May 03, 2025Ravie LakshmananMalware / Operational Technology An Iranian state-sponsored threat group has been attributed to a long-term cyber intrusion aimed at a critical national infrastructure (CNI) in the Middle East that lasted nearly two years. The activity, which lasted from at least May 2023 to February 2025, entailed “extensive espionage operations and suspected network … Read more
Threat actors are opting for code exploitation at an increasing rate as credential theft is becoming less popular as a means of intrusion.Verizon’s latest Data Breach Investigation Report (DBIR) found that 1 in 5 breaches were the result of an exploit script against an exposed security vulnerability. By comparison, 22% of exploits were the result … Read more
A cybersecurity firm is buying access to underground crime forums to gather intelligence. Does that seem daft to you? And over in Nigeria, even if romance scammers would like to update their LinkedIn profiles, just how easy is it to turn a new leaf after a sweet-talking career in cybercrime? All this and more is … Read more
Hertz is alerting customers to a data breach involving drivers’ license numbers and other personal information following a hack in its supply chain. The car-rental company said in a posting on its website that it completed an analysis of the incident on April 2 and determined the affected information may include names, credit-card data, driver’s … Read more
The Pennsylvania State Education Association (PSEA), a labor union representing educators across the state, says hackers stole the sensitive personal information of more than half a million of its members. PSEA is the largest organization for educators in Pennsylvania, representing current and former teachers, counselors, healthcare workers, and school social workers. In a filing with … Read more