Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history
image for The Top 25 Women Cyb ...

 Firewall Daily

As cyber threats grow, the United Arab Emirates (UAE) is stepping up, fast. The country's cybersecurity market is projected to hit US$543.47 million by 2025, with Security Services alone expected to account for over US$294 million. This growth signals more than just investment; it reflects a national push to build   show more ...

a future-ready digital defense system. At the heart of this transformation are women leaders who are redefining what cybersecurity leadership looks like. Whether advising global enterprises, leading incident response, or shaping national policy, these 25 women are not just part of the conversation—they are driving it. Here's a look at the women powering the UAE’s cybersecurity rise in 2025. Dee Deu CISSP, Director of Information Security, Chalhoub Group Dee Deu is a seasoned cybersecurity leader with over 18 years of experience across industries like banking, retail, insurance, and real estate. At Chalhoub Group, she leads information security strategy and governance, helping to build strong privacy and risk management programs. Dee is known for her people-first approach and ability to engage teams, stakeholders, and suppliers to drive security transformation across the business. She combines technical know-how with leadership to deliver results and create a culture of cyber awareness. Dee’s passion for knowledge-sharing and transparency has made her a respected voice in the industry. Her achievements include being named ‘CISO of the Year’ at the Cyber Security Awards in 2019 and making it to the SC UK list of the 50 Most Influential Women in Cybersecurity. Hessa Almatrooshi, Director of Information Technology – Acting, Ajman Free Zone (AFZ) Hessa Almatrooshi has over a decade of experience in cybersecurity and IT leadership. She started her career at Ajman Free Zone in 2011, working in IT infrastructure and helpdesk support. In 2018, she moved into cybersecurity, leading key security initiatives across the organization. Her expertise includes ISO 27001, ISO 20000-1, and risk management. Hessa holds certifications like CISSP, MCTP, and ITIL, showing her strong commitment to continuous learning. Known for her collaborative leadership style, she focuses on building strong teams and promoting security awareness. Hessa is passionate about solving problems and driving innovation in cybersecurity. Eman Al Awadhi, Vice President - Network and Cyber Security, Expo City Dubai Eman Al Awadhi is the Vice President of Network and Cyber Security at Expo City Dubai. She leads key areas including network infrastructure, cybersecurity, physical security tech, and tech innovation. Eman played a major role in protecting the digital systems of Expo 2020, where she built one of the most advanced cybersecurity frameworks for a World Expo. With over 16 years of experience, she started her career as a Network Security Engineer at UAE’s Computer Emergency Response Team. Eman is known for blending technical expertise with strategic thinking to drive innovation and secure smart city technologies. She is a public speaker, mentor, and instructor in cybersecurity, often seen representing Expo City on global platforms. Eman also works with institutions like AIT and WINS and serves on advisory boards of leading universities in the UAE. She holds degrees from the American University of Sharjah and Khalifa University. Seema Sharma, Head of Information Security, Wio Bank Seema Sharma is the Head of Information Security at Wio Bank. With years of experience in cybersecurity, she is known for building strong security teams and driving impactful strategies. Her core strengths include risk and compliance, data privacy, DevSecOps, and cloud security. Seema also leads security incident response and business continuity efforts. She brings a hands-on approach to security engineering and threat management, making her a trusted leader in the banking sector. Her work ensures that Wio Bank stays secure, resilient, and ready for the future. Heide Young, Manager Cyber Strategy & Engagement, NEOM Heide Young leads Cybersecurity Strategy & Engagement at NEOM Tech & Digital. She focuses on building future-ready security programs and driving secure-by-design practices in the region’s cognitive city ecosystem. Heide is a Founding Partner and Board Member at Women in Cyber Security Middle East (WiCSME), where she works to advance and support women in the field. She also serves as a Global Ambassador for the Global Council for Responsible AI. Known for her thought leadership in cyber strategy, digital trust, and ethical AI, Heide has received several global recognitions, including being named Top Cybersecurity Woman of the World in 2023 and 2024. She is also listed among the Top 10 Tech Leaders in the Middle East and the 100 Most Inspirational Women in Cyber. Heide often speaks at global forums, sharing insights on responsible innovation and emerging technologies. Mouza Al Romaithi, Director - Information & Cybersecurity,  ADQ Mouza Al Romaithi is the Director of Information and Cybersecurity at ADQ. With over 16 years of experience, she has played a key role in building and strengthening ADQ’s cybersecurity strategy. Her work focuses on protecting systems and data against evolving cyber threats. Mouza also brings her expertise to the boardrooms of TAQA and Pure Health, where she serves as a board member. She is known for her leadership, strategic thinking, and hands-on approach to tackling cybersecurity challenges. She holds a master’s degree in Cybersecurity and a bachelor’s degree in Network Systems, both from Zayed University. Mouza continues to be a strong voice in the UAE’s cybersecurity landscape. Sara Khalid Mohamed Alhosani, Director - Cyber Threat Intelligence Division (Gov Information Security), Department of Government Enablement Sara Khalid Mohamed Alhosani is the Director of the Cyber Threat Intelligence Division at the Department of Government Enablement, Abu Dhabi. With over a decade of experience in government cybersecurity, she specializes in cyber threat intelligence, threat modeling, and proactive defense strategies. Sara holds a Master’s degree in Information Security from Zayed University and is certified as a Certified Threat Intelligence Analyst (CTIA) and CRISC, among others. She has previously served as Chief Information Security Officer at Abu Dhabi Digital Authority, driving cyber resilience and cross-government collaboration. Sara is a sought-after public speaker on cybersecurity, actively shaping Abu Dhabi’s digital security posture. Dr.Hoda A.Alkhzaimi, Associate Vice-Provost for Research Translation and Entrepreneurship at New York University Abu Dhabi Dr. Hoda A. Alkhzaimi began her career in sovereign wealth funds, working on long-term investments in science, technology, and industry. At NYUAD, she leads programs that connect research with business, aiming to create real-world impact. Dr. Hoda advises major global bodies like the World Economic Forum, BRICS, and G20 on emerging technologies and innovation. She also works closely with companies like Jaguar Land Rover and Tata Group. With multiple degrees in law, computer science, cryptology, and business from top global universities, she brings deep technical and strategic knowledge. A strong advocate for women in STEM, she leads several global and regional women-in-tech organizations. Her work reflects a unique blend of technical expertise, policy insight, and a passion for empowering future leaders. Linoy Kidd, GBM MENAT CIO Linoy Kidd is the Chief Information Officer for Markets & Securities Services at GBM MENAT. With 18 years at HSBC, she has held senior roles across five countries — the UK, Hong Kong, China, Mexico, and the UAE. Known for her strong leadership, she has built and led teams across global markets. Outside work, Linoy is passionate about giving back. She has helped build eight schools in Africa, Haiti, and Nicaragua, and even built a home for the homeless in Mexico. Her professional strengths include foreign exchange operations, market risk, project management, business analysis, and electronic trading. Linoy is admired for combining global banking expertise with a deep commitment to social impact. Khulood Alawadhi, Director - Advanced Technology Services, Moro Hub Khulood Alawadhi is the Director of Advanced Technology Services at Moro Hub, where she leads AI-driven solutions, digital transformation projects, and data services. With 18 years of experience, she has played a key role in shaping Dubai’s tech ecosystem, especially across government and critical infrastructure. Khulood is known for her hands-on leadership and her ability to get things done—her personal motto. She has been part of several award-winning teams at DEWA and continues to guide innovative initiatives in the region. In 2024, she was named “The Most Innovative Transformational Women Leader” by Berkeley Middle East. She also serves on the Product Advisory Board for DataRobot in Emerging Markets and mentors tech talent through programs like the Dubai App Olympics. Khulood stands out for her passion, impact, and clear focus on outcomes in a fast-changing digital world. Shamma Bin Hammad, Senior Cybersecurity Assurance Analyst, Emirates Shamma Bin Hammad is a dedicated cybersecurity professional focused on protecting critical infrastructure. She specializes in vulnerability management and cybersecurity awareness programs that help organizations stay ahead of threats. At Emirates, she plays a key role in improving the overall security posture through continuous monitoring and risk mitigation strategies. Shamma is known for her ability to translate complex cybersecurity issues into practical actions. Her efforts have strengthened digital defenses and built a strong culture of awareness within her organization. With a clear vision and hands-on approach, she continues to contribute to a safer cyber environment across the UAE. Sofia Scozzari, CEO (Chief Executive Officer) and Founder, Hackmanac Sofia Scozzari is an Italian tech expert with over 30 years in ICT and more than 18 years in cybersecurity. She started her career as a system administrator and went on to lead teams as a cybersecurity manager and CEO of an ICT security firm. In 2017, she moved to Dubai and launched Hackmanac, a company focused on strategic cyber threat intelligence. Sofia is part of the steering committee at Clusit and Women For Security and helps coordinate the Cyber Think Tank at Assintel. She’s been co-authoring the Clusit Report since 2012 and leads the Hackmanac Global Cyber Attacks Report. Sofia also writes articles, creates cybersecurity guides, and speaks at global events. Her work focuses on raising cybersecurity awareness and supporting women in the field. Leen AlHalabi, Associate Principal Cybersecurity Consultant, Dragos, Inc. Leen AlHalabi is an Associate Principal Cybersecurity Consultant at Dragos, Inc. She specializes in industrial cybersecurity and works closely with clients to assess architectures, analyze network vulnerabilities, and perform compromise assessments. Her work also includes PCAP analysis and consequence-driven modeling. Leen began her career as an automation engineer, where she commissioned DCS and SCADA systems across various industries. Over time, she transitioned into OT/ICS cybersecurity, taking on responsibilities such as firewall configuration, endpoint security, backup and recovery planning, and system hardening. With hands-on experience in both engineering and cybersecurity, Leen brings a strong technical background to her role. Her expertise helps critical infrastructure organizations strengthen their defenses and respond to emerging threats effectively. Leen is passionate about securing operational environments and continues to contribute to the field through her work at Dragos. Nisha Rani, Chief Information Security Officer, Emirates Leisure Retail Nisha Rani is the Chief Information Security Officer (CISO) at MMI ELR and a well-known name in the UAE’s cybersecurity space. She brings years of experience in information security, IT governance, and risk management. At MMI ELR, she leads the efforts to protect critical systems and ensure compliance with security standards. Nisha is not just focused on building strong cyber defenses — she’s also passionate about supporting young professionals in the field. She regularly mentors upcoming talent and actively promotes women’s participation in tech and cybersecurity. Her work is helping create a safer and more inclusive digital environment in the region. Jumanah Kadri, Senior Specialist - Technology Governance, Fintech - Financial Services Regulatory Authority, ADGM Jumanah Kadri is a seasoned Information Security professional with over a decade of experience in cybersecurity and technology governance. She currently serves as a Senior Specialist in Fintech at the Financial Services Regulatory Authority, ADGM. Jumanah holds 17 IT certifications and has completed a program in Information Security Risk Management from Harvard University. Her expertise lies in information security strategy, governance, and performance management. She also holds a Master’s degree in Blockchain and Digital Currencies, reflecting her deep interest in digital transformation. Known for her clear communication style, Jumanah is a regular speaker on topics like cybersecurity, blockchain, and risk management. Her work blends technical strength with a strategic mindset, making her a recognized leader in the UAE’s cybersecurity landscape. Noura A, Director of Digital and Technology Services, Masdar (Abu Dhabi Future Energy Company) Noura A. is a cybersecurity and IT leader currently serving as Director of Digital and Technology Services at Masdar. She brings years of experience in driving digital transformation and aligning technology strategies with business goals. Known for her strong mix of technical expertise and leadership, Noura helps organizations stay ahead by adopting emerging technologies and improving operational efficiency. She is passionate about building high-performing teams, engaging stakeholders, and ensuring governance and compliance across IT functions. Noura leads efforts to protect critical information assets, using a hands-on approach to cybersecurity. Her focus lies in enhancing system architecture, streamlining processes, and promoting innovation. With a deep commitment to excellence, she continues to shape the future of digital and cybersecurity strategy in the UAE. Hannah Suarez, CISO, Loyalty Status Co Hannah Suarez is a cybersecurity leader with nearly a decade of experience across startups and large enterprises in telecom, entertainment, marketing, airlines, and tech. As the CISO at Loyalty Status Co, she leads information security and compliance programs, helping protect data and systems at scale. She has worked on multi-million-dollar cyber risk projects impacting millions of users. Hannah brings deep expertise in policy development, security training, risk analysis, and frameworks like ISO, SOC, NIST, and SOX. A global professional, she has lived and worked across five countries and is passionate about empowering teams and sharing knowledge through public speaking and her volunteer work with ISC. Dr. Yasmin Razack, CISO at MAVEN INTERNATIONAL Dr. Yasmin Razack is the Chief Information Security Officer at MAVEN INTERNATIONAL, bringing over 25 years of expertise across IT, fintech, and airline sectors. With a doctorate in Cybersecurity from the University of Fairfax, she specializes in IT Governance, Risk and Compliance (GRC), Cloud Security, and emerging technologies like blockchain. Yasmin is a certified ISO Lead Auditor and Lean Six Sigma Black Belt, known for driving cybersecurity strategy, risk management, and service improvements in mission-critical environments. Passionate about research and education, she also serves as an Adjunct Professor at Manipal Academy of Higher Education in Dubai. Alya Al Marzooqi, Group Digital Risk Management and Compliance Manager, ADNOC Group Alya Al Marzooqi is a seasoned cybersecurity leader with strong roots in the oil and gas sector. At ADNOC Group, she leads digital risk and compliance initiatives, ensuring resilience across critical operations. With experience spanning government, engineering, financial services, and manufacturing, she brings a broad perspective to every challenge. Alya is known for her sharp leadership, clear communication, and ability to work across multidisciplinary teams. She has successfully managed security programs for global organizations in diverse sectors like FMCG, retail, and IT services. Her work continues to shape robust cybersecurity practices in high-risk industries. Irene Corpuz, Founding Partner and Head of Governance & Communications, Women in Cyber Security Middle East Irene Corpuz is a well-known cybersecurity leader in the Middle East. She is passionate about building safer digital ecosystems and preparing organizations for the future of AI and quantum technologies. Irene is a Founding Partner of Women in Cybersecurity Middle East (WiCSME), where she helps create opportunities for women in the field. She also serves on the Strategic Steering Committee at the Global Forum on Cyber Expertise (GFCE), working with global partners to improve cyber capacity and tackle emerging threats. Irene’s strengths lie in cyber policy, AI, quantum governance, and thought leadership. She regularly shares insights on the future of cybersecurity and was named one of the Top 20 Cybersecurity Women of the World in 2024. Through her work, she continues to drive innovation and inclusion across the cybersecurity landscape. Rajvi Modi, Information Security Manager, Banque Misr UAE Rajvi Modi is an experienced cybersecurity professional with over 10 years in the field. She has worked across multiple industries, including finance, FMCG, aviation, and pharmaceuticals. Her core strengths lie in risk assessment, data protection, compliance, and vulnerability management. Rajvi has led several global projects, performing security audits and ensuring alignment with frameworks like ISO 27001, PCI DSS, and GDPR. She is skilled in cloud platforms such as Azure and AWS and has hands-on expertise in tools like Nessus, Burp Suite, and Qualysguard. Her broad technical knowledge and deep understanding of regulatory requirements make her a trusted leader in the UAE’s cybersecurity landscape. Siham Benhamidouche, VP cybersecurity and data risk, Digital Customer Relations, Schneider Electric Siham Benhamidouche is the Vice President of Cybersecurity and Data Risk for Digital Customer Relations at Schneider Electric. She leads the cybersecurity strategy for the region, focusing on digital risk management. Her work covers key areas like cyber risk, data privacy compliance, and PCI-DSS standards. With a strong background in digital trust and governance, Siham plays a critical role in ensuring secure and compliant digital experiences for Schneider Electric’s customers. She is also passionate about creating awareness around cybersecurity best practices in the business landscape. Badreya AlMehairi, AVP Senior Manager - Data privacy- Information Security, Mashreq Bank Badreya AlMehairi is a seasoned cybersecurity leader at Mashreq Bank. She is certified in CISSP, ISO 27001, and ISO 22301, and brings strong expertise in data privacy, information security, and business continuity. Badreya leads security planning, risk assessments, and incident response. She holds a Master’s degree in AI, Knowledge Management, and Data Analysis. Her background includes deep knowledge of network security, vulnerability management, and threat mitigation. Known for her hands-on approach and leadership, she excels at aligning security processes with business goals. Badreya is passionate about securing digital ecosystems while promoting a culture of cyber resilience. Sheeba Sultan Hasnain, Chairwoman & CIO, Sentiente Sheeba Sultan Hasnain is a seasoned tech leader with over 20 years of experience in IT, AI, and cybersecurity. As Chairwoman and CIO of Sentiente, she drives digital transformation while championing responsible AI and women in tech. Throughout her career, Sheeba has taken on multiple leadership roles, including CIO, CISO, programmer, and strategist, building strong IT operations and leading major AI projects. She’s a passionate public speaker and mentor, especially focused on empowering women and mothers in tech. Through her “Women Empowering Women” initiative, she shares stories of strength and innovation. Her work has earned her recognition through several awards, including the Visionary AI Leader Award and Global CIO & CISO honors. Sheeba believes in purpose-led innovation, inclusion, and tech that drives real impact. Lorna Trayan, Sr. Executive Partner, CISO Advisor, Gartner Lorna Trayan is a seasoned cybersecurity advisor with over 20 years of experience. At Gartner, she serves as a Senior Executive Partner and CISO Advisor, having worked closely with more than 65 CISOs across the GCC, Europe, and the UK. She is known for helping leaders simplify complex security issues and make informed decisions. Lorna often speaks at industry events and leads awareness sessions for boards and executive teams. Her strength lies in making cybersecurity practical, clear, and aligned with business goals. Conclusion As the UAE rapidly advances its cybersecurity capabilities, these 25 women stand at the forefront, leading strategy, shaping policy, and securing the future. Their diverse expertise and visionary leadership not only reflect the country’s digital ambitions but also redefine what it means to be a cybersecurity leader in today's digital world. The path ahead is digital, and these women are making sure it’s secure.

image for How extensions from ...

 Business

Our researchers have uncovered several malicious fake extensions targeting Solidity developers in the Open VSX marketplace. At least one company has fallen victim to the attackers distributing these extensions — losing approximately US$500 000 in crypto assets. Threats associated with malware distribution in   show more ...

open-source repositories have been known about for a long time. Despite this, users of AI-powered code editors like Cursor AI and Windsurf are forced to use the open-source extension marketplace Open VSX, as they have no other source for the extensions these platforms need. However, extensions on Open VSX do not undergo the same rigorous checks as those on the Visual Studio Marketplace. This loophole allows attackers to distribute malicious software disguised as legitimate solutions. In this post, we dive into the details of the malicious Open VSX extensions investigated by our experts, and explain how to prevent similar incidents within your organization. Risks for users of Open VSX extensions In June 2025, a blockchain developer who had just lost approximately US$500 000 in crypto assets to attackers reached out to our experts and requested an incident investigation. While examining a disk image from the compromised system, our researchers noticed a suspicious component of an extension named Solidity Language for the Cursor AI development environment. The component was executing a PowerShell script — a sure sign of malicious activity. The description of the Solidity Language extension published on the Open VSX marketplace The extension was installed from the Open VSX marketplace, where it had tens of thousands of downloads (presumably inflated by bot activity). The description claimed to optimize development of smart contract code written in the Solidity language. However, analysis of the extension revealed it had no useful functionality whatsoever. The developers who installed it mistook the lack of advertised features for a bug, didnt immediately investigate, and just continued their work. The browser extension wasnt actually faulty; it was fake. Once installed, it contacted a command-and-control server to download and run a malicious script. This script then installed ScreenConnect — a remote access application — on the victims computer. The attackers used ScreenConnect to upload additional malicious payloads. In the incident our experts investigated, these tools specifically allowed the attackers to steal passphrases for the developers crypto wallets and then syphon off cryptocurrency. A detailed technical description of the attack, along with indicators of compromise, is available in a Securelist blog post. Manipulating search: how attackers promote malicious extensions A look into the Open VSX marketplace revealed a concerning trend: a fake extension, deceptively named Solidity Language, ranked fourth in search results, while the legitimate extension, simply called solidity, appeared all the way down at eighth. Its no surprise then that the developer downloaded the counterfeit instead of the genuine article. Search results for solidity: the malicious extension (red) vs. the legitimate one (green) This ranking is quite surprising, especially considering that at the time of the search, the legitimate extension had more downloads: 61 000 compared to the fakes 54 000. The key lies in Open VSXs ranking algorithm. It doesnt solely rely on download counts to determine relevance; it also considers other factors like verification status, ratings, and recency. This is exactly how the attackers managed to outrank the genuine extension in search results: the fake one had a more recent update date. The fake plugin was removed from the Open VSX marketplace on July 2, 2025, right after the cryptocurrency heist. However, the very next day, we found another malicious package with the same name as the original extension, solidity, and the same harmful functionality as Solidity Language. Additionally, our researchers used an open-source component-monitoring tool to discover yet another malicious package in Open VSX. Several details link this package to the same cybercriminals. Why do developers have to rely on the Open VSX marketplace? The Visual Studio Marketplace, Microsofts official store, has long been the primary industry source for extensions. It includes automatic scanning for malicious code, sandboxed execution of extensions for behavioral analysis, monitoring for anomalies in extension usage, and a number of other features to help identify harmful extensions. However, its licensing agreement dictates that only solutions for use with Visual Studio products can be published in the Visual Studio Marketplace. Consequently, users of increasingly popular AI-powered code editors like Cursor AI and Windsurf must install extensions from an alternative store: Open VSX. The problem is that this platform has less stringent extension vetting, which makes it easier to distribute malicious packages compared to Microsofts official marketplace. To be fair, attackers sometimes manage to publish malicious extensions even in the more secure Visual Studio Marketplace. For instance, this spring, experts found three malicious extensions there with an infection scheme very similar to the one described in this post, also targeting Solidity developers. How to stay safe? No matter where youre installing extensions from, we recommend the following: Be careful when searching marketplaces. Always take note of who the developer of an extension is. Check the code and behavior of extensions you install. Use an XDR solution to monitor any suspicious activity inside the corporate network.

image for UK Arrests Four in ...

 Ne'er-Do-Well News

Authorities in the United Kingdom this week arrested four people aged 17 to 20 in connection with recent data theft and extortion attacks against the retailers Marks & Spencer and Harrods, and the British food retailer Co-op Group. The breaches have been linked to a prolific but loosely-affiliated cybercrime group   show more ...

dubbed “Scattered Spider,” whose other recent victims include multiple airlines. The U.K.’s National Crime Agency (NCA) declined verify the names of those arrested, saying only that they included two males aged 19, another aged 17, and 20-year-old female. Scattered Spider is the name given to an English-speaking cybercrime group known for using social engineering tactics to break into companies and steal data for ransom, often impersonating employees or contractors to deceive IT help desks into granting access. The FBI warned last month that Scattered Spider had recently shifted to targeting companies in the retail and airline sectors. KrebsOnSecurity has learned the identities of two of the suspects. Multiple sources close to the investigation said those arrested include Owen David Flowers, a U.K. man alleged to have been involved in the cyber intrusion and ransomware attack that shut down several MGM Casino properties in September 2023. Those same sources said the woman arrested is or recently was in a relationship with Flowers. Sources told KrebsOnSecurity that Flowers, who allegedly went by the hacker handles “bo764,” “Holy,” and “Nazi,” was the group member who anonymously gave interviews to the media in the days after the MGM hack. His real name was omitted from a September 2024 story about the group because he was not yet charged in that incident. The bigger fish arrested this week is 19-year-old Thalha Jubair, a U.K. man whose alleged exploits under various monikers have been well-documented in stories on this site. Jubair is believed to have used the nickname “Earth2Star,” which corresponds to a founding member of the cybercrime-focused Telegram channel “Star Fraud Chat.” In 2023, KrebsOnSecurity published an investigation into the work of three different SIM-swapping groups that phished credentials from T-Mobile employees and used that access to offer a service whereby any T-Mobile phone number could be swapped to a new device. Star Chat was by far the most active and consequential of the three SIM-swapping groups, who collectively broke into T-Mobile’s network more than 100 times in the second half of 2022. Jubair allegedly used the handles “Earth2Star” and “Star Ace,” and was a core member of a prolific SIM-swapping group operating in 2022. Star Ace posted this image to the Star Fraud chat channel on Telegram, and it lists various prices for SIM-swaps. Sources tell KrebsOnSecurity that Jubair also was a core member of the LAPSUS$ cybercrime group that broke into dozens of technology companies in 2022, stealing source code and other internal data from tech giants including Microsoft, Nvidia, Okta, Rockstar Games, Samsung, T-Mobile, and Uber. In April 2022, KrebsOnSecurity published internal chat records from LAPSUS$, and those chats indicated Jubair was using the nicknames Amtrak and Asyntax. At one point in the chats, Amtrak told the LAPSUS$ group leader not to share T-Mobile’s logo in images sent to the group because he’d been previously busted for SIM-swapping and his parents would suspect he was back at it again. As shown in those chats, the leader of LAPSUS$ eventually decided to betray Amtrak by posting his real name, phone number, and other hacker handles into a public chat room on Telegram. In March 2022, the leader of the LAPSUS$ data extortion group exposed Thalha Jubair’s name and hacker handles in a public chat room on Telegram. That story about the leaked LAPSUS$ chats connected Amtrak/Asyntax/Jubair to the identity “Everlynn,” the founder of a cybercriminal service that sold fraudulent “emergency data requests” targeting the major social media and email providers. In such schemes, the hackers compromise email accounts tied to police departments and government agencies, and then send unauthorized demands for subscriber data while claiming the information being requested can’t wait for a court order because it relates to an urgent matter of life and death. The roster of the now-defunct “Infinity Recursion” hacking team, from which some member of LAPSUS$ hail. Sources say Jubair also used the nickname “Operator,” and that until recently he was the administrator of the Doxbin, a long-running and highly toxic online community that is used to “dox” or post deeply personal information on people. In May 2024, several popular cybercrime channels on Telegram ridiculed Operator after it was revealed that he’d staged his own kidnapping in a botched plan to throw off law enforcement investigators. In November 2024, U.S. authorities charged five men aged 20 to 25 in connection with the Scattered Spider group, which has long relied on recruiting minors to carry out its most risky activities. Indeed, many of the group’s core members were recruited from online gaming platforms like Roblox and Minecraft in their early teens, and have been perfecting their social engineering tactics for years. “There is a clear pattern that some of the most depraved threat actors first joined cybercrime gangs at an exceptionally young age,” said Allison Nixon, chief research officer at the New York based security firm Unit 221B. “Cybercriminals arrested at 15 or younger need serious intervention and monitoring to prevent a years long massive escalation.”

 Feed

A high-severity security flaw has been disclosed in ServiceNow's platform that, if successfully exploited, could result in data exposure and exfiltration. The vulnerability, tracked as CVE-2025-3648 (CVSS score: 8.2), has been described as a case of data inference in Now Platform through conditional access control list (ACL) rules. It has been codenamed Count(er) Strike. "A vulnerability has

 Feed

The U.K. National Crime Agency (NCA) on Thursday announced that four people have been arrested in connection with cyber attacks targeting major retailers Marks & Spencer, Co-op, and Harrods. The arrested individuals include two men aged 19, a third aged 17, and a 20-year-old woman. They were apprehended in the West Midlands and London on suspicion of Computer Misuse Act offenses, blackmail,

 Feed

Generative AI is not arriving with a bang, it’s slowly creeping into the software that companies already use on a daily basis. Whether it is video conferencing or CRM, vendors are scrambling to integrate AI copilots and assistants into their SaaS applications. Slack can now provide AI summaries of chat threads, Zoom can provide meeting summaries, and office suites such as Microsoft 365 contain

 Feed

Cybersecurity researchers have discovered new artifacts associated with an Apple macOS malware called ZuRu, which is known to propagate via trojanized versions of legitimate software. SentinelOne, in a new report shared with The Hacker News, said the malware has been observed masquerading as the cross‑platform SSH client and server‑management tool Termius in late May 2025. "ZuRu malware

 Feed

Semiconductor company AMD is warning of a new set of vulnerabilities affecting a broad range of chipsets that could lead to information disclosure. The flaws, collectively called Transient Scheduler Attacks (TSA), manifest in the form of a speculative side channel in its CPUs that leverage execution timing of instructions under specific microarchitectural conditions. "In some cases, an attacker

 Feed

Cybersecurity researchers have discovered a critical vulnerability in the open-source mcp-remote project that could result in the execution of arbitrary operating system (OS) commands. The vulnerability, tracked as CVE-2025-6514, carries a CVSS score of 9.6 out of 10.0. "The vulnerability allows attackers to trigger arbitrary OS command execution on the machine running mcp-remote when it

 Feed

Cryptocurrency users are the target of an ongoing social engineering campaign that employs fake startup companies to trick users into downloading malware that can drain digital assets from both Windows and macOS systems. "These malicious operations impersonate AI, gaming, and Web3 firms using spoofed social media accounts and project documentation hosted on legitimate platforms like Notion and

 Law & order

In episode 425 of "Smashing Security", Graham reveals how "Call of Duty: WWII" has been weaponised - allowing hackers to hijack your entire PC during online matches, thanks to ancient code and Microsoft’s Game Pass. Meanwhile, Carole digs into a con targeting the recently incarcerated, with scammers   show more ...

impersonating bail bond agents to fleece desperate families. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

 Cyber Security News

Source: thehackernews.com – Author: . The Initial Access Broker (IAB) known as Gold Melody has been attributed to a campaign that exploits leaked ASP.NET machine keys to obtain unauthorized access to organizations and peddle that access to other threat actors. The activity is being tracked by Palo Alto Networks   show more ...

Unit 42 under the moniker TGR-CRI-0045, […] La entrada Gold Melody IAB Exploits Exposed ASP.NET Machine Keys for Unauthorized Access to Targets – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: thehackernews.com – Author: . A threat actor with suspected ties to India has been observed targeting a European foreign affairs ministry with malware capable of harvesting sensitive data from compromised hosts. The activity has been attributed by Trellix Advanced Research Center to an advanced   show more ...

persistent threat (APT) group called DoNot Team, which is also […] La entrada DoNot APT Expands Operations, Targets European Foreign Ministries with LoptikMod Malware – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: thehackernews.com – Author: . The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) on Tuesday sanctioned a member of a North Korean hacking group called Andariel for their role in the infamous remote information technology (IT) worker scheme. The Treasury said Song Kum   show more ...

Hyok, a 38-year-old North Korean national with an […] La entrada U.S. Sanctions North Korean Andariel Hacker Behind Fraudulent IT Worker Scheme – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Automate

Source: thehackernews.com – Author: . Run by the team at workflow orchestration and AI platform Tines, the Tines library features over 1,000 pre-built workflows shared by security practitioners from across the community – all free to import and deploy through the platform’s Community Edition. A recent   show more ...

standout is a workflow that handles malware alerts with […] La entrada How To Automate Ticket Creation, Device Identification and Threat Triage With Tines – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 API security

Source: securityboulevard.com – Author: Jeffrey Burt A survey by UK company Raidiam found that even as the use of APIs continues to growth, most organizations have woefully inadequate protections in place to safeguard the increasingly sensitive data the APIs carry, exposing them up cyberattacks. The post API   show more ...

Use is Growing Fast, but Security is Lacking: […] La entrada API Use is Growing Fast, but Security is Lacking: Raidiam – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 0ktapus

Source: securityboulevard.com – Author: Richi Jennings Moral hazard ahoy: M&S head Archie Norman won’t say if he authorized DragonForce ransomware hacker payday. The post Did This Retail Giant Pay a Ransom to Scattered Spider? appeared first on Security Boulevard. Original Post URL:   show more ...

https://securityboulevard.com/2025/07/marks-spencer-archie-norman-ransom-richixbw/?utm_source=rss&utm_medium=rss&utm_campaign=marks-spencer-archie-norman-ransom-richixbw Category & Tags: Analytics & Intelligence,Cyberlaw,Cybersecurity,Data Privacy,Data Security,DevOps,Featured,Governance, Risk & Compliance,Humor,Identity & […] La entrada Did This Retail Giant Pay a Ransom to Scattered Spider? – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: securityboulevard.com – Author: cybernewswire Boston, Massachusetts, 9th July 2025, CyberNewsWire The post Reflectiz Joins the Datadog Marketplace appeared first on Security Boulevard. Original Post URL: https://securityboulevard.   show more ...

com/2025/07/reflectiz-joins-the-datadog-marketplace/?utm_source=rss&utm_medium=rss&utm_campaign=reflectiz-joins-the-datadog-marketplace Category & Tags: Uncategorized – Uncategorized Views: 0 La entrada Reflectiz Joins the Datadog Marketplace – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Analytics & Intelligence

Source: securityboulevard.com – Author: Brian Blakley The data paints a clear picture: A full 20% of breaches this year stemmed from exploitation of known vulnerabilities, a 34% increase from last year. The post The 2025 Verizon Data Breach Report: A Wake-Up Call for MSPs appeared first on Security   show more ...

Boulevard. Original Post URL: https://securityboulevard.com/2025/07/the-2025-verizon-data-breach-report-a-wake-up-call-for-msps/?utm_source=rss&utm_medium=rss&utm_campaign=the-2025-verizon-data-breach-report-a-wake-up-call-for-msps Category & Tags: Analytics & Intelligence,Cybersecurity,Data […] La entrada The 2025 Verizon Data Breach Report: A Wake-Up Call for MSPs – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: securityboulevard.com – Author: Josh Katinger Zero Data Retention offers a new path forward. One that enables intelligent automation, deep integrations and real-time workflows — without the baggage of persistent data storage The post What is Zero Data Retention and Why it May Be the Future of Secure   show more ...

Automation appeared first on Security Boulevard. Original […] La entrada What is Zero Data Retention and Why it May Be the Future of Secure Automation – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 AI and Machine Learning in Security

Source: securityboulevard.com – Author: Sailesh Mishra Start your red teaming journey with intent, not ambition. Designate a lead with both AI literacy and a security mindset. The post A Practical Guide to Building a Red Teaming Strategy for AI appeared first on Security Boulevard. Original Post URL:   show more ...

https://securityboulevard.com/2025/07/a-practical-guide-to-building-a-red-teaming-strategy-for-ai/?utm_source=rss&utm_medium=rss&utm_campaign=a-practical-guide-to-building-a-red-teaming-strategy-for-ai Category & Tags: AI and Machine Learning […] La entrada A Practical Guide to Building a Red Teaming Strategy for AI – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: securityboulevard.com – Author: Teri Robinson As tempting as it is to find out if you descended from some grand poobah in Scandinavia or if your real great (x10) grandmother was Catherine the Great, the implications of a fine recently levied against 23andMe might coax you into keeping your genetic   show more ...

material to yourself.  The post […] La entrada 23andMe…and Everyone Else: All Eyes are on the Most Personal Data  – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.infosecurity-magazine.com – Author: Nova Scotia Power has revealed that a recent ransomware attack has prevented customer meter readings from being recorded, impacting billing charges. The Canadian utilities provider said that after initially pausing billing, it is now sending most customers   show more ...

estimated bills until its systems are restored. “Since the cyber incident discovered on April […] La entrada Ransomware Attack Stops Nova Scotia Power Meter Readings – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.infosecurity-magazine.com – Author: In its July 2025 Patch Tuesday, Microsoft patched 130 vulnerabilities, a rate consistent with previous July batches (130 in 2023 and 138 in 2024). This latest patch update fixes 14 critical vulnerabilities, including a particularly concerning one that could be   show more ...

leveraged in self-propagating malware reminiscent of the infamous WannaCry and NotPetya […] La entrada Microsoft Patch Tuesday: One Zero-Day and A Potential ‘Wormable’ Flaw – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Chinese

Source: www.infosecurity-magazine.com – Author: The US has announced the arrest of a suspected Chinese state-sponsored hacker, who is accused of involvement in high-profile attacks, including the theft of COVID-19 research from American universities. The individual has also been linked to and the notorious   show more ...

Hafnium campaign which targeted Microsoft Exchange servers in 2020 and 2021. The […] La entrada Chinese State-Sponsored Hacker Charged Over COVID-19 Research Theft – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: thehackernews.com – Author: . A high-severity security flaw has been disclosed in ServiceNow’s platform that, if successfully exploited, could result in data exposure and exfiltration. The vulnerability, tracked as CVE-2025-3648 (CVSS score: 8.2), has been described as a case of data inference in   show more ...

Now Platform through conditional access control list (ACL) rules. It has […] La entrada ServiceNow Flaw CVE-2025-3648 Could Lead to Data Exposure via Misconfigured ACLs – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 APT

Source: securityaffairs.com – Author: Pierluigi Paganini DoNot APT, likely an India-linked cyberespionage group, targets European foreign ministries with LoptikMod malware. The DoNot APT group, likely linked to India, has expanded its operations and is targeting European foreign ministries with a new malware,   show more ...

called LoptikMod. The Donot Team (also known as APT-C-35 and Origami Elephant) has been active […] La entrada DoNot APT is expanding scope targeting European foreign ministries – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Breaking News

Source: securityaffairs.com – Author: Pierluigi Paganini Nippon Steel Solutions reported a data breach caused by hackers exploiting a zero-day vulnerability in their network equipment. Nippon Steel Solutions, a subsidiary of Japan’s Nippon Steel, disclosed a data breach, attackers exploited a zero-day   show more ...

vulnerability. The company provides cloud and cybersecurity services. On March 7, 2025, Nippon Steel […] La entrada Nippon Steel Solutions suffered a data breach following a zero-day attack – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 APT

Source: securityaffairs.com – Author: Pierluigi Paganini An Iranian ransomware group, Pay2Key.I2P, has intensified attacks on U.S. and Israeli targets, offering affiliates higher profits. The Iranian ransomware group Pay2Key.I2P is stepping up attacks on U.S. and Israeli targets, luring affiliates with higher   show more ...

profit shares. The ransomware gang is the successor to the original Pay2Key group and […] La entrada Iranian group Pay2Key.I2P ramps Up ransomware attacks against Israel and US with incentives for affiliates – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Breaking News

Source: securityaffairs.com – Author: Pierluigi Paganini Hackers are abusing the legitimate red teaming tool Shellter to spread stealer malware after a licensed copy was leaked. Elastic Security Labs has identified several malware campaigns using the commercial AV/EDR evasion tool SHELLTER. The tool was   show more ...

originally built for legitimate red team operations, however, threat actors have now […] La entrada Hackers weaponize Shellter red teaming tool to spread infostealers – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

Source: hackread.com – Author: Deeba Ahmed. In a major development, the UK’s National Crime Agency (NCA) has announced the arrest of four individuals in connection with a series of cyberattacks that impacted major UK retailers Marks & Spencer (M&S), Co-op Group, and Harrods in April and May 2025.   show more ...

These arrests mark a crucial step in […] La entrada UK Arrests Woman and Three Men for Cyberattacks on M&S Co-op and Harrods – Source:hackread.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 'Cyber

Source: levelblue.com – Author: hello@alienvault.com. In late May, I wrote a blog post titled “One Year of LevelBlue: Milestones, Momentum, and a Vision for the Future.” Year one for LevelBlue was definitely a time of growth, change, and excitement! Today, I am writing to highlight LevelBlue’s continued   show more ...

momentum in the market through two recently announced […] La entrada LevelBlue Momentum Continues with Two Acquisitions – Source:levelblue.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.darkreading.com – Author: Shaun Cooney Please enable cookies. Sorry, you have been blocked You are unable to access darkreading.com Why have I been blocked? This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution.   show more ...

There are several actions that could trigger this […] La entrada SIM Swap Fraud Is Surging — and That’s a Good Thing – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

2025-07
Aggregator history
Thursday, July 10
TUE
WED
THU
FRI
SAT
SUN
MON
JulyAugustSeptember