September 30, 2024 at 03:23PM The FCC settled with T-Mobile for $31.5 million over data breaches compromising millions of U.S. consumers’ personal information. T-Mobile is required to invest $15.75 million in cybersecurity, pay a civil penalty, and implement enhanced security measures. The FCC emphasizes the importance of strong cybersecurity protections for consumer data and has … Read more
July 17, 2024 at 12:43PM Researchers have found a new variant of a stealer malware linked to North Korea, this time targeting job seekers with a malicious Apple macOS disk image file named “MiroTalk.dmg.” This malware, known as BeaverTail, can steal sensitive data from web browsers, crypto wallets, and iCloud Keychain. Additionally, a new malicious … Read more
April 4, 2024 at 05:51PM This year, Ivanti has revealed 11 flaws, some of which are critical, in its remote access products. Based on the meeting notes, Ivanti has disclosed a total of 11 flaws in its remote access products, with many of them being critical. Full Article
February 20, 2024 at 06:27AM North Korean-sponsored threat actors are conducting cyber espionage targeting the defense sector worldwide. The Lazarus Group is blamed for using social engineering to infiltrate the defense sector through a long-standing operation called Dream Job. Another incident involved an intrusion into a defense research center, executed by a North Korea-based threat … Read more
February 13, 2024 at 02:57PM Microsoft has issued a large set of security software updates, highlighting three vulnerabilities being exploited in live malware attacks. The updates address 72 security flaws in the Windows ecosystem, warning of risks including remote code execution and privilege escalation. Meanwhile, Adobe has patched 30 security flaws and urged users to … Read more
February 4, 2024 at 12:19PM Mastodon, a decentralized social network, has revealed a significant security flaw, CVE-2024-23832, with a severity rating of 9.4. Vulnerable versions include those before 3.5.17 and specific 4.0.x, 4.1.x, and 4.2.x versions. Mastodon plans to disclose technical details on February 15, 2024, urging administrators to update server instances promptly to prevent … Read more
December 20, 2023 at 10:21AM The NSA’s 2023 Cybersecurity Year in Review report highlights its efforts to block 10 billion user connections to malicious domains, focus on protecting national security systems, offer no-cost cybersecurity services to DoD contractors, release six security products, improve vulnerability scanning, promote AI security, and maintain its commitment to privacy and … Read more
December 1, 2023 at 10:07AM Get the latest in cybersecurity: threats, vulnerabilities, breaches, and trends via daily or weekly email updates. Clear takeaways from the meeting notes: 1. Subscribe to updates on cybersecurity to stay informed about the latest threats. 2. Ensure that information about newly discovered vulnerabilities is received regularly. 3. Keep abreast of … Read more
November 30, 2023 at 02:06PM Cactus ransomware targets Qlik Sense analytics platform vulnerabilities for network access, exploiting unpatched systems to gain control, download tools, and deploy ransomware. Updates have been released to address critical flaws; users are advised to install designated patches. Arctic Wolf reports Cactus uses advanced techniques for persistence, lateral movement, and data … Read more