Cybersecurity
Category Added in a WPeMatico Campaign
Dec 15, 2023NewsroomVulnerability / Software Security Multiple security vulnerabilities have been discovered in the open-source Netgate pfSense firewall solution called pfSense that could be chained by an attacker to execute arbitrary commands on susceptible appliances. The issues relate to two reflected cross-site scripting (XSS) bugs and one command injection flaw, according to new findings from […]
The City of Defiance has fallen victim to a cyberattack orchestrated by the notorious Knight ransomware group. The City of Defiance data breach was first brought to light on December 13, 2023, when Knight officially listed the City of Defiance as their latest target. The threat actor, known as Knight, revealed their malicious intent on […]
Threat actors are switching tactics to compromise their victims with ransomware, with more attacks now exploiting vulnerabilities rather than using phishing emails, according to Corvus Insurance. The insurer analyzed claims data from this year to better understand threat actor activity. It claimed that vulnerability exploitation rose as an initial access method from nearly 0% of ransomware […]
The number of cyber breaches targeting organizations’ supply chains continues to rise, with an average 4.16 breaches reported to be negatively impacting operations this year — a 26% increase from the mean number of 3.29 breaches in 2022, according to BlueVoyant. “Attacks targeting external vendors and partners are a constant threat,” said Joel Molinoff, BlueVoyant’s […]
U.S. authorities are struggling to contain a critical vulnerability in Citrix Netscaler Application Delivery Controller and Netscaler Gateway, widely used networking appliances that help companies enable secure remote access. Thousands of organizations worldwide use the technology, and researchers have seen attacks targeting a wide range of industries, including financial services companies, defense contractors, law firms, […]
Powerful attack knocked out internet access and mobile communications, damaging IT infrastructure
Louisiana-based medical association Lafourche Medical Group and the Department of Health and Human Services have reached a $480,000 settlement for a cyberattack in 2021 that resulted in the compromise of protected health information from 34,862 individuals, according to The Record, a news site by cybersecurity firm Recorded Future.
The Federal Communications Commission updated its data breach rules for the first time in 16 years Wednesday, expanding how a breach is defined and who to alert when there is one. The FCC order, decided in a 3-2 party-line vote, will broaden the commission’s breach notification rules to include certain personally identifiable information belonging to […]
SUMMARY The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Department of the Treasury (Treasury), and the Financial Crimes Enforcement Network (FinCEN) are releasing this joint Cybersecurity Advisory (CSA) to provide information on the Karakurt data extortion group, also known as the Karakurt Team and Karakurt Lair. Karakurt actors have […]