A critical issue in Exim mail transfer agent (MTA) has left over 1.5 million servers unpatched, posing significant security risks. Tracked as CVE-2024-39929, the flaw allows threat actors to bypass security filters and deliver malicious executable attachments to users’ mailboxes. The issue arises from incorrect parsing of multiline RFC2231 header …
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three significant vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. These include a critical template injection flaw in the Rejetto HTTP File Server (CVE-2024-23692), a privilege escalation issue in Windows Hyper-V (CVE-2024-38080), and a spoofing vulnerability in the Windows MSHTML …
Cybersecurity experts from leading universities and tech companies have identified a critical vulnerability in the RADIUS networking protocol. Dubbed “Blast RADIUS,” the flaw allows attackers to bypass user authentication via man-in-the-middle (MITM) attacks and hash cracking. With a CVSS severity score of 7.5 out of 10, the vulnerability (CVE-2024-3596) poses …
As cloud usage becomes vital for organizations, it has also become a target for cyberattacks. A recent report by Thales highlights that 47% of corporate data stored in the cloud is sensitive, making cloud security a top priority. SaaS applications, cloud storage, and cloud management infrastructure are the leading attack …
Alabama’s State Department of Education recently experienced a significant data breach following a thwarted ransomware attack on June 17. Although IT professionals managed to stop the attack, threat actors accessed some data and disrupted services. Superintendent Eric Mackey revealed that while the full extent of the breach is still being …
Adversary-in-the-middle (AitM) attacks are exposing vulnerabilities in passkey authentication. By stripping passkey options from login pages users are forced to rely on less secure authentication methods. This makes their accounts susceptible to compromise. Joe Stewart from eSentire’s Threat Response Unit highlights that the problem lies not in the passkeys themselves. …
Patelco Credit Union, one of the oldest and largest credit unions in the U.S., suffered a significant ransomware attack on June 29, 2024. The cyber assault forced the shutdown of Patelco’s online banking platform, mobile app, and call center operations, affecting nearly 500,000 members in the Bay Area and Northern …
US businesses are facing significant challenges in obtaining cybersecurity insurance due to rising premiums and restrictive policies. Experts highlighted the complexity and variability of insurance terms, particularly for smaller operators. Cyber insurance policies are difficult for companies to interpret and understand their coverage. The increasing threat of state-sponsored cyberattacks on …
TeamViewer recently revealed a breach in its corporate environment, attributing the attack to the Russian state-sponsored hacking group Midnight Blizzard. On June 26, 2024, TeamViewer’s security team detected unusual activity in their internal IT systems. Immediate measures were taken, including the activation of a response team and collaboration with global …
In the first quarter of 2024, BlackBerry detected and thwarted 3.1 million cyberattacks, highlighting a significant rise in malicious activity. The report revealed that 60% of these attacks targeted critical infrastructure sectors, with the financial industry being hit the hardest. The surge in novel malware, with 54% of attacks involving …
