Microsoft Discovers New Russian Hacking Attempts Ahead of U.S. Midterm Elections In a recent revelation, Microsoft announced the discovery of new hacking efforts attributed to the Russian hacking group APT28, also known as Strontium or Fancy Bear. These attempts, aimed at conservative think tanks and the U.S. Senate, surfaced amid…
In a significant legal move, Microsoft has initiated a lawsuit against the Department of Justice (DoJ) to contest a gag order that prohibits technology companies from notifying their customers when their cloud-based data is accessed by government authorities. This lawsuit arises from concerns regarding the implications of the Electronic Communications…
Recent reports indicate a significant data breach involving a massive database of 272 million email addresses and passwords from leading email providers, including Gmail, Microsoft, and Yahoo. This sensitive information is currently being offered for sale on the Dark Web for a mere price of less than one dollar. The…
Microsoft’s NTLMv1 protocol, introduced in the 1980s alongside OS/2, has long been known for its vulnerabilities. Significant research, notably by cryptanalyst Bruce Schneier and Mudge in 1999, highlighted critical weaknesses in NTLMv1’s security architecture. This became alarmingly clear during the 2012 Defcon 20 conference, where researchers unveiled a toolkit that…
Kaiser Permanente to Disburse Payments Following Data Sharing Settlement Kaiser Permanente, a prominent player in the U.S. healthcare landscape, is preparing to issue payments to customers affected by an incident involving the unauthorized sharing of personal data and health information with third-party companies. This move comes in the wake of…
Microsoft recently addressed a significant vulnerability within its Copilot AI assistant, which permitted cybercriminals to extract sensitive user information with a single click on a seemingly legitimate URL. The breach was discovered by ethical hackers from the security firm Varonis, who demonstrated that their multi-layered attack could successfully illicit personal…
Third-Party Risk Management, Artificial Intelligence & Machine Learning, Cyberwarfare / Nation-State Attacks Guidance for CIOs on Evading ‘Geopolitical Lock-In’ in AI, Cloud, and Supply Chains Jennifer Lawinski • January 13, 2026 (Image: Shutterstock) In the current geopolitical climate, significant shifts and upheavals are commonplace. Global protests can destabilize governments overnight,…
Recent investigations by Google’s Threat Analysis Group (TAG) have revealed that North Korean hackers are persistently targeting the cybersecurity community through the exploitation of a zero-day vulnerability in an unspecified software application. This campaign has gained momentum over the past several weeks, highlighting sophisticated tactics employed to infiltrate the systems…
Microsoft has issued an update addressing 59 vulnerabilities across its suite of products, including two critical zero-day vulnerabilities that have already been exploited by malicious actors. This release highlights the ongoing threat landscape, with the tech giant emphasizing the risks posed by active exploitation of these flaws. Among the 59…
