New York sues Allstate and subsidiaries for back-to-back data breaches
Allstate and several of the insurance company’s subsidiaries were accused of poor security practices resulting in data breaches in 2020 and 2021 that exposed sensitive…
Month: March 2025
Critical PHP RCE vulnerability mass exploited in new attacks
Threat intelligence company GreyNoise warns that a critical PHP remote code execution vulnerability that impacts Windows systems is now under mass exploitation. Tracked as CVE-2024-4577,…
PowerSchool previously hacked in August, months before data breach
PowerSchool has published a long-awaited CrowdStrike investigation into its massive December 2024 data breach, which determined that the company was previously hacked over 4 months earlier,…
What Really Happened With the DDoS Attacks That Took Down X
The social network X suffered intermittent outages on Monday, a situation owner Elon Musk attributed to a “massive cyberattack.” Musk said in an initial X…
SMS Scam Uses Elon Musk’s Name to Sell Fake Energy Devices to US Users
Fake Elon Musk endorsements are used in SMS campaigns to sell bogus energy-saving devices. Learn how to spot these scams and protect yourself from fraudulent…
Certifications And Career Opportunities For Women In Cybersecurity
Despite the increasing efforts to increase women’s representation in cybersecurity, the industry still has a long way to go. However, there is progress on the horizon.…
Ballista Botnet Exploits Unpatched TP-Link Vulnerability, Infects Over 6,000 Devices
Mar 11, 2025Ravie LakshmananNetwork Security / Vulnerability Unpatched TP-Link Archer routers have become the target of a new botnet campaign dubbed Ballista, according to new…
Pure aims at AI beyond the enterprise with FlashBlade//Exa
Pure Storage has announced FlashBlade//Exa, which aims at artificial intelligence (AI) and high-performance computing (HPC) workloads that demand extremely high throughput to graphics processing units…
CISA tags critical Ivanti EPM flaws as actively exploited in attacks
CISA warned U.S. federal agencies to secure their networks against attacks exploiting three critical vulnerabilities affecting Ivanti Endpoint Manager (EPM) appliances. The three flaws (CVE-2024-13159,…
PoC Released for SolarWinds Web Help Desk Vulnerability Exposing Passwords
A Proof-of-Concept (PoC) has been released for a significant vulnerability discovered in SolarWinds Web Help Desk, exposing encrypted passwords and other sensitive data. This vulnerability…
Adversarial Exposure Validation Exposes Real Threats
Mar 11, 2025The Hacker NewsBreach Simulation / Penetration Testing In cybersecurity, confidence is a double-edged sword. Organizations often operate under a false sense of security,…
Post Office scandal data leak interim compensation offers made
The Post Office has made interim compensation offers to a number of former subpostmasters affected by a major data breach that was revealed last year.…