Cyber Security Headlines Radware clarifies patch, retailer data stolen, Alabama suffers cyberattack
17 snips
May 14, 2025 Radware has patched recent vulnerabilities related to WAF bypasses. Marks & Spencer revealed that they suffered a data breach due to a ransomware attack. Alabama is facing significant cybersecurity challenges affecting state operations. The discussion also highlights a North Korean cyber attack targeting Ukrainian government entities and a major Intel CPU vulnerability that could lead to data leakage. These incidents stress the need for proactive measures in cybersecurity.
AI Snips
Chapters
Transcript
Episode notes
Radware WAF Bypass Patched 2023
- Radware swiftly patched filter bypass vulnerabilities in its Cloud Web Application Firewall reported in 2023.
- These flaws allowed payloads to bypass WAF filtering, risking unblocked attacks.
Marks & Spencer Data Theft Details
- Marks & Spencer confirmed personal data was stolen during a ransomware attack that still disrupts online sales.
- The stolen information includes PII and masked payment card details but excludes usable full card data.
Turkish APT Targets Kurdish Groups
- The Turkish APT group Marbled Dust exploited a zero-day in Output Messenger to spy on Kurdish military and government entities.
- They deployed malicious files and collected user data since April 2024 targeting political groups and IT providers.