Data Vigilante Exposes 8 Million Employee Records in MOVEit Vulnerability Breach In a significant breach linked to the vulnerabilities of the MOVEit file transfer software, a self-styled “Data Vigilante” identified as Nam3L3ss has leaked approximately 8 million employee records from prominent corporations, including Amazon, 3M, HP, and Delta. The MOVEit…
In this week’s Cybersecurity Newsletter, we bring you informed updates and critical insights from the ever-evolving sector of cybersecurity. Our selection of top stories keeps you appraised of the latest threats and trends in this fast-paced digital environment. Equip yourself with knowledge to safeguard your organization against emerging risks while…
Increasingly sophisticated phishing-as-a-service (PhaaS) toolkits, particularly one known as EvilProxy, are being employed by threat actors to execute account takeover attacks targeting senior executives within major corporations. This trend underscores a growing vulnerability among high-ranking officials in the corporate landscape, particularly as the proliferation of remote work and digital transactions…
Artificial Intelligence & Machine Learning, Governance & Risk Management, Government Also: Potential Changes in Government Policy; AI-Driven Zero-Day Discoveries Anna Delaney (annamadeline) • November 8, 2024 Clockwise, from top left: Anna Delaney, Tony Morbin, Marianne Kolbasuk McGee, and Mathew Schwartz In the latest weekly update, the ISMG editorial team explored…
Articles related to Cybercrime, Fraud Management & Cybercrime, Incident & Breach Response. Breaking: Ransomware Hackers Hurdle Baguettes for Data By Anviksha More (AnvikshaMore) • November 7, 2024 Image: Shutterstock / ISMG Each week, Information Security Media Group compiles a report on cybersecurity incidents and breaches occurring globally. This week highlighted…
The Federal Bureau of Investigation (FBI) has issued a warning regarding the ongoing risk posed to Barracuda Networks Email Security Gateway (ESG) appliances, despite recent patches deployed in response to a critical vulnerability. This advisory indicates that while Barracuda has addressed the flaw, the devices remain susceptible to exploitation by…
Google Addresses Critical Zero-Day Vulnerability in Chrome On Thursday, Google announced the release of security updates aimed at rectifying a zero-day vulnerability in its Chrome browser, which has reportedly been subject to active exploitation in the wild. This vulnerability, tracked as CVE-2024-4671, has been classified as a high-severity issue involving…
The recent investigation by Mandiant, a cybersecurity arm of Google, has unveiled significant insights regarding the breach incidents attributed to a hacker identified as UNC5537. Austin Larsen, a threat intelligence analyst at Mandiant, characterizes this hacker as “one of the most consequential threat actors of 2024.” The repercussions of these…
Google Addresses Critical Security Flaws in Chrome Browser In a proactive response to ongoing security concerns, Google has deployed patches to rectify nine significant vulnerabilities in its Chrome web browser, one of which is a serious zero-day flaw that has reportedly been exploited in the wild. This vulnerability, designated as…
