In a disturbing revelation for the cybersecurity community, Microsoft faced a significant data breach approximately four and a half years ago, specifically in 2013. Despite the attack involving a highly sophisticated hacking group, the incident remained undisclosed until now. This breach highlights the ongoing struggles corporations face in maintaining data…
A recent phishing campaign has surfaced, utilizing a Russian-language Microsoft Word document as a vehicle for deploying malware designed to extract sensitive data from compromised Windows systems. This attack has been linked to a threat actor known as Konni, which exhibits connections to the North Korean cyber espionage group identified…
Malicious Campaign Targeting MS-SQL Servers Discovered by Researchers Cybersecurity experts have identified a prolonged malicious campaign that has been active since May 2018, focusing on Windows machines equipped with MS-SQL servers. The campaign, named “Vollgar” after the Vollar cryptocurrency it mines, is aimed at deploying backdoors and diverse malware, including…
Big Tech’s “Free” Services: The Hidden Cost of Data Access In recent years, the use of so-called “free” services from major technology companies like Google, Facebook, and Microsoft has come at a significant price: the relinquishing of personal data. While embracing cloud technology and utilizing free applications can simplify many…
Microsoft recently announced the detection of nation-state activities tied to the Kremlin, exploiting a critical security vulnerability in the Outlook email service that has since been patched. This issue allowed unauthorized access to user accounts hosted on Microsoft Exchange servers, raising alarming security concerns for organizations relying on this platform.…
Recent investigations have revealed that a sophisticated group of Chinese hackers, known as ‘Naikon APT,’ has been executing a prolonged cyber espionage campaign targeting various governmental entities across Australia, Indonesia, the Philippines, Vietnam, Thailand, Myanmar, and Brunei. This campaign, which has remained undetected for a minimum of five years, continues…
GitHub Vulnerability Exposes Over 15,000 Go Repositories to Repojacking Attacks Recent research has unveiled that more than 15,000 Go module repositories on GitHub are at risk of repojacking attacks, a significant cybersecurity concern. Jacob Baines, Chief Technology Officer at VulnCheck, reported that over 9,000 of these vulnerabilities stem from changes…
A significant security vulnerability affecting Bluetooth technology poses risks to Android, Linux, macOS, and iOS devices. Identified as CVE-2023-45866, this flaw allows malicious actors to bypass authentication procedures, enabling unauthorized access to susceptible devices and the capability to execute commands remotely. According to security researcher Marc Newlin, who disclosed these…
Scott MacDonald: Leader in Cybersecurity and Risk Management at PwC Principal, Cyber, Risk and Regulatory Scott MacDonald serves as a Principal in PwC’s Cybersecurity practice, boasting two decades of expertise in large-scale Identity and Access Management (IAM) initiatives, particularly within the healthcare sector. His career has been marked by the…
