A hacker believed to be behind a significant series of breaches involving Snowflake accounts has been apprehended in Canada, following a request from U.S. law enforcement. The Canadian Justice Department confirmed the detention of Alexander Moucka, also known as Connor, under a provisional arrest warrant on October 30. Reports of…
Iran-Linked Cyber Group Targets Middle Eastern Transportation and Tech Sectors Amid Increased Activity In October 2023, a cyber group with connections to Iran intensified its operations, focusing on the transportation, logistics, and technology sectors across the Middle East, including Israel. This uptick in Iranian cyber activity aligns with the escalation…
In a troubling development for cybersecurity, Fortinet, in collaboration with Mandiant, has uncovered a widespread exploitation of FortiManager devices linked to CVE-2024-47575. This vulnerability has compromised over 50 systems across various sectors, with the threat group known as UNC5820 leveraging the flaw to facilitate data theft and unauthorized access. The…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent directive on Friday, advising Federal Civilian Executive Branch (FCEB) agencies to take immediate action against two zero-day vulnerabilities found in Ivanti Connect Secure (ICS) and Ivanti Policy Secure (IPS). These threats have already been actively exploited by various malicious…
The Federal Bureau of Investigation (FBI) has been summoned to probe a significant cybersecurity incident involving HBO, which has allegedly suffered a data breach resulting in the exposure of sensitive information, including unreleased episodes of popular shows like Game of Thrones. Hackers are reported to have extracted approximately 1.5 terabytes…
In a recent development regarding a long-standing cybersecurity breach, it has been revealed that a major hack in 2012 that compromised the South Carolina Department of Revenue may have been conducted by a notorious Russian hacking group. This breach, which resulted in the theft of sensitive tax and banking information…
Microsoft Addresses 61 Security Vulnerabilities in May Patch Update In its latest Patch Tuesday update for May 2024, Microsoft has resolved 61 newly identified security vulnerabilities across its software products, amongst them two zero-day flaws that have been actively exploited in the wild. These updates follow a proactive security strategy…
Cloud computing and analytics company Snowflake has reported that a select group of its clients is under targeted attack. In a recent joint statement, Snowflake, alongside cybersecurity firms CrowdStrike and Mandiant, clarified that there is no evidence linking this activity to a vulnerability, misconfiguration, or breach within their platform. Additionally,…
Cybersecurity experts have recently identified a significant vulnerability within Microsoft Azure Kubernetes Services (AKS) that could be exploited to elevate user privileges and potentially gain unauthorized access to sensitive service credentials used within the cluster. This flaw poses serious risks to organizations leveraging AKS, particularly those using specific configurations like…
