Issue #145 - April 14, 2025
- Weekly INK
- Apr 14
- 2 min read
Chinese APTs Exploit EDR 'Visibility Gap' for Cyber Espionage
Source: Dark Reading
Blind spots in network visibility, including in firewalls, IoT devices, and the cloud, are being exploited by Chinese state-backed threat actors with increasing success, according to new threat intelligence. Here's how experts say you can get eyes on it all.
The quiet data breach hiding in AI workflows
Source: Help Net Security
As AI becomes embedded in daily business workflows, the risk of data exposure increases. Prompt leaks are not rare exceptions. They are a natural outcome of how employees use large language models. CISOs cannot treat this as a secondary concern
Radiology Practice Pays Feds $350,000 in HIPAA Settlement
Source: Data Breach Today
A medical imaging practice with offices in New York and Connecticut has agreed to pay $350,000 to federal regulators to settle potential HIPAA violations uncovered in an investigation of a 2020 hacking incident that affected nearly 300,000 people.
Breach of American aircraft parts maker leaves thousands exposed
Source: Cyber News
Mercury Corp., a US-headquartered manufacturing company, had attackers breach its hull to take personal details, including driver’s license and Social Security numbers. The attackers broke through the company’s defenses in mid-February this year, Mercury Corp. announced via a breach notification letter sent to potentially impacted individuals. They didn’t roam the firms’ systems for long, the letter reads, spending only around one day inside.
CISA tags SonicWall VPN flaw as actively exploited in attacks
Source: Bleeping Computer
On Wednesday, CISA warned federal agencies to secure their SonicWall Secure Mobile Access (SMA) 100 series appliances against attacks exploiting a high-severity remote code execution vulnerability. Tracked as CVE-2021-20035, this security flaw impacts SMA 200, SMA 210, SMA 400, SMA 410, and SMA 500v (ESX, KVM, AWS, Azure) devices.