News

October Patch Tuesday beats January ’25 record

Bys s October 15, 2025

Microsoft throws a farewell party for Win10, Office 2016, and Office 2019… a very big party

News

Pakistan-Linked SideCopy Targets Afghanistan Finance Ministry with Xeno RAT
Bys s June 2, 2026

Cybersecurity researchers have disclosed details of a spear-phishing campaign likely undertaken by the Pakistan-aligned SideCopy group targeting Afghanistan’s Ministry of Finance with an open-source remote access trojan called Xeno RAT. “The campaign opens with a spear phishing delivery – a ZIP archive containing a malicious LNK file bearing a carefully crafted Pashto-language filename,”

Read More Pakistan-Linked SideCopy Targets Afghanistan Finance Ministry with Xeno RAT
News

HHS Office for Civil Rights Settles HIPAA Security Rule Investigation with USR Holdings, LLC Concerning the Deletion of Electronic Protected Health Information
Bys s January 8, 2025

Note: In 2019, when USR Holdings disclosed this breach to affected patients, they did not mention that ePHI had been deleted. So in 2025, we are first learning of this part of the breach? The following is HHS OCR’s press release today. Settlement resolves multiple Security Rule failures Today, the U.S. Department of Health and…

Read More HHS Office for Civil Rights Settles HIPAA Security Rule Investigation with USR Holdings, LLC Concerning the Deletion of Electronic Protected Health Information
News

Over 269,000 Websites Infected with JSFireTruck JavaScript Malware in One Month
Bys s June 13, 2025

Cybersecurity researchers are calling attention to a “large-scale campaign” that has been observed compromising legitimate websites with malicious JavaScript injections. According to Palo Alto Networks Unit 42, these malicious injects are obfuscated using JSFuck, which refers to an “esoteric and educational programming style” that uses only a limited set of characters to write and execute…

Read More Over 269,000 Websites Infected with JSFireTruck JavaScript Malware in One Month
News

Salt Typhoon Exploits Cisco, Ivanti, Palo Alto Flaws to Breach 600 Organizations Worldwide
Bys s August 28, 2025

The China-linked advanced persistent threat (APT) actor known as Salt Typhoon has continued its attacks targeting networks across the world, including organizations in the telecommunications, government, transportation, lodging, and military infrastructure sectors. “While these actors focus on large backbone routers of major telecommunications providers, as well as provider edge (PE) and

Read More Salt Typhoon Exploits Cisco, Ivanti, Palo Alto Flaws to Breach 600 Organizations Worldwide
News

Zoom and Xerox Release Critical Security Updates Fixing Privilege Escalation and RCE Flaws
Bys s August 13, 2025

Zoom and Xerox have addressed critical security flaws in Zoom Clients for Windows and FreeFlow Core that could allow privilege escalation and remote code execution. The vulnerability impacting Zoom Clients for Windows, tracked as CVE-2025-49457 (CVSS score: 9.6), relates to a case of an untrusted search path that could pave the way for privilege escalation….

Read More Zoom and Xerox Release Critical Security Updates Fixing Privilege Escalation and RCE Flaws
News

How to Integrate AI into Modern SOC Workflows
Bys s December 30, 2025

Artificial intelligence (AI) is making its way into security operations quickly, but many practitioners are still struggling to turn early experimentation into consistent operational value. This is because SOCs are adopting AI without an intentional approach to operational integration. Some teams treat it as a shortcut for broken processes. Others attempt to apply machine learning…

Read More How to Integrate AI into Modern SOC Workflows

Similar Posts