Security
Stay informed with the latest developments in cybersecurity through our Security category. Discover in-depth news, analysis, and updates on emerging cyber threats, malware incidents, and major data breaches. Whether you’re a cybersecurity professional or just keen on protecting your digital footprint, find insights and trends that are shaping the future of online security here.
Over 4,000 backdoors hijacked by registering expired domains
Over 4,000 abandoned but still active web backdoors were hijacked and their communication infrastructure sinkholed after researchers registered expired domains used for commanding them. Some of the live malware (web shells) was deployed on web servers of high-profile targets, including government and university systems, ready to execute commands from anyone who tool control of the communication […]
Medical billing firm Medusind discloses breach affecting 360,000 people
Medusind, a leading billing provider for healthcare organizations, is notifying hundreds of thousands of individuals of a data breach that exposed their personal and health information more than a year ago, in December 2023. The Miami-based company operates 12 locations across the United States and India, and it also provides revenue cycle management services to […]
Thousands of credit cards stolen in Green Bay Packers store breach
American football team Green Bay Packers says cybercriminals stole the credit card data of over 8,500 customers after hacking its official Pro Shop online retail store in a September breach. In breach notification letters sent to affected individuals this week, the National Football League (NFL) team said it immediately disabled all checkout and payment capabilities after being […]
UN aviation agency confirms recruitment database security breach
The United Nations’ International Civil Aviation Organization (ICAO) has confirmed that a threat actor has stolen approximately 42,000 records after hacking into its recruitment database. This follows ICAO’s announcement on Monday that it was investigating what it described as a “potential information security incident.” While the UN agency didn’t provide additional details, this came two […]
PowerSchool hack exposes student, teacher data from K-12 districts
School districts known to be impacted by the PowerSchool breach are listed the bottom of the article. Education software giant PowerSchool has confirmed it suffered a cybersecurity incident that allowed a threat actor to steal the personal information of students and teachers from school districts using its PowerSchool SIS platform. PowerSchool is a cloud-based software solutions […]
Casio says data of 8,500 people exposed in October ransomware attack
Japanese electronics manufacturer Casio says that the October 2024 ransomware incident exposed the personal data of approximately 8,500 people. The affected individuals are primarily Casio employees and business partners, but there was a small set of customer personal information in the exposed data. Underground ransomware attack The cyberattack occurred on October 5, when ransomware actors […]
New Mirai botnet targets industrial routers with zero-day exploits
A relatively new Mirai-based botnet has been growing in sophistication and is now leveraging zero-day exploits for security flaws in industrial routers and smart home devices. Exploitation of previously unknown vulnerabilities started in November 2024, according to Chainxin X Lab researchers who monitored the botnet’s development and attacks. One of the security issues is CVE-2024-12856, a […]
UN aviation agency investigating ‘potential’ security breach
On Monday, the United Nations’ International Civil Aviation Organization (ICAO) announced it was investigating what it described as a “reported security incident.” Established in 1944 as an intergovernmental organization, this United Nations agency works with 193 countries to support the development of mutually recognized technical standards. “ICAO is actively investigating reports of a potential information […]
Washington state sues T-Mobile over 2021 data breach security failures
Washington state has sued T-Mobile over failing to secure the sensitive personal information of over 2 million Washington residents in a 2021 data breach. The case dates back to August 2021, when T-Mobile admitted that attackers brute forced their way into its corporate network and gained access to the sensitive information of 79 million people nationwide. The data breach itself, […]
CISA warns of critical Oracle, Mitel flaws exploited in attacks
CISA has warned U.S. federal agencies to secure their systems against critical vulnerabilities in Oracle WebLogic Server and Mitel MiCollab systems that are actively exploited in attacks. The cybersecurity agency added a critical path traversal vulnerability (CVE-2024-41713) found in the NuPoint Unified Messaging (NPM) component Mitel’s MiCollab unified communications platform to its Known Exploited Vulnerabilities Catalog. […]