US healthcare org pays $11M settlement over alleged cybersecurity lapses

Health Net Federal Services (HNFS) and its parent company, Centene Corporation, have agreed to pay $11,253,400 to settle allegations that HNFS falsely certified compliance with cybersecurity requirements under its Defense Health Agency (DHA) TRICARE contract. The U.S. government contracted HNFS to provide managed healthcare support services for TRICARE’s North region, covering 22 states. The contract […]

Chinese hackers use custom malware to spy on US telecom networks

The Chinese state-sponsored Salt Typhoon hacking group uses a custom utility called JumbledPath to stealthily monitor network traffic and potentially capture sensitive data in cyberattacks on U.S. telecommunication providers. Salt Typhoon (aka Earth Estries, GhostEmperor, and UNC2286) is a sophisticated hacking group active since at least 2019, primarily focusing on breaching government entities and telecommunications companies. […]

Integrating LLMs into security operations using Wazuh

Artificial intelligence (AI) is the simulation of human intelligence in machines, enabling systems to learn from data, recognize patterns, and make decisions. These decisions can include predicting outcomes, automating processes, and detecting anomalies. Large Language Models (LLMs) are specialized AI models designed to process, understand, and generate human-like text. Large Language Models (LLMs) are trained […]

Microsoft February 2025 Patch Tuesday fixes 4 zero-days, 55 flaws

Today is Microsoft’s February 2025 Patch Tuesday, which includes security updates for 55 flaws, including four zero-day vulnerabilities, with two actively exploited in attacks. This Patch Tuesday also fixes three “Critical” vulnerabilities, all remote code execution vulnerabilities. The number of bugs in each vulnerability category is listed below: 19 Elevation of Privilege Vulnerabilities 2 Security Feature […]

Fortinet warns of new zero-day exploited to hijack firewalls

Fortinet warned today that attackers are exploiting another now-patched zero-day bug in FortiOS and FortiProxy to hijack Fortinet firewalls and breach enterprise networks. Successful exploitation of this authentication bypass vulnerability (CVE-2025-24472) allows remote attackers to gain super-admin privileges by making maliciously crafted CSF proxy requests.  The security flaw impacts FortiOS 7.0.0 through 7.0.16, FortiProxy 7.0.0 through […]

Russian military hackers deploy malicious Windows activators in Ukraine

The Sandworm Russian military cyber-espionage group is targeting Windows users in Ukraine with trojanized Microsoft Key Management Service (KMS) activators and fake Windows updates. These attacks likely started in late 2023 and have now been linked by EclecticIQ threat analysts with Sandworm hackers based on overlapping infrastructure, consistent Tactics, Techniques and Procedures (TTPs), and frequently […]