Cybersecurity Articles

441/67 Thursday, December 12, 2024 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a vulnerability in the Microsoft Windows Common Log File System (CLFS), identified as CVE-2024-49138, to its Known Exploited Vulnerabilities (KEV) catalog. This vulnerability, with a CVSS score of 7.8, was addressed in Microsoft’s December 2024 Patch Tuesday security update, which […]

440/67 Thursday, December 12, 2024 Adobe, a leading software developer, has released its December 2024 Patch Tuesday security update, addressing over 160 vulnerabilities across 16 popular products such as Reader, Illustrator, Photoshop, and Connect. Key details of the fixes include: While Adobe confirmed that no active exploits of these vulnerabilities have been detected, the company […]

439/67 Wednesday, December 11, 2024 Anna Jaques Hospital in Massachusetts, USA, has disclosed a ransomware attack on December 25, 2023, which led to the leak of sensitive health information for over 316,000 patients. The hospital, which provides a range of services including emergency care, maternity, oncology, cardiology, and orthopedic surgery, immediately suspended the affected systems […]

438/67 Wednesday, December 11, 2024 The newly established ransomware group “Termite” has claimed responsibility for a cyberattack that caused significant damage to Blue Yonder, a major U.S.-based supply chain technology company. The attack has disrupted operations for leading organizations such as Starbucks and prominent UK retailers Morrisons and Sainsbury’s. Blue Yonder, headquartered in Arizona, revealed […]

437/67 Monday, December 9, 2024 Romania’s Intelligence Service revealed that the country’s electoral system was targeted by more than 85,000 cyberattacks. The attackers accessed data from election-related websites and disseminated the information on Russian cybercrime forums prior to the presidential election. Intelligence officials suggested the attacks may have exploited user account breaches or vulnerabilities in […]

436/67 Monday, December 9, 2024 Internal threats have emerged as a significant challenge for businesses worldwide. According to the 2024 Insider Threat Report by Cybersecurity Insiders, 83% of organizations experienced at least one insider attack in the past year. Alarmingly, the number of organizations facing 11–20 attacks surged fivefold, increasing from 4% in 2023 to […]

435/67 Friday, December 6, 2024 Cisco has issued a warning to customers regarding a decade-old vulnerability in its Cisco Adaptive Security Appliance (ASA) software, identified as CVE-2014-2120. This vulnerability is currently being widely exploited. It exists in the WebVPN login page of ASA software, allowing unauthenticated attackers to execute Cross-Site Scripting (XSS) attacks on WebVPN […]

434/67 Friday, December 6, 2024 U.S. federal officials have issued an urgent warning to telecom companies, calling for enhanced security measures following a significant cyberattack attributed to a Chinese hacker group known as Salt Typhoon. The attack targeted personal data of Americans, including text messages, phone conversations, and metadata about dates, times, and contacts of […]

433/67 Wednesday, December 4, 2024 South Korean police have arrested the CEO and five employees of a company after discovering that the company produced over 240,000 satellite receivers equipped or updated with DDoS (Distributed Denial of Service) attack functionality at the request of customers, in violation of the law. The manufacturer and the purchasing company […]

432/67 Wednesday, December 4, 2024 Taiwan is facing a new cybersecurity threat as organizations in the manufacturing, healthcare, and information technology sectors are being targeted by SmokeLoader, a malware notorious for its advanced attack techniques and stealth capabilities. Originally released on cybercrime forums in 2011, SmokeLoader is characterized by its modular design, which enhances its […]