Author Info

A significant cyber breach has hit the Rhode Island Benefits System (RIBridges), affecting various health and social service programs. The attackers, identified as an international cybercriminal syndicate, are now demanding a ransom, threatening to expose sensitive personal information of numerous residents. The Breach Details Discovery: On December 5, cybersecurity officials

A serious security flaw in Apache Struts 2, identified as CVE-2024-53677, is currently being exploited by attackers using public proof-of-concept exploits to locate susceptible devices. Apache Struts is a widely used open-source framework for Java-based web applications, utilized by industries such as government, finance, e-commerce, and aviation. Vulnerability Details The

Overview of the Incident A cybersecurity breach has disrupted operations at Texas Tech University Health Sciences Center (TTUHSC) and TTUHSC El Paso. The incident has potentially exposed sensitive data for approximately 1.4 million patients, prompting a broad investigation into the attack's scope and consequences. Incident Timeline and

The ransomware group who has appropriated the name Cicada3301 has taken responsibility for a significant data breach involving Concession Peugeot, a notable car dealership in France associated with the Peugeot name. This breach, which reportedly compromised 35GB of confidential data, continues the group's aggressive ransomware activities. Date of

Kali Linux has launched its latest and final update of the year, version 2024.4, which introduces an impressive lineup of fourteen new tools, several improvements, updated features, and the deprecation of some older elements. New Tools in Kali Linux 2024.4 In this release, Kali continues its tradition of

Cybercriminals are targeting more than 200,000 YouTube creators with a sophisticated phishing attack, posing as well-known brands to deceive content creators worldwide. The campaign, discovered by cybersecurity firm Cloudsek, involves phishing emails that aim to compromise the creators' accounts through malware. Phishing Tactics: Emails with subject lines such

Discovery and Capabilities On December 13, 2024, cybersecurity experts revealed a sophisticated Linux rootkit named PUMAKIT, which has the capacity to escalate privileges, hide files and directories, and avoid detection by system tools. According to a report by Elastic Security Lab researchers Remco Sprooten and Ruben Groenewoud, PUMAKIT uses advanced

Germany’s Federal Office of Information Security (BSI) has successfully disrupted a large-scale malware operation known as BADBOX, which affected at least 30,000 internet-enabled devices sold across the country. This operation targeted outdated Android devices, including digital picture frames, media players, streamers, as well as potentially smartphones and tablets.

Iran-Linked Cyber Attack Targets US and Israeli Infrastructure with IOCONTROL Malware Iranian threat actors, identified by Claroty’s Team82, have leveraged a sophisticated piece of malware, known as IOCONTROL, to target Internet of Things (IoT) and Operational Technology (OT) systems within critical infrastructure in the United States and Israel. Cyber