Tag cybersecurity

Accounting Firm Settles for $175K with Federal Authorities Over HIPAA Ransomware Breach

Data Privacy, Data Security, Healthcare <span class=”article-sub-title”>Settlement Includes Corrective Action Plan Aimed at Enhancing Risk Analysis</span> <span class=”article-byline”> <a class=”author-link” href=””>Marianne Kolbasuk McGee</a> (<a href=””><i class=”fa fa-twitter”/>HealthInfoSec</a>) • <span class=”text-nowrap”>August 18, 2025</span> <a href=””/> </span> <figure> <img src=”” alt=”Accounting Firm Pays Feds $175K for HIPAA Ransomware Breach” class=”img-responsive”/> <figcaption>Image: BST</figcaption>…

Read MoreAccounting Firm Settles for $175K with Federal Authorities Over HIPAA Ransomware Breach

⚡ Weekly Highlights: Zero-Day Vulnerabilities, Insider Risks, APT Activity, Botnet Threats, and More

May 19, 2025
Threat Intelligence / Cybersecurity

Cybersecurity experts are not only combating attacks—they’re also safeguarding trust, ensuring system functionality, and upholding their organization’s reputation. This week’s events underscore a significant concern: as we deepen our reliance on digital tools, unseen vulnerabilities can silently intensify. Addressing issues isn’t sufficient anymore; resilience must be integrated from the ground up. This requires improved systems, fortified teams, and enhanced visibility across the organization. What we’re witnessing is not merely risk; it’s a clear indication that prompt action and informed decision-making are crucial, often more than striving for perfection. Here’s what emerged this week, along with key issues security teams need to prioritize.

Threat of the Week
Microsoft Addresses 5 Actively Exploited Zero-Day Flaws — In its May 2025 Patch Tuesday update, Microsoft remedied a total of 78 security vulnerabilities, five of which are currently being exploited in the wild. Noteworthy vulnerabilities include CVE-2025-30397, CVE-2025-…

Weekly Cybersecurity Recap: Zero-Day Exploits, Insider Threats, and Emerging Cyber Risks Date: May 19, 2025 In the ever-evolving landscape of cybersecurity, professionals face a dual challenge: defending against aggressive attacks while safeguarding trust, ensuring operational continuity, and preserving their organization’s reputation. Recent events have underscored a critical issue stemming from…

Read More

⚡ Weekly Highlights: Zero-Day Vulnerabilities, Insider Risks, APT Activity, Botnet Threats, and More

May 19, 2025
Threat Intelligence / Cybersecurity

Cybersecurity experts are not only combating attacks—they’re also safeguarding trust, ensuring system functionality, and upholding their organization’s reputation. This week’s events underscore a significant concern: as we deepen our reliance on digital tools, unseen vulnerabilities can silently intensify. Addressing issues isn’t sufficient anymore; resilience must be integrated from the ground up. This requires improved systems, fortified teams, and enhanced visibility across the organization. What we’re witnessing is not merely risk; it’s a clear indication that prompt action and informed decision-making are crucial, often more than striving for perfection. Here’s what emerged this week, along with key issues security teams need to prioritize.

Threat of the Week
Microsoft Addresses 5 Actively Exploited Zero-Day Flaws — In its May 2025 Patch Tuesday update, Microsoft remedied a total of 78 security vulnerabilities, five of which are currently being exploited in the wild. Noteworthy vulnerabilities include CVE-2025-30397, CVE-2025-…

Critical RCE Threat from Hard-Coded ‘b’ Password in Sitecore XP Exposes Enterprises

June 17, 2025
Vulnerability / Enterprise Software

Cybersecurity experts have identified three significant vulnerabilities in the widely-used Sitecore Experience Platform (XP) that could be exploited to achieve pre-authenticated remote code execution (RCE). Sitecore XP is an enterprise software solution that offers tools for content management, digital marketing, and analytics.

The vulnerabilities are as follows:

  • CVE-2025-34509 (CVSS score: 8.2) – Use of hard-coded credentials
  • CVE-2025-34510 (CVSS score: 8.8) – Post-authenticated RCE via path traversal
  • CVE-2025-34511 (CVSS score: 8.8) – Post-authenticated RCE via Sitecore PowerShell Extension

Researcher Piotr Bazydlo from watchTowr Labs pointed out that the default user account “sitecore\ServicesAPI” has a hard-coded single-character password set to “b.” Notably, Sitecore’s documentation advises against altering default credentials. Although the user account lacks roles and permissions, the vulnerabilities still pose a serious risk.

Critical Security Flaws Discovered in Sitecore XP Could Lead to Remote Code Execution Risks On June 17, 2025, cybersecurity researchers revealed several significant vulnerabilities in the widely-used Sitecore Experience Platform (XP), posing a grave risk of remote code execution (RCE) in enterprise environments. Sitecore XP, renowned for its capabilities in…

Read More

Critical RCE Threat from Hard-Coded ‘b’ Password in Sitecore XP Exposes Enterprises

June 17, 2025
Vulnerability / Enterprise Software

Cybersecurity experts have identified three significant vulnerabilities in the widely-used Sitecore Experience Platform (XP) that could be exploited to achieve pre-authenticated remote code execution (RCE). Sitecore XP is an enterprise software solution that offers tools for content management, digital marketing, and analytics.

The vulnerabilities are as follows:

  • CVE-2025-34509 (CVSS score: 8.2) – Use of hard-coded credentials
  • CVE-2025-34510 (CVSS score: 8.8) – Post-authenticated RCE via path traversal
  • CVE-2025-34511 (CVSS score: 8.8) – Post-authenticated RCE via Sitecore PowerShell Extension

Researcher Piotr Bazydlo from watchTowr Labs pointed out that the default user account “sitecore\ServicesAPI” has a hard-coded single-character password set to “b.” Notably, Sitecore’s documentation advises against altering default credentials. Although the user account lacks roles and permissions, the vulnerabilities still pose a serious risk.

IBM Discovers Inadequate Controls in 97% of AI-Related Data Breaches

Recent research from IBM highlights a significant “AI oversight gap” among organizations that have experienced data breaches. According to findings from the company’s Cost of a Data Breach Report, an alarming 97% of these organizations reported a lack of adequate AI access controls, underscoring potential vulnerabilities in their cybersecurity frameworks.…

Read MoreIBM Discovers Inadequate Controls in 97% of AI-Related Data Breaches

State Settles for $2M with Dental Insurer Over Cybersecurity Breaches – Crain’s New York Business

State Settles for $2 Million with Dental Insurer Over Cybersecurity Breaches In a significant development within the realm of cybersecurity compliance, a settlement has been reached between state authorities and a dental insurance provider concerning serious violations of data security protocols. The agreement, totaling $2 million, highlights the legal and…

Read MoreState Settles for $2M with Dental Insurer Over Cybersecurity Breaches – Crain’s New York Business

Chinese Hackers Leverage Ivanti EPMM Vulnerabilities in Widespread Global Attacks

May 22, 2025
Enterprise Security / Malware

A recently patched duo of security vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM) software has been exploited by a China-linked threat actor to target various sectors across Europe, North America, and the Asia-Pacific region. The vulnerabilities, identified as CVE-2025-4427 (CVSS score: 5.3) and CVE-2025-4428 (CVSS score: 7.2), can be combined to run arbitrary code on vulnerable devices without needing any authentication. Ivanti addressed these flaws just last week. According to a report from EclecticIQ, the vulnerability chain has been misused by UNC5221, a Chinese cyber espionage group known for targeting edge network devices since at least 2023. Most recently, this group has also been linked to exploitation attempts on SAP NetWeaver instances affected by CVE-2025-31324. The Dutch cybersecurity firm noted that the first exploitation activities began on May 15, 2025, with attacks focused on healthcare, telecommunications, and aviation sectors.

Chinese Cyber Actors Target Global Enterprises Through Ivanti EPMM Vulnerabilities May 22, 2025 – Enterprise Security / Malware Recent developments in the cybersecurity landscape have revealed that a pair of vulnerabilities within Ivanti Endpoint Manager Mobile (EPMM) software, identified as CVE-2025-4427 and CVE-2025-4428, have been exploited by a China-based threat…

Read More

Chinese Hackers Leverage Ivanti EPMM Vulnerabilities in Widespread Global Attacks

May 22, 2025
Enterprise Security / Malware

A recently patched duo of security vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM) software has been exploited by a China-linked threat actor to target various sectors across Europe, North America, and the Asia-Pacific region. The vulnerabilities, identified as CVE-2025-4427 (CVSS score: 5.3) and CVE-2025-4428 (CVSS score: 7.2), can be combined to run arbitrary code on vulnerable devices without needing any authentication. Ivanti addressed these flaws just last week. According to a report from EclecticIQ, the vulnerability chain has been misused by UNC5221, a Chinese cyber espionage group known for targeting edge network devices since at least 2023. Most recently, this group has also been linked to exploitation attempts on SAP NetWeaver instances affected by CVE-2025-31324. The Dutch cybersecurity firm noted that the first exploitation activities began on May 15, 2025, with attacks focused on healthcare, telecommunications, and aviation sectors.

How Cybersecurity Positioned Estonia as a Leader in the Space Industry

Explore topics in Governance & Risk Management, Operational Technology (OT), and Video. Insights from Space Policy and Technology Director Paul Liias on Satellite Security Challenges By Tony Morbin (@tonymorbin) • August 15, 2025 Paul Liias, Head of Space Policy and Tech, Estonia The potential disruption of civil and military satellite…

Read MoreHow Cybersecurity Positioned Estonia as a Leader in the Space Industry

Your SSN Exposed Online, AI Data Breaches, and Bus Hacking: This Week’s Cybersecurity Chaos – PCMag

Major Cybersecurity Concerns: Data Exposure and Vulnerabilities on the Rise In the latest developments in cybersecurity, various incidents have highlighted growing vulnerabilities in digital infrastructures. Notably, social security numbers (SSNs) are increasingly becoming compromised, with significant amounts of personal data leaking online. The rise of artificial intelligence is exacerbating this…

Read MoreYour SSN Exposed Online, AI Data Breaches, and Bus Hacking: This Week’s Cybersecurity Chaos – PCMag