On Tuesday, officials from the U.S. government formally accused the Russian government of orchestrating the significant SolarWinds supply chain compromise unveiled last month. This allegation came as part of a broader assessment conducted by multiple agencies, including the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency…
A recent data breach has compromised accounts within Microsoft’s Outlook email service, raising significant concerns for users. The incident was confirmed by Microsoft and reported by The Hacker News. Hackers gained unauthorized access to a customer support portal, allowing them to view certain account-related information for a subset of Outlook…
Understanding the Escalating Cybersecurity Threats for SMBs In an era where cybersecurity breaches dominate headlines, the visibility of these risks extends beyond large enterprises to encompass small and medium-sized businesses (SMBs) and the public at large. This growing awareness among SMBs highlights the pressing need to bolster their security measures.…
Microsoft has announced the launch of an open-access automation framework known as PyRIT, which stands for Python Risk Identification Tool. This framework aims to proactively identify risks associated with generative artificial intelligence (AI) systems. According to Ram Shankar Siva Kumar, the AI red team lead at Microsoft, this red teaming…
Data Privacy, Data Security, Fraud Management & Cybercrime Class Action Lawsuit Claims Web Trackers Misused Patient Data Marianne Kolbasuk McGee (HealthInfoSec) • December 2, 2025 Kaiser Permanente has agreed to pay up to $47.5 million to resolve class action litigation related to its website tracking activities. Kaiser Permanente has reached…
Recent cybersecurity intelligence has revealed that the infamous Lazarus Group has exploited a newly patched privilege escalation vulnerability in the Windows Kernel as a zero-day attack. This exploit allows the adversaries to gain kernel-level access, enabling them to disable crucial security software on affected systems. The vulnerability, identified as CVE-2024-21338…
On Wednesday, Microsoft provided additional insights into the methodologies employed by the attackers behind the SolarWinds breach, one of the most intricate cybersecurity incidents in recent history. This deeper understanding is crucial as cybersecurity firms endeavor to gain a more definitive grasp of the attack’s sophisticated nature. Describing the attackers…
On Monday, Google revealed a sophisticated cyber campaign orchestrated by a North Korean state-sponsored group aimed at security researchers involved in vulnerability research and development. This latest information highlights the increasing threat posed by adversaries adept at manipulating credible sources in the cybersecurity community. The Threat Analysis Group (TAG) at…
Webinar Announcement: Navigating Innovations in Cybersecurity with Darktrace and Microsoft In an evolving landscape characterized by sophisticated cyber threats, a new webinar titled “Building a Smarter Ecosystem” will showcase the latest joint innovations from Darktrace and Microsoft. This event aims to equip business leaders with insights into the cutting-edge technologies…
