SEC Fines Four Companies Nearly $7 Million Over Misleading Cybersecurity Disclosures Related to SolarWinds Hack
The SEC has imposed civil penalties on Unisys, Avaya, Check Point, and Mimecast for downplaying the severity of cybersecurity breaches linked to the SolarWinds attack, totaling nearly $7 million.
View full story…
Surge in Cloud-Based Cyber-Attacks in 2024
In 2024, cloud-based cyber-attacks increased significantly, with threat actors exploiting cloud resources and targeting enterprise AI technologies, particularly through LLMjacking, resulting in substantial financial losses and compromised credentials.
View full story…
Latest Cybernews
DDoS Attacks Target Japan Amid Election Campaign
Pro-Russian groups NoName057(16) and the Russian Cyber Army Team launched a series of high-impact DDoS attacks on Japan’s critical sectors, coinciding with the start of the country’s general election campaign and linked to geopolitical tensions over military collaborations.
View full story…
Cybercriminals Use Dark Web Anti-Bot Services to Bypass Google Chrome Warnings
Cybercriminals are increasingly employing advanced anti-bot services from the Dark Web to evade Google Chrome’s “Red Page” warnings, undermining traditional phishing detection methods.
View full story…
Internet Archive Suffers Major Cyberattack, Exposing User Data
The Internet Archive experienced a significant cyberattack on October 20, 2023, following a series of breaches that exploited unrotated API tokens, leading to unauthorized access to sensitive user information and support tickets.
View full story…
Wells Fargo Faces Class Action Lawsuit Over Data Breach
Wells Fargo is being sued in a class action lawsuit for allegedly failing to implement adequate security measures, resulting in a data breach that compromised the personal information of thousands of customers.
View full story…
Bumblebee Malware Loader Resurfaces with Enhanced Evasion Techniques
The Bumblebee malware loader has re-emerged as a significant threat to corporate networks, utilizing sophisticated evasion methods and targeting organizations with phishing attacks and stealthy infection chains.
View full story…
Nidec Corporation Faces Ransomware Attack, Exposing Sensitive Data
In August 2024, Nidec Corporation’s Vietnam-based subsidiary, Nidec Precision, suffered a ransomware attack by the 8Base group, resulting in the exfiltration of over 50,000 sensitive files and highlighting significant cybersecurity vulnerabilities.
View full story…
The Importance of Penetration Testing in Cybersecurity
Penetration testing, conducted by ethical hackers, is essential for organizations to identify and address vulnerabilities in their digital assets amidst evolving cyber threats.
View full story…
Cybersecurity Experts Adapt to Evolving Hacker Techniques
Hackers are developing new methods to breach previously secure systems, prompting security professionals to enhance their defenses and remain vigilant against emerging threats.
View full story…
Significant Cryptographic Vulnerabilities Found in Popular E2EE Cloud Storage Platforms
Researchers from ETH Zurich have identified critical security flaws in end-to-end encrypted cloud storage services, potentially exposing sensitive data for over 22 million users.
View full story…
Unmanaged Cloud Credentials Increase Data Breach Risks
A significant number of organizations are vulnerable to data breaches due to unmanaged users with long-lived credentials in cloud services, with many credentials being outdated and frequently exposed in various digital artifacts.
View full story…
The Future of Application Security: Embracing Proactive Measures
The shift towards Application Detection and Response (ADR) is transforming application security by enabling real-time insights and continuous monitoring to effectively identify and mitigate threats in increasingly complex environments.
View full story…