SecurityWeek

A coordinated IP spoofing attack that involved port scans tried to disrupt the Tor network by getting relays on blocklists. 

The FBI is seeing an increase in threat actors using fake emergency data requests to harvest information from US companies.

In its latest financial report, Halliburton said the recent cybersecurity incident has so far cost the company $35 million.

Forth says the personal information of 1.5 million people was compromised in a May 2024 data breach.

Veeam has released a hotfix for a high-severity authentication bypass vulnerability in Backup Enterprise Manager.

The information of over 300,000 Presbyterian Healthcare Services patients was compromised as a result of a data breach at law firm Thompson Coburn.

D-Link warns of a critical-severity command injection vulnerability impacting multiple discontinued NAS models.

Palo Alto Networks has issued an advisory urging customers to take action in response to claims of an RCE vulnerability in PAN-OS. 

The US government's CFPB sent an email with a simple directive: “Do NOT conduct CFPB work using mobile voice calls or text messages.”

Noteworthy stories that might have slipped under the radar: China’s Volt Typhoon hacked Singtel, GuLoader targets European industrial organizations, and US agency warns employees about phone use. 

Malwarebytes has acquired Sweden-based privacy-focused VPN provider AzireVPN to expand its product offerings.

ZDI discloses vulnerabilities in the infotainment system of multiple Mazda car models that could lead to code execution.

After the hacker IntelBroker leaked stolen source code, Nokia said the impact of the cybersecurity incident is limited.

A significant number of Nigerian cybercriminals have been sent to prison in recent months in the United States, and some of them received lengthy sentences.

Texas-based oilfield supplier Newpark Resources says a ransomware attack disrupted information systems and business applications.

HPE this week warned of two critical vulnerabilities in Aruba Networking access points that could lead to unauthenticated command injection.

CISA has added a Palo Alto Networks Expedition flaw tracked as CVE-2024-5910 to its Known Exploited Vulnerabilities Catalog.

North Korean cryptocurrency thieves caught targeting macOS with fake PDF applications, backdoors and new persistence tactics.

Essential steps such as security awareness training, MFA, and Zero Trust identity management help organizations reduce the human element and stay ahead in the cybersecurity curve.

Embed Security has raised $6 million in an early stage funding round led by Paladin Capital Group.