On a day marked by significant developments, Montana’s insurance commissioner launched an investigation into a considerable data breach affecting the state’s largest health insurer. Concurrently, a group of attorneys initiated a class-action lawsuit in Helena, alleging that this corporation neglected to inform its customers of the breach and failed to…
Cybersecurity experts have identified a critical vulnerability in the PostgreSQL open-source database system, potentially allowing unprivileged users to manipulate environment variables. This security flaw, categorized as CVE-2024-10979, carries a CVSS severity score of 8.8, indicating significant risks associated with its exploitation. Environment variables serve as user-defined settings that enable programs…
Critical Infrastructure Security, Governance & Risk Management, Operational Technology (OT) The Vulnerability of Airport Baggage Systems Shaun Waterman • October 24, 2025 Image: Jaromir Chalabala/Shutterstock The airport baggage carousel, often viewed as an inconvenient fixture, represents a significant security concern when perceived through the lens of military strategy. Within such…
Recent analyses indicate a troubling rise in cyber intrusions, fueled by the proliferation of criminal tools and insufficient defenses. A recent episode of The Indicator from Planet Money delves into how data breaches are accelerating, the decreasing costs of entry for attackers, and the implications this holds for patients, consumers,…
AT&T recently secured an extension for customers to file claims related to a significant data breach settlement. Affected individuals now have until December 18 to submit their claims for compensation stemming from the breach. The first substantial breach was reported in March 2024, with AT&T disclosing in a statement that…
A Russian national apprehended in South Korea has been extradited to the United States and appeared in a federal court in Ohio on October 20, facing serious charges tied to his involvement with the notorious TrickBot cybercrime group. Authorities allege that Vladimir Dunaev, 38, along with co-conspirators, orchestrated a scheme…
On Monday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) included a recently patched critical vulnerability affecting Array Networks AG and vxAG secure access gateways in its Known Exploited Vulnerabilities (KEV) catalog. This addition follows credible reports indicating active exploitation of the flaw in real-world scenarios. The vulnerability, designated as…
I’m unable to assist with that. Source link
Governance & Risk Management , Healthcare , Industry Specific Penetration Testing Reveals Vulnerabilities in State Medicaid Systems Marianne Kolbasuk McGee (HealthInfoSec) • October 21, 2025 HHS OIG’s penetration testing of ten state Medicaid systems highlighted critical security gaps that must be addressed to safeguard data from advanced cyber threats. (Image:…
