Ransomware Attack Halts Colonial Pipeline Operations, Highlighting Cybersecurity Vulnerabilities On Saturday, Colonial Pipeline, a crucial provider transporting approximately 45% of the fuel consumed on the U.S. East Coast, officially announced it has suspended operations due to a ransomware attack. This incident underscores the susceptibility of critical infrastructure to cyber threats.…
A recent investigation has revealed that the ransomware cartel responsible for the Colonial Pipeline attack utilized a compromised virtual private network (VPN) account password to infiltrate the company’s network. This incident occurred in early May and has raised significant security concerns across the United States, particularly regarding critical infrastructure. Reports…
Fraud Management & Cybercrime, Government, Industry Specific Statewide Cyber Breach Affects 60 Agencies Before Ransomware Implementation Chris Riotta (@chrisriotta) • November 6, 2025 Image: Shutterstock/ISMG Recent analyses reveal that a ransomware threat actor compromised Nevada’s statewide government systems for several months prior to executing a ransomware attack. An after-action report…
Fortinet Confirms Critical Vulnerability in FortiManager Under Active Exploitation Fortinet has identified a significant security vulnerability affecting its FortiManager product, designated as CVE-2024-47575, with a high CVSS score of 9.8. This vulnerability, also referred to as FortiJump, relates to the FGFM protocol utilized for communication between FortiGate devices and FortiManager.…
A significant cybersecurity threat has emerged from a Chinese cyber espionage group known as UNC215, which has been stealthily targeting Israeli government entities and IT infrastructure since at least 2019. The group is notable for disguising its operations as Iranian hackers to evade detection, complicating forensic investigations aimed at tracing…
Microsoft has recently issued a warning regarding an actively exploited zero-day vulnerability affecting Internet Explorer. This flaw is being utilized to compromise Windows systems by means of malicious Microsoft Office documents. Identified as CVE-2021-40444 with a CVSS score of 8.8, the vulnerability resides in MSHTML, a proprietary browser engine that…
LastPass Investigates Security Incident Impacting Customer Data LastPass, a widely utilized password management service, has disclosed an ongoing investigation into a security breach that has revealed unauthorized access to certain customer information. This incident follows a previous compromise in August 2022, raising new concerns regarding the security measures in place.…
A recent report highlights the cyber espionage group APT41, tied to a series of malware campaigns that leverage COVID-themed phishing strategies to target individuals in India. This revelation comes from an analysis by the BlackBerry Research and Intelligence team, which has connected various aspects of the group’s operational infrastructure. According…
A financially motivated threat group, identified as FIN12, has been linked to a series of RYUK ransomware incidents since October 2018. This organization demonstrates significant collaboration with TrickBot-affiliated actors while utilizing publicly accessible tools like Cobalt Strike Beacon payloads to penetrate victim networks. Cybersecurity firm Mandiant has attributed these security…
