Category: Uncategorized
-

New U.S. DoJ Rule Halts Bulk Data Transfers to Adversarial Nations to Protect Privacy [email protected] (The Hacker News)
The U.S. Department of Justice (DoJ) has issued a final rule carrying out Executive Order (EO) 14117, which prevents mass transfer of citizens’ personal data to countries of concern such as China (including Hong Kong and Macau), Cuba, Iran, North Korea, Russia, and Venezuela. “This final rule is a crucial step forward in addressing the…
-
Treasury Department breached through BeyondTrust service
Post ContentRead More
-

Chinese APT Exploits BeyondTrust API Key to Access U.S. Treasury Systems and Documents [email protected] (The Hacker News)
The United States Treasury Department said it suffered a “major cybersecurity incident” that allowed suspected Chinese threat actors to remotely access some computers and unclassified documents. “On December 8, 2024, Treasury was notified by a third-party software service provider, BeyondTrust, that a threat actor had gained access to a key used by the vendor to…
-

Misconfigured Kubernetes RBAC in Azure Airflow Could Expose Entire Cluster to Exploitation [email protected] (The Hacker News)
Cybersecurity researchers have uncovered three security weaknesses in Microsoft’s Azure Data Factory Apache Airflow integration that, if successfully exploited, could have allowed an attacker to gain the ability to conduct various covert actions, including data exfiltration and malware deployment. “Exploiting these flaws could allow attackers to gain persistent access as shadow administratorsRead More
-
PAN-OS Firewall Denial of Service (DoS) Vulnerability
What is the Vulnerability?Attackers are exploiting, a Denial-of-Service vulnerability (CVE-2024-3393) in the DNS Security feature of Palo Alto Networks PAN-OS. This vulnerability allows an unauthenticated attacker to send a malicious packet through the data plane of the firewall that reboots the firewall, causing it to crash and reboot, potentially leading to Denial of Service (DoS).CISA…
-

New HIPAA Rules Mandate 72-Hour Data Restoration and Annual Compliance Audits [email protected] (The Hacker News)
The United States Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) has proposed new cybersecurity requirements for healthcare organizations with an aim to safeguard patients’ data against potential cyber attacks. The proposal, which seeks to modify the Health Insurance Portability and Accountability Act (HIPAA) of 1996, is part of a broader…
-

⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [email protected] (The Hacker News)
Every week, the digital world faces new challenges and changes. Hackers are always finding new ways to breach systems, while defenders work hard to keep our data safe. Whether it’s a hidden flaw in popular software or a clever new attack method, staying informed is key to protecting yourself and your organization. In this week’s…
-

When Good Extensions Go Bad: Takeaways from the Campaign Targeting Browser Extensions [email protected] (The Hacker News)
News has been making headlines over the weekend of the extensive attack campaign targeting browser extensions and injecting them with malicious code to steal user credentials. Currently, over 25 extensions, with an install base of over two million users, have been found to be compromised, and customers are now working to figure out their exposure…
-
Top public cloud service providers of 2025: How they compare
Post ContentRead More
-
Navigate the 2025 threat landscape with expert insights
Post ContentRead More
