Vulnerability ManagementJetpack patches critical bug that exposed data on 27M WordPress sitesSteve ZurierOctober 15, 2024Flaw in WordPress Jetpack plug-in could potentially expose sensitive personal information such as phone numbers and email addresses.
Governance, Risk and ComplianceMarriott faces $52 million FTC fine and reprimand over data breachesDan RaywoodOctober 15, 2024Hotel giant instructed to develop comprehensive information security program and certify compliance as part of reprimand.
Governance, Risk and CompliancePentagon shares new cybersecurity rules for government contractorsShaun NicholsOctober 14, 2024The DOD introduced new cybersecurity requirements for companies that contract with the federal government.
Vulnerability ManagementVulnerable instances of Log4j still being used nearly 3 years laterDan RaywoodOctober 14, 2024Critical vulnerabilities take over 500 days to be fixed.
Network SecurityCommand-jacking used to launch malicious code on open-source platformsSteve ZurierOctober 14, 2024Attackers hijack legitimate commands and run malicious code to launch supply chain attacks.
IdentityExperts say MFA is no longer enough for enterprisesShaun NicholsOctober 11, 2024The UK’s cyber watchdog says that companies need to be more mindful with how they handle their multi-factor authentication.
RansomwareLynx ransomware analyses reveal similarities to INC RansomLaura FrenchOctober 11, 2024The newer ransomware-as-a-service group has claimed more than 20 victims since July 2024.
RansomwareFog, Akira ransomware groups exploit critical Veeam backup flawSteve ZurierOctober 11, 2024Veeam disclosed the flaw and issued patches in September.
AI/MLOpenAI reveals ChatGPT use by CyberAv3ngers, Android malware developersLaura FrenchOctober 10, 2024More than 20 adverse operations were interrupted by OpenAI in 2024, a new report revealed.
Network SecurityRaccoon infostealer mastermind pleads guilty in US courtShaun NicholsOctober 10, 2024A 28-year-old Ukranian man admitted to being the mastermind behind one of the most notorious pieces of malware on the internet.