Security Bulletin

Investigation into the incident, which was only finalized earlier last month, revealed that Money Message was able to exfiltrate individuals' demographic details, medical and health insurance information, financial data, Social Security and driver's...

Users of the MyAtriumHealth patient portal, formerly MyCarolinas, between January 2015 and July 2019 may have had their names, home and email addresses, phone numbers, treatment or provider details, IPs, and browser cookies exposed to Meta, Google...

Information allegedly exfiltrated by 8Base included invoices, receipts, personal and confidential data, accounting documents, employment contracts, confidential agreements, certificates, and other sensitive details.

Termite — which has already compromised seven victims, two of which are in the U.S. — was regarded by Cyble researchers to be a Babuk ransomware rebrand due to significant similarities between both strains' ransomware binaries.

We can anticipate a growing number of emerging vulnerabilities in the near future, emphasizing the need for an effective prioritization strategy.

The new administration wants fewer physical wars and more cyber ops – a policy aimed to counter the massive nation-state cyber campaigns of our adversaries.

Megjelent a SANS és a Nemzetbiztonsági Szakszolgálat Nemzeti Kibervédelmi Intézet közös kiadványának 2024. decemberi száma, melyben azzal foglalkozunk, hogyan lopják el a jelszavakat a kiberbűnözők.

While Sirius XM has allegedly engaged in the sharing of sensitive user data with unaffiliated third parties and other groups without notifying users and obtaining their consent, the MyRadar weather app, Miles travel rewards app, and Tapestri...

Under the proposed FCC rule, telecommunications entities would not only need to ensure their networks' defenses against "unlawful access and interception" but also be required to undergo yearly cybersecurity risk management plan certifications.

Such a crackdown on Manson Market — which commenced in late 2022 following a reported increase in fake phone calls spoofing bank employees — also resulted in the seizure of more than 50 of its servers containing over 200 TB of data, as well as the...

Nearly 150 employees of the financial entity have been compromised by Ogletree in a phishing campaign between October and November 2023 that sought to exfiltrate account credentials via company-spoofing phishing sites, the complaint alleged.

Intrusions leveraging CVE-2024-41713, which stems from insufficient input validation in MiCollab's NuPoint Unified Messaging component, could facilitate not only unauthenticated provisioning data access but also unauthenticated admin task execution...