The Information Highway

The Information Highway

Bill Toulas is a technology writer and infosec news reporter with over a decade of experience working on various online publications. An open source advocate and Linux enthusiast, is currently finding pleasure in following hacks, malware campaigns, and data breach incidents, as well as by exploring the intricate ways through which tech is swiftly transforming our lives.

Researchers extract RSA keys from SSH server signing errors

cyber-key

A team of academic researchers from universities in California and Massachusetts demonstrated that it's possible under certain conditions for passive network attackers to retrieve secret RSA keys from naturally occurring errors leading to failed SSH (secure shell) connection attempts. 

Continue reading
  1124 Hits

Exploit for CrushFTP RCE chain released, patch now

hacker-looking-at-screens

A proof-of-concept exploit was publicly released for a critical remote code execution vulnerability in the CrushFTP enterprise suite, allowing unauthenticated attackers to access files on the server, execute code, and obtain plain-text passwords. 

Continue reading
  1066 Hits

CISA warns of actively exploited Windows, Sophos, and Oracle bugs

CISA_headpic

The U.S. Cybersecurity & Infrastructure Security Agency has added to its catalog of known exploited vulnerabilities (KEV) three security issues that affect Microsoft devices, a Sophos product, and an enterprise solution from Oracle. 

Continue reading
  1073 Hits

Toyota confirms breach after Medusa ransomware threatens to leak data

toyota-logo-on-a-sign

Toyota Financial Services (TFS) has confirmed that it detected unauthorized access on some of its systems in Europe and Africa after Medusa ransomware claimed an attack on the company. 

Continue reading
  1079 Hits

Fortinet warns of critical command injection bug in FortiSIEM

Fortinet

Fortinet is alerting customers of a critical OS command injection vulnerability in FortiSIEM report server that could be exploited by remote, unauthenticated attackers to execute commands through specially crafted API requests. 

Continue reading
  1168 Hits

Top Breaches Cost ($) of 2024

HEALTHCARE
FINANCIAL
INDUSTRIAL
TECHNOLOGY
ENERGY
Source: IBM Cost of a Data Breach Report 2024