Stolen Data Includes Social Security Numbers, Financial Details, and IDs A major data breach at DISA Global Solutions, a U.S.-based employee screening company, has compromised the personal information of over 3.3 million individuals, including more than 360,000 residents in Massachusetts. In a notice posted on April 22, 2024, DISA confirmed it was the victim of […]
Cybersecurity researchers have identified a new tactic used by the Rhadamanthys Infostealer to spread malware, leveraging Microsoft Management Console (MMC) files with the MSC extension. This latest discovery, confirmed by the AhnLab Security Intelligence Center (ASEC), highlights an evolving threat where attackers misuse legitimate administrative tools for malicious purposes. Methods of Exploitation The Rhadamanthys Infostealer […]
Dream, an AI-driven cybersecurity company specializing in national and critical infrastructure protection, has announced the successful closure of a $100 million Series B funding round. Led by Bain Capital Ventures, this latest investment values the company at $1.1 billion. Additional investors include Group 11, Tru Arrow, Tau Capital, and Aleph. The funding will support Dream’s […]
Security researchers warn of ongoing exploitation of a critical vulnerability in SonicWall’s SonicOS. Key Findings: Ongoing Exploitation and Threat Landscape SonicWall initially patched CVE-2024-53704 after researchers from Computest Security disclosed the flaw. At the time of the patch release, the company stated it had no evidence of active exploitation. However, subsequent findings suggest otherwise. Researchers […]
The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have issued an alert warning of recent ransomware activity by the group known as Ghost, also referred to as Cring. According to the advisory released on Wednesday, the group has been actively exploiting vulnerabilities in software and firmware as recently as January. Operating from China, […]
Digital payments leader PayPal has agreed to pay a $2 million fine following a cybersecurity incident in December 2022 that exposed thousands of Social Security numbers, according to New York state regulators. The penalty resolves violations of New York’s financial cybersecurity regulations, which require companies like PayPal to employ qualified personnel to manage critical cybersecurity […]
A team of researchers has uncovered over 100 security vulnerabilities affecting LTE and 5G network implementations, which could potentially be exploited to disrupt services or gain unauthorized access to cellular core networks. The study identified 119 vulnerabilities, with 97 assigned unique CVE identifiers, spanning seven LTE implementations—Open5GS, Magma, OpenAirInterface, Athonet, SD-Core, NextEPC, and srsRAN—and three […]
State-linked hackers were implicated in a series of cyberattacks in December, resulting in the theft of unclassified data from the U.S. Treasury Department, among other incidents. BeyondTrust confirmed that 17 customers were affected by the attack, which involved the compromise of a Remote Support SaaS API key. The attack, attributed to a state-linked threat actor, […]
Conduent, a New Jersey-based contractor that provides technology solutions for social service agencies and transit systems across the U.S., has confirmed that it was the target of a cyberattack. The incident disrupted operations and caused delays in child support payment processing in multiple states, including Wisconsin. The attack first came to light when Wisconsin officials […]
The growing security threats posed by advancements in artificial intelligence are well-documented, impacting billions of Gmail users, bank customers, and even individuals targeted through smartphone calls and messages. The FBI has issued warnings about such dangers, highlighting the risks AI poses when exploited by malicious actors. Adding to these concerns, researchers have recently identified GhostGPT, […]