cybersecurity
Over 12,000 KerioControl firewalls exposed to exploited RCE flaw
Over twelve thousand GFI KerioControl firewall instances are exposed to a critical remote code execution vulnerability tracked as CVE-2024-52875. KerioControl is a network security suite that small and medium-sized businesses use for VPNs, bandwidth management, reporting and monitoring, traffic filtering, AV protection, and intrusion prevention. The flaw in question was discovered in mid-December by security […]
US sanctions Chinese firm, hacker behind telecom and Treasury hacks
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned Yin Kecheng, a Shanghai-based hacker for his role in the recent Treasury breach and a company associated with the Salt Typhoon threat group. “Yin Kecheng has been a cyber actor for over a decade and is affiliated with the People’s Republic […]
Biden signs executive order to bolster national cybersecurity
Days before leaving office, President Joe Biden signed an executive order to shore up the United States’ cybersecurity by making it easier to sanction hacking groups targeting federal agencies and the nation’s critical infrastructure. These also include ransomware gangs, which have been continuously targeting U.S. healthcare organizations in recent years, causing disruptions by encrypting systems […]
Fake CrowdStrike job offer emails target devs with crypto miners
CrowdStrike is warning that a phishing campaign is impersonating the cybersecurity company in fake job offer emails to trick targets into infecting themselves with a Monero cryptocurrency miner (XMRig). The company discovered the malicious campaign on January 7, 2025, and based on the phishing email’s content, it likely didn’t start much earlier. The attack starts […]
Washington state sues T-Mobile over 2021 data breach security failures
Washington state has sued T-Mobile over failing to secure the sensitive personal information of over 2 million Washington residents in a 2021 data breach. The case dates back to August 2021, when T-Mobile admitted that attackers brute forced their way into its corporate network and gained access to the sensitive information of 79 million people nationwide. The data breach itself, […]
US govt launches cybersecurity safety label for smart devices
Today, the White House announced the launch of the U.S. Cyber Trust Mark, a new cybersecurity safety label for internet-connected consumer devices. The Cyber Trust Mark label, which will appear on smart products sold in the United States later this year, will help American consumers determine whether the devices they want to buy are safe […]
Windows 10 users urged to upgrade to avoid “security fiasco”
Cybersecurity firm ESET is urging Windows 10 users to upgrade to Windows 11 or Linux to avoid a “security fiasco” as the 10-year-old operating system nears the end of support in October 2025. “It’s five minutes to twelve to avoid a security fiasco for 2025,” explains ESET security expert Thorsten Urbanski. “We strongly advise all […]
Massive healthcare breaches prompt US cybersecurity rules overhaul
The U.S. Department of Health and Human Services (HHS) has proposed updates to the Health Insurance Portability and Accountability Act of 1996 (HIPAA) to secure patients’ health data following a surge in massive healthcare data leaks. These stricter cybersecurity rules, proposed by the HHS’ Office for Civil Rights (OCR) and expected to be published as […]
Kali Linux 2024.4 released with 14 new tools
Kali Linux has released version 2024.4, the fourth and final version of 2024, and it is now available with fourteen new tools, numerous improvements, and deprecates some features. Kali Linux is a distribution created for cybersecurity professionals and ethical hackers to perform penetration testing, ethical hacking, vulnerability research, security audits, and red team exercises. With this final […]
Bitfinex hacker gets 5 years in prison for 120,000 bitcoin heist
A hacker responsible for stealing 119,754 Bitcoin in a 2016 hack on the Bitfinex cryptocurrency exchange was sentenced to five years in prison by U.S. authorities. The man, Ilya Lichtenstein, was arrested in February 2022 in Manhattan following a lengthy investigation led by the IRS, HSI, and the FBI, which managed to recover roughly 80% of the […]