SEC Cyber Breach Unveils Vulnerabilities in Corporate Filing System This month has seen significant cybersecurity events, not least a recent revelation from the U.S. Securities and Exchange Commission (SEC), the premier regulatory body overseeing the nation’s securities markets. The SEC has disclosed that hackers infiltrated its financial document filing system,…
Two additional security vulnerabilities have been identified in AMI MegaRAC Baseboard Management Controller (BMC) software, just two months following the discovery of three similar flaws in the same system. Firmware security firm Eclypsium disclosed these new vulnerabilities, which were withheld previously to allow AMI time to implement necessary mitigations. The…
In a troubling development that underscores the vulnerabilities of digital privacy, a significant breach has occurred involving the exposure of private therapy notes from more than 33,000 patients. This incident has sparked widespread concern over the security of sensitive mental health information. The central figure in this breach is Finnish…
ImageMagick Exposed: Two Critical Vulnerabilities Found Cybersecurity experts have identified serious security flaws in the widely-used open source software, ImageMagick, which could result in denial-of-service (DoS) attacks and unauthorized information disclosure. Discovered by the Latin American cybersecurity firm Metabase Q in version 7.1.0-49, these vulnerabilities were subsequently addressed in an…
Recently, Senate Judiciary Committee Chairman Patrick Leahy has reintroduced a revised version of the Personal Data Privacy and Security Act, which aims to impose severe criminal penalties on hackers. This initiative, originally proposed in 2005, follows significant data breaches, such as the one that occurred during the Christmas holidays involving…
F5 Networks has issued a warning about a critical vulnerability affecting its BIG-IP appliances, which poses risks of denial-of-service (DoS) attacks or arbitrary code execution. This vulnerability stems from the iControl Simple Object Access Protocol (SOAP) interface, impacting several versions of BIG-IP, specifically versions 13.1.5, 14.1.4.6 to 14.1.5, 15.1.5.1 to…
A new phishing scam targeting Facebook users has emerged, exploiting the platform’s “Trusted Contacts” feature to deceive victims into compromising their own accounts. Reports indicate that attackers are leveraging previously compromised accounts of friends to initiate urgent requests for recovery assistance, creating a facade of legitimacy that can trick even…
Neiman Marcus Confirms Data Breach Amid Holiday Shopping Surge In a troubling revelation for consumers and businesses alike, Neiman Marcus has confirmed a significant data breach linked to credit card theft during the busy holiday shopping season. This incident follows closely on the heels of a similar breach experienced by…
A newly discovered zero-day vulnerability impacting Fortra’s GoAnywhere MFT managed file transfer application is currently being exploited by cybercriminals. The details of this flaw emerged when security journalist Brian Krebs shared the information on Mastodon, although Fortra has yet to issue a public advisory regarding this incident. This vulnerability enables…
