Author Info

A sophisticated variant of the EAGERBEE malware has been identified, targeting internet service providers and government bodies in the Middle East. This updated version, also known as Thumtais, exhibits enhanced backdoor features that mark a notable advancement in its functionality. Advanced Backdoor Features The new EAGERBEE variant integrates multiple components

The International Civil Aviation Organization (ICAO), a United Nations entity setting global aviation standards, is currently investigating a cybersecurity breach. On Monday, ICAO disclosed that it's conducting an active assessment following reports of a possible security incident. The breach is allegedly tied to a known cybercriminal group targeting

Expanded Telecom Breaches Highlight Ongoing Chinese Cyber Threat Recent reports from the Wall Street Journal have surfaced, revealing that telecom giants Charter Communications, Consolidated Communications, and Windstream have fallen victim to the widespread Salt Typhoon hacking campaign attributed to Chinese state-sponsored actors. Growing List of Affected Telecoms The Salt Typhoon

Veracode, a leader in application security, has bolstered its portfolio by acquiring key technology components from Phylum, a rising startup specializing in software supply chain security. This acquisition includes Phylum’s advanced capabilities for analyzing, detecting, and mitigating malicious software packages, alongside integrating some of Phylum's expert personnel

The U.S. Treasury Department has announced sanctions against Beijing-based Integrity Technology Group, Inc. (Integrity Tech) for their involvement with the Flax Typhoon hacking group. The group, believed to be state-sponsored by China, used Integrity Tech's systems to orchestrate cyberattacks on U.S. and European networks for over

In a recent cybersecurity development, twenty harmful npm packages posing as parts of the Hardhat development environment have targeted Ethereum developers, aiming to steal private keys and sensitive data. More than a thousand downloads of these packages have been reported, illustrating a significant threat to the community. Targeted Attack on

The U.S. Department of Health and Human Services (HHS) is set to introduce substantial reforms to the Health Insurance Portability and Accountability Act (HIPAA) in response to a surge in significant healthcare data breaches. These enhancements aim to safeguard patient information more effectively. Proposed Security Enhancements To bolster the

The U.S. Treasury Department announced a significant cybersecurity breach attributed to suspected Chinese threat actors, affecting the department’s systems and unclassified documents. The incident was caused by the exploitation of an API key from a third-party service provider, BeyondTrust. Incident Overview On December 8, 2024, BeyondTrust, a software

American Addiction Centers, a prominent rehabilitation organization in Brentwood, Tennessee, recently experienced a significant data breach affecting the personal information of 410,747 current and past patients. Details of the Breach In response to inquiries, the Maine Attorney General received notification letters confirming the breach compromised sensitive data—including names,