Northern Ireland Police Data Breach Leads to £750,000 Fine
Northern Ireland Police Data Breach Leads to £750,000 Fine PSNI Fined for Data Breach The Ireland Police has been fined £750,000 after a serious data breach exposed personal details of its entire workforce. This breach occurred in August 2023 when a spreadsheet containing information about 9,483 officers and staff members was accidentally released following a […]
T-Mobile’s $15.75M Settlement with the FCC
T-Mobile’s $15.75M Settlement with the FCC Introduction T-Mobile has finalized a $15.75 million settlement with the US Federal Communications Commission (FCC) following multiple cybersecurity incidents between 2021 and 2023. The series of data breaches compromised sensitive customer data, prompting the FCC investigation and subsequent penalty. This agreement includes an additional $15.75 million investment in cybersecurity […]
Ivanti CSA Vulnerabilities: Exploitation and Patch Guidance
Ivanti CSA Vulnerabilities Exploitation and Patch Guidance Introduction Ivanti has recently warned about the exploitation of multiple vulnerabilities in its Cloud Services Appliance (CSA). These flaws, particularly CVE-2024-8190 and CVE-2024-8963, pose serious risks, allowing unauthorized access and command execution. This article covers the details of the vulnerabilities, the actions being taken, and how to safeguard […]
Mastercard Acquires Recorded Future to Enhance Cybersecurity
Mastercard Acquires Recorded Future to Enhance Cybersecurity Introduction Mastercard is acquiring Recorded Future from Insight Partners for $2.65 billion to help strengthen its cybersecurity and threat intelligence services. This need led to a strategic decision by Mastercard to initiate the acquisition of RiskRecon, a deal that should improve Mastercard’s overall digital security to reinforce resilience […]
AVIS Car Rental Breach Exposes Sensitive Customer Data
AVIS Car Rental Breach Exposes Sensitive Customer Data Avis Car Rental Data Breach Details Avis Car Rental, A business application belonging to the company was accessed by an unauthorized organization & breached data in August 2024. Between August 3-6, 2024 The breach affected the personal information of 299,006 customers. Avis detected this breach on 5th […]
CISA Response to FlyCASS Vulnerability in Airport Security
CISA Response to FlyCASS Vulnerability in Airport Security Introduction Researchers Ian Carroll and Sam Curry announced, in late August 2024, that a security vulnerability exists within an application used by airport security systems. Discovered in FlyCASS, a third-party web-based service used for airlines that participate in the Cockpit Access Security System (CASS) and Known Crewmember […]
YubiKey Vulnerability: Risk of Side-Channel Attacks
YubiKey Vulnerability: Risk of Side-Channel Attacks Introduction One of the highest security hardware tools widely used for two-factor authentication (2FA), YubiKeys has a cryptographic vulnerability. Now, security expert Thomas Roche the head of research for NinjaLab who warned about these threats at SAS earlier this year and briefly alluded to them here last month (PDF) […]
Improving Internet Routing Security in the US
Improving Internet Routing Security in the US Introduction The Office of the National Cyber Director (ONCD) on Tuesday published a set of recommendations to enhance internet routing security. This work is aimed at a vulnerability in the Border Gateway Protocol (BGP), which is an essential piece of infrastructure for determining how data flows across networks. […]
Intel SGX Security Vulnerability Raises Concerns
Intel SGX Security Vulnerability Raises Concerns Overview of the Intel SGX Vulnerability Intel has spoken up following a cybersecurity researcher’s report of major inroads in hacking its Intel SGX (Software Guard Extensions). This technology works by allowing for the storage of sensitive data and code within a trusted execution environment, (in this case an enclave) […]
Microsoft Applications on macOS: Vulnerabilities and Risks
Microsoft Applications on macOS: Vulnerabilities and Risks Vulnerabilities of Microsoft applications in macOS Multiple Microsoft Applications for macOS are plagued with several security holes that allow attackers to obtain access to sensitive data and gain elevated privileges. These are vulnerabilities that evade Apple’s Transparency, Consent and Control (TCC) framework to control user data permissions. Affected […]