scworld.com

Outlet metrics

Domain Authority

Ranking

Global

#259663

United States

#192134

Computers Electronics and Technology/Computer Security

#561

Traffic sources

Monthly visitors

Articles

Alarms sound over attacks via Microsoft NTLM vulnerability

6 days ago | scworld.com | Shaun Nichols

A vulnerability previously thought to be a low-priority was cast into the spotlight thanks to a newly revealed exploit in the wild. Administrators were advised to test and install Microsoft’s March security fixes to prevent exploitation of the flaw. Researchers with security vendor CheckPoint report finding active exploits in the wild targeting the Microsoft flaw designated as CVE-2025-24054.
HHS fines Guam hospital over ransomware attack, HIPAA violations

6 days ago | scworld.com | Laura French

The Guam Memorial Hospital Authority (GMHA) was fined $25,000 after two cyber incidents, including a ransomware attack, led to potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA).
Legends International notifies customers, employees of data breach

6 days ago | scworld.com | Steve Zurier

Legends International, the large sports venue support company with reportedly $1.7 billion in sales, earlier this week sent out letters to some customers and employees that it was the victim of a cyberattack.
Think of MITRE’s CVE program as critical infrastructure

6 days ago | scworld.com | Callie Guenther

COMMENTARY: The U.S. cybersecurity community earlier this week narrowly avoided a disruption that most people outside the industry never heard of — but would have felt indirectly and immediately. Just hours before the expiration of federal funding, the Cybersecurity and Infrastructure Security Agency (CISA) extended the contract supporting the Common Vulnerabilities and Exposures (CVE) program to the MITRE Corporation.
Secure legacy Oracle cloud credentials amid leak reports, CISA warns

6 days ago | scworld.com | Shaun Nichols

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is advising security professionals to tighten the security on their Oracle Cloud deployments following multiple claims of a data breach on the platform.
Identity-based cyberattacks a third of intrusions, drop infostealers

1 week ago | scworld.com | Laura French

Identity-based cyberattacks made up nearly a third of intrusions in 2024, while the delivery of infostealers by email increased a dramatic 84%, according to the IBM X-Force 2025 Threat Intelligence Index published Thursday. The report revealed that 30% of intrusions involve the misuse of valid credentials, marking the second year in a row that valid logins tied with exploitation of public-facing applications as the top initial access vector.
MITRE support expires for 'pillar of cybersecurity industry,' CVE program

1 week ago | scworld.com | Shaun Nichols

The latest series of cuts by the Trump administration could throw the future of core cybersecurity institutions, including the Common Vulnerabilities and Exposures (CVE) Program and National Vulnerability Database, into jeopardy.
China's allegation that NSA hacked Asian Winter Games draws suspicion

1 week ago | scworld.com | Steve Zurier

Security experts were suspicious of the news Tuesday that Chinese authorities are pursuing three alleged operatives tied to the National Security Agency (NSA) who purportedly engineered cyberattacks in February at the Asian Winter Games and on Chinese critical infrastructure.
Founder of e-commerce firm hit with fraud charge for lying about AI tech

1 week ago | scworld.com | Shaun Nichols

A former AI founder is set to face criminal charges after it was found that his supposed artificial intelligence platform was powered by human operators. Albert Saniger, the former chief executive of e-commerce startup “nate” is facing securities fraud and wire fraud charges after it was alleged he sold his investors on an AI-powered online shopping tool.
Black Basta-like Microsoft Teams phishing leads to novel backdoor

1 week ago | scworld.com | Laura French

A Microsoft Teams phishing campaign, leveraging techniques commonly used in Black Basta ransomware attacks, was found to spread a unique PowerShell backdoor in recent attacks, ReliaQuest reported Friday. The March 2025 malware campaign also leveraged a persistence tactic never before seen in the wild, according to ReliaQuest, in which the Windows Type Library (TypeLib) is hijacked to redirect component object models (COM objects) to malicious files.