Cybersecurity News Archives - Page 3 of 4

TalkTalk Investigates Alleged Data Breach Affecting Millions of Customers

26/01/202505/02/2025 SECITHUB

British telecommunications provider TalkTalk has confirmed it is investigating claims of a significant data breach following allegations by a hacker known as “b0nd.” The hacker asserts that they have gained access to sensitive information belonging to 19 million customers, a figure that the company strongly disputes. The breach allegedly occurred through a third-party service provider earlier this year. Details of the Incident According to initial reports, the hacker infiltrated a third-party vendor’s system in early January, potentially compromising the following customer data: TalkTalk has stated that while it acknowledges a…

Microsoft to End Automatic Driver Updates via WSUS for Enterprises

26/01/202505/02/2025 SECITHUB

Microsoft has announced a significant change to its Windows Server Update Services (WSUS), a widely used system for managing updates across enterprise networks. As of April 18, 2025, organizations will no longer be able to automatically distribute driver updates through WSUS. Instead, IT administrators will be required to manually download and deploy drivers from the Microsoft Update Catalog. Key Changes Microsoft’s Recommended Alternatives To facilitate a smoother transition, Microsoft is encouraging enterprises to adopt the following modern solutions: What Organizations Should Do Next Enterprises currently relying on WSUS for driver…

Why Amazon and Google Are Turning to Nuclear Energy

25/01/202506/02/2025 SECITHUB

As the demand for data processing and storage continues to rise, major tech companies like Amazon and Google are making strategic investments in nuclear energy to power their vast data centers with clean, reliable energy. This move underscores their commitment to sustainability while addressing the growing energy demands driven by advancements in cloud computing, artificial intelligence (AI), and digital transformation. Why Amazon and Google Are Turning to Nuclear Energy Both Amazon and Google operate thousands of data centers worldwide, consuming vast amounts of electricity to keep servers running 24/7. According…

HPE Investigates Alleged Data Breach by IntelBroker Threat Group

25/01/202506/02/2025 SECITHUB

Hewlett Packard Enterprise (HPE) is currently investigating claims of a significant data breach allegedly orchestrated by the IntelBroker cyber threat group. The attackers claim to have gained access to HPE’s internal systems, exposing sensitive data, including API keys, source code, and confidential information stored in GitHub repositories. This breach highlights the ongoing challenges organizations face in safeguarding their intellectual property and protecting their critical infrastructure from persistent threat actors. According to reports, the attackers infiltrated HPE’s systems and exfiltrated proprietary data, potentially putting the organization at risk of operational disruptions…

Former CIA Analyst Pleads Guilty to Leaking Top-Secret Information on Israeli Plans to Strike Iran

22/01/202506/02/2025 SECITHUB

Asif William Rahman, a 34-year-old former analyst for the U.S. Central Intelligence Agency (CIA), pleaded guilty on January 17, 2025, to charges of unlawfully retaining and transmitting Top Secret National Defense Information. Rahman admitted to leaking classified documents detailing Israel’s plans for a military strike against Iran, which were subsequently disseminated on social media platforms. In October 2024, Rahman accessed and printed two Top Secret documents from the National Geospatial-Intelligence Agency (NGA) and the National Security Agency (NSA). These documents outlined Israel’s intended airstrike in retaliation for Iran’s missile attack…

Mirai Botnet Strikes Again: Record 5.6 Tbps DDoS Attack with 13,000+ IoT Devices

22/01/202506/02/2025 SECITHUB

In a recent cybersecurity event, the infamous Mirai botnet launched a record-breaking 5.6 terabits per second (Tbps) Distributed Denial-of-Service (DDoS) attack. The attack leveraged over 13,000 compromised Internet of Things (IoT) devices to overwhelm an unnamed internet service provider (ISP) in Eastern Asia. This attack is the largest of its kind, showcasing the evolving threats posed by IoT botnets. The attack lasted approximately 80 seconds and primarily exploited the User Datagram Protocol (UDP), which is commonly used in high-volume attacks due to its connectionless nature. Each compromised IoT device contributed…

Cyber Threat Alert: 13,000 MikroTik Routers Compromised in Global Attack Campaign

22/01/202506/02/2025 SECITHUB

A recent cybersecurity investigation has revealed a widespread botnet operation that has hijacked approximately 13,000 MikroTik routers worldwide. Cybercriminals leveraged these compromised devices to launch large-scale malspam campaigns and cyberattacks, exploiting misconfigured security settings and outdated firmware. The attackers targeted MikroTik routers by exploiting known vulnerabilities, including the critical CVE-2023-30799, which allows privilege escalation and remote code execution. Once compromised, the routers were configured as SOCKS proxies, enabling attackers to conceal their malicious activities, such as: A significant aspect of the attack was the exploitation of misconfigured Sender Policy Framework…

Hacktivist Group Handala Claims Major Cyberattack on Zuk Group, Alleging Ties to Israeli Intelligence

20/01/202506/02/2025 SECITHUB

Hacktivist group Handala has claimed responsibility for a large-scale cyberattack on Zuk Group, an international financial conglomerate they allege serves as a front for Israeli intelligence agency, Mossad. The group asserts that they have infiltrated isolated computing systems within the company, exfiltrated massive amounts of sensitive data, and caused significant operational disruptions across multiple locations. Details of the Alleged Cyberattack Allegations Against Zuk Group As of now, Zuk Group, which employs approximately 1,000 personnel across the finance, technology, and real estate sectors, has not issued an official response to the…

New Phishing Campaigns Exploit Fake Voicemail Messages to Target Office 365 Users

20/01/202506/02/2025 SECITHUB

Cybercriminals are employing sophisticated phishing tactics by sending fake voicemail notifications to deceive Microsoft Office 365 users into revealing their login credentials. This method has been observed across various sectors, including military, healthcare, and manufacturing. Attackers dispatch emails that mimic legitimate voicemail notifications, often including an HTML attachment disguised as an audio file. When opened, this attachment redirects the recipient to a counterfeit Microsoft login page designed to harvest their Office 365 credentials. Targeted Industries Recent campaigns have specifically targeted U.S. organizations in sectors such as military, security software development,…

Otelier Data Breach Raises Serious Concerns Over Hospitality Cybersecurity

20/01/202506/02/2025 SECITHUB

Otelier, a prominent hotel management platform, has suffered a major data breach that has exposed the personal information and booking details of millions of guests. The breach, which affected leading hotel chains such as Marriott, Hilton, and Hyatt, has sparked significant concerns regarding cybersecurity within the hospitality industry. Initial reports indicate that the breach occurred between July and October 2024, with cybercriminals gaining unauthorized access to Otelier’s Amazon S3 cloud storage. Hackers reportedly exfiltrated approximately 8 terabytes of sensitive data, including names, addresses, phone numbers, reservation details, and partial payment…