Fortinet addressed a critical vulnerability that gave remote access to numerous services and was being exploited by threat actors in the wild. The company described the vulnerability as an authentication bypass on the admin interface, allowing unauthenticated users to connect to FortiProxy web proxies, FortiGate firewalls, and FortiSwitch Manager on-prem management instances. Specifically, the flaw…
In light of a recent data breach, the City of Tucson, Arizona, is alerting approximately 123,000 citizens that their personal information has been compromised. The issue was detected in May 2022, but the city’s investigation didn’t conclude until last month. As detailed in the notification addressed to those impacted by the data breach, an attacker…
According to a new Akamai analysis, the company’s experts classified about 79 million domains as dangerous in the first half of 2022; based on a NOD (newly observed domain) dataset, this is about 13 million malicious domains per month, representing 20.1% of all the successfully resolved NODs. According to Akamai, a NOD is any domain…
After a source code leak was posted by an unidentified third party on 4chan and GitHub last week, the technology giant Intel has confirmed that confidential source code related to its Alder Lake CPUs has been leaked. The disclosed information comprises UEFI (Unified Extensible Firmware Interface) code for the company’s 12th-generation CPUs that were released…
Turnstile, an ambitious new project from Cloudflare, aims to do away with the CAPTCHAs that are now being used on the internet to confirm users are not robots. Turnstile utilizes a revolving set of “browser challenges” to verify that visits to a website are not, in fact, bots. This service is free for all website…
Some major U.S. airports’ websites were inaccessible early on Monday, October 10, 2022, due to a coordinated denial-of-service assault orchestrated by professional hackers. However, officials said flights were unaffected. The assaults, in which participants bombard sites with garbage data, were planned by a mysterious organization named Killnet. The group posted a target list on its…
On October 4th, 2022 a cybersecurity incident has disrupted CommonSpirit Hospitals. With more than 150,000 employees, 20,000 physicians, and serving 21 million patients, CommonSpirit Hospitals is the second-largest nonprofit hospital system in the nation. In 21 states, CommonSpirit operates more than 1,000 care sites and 140 hospitals. CommonSpirit Hospitals announced it is investigating an “IT…
This year, security experts have found three updated versions of Prilex malware that target point-of-sale systems. In 2014, Prilex was a type of malware that targeted ATMs. It switched to PoS (point of sale) devices in 2016, but it wasn’t until 2020 that the malware reached its peak. After that, it faded away in 2021….