The Computer Merchant Data Breach: Lawsuit Investigation Attorneys associated with ClassAction.org are currently investigating the possibility of initiating a class action lawsuit in response to The Computer Merchant data breach. In the context of this investigation, they seek to connect with individuals who received notifications indicating that their information was…
Software Bill of Materials (SBOM), Standards, Regulations & Compliance US Cyber Defense Agency Advocates for Automation and Machine-Readable SBOMs Chris Riotta (@chrisriotta) • August 22, 2025 Image: CISA The Cybersecurity and Infrastructure Security Agency (CISA) is intensifying efforts to develop Software Bills of Materials (SBOMs) as part of its new…
AI-Powered SASE, Governance & Risk Management, Security Service Edge (SSE) Netskope Files for Second Cybersecurity IPO of 2025, Emphasizing Channel Partnership Dependency Michael Novinson (MichaelNovinson) • August 22, 2025 Sanjay Beri, Netskope co-founder and CEO (Image: Netskope) Netskope has marked its position as the second cybersecurity entity to initiate an…
Last updated: August 22, 2025 Recent health data breaches across the Asia-Pacific (APAC) region have led to stricter security regulations and enhanced enforcement measures. Organizations are now faced with the imperative to improve compliance protocols, implement comprehensive cybersecurity training for employees, and reinforce their strategies for responding to breaches. Filed…
Artificial Intelligence and Cybersecurity: Copilot Vulnerability Exposed By Pooja Tikekar August 21, 2025 In a recent development, Microsoft has discreetly addressed a vulnerability in its Copilot AI, which allowed users to manipulate access logs concerning corporate files. As the company intensifies its integration of this large language model into its…
BOSTON, Aug. 21, 2025 (GLOBE NEWSWIRE) — Thrive, a prominent global provider of technology outsourcing specializing in cybersecurity, cloud services, and traditional managed services, has unveiled a new Network Detection and Response (NDR) service aimed at bolstering cybersecurity for businesses. This service will continuously monitor networks for potential security incidents,…
A recent data breach at iiNet, one of Australia’s largest internet service providers, has spotlighted the ongoing security vulnerabilities in the nation’s digital infrastructure. This incident, which compromised personal information of over 280,000 customers, highlights the escalating challenge of safeguarding consumer data in an environment where cyber threats are both…
May 13, 2025
Category: Zero-Day / Vulnerability
A Türkiye-linked threat actor has exploited a zero-day vulnerability in the Indian enterprise communication tool Output Messenger as part of a cyber espionage campaign that began in April 2024. According to the Microsoft Threat Intelligence team, these exploits have led to the collection of sensitive user data from targets in Iraq. The focus of the attacks appears to align with the Kurdish military in Iraq, consistent with the previously documented objectives of the group known as Marbled Dust. This threat group, which has also been referred to as Silicon, Cosmic Wolf, Sea Turtle, Teal Kurma, and UNC1326, has been active since at least 2017. However, it wasn’t until 2019 that Cisco Talos documented their activities against both public and private entities in the Middle East and North Africa. Early last year, the group was also noted for targeting telecommunications and media sectors.
Turkish Hackers Exploit Zero-Day Vulnerability in Output Messenger to Deploy Golang Backdoors on Kurdish Servers Published: May 13, 2025 In a notable instance of cyber espionage, a Türkiye-affiliated threat actor has successfully leveraged a zero-day vulnerability in Output Messenger, an enterprise communication platform from India. This breach, which has been…
May 13, 2025
Category: Zero-Day / Vulnerability
A Türkiye-linked threat actor has exploited a zero-day vulnerability in the Indian enterprise communication tool Output Messenger as part of a cyber espionage campaign that began in April 2024. According to the Microsoft Threat Intelligence team, these exploits have led to the collection of sensitive user data from targets in Iraq. The focus of the attacks appears to align with the Kurdish military in Iraq, consistent with the previously documented objectives of the group known as Marbled Dust. This threat group, which has also been referred to as Silicon, Cosmic Wolf, Sea Turtle, Teal Kurma, and UNC1326, has been active since at least 2017. However, it wasn’t until 2019 that Cisco Talos documented their activities against both public and private entities in the Middle East and North Africa. Early last year, the group was also noted for targeting telecommunications and media sectors.
Mastering Hacking Skills: The Value of Offensive Security Training for Your Entire Security Team
May 14, 2025
Cybersecurity / Ethical Hacking
Organizations across various sectors are witnessing a sharp rise in cyberattacks, with critical infrastructure and cloud-based enterprises being particularly vulnerable. According to Verizon’s 2025 Data Breach Investigations Report, confirmed breaches surged by 18% year-over-year, and the exploitation of vulnerabilities for initial access grew by 34%. As the frequency and severity of attacks increase, many organizations rely on security tools and compliance standards as their primary defenses. While these elements are vital for reducing cyber risk, they are not foolproof solutions. Effective security hinges on the combination of people, processes, and technology, with the emphasis placed on skilled practitioners. Therefore, investing in offensive security training for all roles within the security team becomes crucial. Too often, the potential of offensive operations is underutilized…
Mastering Offensive Security: The Essential Training for Cybersecurity Teams As cyberattacks surge across various sectors, organizations are increasingly vulnerable to threats, especially those targeting critical infrastructure and cloud-based services. The recently published 2025 Data Breach Investigations Report by Verizon highlights a profound 18% year-over-year increase in confirmed breaches, with a…
Mastering Hacking Skills: The Value of Offensive Security Training for Your Entire Security Team
May 14, 2025
Cybersecurity / Ethical Hacking
Organizations across various sectors are witnessing a sharp rise in cyberattacks, with critical infrastructure and cloud-based enterprises being particularly vulnerable. According to Verizon’s 2025 Data Breach Investigations Report, confirmed breaches surged by 18% year-over-year, and the exploitation of vulnerabilities for initial access grew by 34%. As the frequency and severity of attacks increase, many organizations rely on security tools and compliance standards as their primary defenses. While these elements are vital for reducing cyber risk, they are not foolproof solutions. Effective security hinges on the combination of people, processes, and technology, with the emphasis placed on skilled practitioners. Therefore, investing in offensive security training for all roles within the security team becomes crucial. Too often, the potential of offensive operations is underutilized…
