LATEST POST

FEATURE

Policyholder Plot Twist: Cyber Insurer Sues Policyholder’s Cyber Pros

News
16 views 2 mins

Hunton Andrews Kurth writes: When a cyber incident occurs and the insurer pays out the claim, they often face the frustrating reality that pursuing the actual criminals – the threat actors – for indemnification is virtually impossible. Thus, insurers are now turning to subrogation claims against the very cybersecurity vendors entrusted by policyholders to protect […]

FEATURE

LockBit, DragonForce, and Qilin form a ‘cartel’ to dictate ransomware market conditions

Data Breach News
13 views 39 secs

CSO reports: Three of the most notorious ransomware-as-a-service operations have formed a criminal cartel aimed at coordinating attacks and sharing resources in what they describe as an increasingly “challenging” ransomware business environment. DragonForce, Qilin, and LockBit announced the partnership in early September, with DragonForce proposing the collaboration shortly after LockBit reemerged with its LockBit 5.0 […]

FEATURE

Hackers claim Discord breach exposed data of 5.5 million users

Data Breach News
15 views 53 secs

Bleeping Computer reports: Discord says they will not be paying threat actors who claim to have stolen the data of 5.5 million unique users from the company’s Zendesk support system instance, including government IDs and partial payment information for some people. The company is also pushing back on claims that 2.1 million photos of government IDs […]

FEATURE

Nearly a third of Mississippi state agencies fail cybersecurity requirements

Critical Infrastructure
19 views 29 secs

The Vicksburg Daily News reports on the findings by the state auditor: According to Mississippi State Auditor Shad White, a third of state offices are at risk of cybercrimes due to not meeting cybersecurity assessment requirements according to a report released yesterday, Tuesday, Oct. 7. Auditor Shad White stated in the release, “Part of our […]

FEATURE

Critical Vulnerability Alert: Oracle E-Business Suite

Vulnerabilities
31 views 42 secs

The FBI Cyber Division has posted the following on LinkedIn to emphasize this critical alert and the need to patch and hunt promptly: Oracle just issued a Security Alert for CVE-2025-61882, a remote code execution vulnerability (CVSS 9.8 – Critical) affecting Oracle E-Business Suite versions 12.2.3 through 12.2.14. The vulnerability allows unauthenticated attackers to execute […]

FEATURE

Two arrested over nursery chain Kido hack

Data Breach News
15 views 3 mins

IT Pro reports two men have been arrested in connection with the attack on Kido schools in which individuals calling themselves Radiant Group first posted pictures, names, and details of nursery school kids and threatened to dump all 8,000, and then deleted the data and apologized. The UK’s Metropolitan Police have arrested two teenagers for […]

FEATURE

Japan’s Asahi hack that halted beer production claimed by Qilin ransomware group

Data Breach News
21 views 12 secs

Reuters reports an update on the attack on a prominent Japanese brewery: Qilin, a ransomware group with a track record of cyberattacks on major entities around the world, claimed responsibility on Tuesday for a hack on Japan’s Asahi Group Holdings that disrupted production at the beer and beverage giant. Asahi Group’s beer-making subsidiary, Asahi Breweries, said on […]

FEATURE

Cybersecurity Information Sharing Act of 2015 Allowed to Sunset

Legal News
28 views 43 secs

From Covington and Burling’s Inside Privacy blog: The Cybersecurity Information Sharing Act of 2015 (“CISA 2015”), which provided protections for sharing cybersecurity threat information with the federal government and others, officially sunset on September 30, 2025 pursuant to the law’s original sunset date after efforts to re-authorize it did not succeed.  The law created a cybersecurity information […]