Tag cybersecurity

Computer Merchant Data Breach Reveals SSNs; Legal Actions Underway

The Computer Merchant Data Breach: Lawsuit Investigation Attorneys associated with ClassAction.org are currently investigating the possibility of initiating a class action lawsuit in response to The Computer Merchant data breach. In the context of this investigation, they seek to connect with individuals who received notifications indicating that their information was…

Read MoreComputer Merchant Data Breach Reveals SSNs; Legal Actions Underway

CISA Requests Feedback on SBOM Updates to Address Real-World Gaps

Software Bill of Materials (SBOM), Standards, Regulations & Compliance US Cyber Defense Agency Advocates for Automation and Machine-Readable SBOMs Chris Riotta (@chrisriotta) • August 22, 2025 Image: CISA The Cybersecurity and Infrastructure Security Agency (CISA) is intensifying efforts to develop Software Bills of Materials (SBOMs) as part of its new…

Read MoreCISA Requests Feedback on SBOM Updates to Address Real-World Gaps

Netskope’s IPO Filing Shows Soaring Sales and Reduced Losses

AI-Powered SASE, Governance & Risk Management, Security Service Edge (SSE) Netskope Files for Second Cybersecurity IPO of 2025, Emphasizing Channel Partnership Dependency Michael Novinson (MichaelNovinson) • August 22, 2025 Sanjay Beri, Netskope co-founder and CEO (Image: Netskope) Netskope has marked its position as the second cybersecurity entity to initiate an…

Read MoreNetskope’s IPO Filing Shows Soaring Sales and Reduced Losses

Regulatory Focus on Health Data in APAC: Essential Insights for Businesses

Last updated: August 22, 2025 Recent health data breaches across the Asia-Pacific (APAC) region have led to stricter security regulations and enhanced enforcement measures. Organizations are now faced with the imperative to improve compliance protocols, implement comprehensive cybersecurity training for employees, and reinforce their strategies for responding to breaches. Filed…

Read MoreRegulatory Focus on Health Data in APAC: Essential Insights for Businesses

Thrive Introduces Network Detection and Response Solutions

BOSTON, Aug. 21, 2025 (GLOBE NEWSWIRE) — Thrive, a prominent global provider of technology outsourcing specializing in cybersecurity, cloud services, and traditional managed services, has unveiled a new Network Detection and Response (NDR) service aimed at bolstering cybersecurity for businesses. This service will continuously monitor networks for potential security incidents,…

Read MoreThrive Introduces Network Detection and Response Solutions

iiNet Cyber Breach Highlights Continuing Security Vulnerabilities in Australia

A recent data breach at iiNet, one of Australia’s largest internet service providers, has spotlighted the ongoing security vulnerabilities in the nation’s digital infrastructure. This incident, which compromised personal information of over 280,000 customers, highlights the escalating challenge of safeguarding consumer data in an environment where cyber threats are both…

Read MoreiiNet Cyber Breach Highlights Continuing Security Vulnerabilities in Australia

Türkiye-Based Hackers Exploit Zero-Day in Output Messenger to Deploy Golang Backdoors on Kurdish Servers

May 13, 2025
Category: Zero-Day / Vulnerability

A Türkiye-linked threat actor has exploited a zero-day vulnerability in the Indian enterprise communication tool Output Messenger as part of a cyber espionage campaign that began in April 2024. According to the Microsoft Threat Intelligence team, these exploits have led to the collection of sensitive user data from targets in Iraq. The focus of the attacks appears to align with the Kurdish military in Iraq, consistent with the previously documented objectives of the group known as Marbled Dust. This threat group, which has also been referred to as Silicon, Cosmic Wolf, Sea Turtle, Teal Kurma, and UNC1326, has been active since at least 2017. However, it wasn’t until 2019 that Cisco Talos documented their activities against both public and private entities in the Middle East and North Africa. Early last year, the group was also noted for targeting telecommunications and media sectors.

Turkish Hackers Exploit Zero-Day Vulnerability in Output Messenger to Deploy Golang Backdoors on Kurdish Servers Published: May 13, 2025 In a notable instance of cyber espionage, a Türkiye-affiliated threat actor has successfully leveraged a zero-day vulnerability in Output Messenger, an enterprise communication platform from India. This breach, which has been…

Read More

Türkiye-Based Hackers Exploit Zero-Day in Output Messenger to Deploy Golang Backdoors on Kurdish Servers

May 13, 2025
Category: Zero-Day / Vulnerability

A Türkiye-linked threat actor has exploited a zero-day vulnerability in the Indian enterprise communication tool Output Messenger as part of a cyber espionage campaign that began in April 2024. According to the Microsoft Threat Intelligence team, these exploits have led to the collection of sensitive user data from targets in Iraq. The focus of the attacks appears to align with the Kurdish military in Iraq, consistent with the previously documented objectives of the group known as Marbled Dust. This threat group, which has also been referred to as Silicon, Cosmic Wolf, Sea Turtle, Teal Kurma, and UNC1326, has been active since at least 2017. However, it wasn’t until 2019 that Cisco Talos documented their activities against both public and private entities in the Middle East and North Africa. Early last year, the group was also noted for targeting telecommunications and media sectors.

Mastering Hacking Skills: The Value of Offensive Security Training for Your Entire Security Team

May 14, 2025
Cybersecurity / Ethical Hacking

Organizations across various sectors are witnessing a sharp rise in cyberattacks, with critical infrastructure and cloud-based enterprises being particularly vulnerable. According to Verizon’s 2025 Data Breach Investigations Report, confirmed breaches surged by 18% year-over-year, and the exploitation of vulnerabilities for initial access grew by 34%. As the frequency and severity of attacks increase, many organizations rely on security tools and compliance standards as their primary defenses. While these elements are vital for reducing cyber risk, they are not foolproof solutions. Effective security hinges on the combination of people, processes, and technology, with the emphasis placed on skilled practitioners. Therefore, investing in offensive security training for all roles within the security team becomes crucial. Too often, the potential of offensive operations is underutilized…

Mastering Offensive Security: The Essential Training for Cybersecurity Teams As cyberattacks surge across various sectors, organizations are increasingly vulnerable to threats, especially those targeting critical infrastructure and cloud-based services. The recently published 2025 Data Breach Investigations Report by Verizon highlights a profound 18% year-over-year increase in confirmed breaches, with a…

Read More

Mastering Hacking Skills: The Value of Offensive Security Training for Your Entire Security Team

May 14, 2025
Cybersecurity / Ethical Hacking

Organizations across various sectors are witnessing a sharp rise in cyberattacks, with critical infrastructure and cloud-based enterprises being particularly vulnerable. According to Verizon’s 2025 Data Breach Investigations Report, confirmed breaches surged by 18% year-over-year, and the exploitation of vulnerabilities for initial access grew by 34%. As the frequency and severity of attacks increase, many organizations rely on security tools and compliance standards as their primary defenses. While these elements are vital for reducing cyber risk, they are not foolproof solutions. Effective security hinges on the combination of people, processes, and technology, with the emphasis placed on skilled practitioners. Therefore, investing in offensive security training for all roles within the security team becomes crucial. Too often, the potential of offensive operations is underutilized…