News
The Taliban's administration in Afghanistan is facing significant turmoil after a cyber attack led to the exposure of over 50GB of sensitive documents online. The breach was orchestrated by a group known as TabiLeaks, which disseminated links to the compromised data via social media. Details of the Cyber
A collaborative operation by the National Police and Civil Guard has led to the arrest of a suspected hacker in Calpe, Alicante. The individual, known online as Natohub, is believed to have executed over 40 cyberattacks on both domestic and international entities, compromising sensitive data and documents. Targeted Entities In
In August 2023, a significant cyberattack on the Hospital Sisters Health System (HSHS) compromised the personal data of 882,782 individuals. This breach disrupted internal systems, applications, communications, online payments, and the HSHS website. Details of the Cyberattack The attack began on August 27, 2023, causing a prolonged outage of
Hewlett Packard Enterprise (HPE) has begun notifying employees affected by a data breach involving its Office 365 email system, which was compromised by Russian state-sponsored hackers in May 2023. As reported in filings with the Attorney General offices in New Hampshire and Massachusetts, HPE initiated the distribution of breach notification
Microsoft has introduced a PowerShell script designed to assist Windows users and administrators in updating bootable media. This update ensures the use of the new Windows UEFI CA 2023 certificate, crucial for mitigating the BlackLotus UEFI bootkit threats expected to be enforced later this year. Understanding the BlackLotus Threat The
Security experts have identified a critical zero-day vulnerability in the 7-Zip file archiving tool, which has been actively exploited in the context of Russia's ongoing military actions in Ukraine. Exploiting Windows Security Measures This vulnerability enabled a Russian cybercriminal group to circumvent a key Windows security feature designed
A sophisticated Chinese hacking group has been identified exploiting a new SSH backdoor to compromise network devices. By injecting malware into the SSH daemon, these attackers gain persistent access, enabling covert operations across targeted networks. Understanding the Attack The attackers focus on network appliances, a crucial component of organizational infrastructure.
In a collaborative effort, cybersecurity agencies from the Five Eyes alliance, comprising the UK, Australia, Canada, New Zealand, and the U.S., have released new guidelines aimed at improving the forensic capabilities of network edge devices. This initiative seeks to bolster the ability of defenders to identify and respond to
Sophos has successfully completed its acquisition of Secureworks for $859 million in cash, marking a significant expansion in its cybersecurity offerings. Strategic Enhancements and Product Integration Announced initially in October 2024, this acquisition is set to introduce new capabilities to Sophos' portfolio, including advanced identity detection and response (ITDR)