As the digital landscape continues to evolve, security leaders find themselves facing an increasingly complex attack environment characterized by interconnected devices, cloud services, IoT technologies, and hybrid work arrangements. Cyber adversaries are perpetually refining their strategies, employing new techniques to exploit vulnerabilities. Notably, many organizations, regardless of size, may lack…
In yet another significant cybersecurity incident, Whole Foods Market, the grocery chain recently acquired by Amazon, has reported a credit card data breach that potentially impacts customers who shopped at specific locations. This announcement came after Whole Foods confirmed that unauthorized individuals accessed credit card information belonging to patrons at…
Recent cybersecurity alerts highlight the exploitation of a critical vulnerability in Citrix NetScaler application delivery control (ADC) and Gateway appliances by numerous threat actors, including affiliates of the notorious LockBit ransomware group. This new wave of attacks takes advantage of CVE-2023-4966, a severe flaw that has allowed adversaries to infiltrate…
Emotet Malware Adopts New Wi-Fi Hacking Methodology Emotet, an infamous trojan responsible for numerous botnet-driven spam campaigns and ransomware attacks, has evolved its attack techniques by exploiting already infected devices to identify new victims connected to nearby Wi-Fi networks. Researchers at Binary Defense have identified a new strain of Emotet…
In one of the most significant data breaches in modern history, Yahoo has revised the estimated number of compromised accounts from 1 billion to an astonishing 3 billion. This information comes in the wake of an investigation following Verizon’s acquisition of Yahoo and indicates a breach that affected every account…
In the evolving landscape of healthcare, the surge of mergers and acquisitions (M&A) presents heightened vulnerabilities in cybersecurity and data privacy for both buyers and sellers, according to attorney Jonian Rafti from Proskauer. He emphasizes that while entities are often focused on financial gains, they must also be acutely aware…
A recent malware campaign has emerged, exploiting two zero-day vulnerabilities that enable remote code execution (RCE) to integrate routers and video recording devices into a Mirai-based distributed denial-of-service (DDoS) botnet. According to an advisory from Akamai, “The payload specifically targets routers and network video recorders (NVRs) with default admin credentials,…
Governance & Risk Management , Operational Technology (OT) Presented by Claroty 60 mins Healthcare organizations are increasingly grappling with a cybersecurity crisis that poses severe threats to operational resilience, financial stability, and patient safety. This crisis has transitioned from a theoretical concern to a pressing reality, revealing vulnerabilities within the…
A serious vulnerability has been uncovered in Oracle’s enterprise identity management system, posing risks of severe exploitation by remote, unauthenticated attackers. This flaw, identified as CVE-2017-10151, has been given the highest possible CVSS score of 10, indicating it is both critical and easily exploitable without the need for any user…
