Fraud Management & Cybercrime, Governance & Risk Management, Multi-factor & Risk-based Authentication Practical Steps to Enhance Security and Resilience Sean D. Mack • December 17, 2025 Image: Shutterstock Leaders of small and mid-sized enterprises (SMEs) frequently assert, “We’re too small to be a target.” This misconception endangers their organizations, especially…
Massive Data Breach Exposed at Citrix, Targeting U.S. Government and Corporate Networks In a concerning revelation last weekend, Citrix, a prominent provider of enterprise software that serves the U.S. military, the FBI, and various governmental agencies, announced a significant data breach of its internal network. The intrusion, attributed to “international…
The Ladies’ College has reported a significant cybersecurity incident that occurred on June 24, 2024, when the institution discovered it was unable to access several on-premises servers. Upon investigation, unauthorized access was identified, leading to the encryption of some systems with ransomware. While the majority of the compromised data did…
Cyberattacks against high-profile corporations often dominate headlines, casting shadows over more subtle incidents that may not receive as much attention. However, breaches affecting smaller organizations are increasingly drawing legal scrutiny and regulatory attention. Recent trends indicate that no data breach is too insignificant to evade serious legal repercussions, particularly in…
SonicWall has issued a critical alert regarding active exploitation efforts targeting a zero-day vulnerability in its Secure Mobile Access (SMA) 100 series devices. This vulnerability affects both physical and virtual SMA 100 10.x devices, covering models such as the SMA 200, 210, 400, 410, and 500v. This issue came to…
Microsoft Concludes Investigation into SolarWinds Hack: Key Findings Revealed On Thursday, Microsoft announced the completion of its investigation into the SolarWinds cyberattack. The company confirmed that while the attackers were indeed able to exfiltrate source code from its repositories, there is no evidence that they leveraged this breach to access…
On November 13, 2025, DoorDash Inc. revealed it had suffered a significant data breach resulting from a social engineering attack that occurred the previous month. The breach exposed crucial customer data, including names, email addresses, phone numbers, and delivery addresses, raising concerns about the persistent vulnerabilities inherent to even the…
Over the last decade, the English-speaking cybercriminal landscape, known as “The COM,” has grown from a niche group dedicated to trading rare social media usernames into a complex, service-driven underground economy orchestrating a wide array of global cyberattacks. Foundational communities like Dark0de and RaidForums have played a critical role in…
Hyundai AutoEver America, LLC (HAEA), a key IT services provider for the Hyundai Motor Group, has confirmed a data breach that occurred in early 2025, potentially affecting personal information related to approximately 2.7 million vehicles and their owners. In response, the company is offering two years of complimentary credit monitoring…
