounding a significant data breach that took place in October 2016. The company has acknowledged that the breach compromised the personal data of…
Artificial Intelligence & Machine Learning, Government, Industry Specific New Report Indicates Shortcomings in DOE’s Cybersecurity and AI Governance Amid Rapid Technological Advancement Chris Riotta (@chrisriotta) • December 24, 2025 Image: DCStockPhotography/Shutterstock The U.S. Department of Energy (DOE) is entering 2026 amidst growing concerns regarding its lagging governance in relation to…
Kazakhstan-Born Hacker Enters Guilty Plea in Massive Yahoo Data Breach Karim Baratov, a 22-year-old Canadian citizen originally from Kazakhstan, has pleaded guilty to charges stemming from a significant data breach that compromised all three billion Yahoo accounts in 2014. The U.S. Justice Department previously announced charges against Russian intelligence officers…
Coupang Data Breach Highlights Cybersecurity Shortcomings and Regulatory Challenges A significant data breach at Coupang, one of South Korea’s largest e-commerce platforms, has raised critical concerns about the company’s approach to cybersecurity and its accountability in safeguarding customer information. This incident is noteworthy not just as a cybersecurity issue but…
Shortly after cybersecurity researchers raised warnings about two significant vulnerabilities in the SaltStack configuration framework, an ongoing campaign has already begun exploiting these flaws, targeting organizations such as LineageOS, Ghost, and DigiCert. The vulnerabilities, identified as CVE-2020-11651 and CVE-2020-11652, permit attackers to execute arbitrary code on remote servers operating within…
