-
Casio warns employees, customers about data leak from October ransomware attack
In a notice on Wednesday, Casio provided a post-mortem on an October attack, explaining that 6,456 employees, 1,931 business partners and 91 customers were impacted by the ransomware incident. Go to Source
-
Some Winston-Salem city services knocked offline by cyberattack
Winston-Salem, one of North Carolina’s largest cities, says a late December cyberattack is still causing trouble for some digital services. Go to Source
-
Cyber Certainty: Threat Reduction For Business Leaders
This week in cybersecurity from the editors at Cybercrime Magazine –Read the Full Story in TechRound Sausalito, Calif. – Jan. 10, 2025 TechRound, the voice of UK startups, reports that cybercrime will cost the world more than $10 trillion annually by 2025, according to Cybersecurity Ventures. Daniel Tobok’s concept of Cyber Certainty has become a guiding…
-
Cybersecurity in 2025 — Challenges, Risks, and What Leaders Must Do
This week in cybersecurity from the editors at Cybercrime Magazine –Read the Full Story in Security Boulevard Sausalito, Calif. – Jan. 9, 2025 Every year brings new challenges — more threats, new techniques, more astute perpetrators, according to Rob Gurzeev, co-founder and CEO at CyCognito, a Forbes tech council member, and former CTO, Intelligence Division…
-
CVE-2025-22145 – Carbon PHP DateTime Remote File Include Vulnerability
CVE ID : CVE-2025-22145 Published : Jan. 8, 2025, 9:15 p.m. | 29 minutes ago Description : Carbon is an international PHP extension for DateTime. Application passing unsanitized user input to Carbon::setLocale are at risk of arbitrary file include, if the application allows users to upload files with .php extension in an folder that allows include…
-
CVE-2024-52869 – Teradata SUSE Enterprise Linux Server Elevated Privilege Group Misassignment
CVE ID : CVE-2024-52869 Published : Jan. 8, 2025, 9:15 p.m. | 29 minutes ago Description : Certain Teradata account-handling code through 2024-11-04, used with SUSE Enterprise Linux Server, mismanages groups. Specifically, when there is an operating system move from SUSE Enterprise Linux Server (SLES) 12 Service Pack (SP) 2 or 3 to SLES 15 SP2…
-
CVE-2024-53995 – SickChill Open Redirect Vulnerability
CVE ID : CVE-2024-53995 Published : Jan. 8, 2025, 9:15 p.m. | 29 minutes ago Description : SickChill is an automatic video library manager for TV shows. A user-controlled `login` endpoint’s `next_` parameter takes arbitrary content. Prior to commit c7128a8946c3701df95c285810eb75b2de18bf82, an authenticated attacker may use this to redirect the user to arbitrary destinations, leading to open…
-
CVE-2024-13190 – ZeroWdd Myblog Xml Injection
CVE ID : CVE-2024-13190 Published : Jan. 8, 2025, 9:15 p.m. | 29 minutes ago Description : A vulnerability classified as critical was found in ZeroWdd myblog 1.0. This vulnerability affects unknown code of the file src/main/resources/mapper/BlogMapper.xml. The manipulation of the argument findBlogList/getTotalBlogs leads to xml injection. The attack can be initiated remotely. The exploit has…
-
CVE-2025-22143 – WeGIA Web Manager Reflected Cross-Site Scripting
CVE ID : CVE-2025-22143 Published : Jan. 8, 2025, 8:15 p.m. | 1 hour, 28 minutes ago Description : WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the listar_permissoes.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the msg_e parameter. This vulnerability…