SysAid on-premises software faces a zero-day vulnerability tracked as CVE-2023-47246. SysAid recommends that all customers immediately upgrade to version 23.3.36, which has a security patch for the path traversal vulnerability. “We urge all customers with SysAid on-prem server installations to… Read More "The SysAid Zero-Day Vulnerability: CVE-2023-47246"
A newly discovered network botnet comprising an estimated 30,000 webcams and video recorders—with the largest concentration in the US—has been delivering what is likely to be the biggest denial-of-service attack ever seen, a security researcher inside Nokia said. The botnet, tracked… Read More "A Brand New Botnet Is Delivering Record-Size DDoS Attacks"
Mar 07, 2025Ravie LakshmananMalvertising / Open Source Microsoft has disclosed details of a large-scale malvertising campaign that’s estimated to have impacted over one million devices globally as part of what it said is an opportunistic attack designed to steal sensitive… Read More "Microsoft Warns of Malvertising Campaign Infecting Over 1 Million Devices Worldwide"
15 Prozent der Endgeräte im Gesundheitssektor haben keine oder nicht-übereinstimmende Sicherheits- und Risikokontrollen. Panya_photo – Shutterstock.com Laut dem aktuellen Horizon Report 2025 wurden im Jahr 2024 weltweit 183 Millionen Patientendaten kompromittiert. Das ist ein Anstieg von neun Prozent im Vergleich… Read More "Mangelhafte Cybersicherheit im Gesundheitswesen | CSO Online"
Most (87%) security professionals have reported that their organization has encountered an AI-driven cyber-attack in the last year, with the technology increasingly takes hold, according to a new report by SoSafe. The new SoSafe 2025 Cybercrime Trends report also noted… Read More "Majority of Orgs Hit by AI Cyber-Attacks as Detection Lags"
43% of all websites are built in WordPress (W3Techs). Custom WordPress sites rely on plugins, themes, and other components determined by the website administrators. Because these extensible components are often created by third-parties, each custom addition is a potential attack… Read More "Your WordPress Data Exposure Risks"
Mar 07, 2025The Hacker NewsPayment Security / Compliance Access on-demand webinar here Avoid a $100,000/month Compliance Disaster March 31, 2025: The Clock is Ticking. What if a single overlooked script could cost your business $100,000 per month in non-compliance fines?… Read More "What PCI DSS v4 Really Means – Lessons from A&F Compliance Journey"
Typosquatting is a technique attackers use to create malicious websites, domains, or software packages with names that closely resemble legitimate ones. By exploiting common typing errors or slight variations, attackers trick users into downloading malware, revealing sensitive information, or installing… Read More "Linux, macOS users infected with malware posing as legitimate Go packages"
Medusa ransomware has claimed over 40 victims in the first two months of 2025, including a confirmed attack on a US healthcare organization. This is almost twice the number of Medusa attacks observed in January and February 2024, according to… Read More "Medusa Ransomware Claims 40+ Victims in 2025"
Digital threats have led to new cybersecurity regulations that organizations from various industries must follow. Staying compliant with cybersecurity regulations can be legally required, depending on the type of regulation, and organizations face steep penalties if they are non-compliant. With… Read More "Choosing the Best Cybersecurity Compliance Software"
