Blog
Cyber Threat Report
CASE STUDY
 

We all have memories that are forever etched in our minds, events that were life-changing and we can still vividly recall. I was 10 years old when JFK was assassinated and remember the day clearly. I can also tell you where I was and everything about the day 23 years later when Challenger exploded. 23 years after Challenger we faced September 11, and all of us can share where we were, how we heard about it, and what transpired in the following hours, days, and weeks.

White House And EPA Warn Of Hackers Breaching Water Systems
EPA Administrator Michael Regan warned governors today that hackers are "striking" critical infrastructure across the country's water sector. Read More

Organizations Are Knowingly Releasing Vulnerable Applications
92% of companies had experienced a breach in the prior year due to vulnerabilities of applications developed in-house. Read More

Vmware Pushes Admins To Uninstall Vulnerable, Deprecated Vsphere Plugin 
The vulnerabilities haven’t been and won’t be fixed. Instead, VMware is urging admins to remove the EAP plugin. Read More

Critical Shim Bug Impacts Every Linux Boot Loader Signed In The Past Decade 
There are currently 5 vulnerabilities in Shim that could allow a network attacker to bypass secure boot and take over a vulnerable Linux system. Read More

Biggest Data Leak in History Exposes 26B Records
Most of the exposed data, found on an open instance likely owned by a threat actor or data broker, was from the Chinese instant messaging app Tencent QQ. At the same time, Weibo, MySpace, Twitter, and Wattpad also had hundreds of millions of leaked credentials and other information. Read More

Massive Comcast Xfinity Data Breach Impacts 36 Million Customers
Comcast disclosed that hackers exploited a Citrix vulnerability between October 16 and October 19, 2023. Read More

Happy New Year and Thank You to Our 7,000+ Readers!

Chinese Hackers Deliver Malware to Barracuda Email Security Appliances via New Zero-Day 
China-linked hackers continue to target Barracuda Email Security Gateway (ESG) appliances, with recent attacks involving the exploitation of a new zero-day vulnerability. Read More

FBI Explains How Companies Can Delay Sec Cyber Incident Disclosures
The FBI worked with the Department of Justice to create a guidance document for victims about how companies can “request disclosure delays for national security or public safety reasons.” Read More

Staples Confirms Cyberattack Behind Service Outages, Delivery Issues
Reported Staples internal operation problems including an inability to access Zendesk, VPN employee portals, print email, use phone lines, and more. Read More