Cristian Luțic
Cristian Luțic is a cybersecurity professional and Editor-in-Chief of iSec.News, with experience in security enablement, risk analysis, and vulnerability reporting. As Editor-in-Chief, he is responsible for editorial standards, source verification, and publication oversight at iSec News.
From professional sports to cybersecurity, his career path may have been unconventional, but it has been driven by the same core values: discipline, perseverance, and a passion for doing meaningful, impactful work.
iSec.News Motto: “Only news, only information security and privacy news. No fluff.”
-
New Attack Technique Leveraging Windows Domain Controllers Threatens Cybersecurity
Researchers at SafeBreach have unveiled a new technique known as Win-DDoS, which exploits vulnerabilities in Windows domain controllers to facilitate powerful DDoS attacks. The findings highlight significant risks to cybersecurity, necessitating a reevaluation of current defenses against such threats.
-
U.S. Federal Judiciary Confirms Cyberattack on Case Management System
The U.S. Federal Judiciary has confirmed a cyberattack on its electronic case management systems, leading to increased cybersecurity measures to protect sensitive court documents. Enhanced protections are in response to rising sophisticated cyber threats affecting public and private sectors. The breach reportedly exposed confidential information across multiple federal districts.
-
Research Uncovers Privacy Concerns in Apple’s Siri Data Handling
New research reveals that Apple’s Siri may send sensitive user data to company servers beyond its stated privacy policies, raising concerns about the integrity of user privacy and end-to-end encryption.
-
Columbia University Data Breach Exposes Personal Information of Nearly 870,000
Columbia University has reported a significant data breach that has compromised the personal information of nearly 870,000 individuals, prompting an investigation and offering support services to those affected.
-
Malicious NPM Packages Pose Threat to WhatsApp Developers
Researchers at Socket have discovered two malicious NPM packages that impersonate WhatsApp development tools, deploying dangerous data-wiping code and threatening developers’ systems. Despite takedown efforts, the packages remain available for download.
-
Bouygues Telecom Faces Data Breach Affecting 6.4 Million Customers
Bouygues Telecom confirms a significant data breach affecting 6.4 million customers, exposing personal data but no credit card details. The company acts quickly to secure its network and notify customers.
-
CISA and Microsoft Alert on High-Severity Vulnerability in Exchange Servers
Federal agencies are alerted to a significant vulnerability in Microsoft Exchange servers. An emergency directive from CISA requires immediate actions to mitigate risks following insights revealed at the Black Hat conference, highlighting the potential for exploitation by attackers.
-
Discovery of Malicious Go Packages Exposes Supply Chain Vulnerabilities
Recent cybersecurity research highlights a critical vulnerability in the Go programming ecosystem with the discovery of 11 malicious packages designed for covert data exfiltration on Windows and Linux systems. The malware exploits the decentralized nature of Go modules, undermining developer confidence.
-
SonicWall Addresses Surge in SSL VPN Activity Linked to Patched Vulnerability
SonicWall has confirmed that recent SSL VPN activity is linked to an older, patched vulnerability and password reuse, urging users to update firmware and reset passwords to enhance security against ongoing attacks.
-
Air France-KLM Reports Data Breach Affecting Customer Information
Air France and KLM warn of a data breach affecting customer information, while reassuring that financial data remains secure, amid rising cybersecurity threats in the aviation industry.
