January 30, 2025

Russian ransomware hackers increasingly posing as tech support on Microsoft Teams

Cybersecurity authorities and major technology firms reported a significant surge in cyberattacks orchestrated by Russian-speaking ransomware groups exploiting Microsoft Teams to impersonate technical support staff. These threat actors have adopted increasingly sophisticated social engineering tactics, targeting employees of organizations through fake support messages delivered via Microsoft Teams, a platform widely used for internal business communication.According to intelligence shared by Microsoft […]
January 26, 2025

Hackers impersonate Ukraine’s CERT to trick people into allowing computer access

Concerning development in the cyber threat landscape, malicious actors have launched a sophisticated social engineering campaign by impersonating Ukraine’s Computer Emergency Response Team (CERT-UA). The attackers are leveraging the trusted reputation of CERT-UA to deceive victims into granting unauthorized access to their computer systems.According to cybersecurity analysts, this campaign began circulating in late December 2024 and gained significant traction in […]
January 22, 2025

Oracle To Address 320 Vulnerabilities in January Patch Update

Oracle Corporation announced a significant security release as part of its scheduled Critical Patch Update (CPU), aimed at addressing 320 newly discovered vulnerabilities across its extensive suite of products. This comprehensive update, in line with Oracle’s quarterly patch cycle, underscores the company’s continued commitment to enhancing the security posture of its enterprise solutions.The January CPU covers a broad spectrum of […]
January 14, 2025

Fortinet Warns of New Zero-Day Used in Attacks on Firewalls with Exposed Interfaces

On January 14, 2025, Fortinet publicly disclosed a critical zero-day vulnerability, CVE-2024-55591, affecting its FortiOS and FortiProxy products. This vulnerability allows unauthenticated remote attackers to gain super-admin access to affected systems by exploiting a flaw in the WebSocket interface of the web management portal. The issue is particularly dangerous for firewalls with exposed management interfaces accessible over the Internet.The vulnerability […]
January 2, 2025

CHC Data Breach Exposed Over One Million Patients’ Information

Community Health Center, Inc. (CHC) suffered a major data breach that exposed the personal information of over one million people. The incident came to light on January 2, 2025, when CHC noticed unusual network activity and launched an investigation with cybersecurity professionals.Findings revealed that a sophisticated attacker had gained unauthorized access to CHC’s systems and either viewed or extracted sensitive […]