Two British cybercriminals from the Scattered Spider group pleaded guilty to compromising Transport for London, part of a growing wave of arrests and convictions targeting the group.
A social engineering attack on an employee in April enabled unauthorized access to customer data from nearly 6 million people at Carnival Corporation, including passport and driver’s license numbers.
A security researcher publicly releases six zero-day exploits for Microsoft products without giving the company a chance to patch – CISOs must prepare for immediately exploitable vulnerabilities.
Weekly overview of significant cyberattacks and security incidents from international specialist media – relevant for threat assessment in cyber risk management.
Cisco disclosed 17 vulnerabilities in firewall products including critical flaws (CVSS 10.0) that allow attackers to execute code with root privileges without authentication. Immediate updates are required; no workarounds are available.
DDoS services are sold like commercial software subscriptions, with tiered pricing and support, showing advanced professionalization and significantly lowering the barrier to entry for potential attackers.
Project Glasswing is a global initiative to enhance software security through systematic identification and remediation of vulnerabilities in widely used software worldwide, particularly targeting security leaders in organizations.