On Thursday, Microsoft disclosed that a group of Russian state-sponsored threat actors, linked to a cyber attack on its systems in late November 2023, has been targeting additional organizations. The company is now in the process of notifying affected entities. This announcement follows Hewlett Packard Enterprise’s revelation that it fell…
The Emergence of Passwordless Authentication: Opportunities and Challenges In today’s digital landscape, the concept of a passwordless world is becoming increasingly appealing to both end users and IT professionals. Imagine a scenario where the burden of remembering complex passwords is entirely lifted. While this may seem like a utopia, the…
In January 2024, Microsoft revealed that it fell victim to a cyberattack attributed to the Russian state-sponsored hacking group known as Midnight Blizzard, or Nobelium. This incident stands out not only due to the reputational ramifications for one of the world’s leading technology companies but also because of the ease…
Artificial Intelligence (AI) is transforming society in numerous beneficial ways, yet it has also become a tool exploited by cybercriminals to perpetrate nefarious activities. Threat actors, both seasoned and novice, leverage AI to enhance their data-gathering capabilities and to generate convincing phishing communications, thereby streamlining their malicious endeavors. As a…
Fidelity Investments has recently disclosed a data breach that occurred in mid-August, affecting more than 77,000 of its customers. The nature of the breach raises significant concerns about the security posture of the company, particularly in relation to its customer-facing web applications, which may have been exploited due to apparent…
On April 24, 2024, cloud storage provider Dropbox reported a data breach affecting its digital signature product, Dropbox Sign, formerly known as HelloSign. Unidentified threat actors gained unauthorized access to sensitive user information, including emails, usernames, and general account settings for all Dropbox Sign users. The incident was disclosed in…
Fidelity Investments Experiences Data Breach Affecting 77,000 Customers In a noteworthy cybersecurity incident, Fidelity Investments has reported a substantial data breach that compromises the personal information of approximately 77,000 customers. The breach occurred on August 17, 2024, and was detected just two days later, on August 19. The investment firm…
Cloud computing and analytics company Snowflake has reported that a select group of its clients is under targeted attack. In a recent joint statement, Snowflake, alongside cybersecurity firms CrowdStrike and Mandiant, clarified that there is no evidence linking this activity to a vulnerability, misconfiguration, or breach within their platform. Additionally,…
Critical Vulnerability Discovered in Microsoft’s Copilot Studio Cybersecurity experts have revealed a significant security vulnerability impacting Microsoft’s Copilot Studio, raising concerns about the potential for unauthorized access to sensitive data. The flaw, designated as CVE-2024-38206 with a CVSS score of 8.5, is classified as an information disclosure vulnerability related to…
