Author Info

A sophisticated cyberattack campaign by the Earth Kurma Advanced Persistent Threat (APT) group has been identified, targeting government and telecommunications organizations in Southeast Asia. This campaign, uncovered by cybersecurity researchers, poses significant risks through the use of custom malware, rootkits, and cloud storage exploitation for espionage and data theft. Targeted

Hitachi Vantara, a subsidiary of the global conglomerate Hitachi, recently faced a significant cybersecurity incident involving the Akira ransomware. The company, known for its data storage and cloud management services, took decisive action by taking its servers offline to mitigate the threat and protect its systems. Incident Overview The ransomware

The CEO of Veritaco, Jeffrey Bowie, has been charged with allegedly installing malware on computers at St. Anthony Hospital in Oklahoma City, violating the state's Computer Crimes Act. Incident Overview On August 6, 2024, Bowie reportedly infiltrated hospital systems, deploying malware designed to capture and transmit screenshots to

British retail giant Marks & Spencer is currently grappling with significant operational disruptions due to a ransomware attack. The attack is attributed to a notorious hacking group known as Scattered Spider. This incident has led to widespread outages, affecting the company's payment systems and online services. Details of

Recent investigations by cybersecurity experts have uncovered the operations of an initial access broker (IAB) known as ToyMaker. This entity has been linked to providing access to ransomware groups, including the notorious CACTUS, enabling them to execute double extortion attacks. Understanding ToyMaker's Operations ToyMaker is identified as a

A newly identified vulnerability, CVE-2025-31324, in SAP NetWeaver Visual Composer poses a severe risk of system compromise. This flaw, scoring a perfect 10.0 in severity, allows attackers to exploit systems by deploying web shells. Organizations must assess their SAP Java systems for exposure and take immediate action to mitigate

Organizations utilizing Commvault Innovation Release are strongly advised to apply the latest patch to safeguard against CVE-2025-34028. This critical vulnerability permits remote code execution, granting attackers full system control. Understanding the Commvault Security Flaw A significant security flaw has been identified in the Commvault Command Center, a popular enterprise solution

Blue Shield of California has announced a significant data breach, revealing that the protected health information of 4.7 million members was inadvertently shared with Google's analytics and advertising services. The healthcare provider, serving nearly 6 million individuals in California, issued a notification on its website detailing that

Cybercriminals have inflicted a record-breaking $16.6 billion in losses across the United States in 2024, representing a significant 33% increase from the previous year, according to the FBI's latest findings. Annual IC3 Report Highlights The FBI's Internet Crime Complaint Center (IC3) documented 859,532 complaints