Dataproof Communications

The Iran situation remains volatile and uncertain, with material impacts for organizations. Leaders should plan for multiple future scenarios, prioritizing resilience and effective decision-making Current State (April 10) Severe tensions persist despite a two-week ceasefire:The agreement remains fragile and conditional on reopening the Strait of Hormuz; each side has already accused Iran War: Future Scenarios and Business...

For the latest discoveries in cyber research for the week of 13th April, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES The Los Angeles Police Department has reported a data breach involving a digital storage system used by the L.A. City Attorney’s Office. The exposure included 7.7 terabytes and more than 337,000 files, including personnel records, internal affairs material,...

Undisclosed number of names and contact and reservation details accessed in latest cybercrime attemptThe accommodation reservation website Booking.com has suffered a data breach with “unauthorised parties” gaining access to customers’ details.The platform said it “noticed some suspicious activity involving unauthorised third parties being able to access some of our guests’ booking information”. Continue reading... - Read more

By Don Santos, Cofense Phishing Defense Center Online trading platforms are popular among investors. Both beginners and professionals use them to study the financial markets, manage investments, and make profits online. Interactive Brokers is one such trusted platform, known for its low pricing and global market access. With presence in over 200 countries, the brand has now become a viable target...

In March 2026, Insikt Group® identified 31 high-impact vulnerabilities that should be prioritized for remediation, 29 of which had a Very Critical Recorded Future Risk Score. These vulnerabilities affected products from the following vendors: Cisco, Microsoft, Google, ConnectWise, Langflow, Citrix, Aquasecurity, Nginx UI, Qualcomm, F5, Craft CMS, Laravel, Apple, Synacor, Wing FTP Server, n8n, Omnissa, SolarWinds, Ivanti, Hikvision,...

What is the Attack? Microsoft Threat Intelligence has identified Storm-1175, a financially motivated threat actor conducting high-tempo ransomware operations leveraging the Medusa ransomware variant. The group specializes in rapidly exploiting vulnerable web-facing systems, often weaponizing newly disclosed vulnerabilities (N-days) and even zero-days before public disclosure. ...

Have you ever needed to make sure your website has a broken certificate? While many tools exist to help run an HTTPS server with valid certificates, there aren’t tools to make sure your certificate is revoked or expired. This is not a problem most people have. Tools to help manage certificates are always focused on avoiding those problems, not...

AI Security Insights – April 2026 - Read more

A critical Adobe Acrobat zero-day has been exploited for months via malicious PDFs to steal data and potentially take over systems, with no patch yet available. The post Hackers Exploit Adobe PDF Flaw for Months to Steal Data, No Fix Yet appeared first on TechRepublic. - Read more

Welcome to this week’s edition of the Threat Source newsletter. “Study hard what interests you the most in the most undisciplined, irreverent and original manner possible.” ― Richard Feynman  “I had discovered that learning something, no matter how complex, wasn't hard when I had a reason to want to know it.” ― Homer Hickam, Rocket Boys  *looks around at - gestures - everything*  *opens a new tab in the...