Up to 60% of data breaches at UK law firms were caused by human error from staff, compromising data belonging to 4.2 million people and highlighting the need for robust cybersecurity measures.
The US Cybersecurity and Infrastructure Security Agency (CISA) warns of an actively exploited vulnerability in Microsoft SharePoint Server that allows unauthorized access and potential administrator privileges.
Breach and Attack Simulation (BAS) utilizes AI technology to create realistic cyberattack simulations, helping organizations identify vulnerabilities, strengthen defenses, and train teams to respond effectively to cyber threats.
Phishing scams exploiting employees’ desires for job satisfaction and organizations’ promises of benefits are increasing, using tactics such as pay raises, promotions, holiday bonuses, and employee assessments, and organizations should establish clear notification schedules to help employees recognize legitimate emails, advises email security provider Cofense.
Mandiant’s X social media account was hacked in a brute-force attack, part of a larger operation called “ClinkSink,” resulting in the theft of $900,000 worth of Solana cryptocurrency.
Cisco Unity Connection has released a patch for a critical security flaw that allows remote attackers to gain root privileges without authentication, affecting versions 12.5 and 14 but not version 15.
