Author Info

A recent investigation by cybersecurity firm Dragos has uncovered a significant cyber intrusion by the Chinese threat group Volt Typhoon. This group targeted the Littleton Electric Light and Water Departments (LELWD) in Massachusetts, compromising the US electric grid for over 300 days from February to November 2023. The breach was

The Medusa ransomware group has compromised more than 300 organizations within the United States' critical infrastructure sectors as of last month. This alarming development was disclosed in a recent advisory jointly issued by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Multi-State

A significant vulnerability in the FreeType library, used extensively for font rendering, has been identified and reportedly exploited in cyberattacks. This flaw, present in all versions up to 2.13, allows for arbitrary code execution, posing a severe risk to systems utilizing this library. Understanding the FreeType Vulnerability FreeType is

In a significant blow to illicit financial networks, international law enforcement has dismantled Garantex, a cryptocurrency exchange implicated in large-scale money laundering operations. Two individuals, Aleksej Besciokov and Aleksandr Mira Serda, are facing charges for their roles in the scheme. Global Operation Targets Garantex Authorities from the United States, Germany,

Over 560,000 individuals have been affected by four significant data breaches recently reported by healthcare entities, including Hillcrest Convalescent Center, Gastroenterology Associates of Central Florida, Community Care Alliance, and Sunflower Medical Group. Sunflower Medical Group Breach The most extensive breach was reported by Sunflower Medical Group, a healthcare provider

Cybersecurity experts have identified widespread exploitation of a severe PHP vulnerability that poses a significant risk to servers globally. This flaw, known as CVE-2024-4577, allows attackers to execute remote code on susceptible systems, particularly those running Windows servers with Apache and PHP-CGI configured with specific code pages. Understanding the PHP

The notorious hacktivist group, Dark Storm, has claimed responsibility for a series of DDoS attacks that led to widespread outages on X this Monday. In response, the company has activated DDoS protection measures via Cloudflare. Although X's owner, Elon Musk, did not explicitly confirm DDoS as the cause,

The Akira ransomware group has developed a new method to circumvent Endpoint Detection and Response (EDR) systems by leveraging unsecured webcams. This innovative attack vector allows the cybercriminals to encrypt data on compromised networks, posing a significant threat to organizations. How the Attack Works Cybersecurity experts from the S-RM team

The ESP32 microchip, manufactured by Espressif and embedded in over a billion devices globally, has been found to contain undocumented commands. These commands could be exploited for cyberattacks, posing significant security risks. Potential Threats from Undocumented Commands These hidden commands enable malicious activities such as device spoofing, unauthorized data access,