Critical Infrastructure Security Everest Extortion Group Targets Dublin Airport Akshaya Asokan (asokan_akshaya) • October 27, 2025 Image: Shutterstock A Russian data extortion group named Everest has threatened to release 1.5 million records allegedly obtained from Dublin Airport. This threat follows an investigation into a cybersecurity breach that originated from a…
A financially motivated threat group, identified as FIN12, has been linked to a series of RYUK ransomware incidents since October 2018. This organization demonstrates significant collaboration with TrickBot-affiliated actors while utilizing publicly accessible tools like Cobalt Strike Beacon payloads to penetrate victim networks. Cybersecurity firm Mandiant has attributed these security…
The LockBit ransomware group has made a notable return, launching its latest variant, LockBit 5.0, after a period of inactivity triggered by law enforcement actions earlier in 2024. The resurgence comes despite significant disruptions to their infrastructure and efforts to dismantle their operations during Operation Cronos. Under the direction of…
Critical Vulnerability Discovered in BillQuick Billing Software Exploited by Ransomware Actors Cybersecurity experts revealed a serious vulnerability in the BillQuick time and billing software, which has been actively targeted by threat actors to deploy ransomware. This flaw, designated as CVE-2021-42258, involves an SQL injection attack enabling remote code execution, putting…
A Russian national apprehended in South Korea has been extradited to the United States and appeared in a federal court in Ohio on October 20, facing serious charges tied to his involvement with the notorious TrickBot cybercrime group. Authorities allege that Vladimir Dunaev, 38, along with co-conspirators, orchestrated a scheme…
Western Digital Suffers Data Breach, Exposing Customer Information Western Digital, a major player in digital storage, has confirmed that its systems were breached by an unauthorized third party. During this incident, personal data belonging to customers of the company’s online store was compromised, raising significant concerns about data security and…
Governance & Risk Management , Healthcare , Industry Specific Penetration Testing Reveals Vulnerabilities in State Medicaid Systems Marianne Kolbasuk McGee (HealthInfoSec) • October 21, 2025 HHS OIG’s penetration testing of ten state Medicaid systems highlighted critical security gaps that must be addressed to safeguard data from advanced cyber threats. (Image:…
Critical Vulnerability Discovered in Veeam Service Provider Console Veeam has issued immediate security updates addressing a significant vulnerability within its Service Provider Console (VSPC). This flaw poses a serious risk, enabling potential remote code execution on vulnerable systems. The vulnerability, designated as CVE-2024-42448, has been assigned a critical CVSS score…
Conor Brian Fitzpatrick, the founder of the now-defunct BreachForums site, has entered a guilty plea in connection with various charges linked to the cybercrime forum he ran, which also included possession of child pornography. This significant development, first reported by DataBreaches.net, follows Fitzpatrick, also known as pompompurin, being formally charged…
