Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history
image for Nation Group Hit by ...

 Cyber News

Nation Group, one of Thailand’s leading media conglomerates, has confirmed that it faced more than 200 million cyberattacks over a span of three days. The Nation Group cyberattacks targeted The Nation Thailand and Thai News, in what authorities are calling a coordinated Cambodian information operation (IO). These   show more ...

are the two key media outlets under the Nation Group. The media group, which comprises over ten affiliated platforms, said in a official statement that the Nation Group cyberattacks began after the conflict on the Thai-Cambodian border break out on July 23, 2025. Nation Group Cyberattacks: In Detail According to Nation Group’s official statement, the cyberattacks appear to be a systematic attempt to disrupt Thai media reporting, especially platforms upholding journalistic ethics and standards. In a 24-hour window alone, the group's main website, www.nationthailand.com, was hit with over 223 million requests, a classic Distributed Denial of Service (DDoS) attack aimed at overloading the server and making it inaccessible to users. But it wasn’t just website traffic. The Nation and Thai News’ social media pages were also heavily targeted. These included a flood of spam comments, fake account activity, false claims, and mass coordinated reporting to Meta with the aim of getting legitimate news pages taken down. Framework of the Information Operation The Ministry of Digital Economy and Society (DES), along with the Thai-Cambodian Border Conflict Command Centre, have outlined three main tactics used in this IO campaign: Fake Account Spam: Large number of fake accounts, allegedly created from Cambodian IP addresses, have flooded Thai news pages with disruptive spam, burying legitimate discourse. Mass Reporting to Meta: These accounts also coordinated to report Thai media pages and content on Facebook. The aim was to trigger automatic content removal or page suspensions by exploiting platform moderation algorithms. Spreading of Disinformation: Attackers posted misleading or false claims in comment sections and then mass-reported genuine responses. This increased the visibility of misinformation, giving it false credibility. Therefore, group believe that this Nation Group cyberattacks was a targeted campaign to discredit and destabilize Thai media coverage during a politically sensitive period. Nation Group Response Measures To protect its platforms and audiences, Nation Group implemented geo-blocking to restrict access from Cambodian IP addresses. This move, while restrictive, was necessary to prevent further damage and ensure continued access for domestic readers. In parallel, Thai authorities have stepped in. The National Broadcasting and Telecommunications Commission (NBTC) and DES Ministry are working closely with Meta (Facebook’s parent company) to address the abuse of social media reporting systems and restore the integrity of Thai media pages. Despite the attacks, Nation Group emphasized that it will not be silenced. The organization reaffirmed its commitment to ethical journalism, public service, and responsible reporting even under digital threat. “No form of cyberattack will deter us from delivering timely, credible information to the public,” the statement read. They also stressed that the Cyberattacks on Nation Group are not just a threat to one media group but a broader challenge to press freedom, digital sovereignty, and citizen access to verified information during a time of conflict. Nation Group has urged media organizations, tech platforms, and state authorities to collaborate more closely to prevent such cyberattacks in the future. They also called for more strong digital defense mechanisms to protect media independence. The Cyber Express Team has reached out to Nation Group to get more information about the attack and what measure they are taking up to prevent it in future. However, as of writing this news copy, no official update was received. For now, Nation Group says it will continue to do its job — to inform, report, and serve — regardless of the storm it faces online.

image for Allianz Life Confirm ...

 Cyber News

Allianz Life Insurance Company of North America has confirmed a massive data breach affecting the personal data of most of its 1.4 million customers. The Minneapolis-based firm, a subsidiary of global insurance giant Allianz SE headquartered in Munich, said the Allianz Life Insurance data breach occurred on July 16   show more ...

through a third-party, cloud-based system. The Cyber Express Team has reached out of the officials to know in detail about the Allianz Life Insurance data breach. But, as of writing this news copy, no information has been received. Allianz Life Insurance Data Breach Details However, in an official statement released over the weekend, Allianz Life revealed that a "malicious threat actor" accessed the external platform using a social engineering technique, a form of cyber deception where attackers trick individuals into giving up sensitive information or access credentials. “The threat actor was able to obtain personally identifiable data related to the majority of Allianz Life’s customers, financial professionals, and select Allianz Life employees,” the statement said. While the company has not yet disclosed exactly what kind of personal data was compromised, such data breach incidents typically involve names, contact information, Social Security numbers, and financial details. Importantly, Allianz Life emphasized that its internal systems were not breached. “This incident was limited to a third-party cloud platform. Our systems remain secure,” a company spokesperson said. As part of the company’s response, Allianz Life said it took immediate steps to contain the incident and notified the FBI. The Allianz Life Insurance data breach was also reported to several other authorities, including the Office of the Maine Attorney General, where companies are required to disclose data incidents that affect state residents. According to the filing with the Maine AG’s office, Allianz discovered the data breach a day after it happened and is now offering affected individuals 24 months of free credit monitoring and identity theft protection services. Allianz Life, which was formerly known as North American Life and Casualty before its acquisition by Allianz SE in 1979, employs nearly 2,000 people in the U.S., primarily in Minnesota. The incident only affects Allianz Life's U.S. operations and not other Allianz corporate entities globally. Growing Trend in Insurance Industry Cyberattacks The Allianz Life data breach is not an only incident. This data breach incident comes amid a rising cyberattacks targeting the insurance and financial services sectors. Just last month, Aflac, one of the largest insurance firms in the U.S., reported a data breach on June 12. The company disclosed the event in an SEC filing, saying it had successfully stopped the attack within hours. Though Aflac didn’t identify the attacker, the company noted that the breach was part of a broader campaign by a cybercrime group. Industry observers have linked recent activity to the Scattered Spider threat group, which was previously known for targeting the retail sector. Other insurance providers, such as Erie Insurance and Philadelphia Insurance Companies, have also reported data breaches and attempted intrusions in recent months. Cyber Threat Targeting Global Insurance Companies The rise in cyberattacks isn’t limited to the United States. In April this year, several of Australia’s largest superannuation funds were targeted in a coordinated cyberattack campaign that may have compromised more than 20,000 member accounts. AustralianSuper, the largest retirement fund in Australia, managing AUD 365 billion for 3.5 million members, confirmed that suspicious activity had been detected on a limited number of accounts. In response, it quickly implemented security measures, including freezing the ability to change certain account details online. The fund also issued guidance to members urging them to use strong and unique passwords and to verify their contact information. As a result of the incident, AustralianSuper reported unusually high call volumes and offered members the option to request a callback. What Makes Insurance Firms Attractive Targets? Insurance companies and retirement funds store a large volume of sensitive data, including Social Security numbers, banking information, medical histories, and investment portfolios. This makes them attractive to cybercriminals, who often use stolen data for identity theft, financial fraud, or to sell on dark web markets. Additionally, many insurers use third-party service providers for cloud storage, customer support, and data processing. These external platforms often become weak links in the security chain, as highlighted in the Allianz Life breach. In this case, the attacker didn’t break into Allianz’s systems directly but instead exploited a vulnerability in a cloud-based system run by a third-party provider. Social engineering, which typically involves impersonating legitimate users or customer service representatives, is becoming an increasingly common technique for bypassing security controls. Conclusion Allianz Life has not yet shared technical details about how the data breach was executed, citing an ongoing investigation. Meanwhile, affected customers are being contacted and offered support services, including identity monitoring. The company has urged all clients to remain vigilant, review their financial accounts, and report any suspicious activity. As Allianz has shown by notifying state and federal authorities, regulatory reporting is becoming a key part of breach response.

image for AIIMS ORBO Portal Vu ...

 Firewall Daily

A critical vulnerability in the AIIMS portal exposed highly sensitive data of voluntary organ and tissue donors registered with the Organ Retrieval Banking Organisation (ORBO). The AIIMS portal vulnerability allowed unauthorized access to personally identifiable and medical information of donors across India. This   show more ...

vulnerability was discovered in mid-May 2025 by independent cybersecurity researcher Aniket Tomar. ORBO is a key facility of the All India Institute of Medical Sciences (AIIMS), New Delhi.  The AIIMS portal vulnerability, if left unpatched, had the potential to severely undermine data privacy, public trust, and the security of the national digital health infrastructure. ORBO, as the nodal body for cadaver organ and tissue donation activities at AIIMS, maintains a brain death donor registry and coordinates transplants, making the exposed data particularly sensitive.  Decoding the AIIMS Portal Vulnerability and Data Exposure  According to Tomar, his investigation revealed that the vulnerability in the AIIMS portal provided unrestricted access to a vast amount of private data, including full names, residential addresses, phone numbers, email addresses, blood groups, donated organs, tissues, donor age, and even witness information. This data could be accessed without any form of authentication.  “I was able to view several lakh donor entries. The data wasn’t just from Delhi—entries covered donors from multiple regions across India,” Tomar told The Hindu. “The scope of the exposure points to a nationwide data breach affecting individuals who placed their trust in a reputed health institution.”  Among the most critical data fields exposed were:  Personally Identifiable Information (PII): Full names, mobile numbers, email addresses, residential addresses. Medical Information: Donated organs, blood types, tissues, and donor age. Witness Details: Contact and identification information of witnesses to the donation process. CERT's Intervention and Fix  Tomar promptly reported the issue to the Computer Emergency Response Team (CERT-IN) with a detailed Proof of Concept (PoC) and recommendations for fixing the flaw. In his email, he stressed that the breach not only compromised personal information but also violated the Digital Personal Data Protection (DPDP) Act, 2023.  “This is more than just a technical issue—it’s an ethical lapse. It impacts organ donors who expect the highest levels of confidentiality and data stewardship. Public trust in digital health platforms must not be taken for granted,” Tomar warned in his communication with CERT.  Following Tomar's disclosure, CERT acknowledged the issue and worked with AIIMS to resolve the flaw. By June 18, 2025, the vulnerability was successfully mitigated, and public access to sensitive data was blocked. CERT officially thanked Tomar for his responsible disclosure.  Conclusion  Tomar urged AIIMS and other government bodies to audit their digital health platforms for similar vulnerabilities and to promptly notify affected individuals, as required by the DPDP Act. He stressed that personally identifiable information should never be exposed on public-facing systems, particularly in healthcare. 

image for Russian Airline Aero ...

 Firewall Daily

Russian airline Aeroflot faced a disruption today (July 28) after cancelling dozens of flights due to what it described as a failure in its information systems. Adding to the concern, a hacking collective known as Silent Crow claimed responsibility for the Aeroflot cyberattack, alleging a yearlong infiltration that   show more ...

severely damaged the airline’s IT infrastructure. The national carrier is yet to share the specifics of the incident, offering no detailed explanation of the failure or how long the restoration efforts might take. However, the group Silent Crow released a statement asserting that they had carried out the operation in partnership with a Belarusian hacking collective called Cyberpartisans BY. Decoding the Aeroflot Cyberattack  The Aeroflot cyberattack was linked to ongoing geopolitical tensions, with the hackers expressing solidarity with Ukraine and the democratic opposition in Belarus. Their statement included the rallying cry: “Glory to Ukraine! Long live Belarus!”, reported Turkish newspaper Daily Sabah.  According to Aeroflot, the IT failure forced the cancellation of over 40 flights. These disruptions affected routes across Russia, as well as international flights to Minsk in Belarus and Yerevan in Armenia. Passengers at Moscow’s Sheremetyevo airport, the airline’s main hub, faced confusion and frustration as chaos unfolded. Local news outlets reported long lines and congestion as travelers queued to exit the airport and retrieve their checked luggage following cancellations. In a message on Telegram, Aeroflot urged passengers impacted by the cancellations to collect their belongings and leave the airport premises. The airline also confirmed that specialists were actively working to minimize the impact on schedules and restore normal operations as soon as possible. Details of the Cyberattack and Data Security Concerns  Silent Crow’s statement denoted that they have deeply penetrated Aeroflot’s corporate network, destroyed approximately 7,000 servers, and taken control of employees’ personal computers, including those of senior management. While no direct evidence was provided to back these assertions, the hackers warned they would soon begin releasing “the personal data of all Russians who have ever flown Aeroflot.”  [caption id="attachment_104202" align="alignnone" width="1104"] Aeroflot Cyberattack Claims (Source: X)[/caption] Despite the challenges posed by international sanctions linked to the war in Ukraine, Aeroflot remains one of the top 20 airlines worldwide by passenger volume. According to the airline’s official website, the Aeroflot Group served 55.3 million passengers in 2024, underscoring its continued significance in global aviation.  The hacking group Silent Crow described their operation in detail: “Together with our colleagues from Cyber Partisans BY, we declare the successful completion of a prolonged and large-scale operation, as a result of which the internal IT infrastructure of Aeroflot Russian Airlines was completely compromised and destroyed.   For a year, we were inside their corporate network, methodically developing access, going deeper to the very core of the infrastructure.” Their message reiterated support for Ukraine and the Belarusian opposition, positioning the attack as part of a broader resistance effort against Russian influence, reported the Daily Express US.  Conclusion  The Aeroflot cyberattack disrupted operations at Sheremetyevo airport, with flight cancellations increasing beyond the initial 40 and more schedule changes expected in the coming days. Passengers faced confusion and frustration as uncertainty grew, while attempts by media outlets like The Cyber Express to get official comments from Aeroflot have so far gone unanswered.   This is an ongoing story, and The Cyber Express will be closely monitoring the situation. We’ll update this post once we have more information on the attack or any statements from the company. 

image for Are passkeys enterpr ...

 Business

Every major tech giant touts passkeys as an effective, convenient password replacement that can end phishing and credential leaks. The core idea is simple: you sign in with a cryptographic key thats stored securely in a special hardware module on your device, and you unlock that key with biometrics or a PIN. Weve   show more ...

already covered the current state of passkeys for home users in detail across two articles (on terminology and basic use cases and more complex scenarios. However, businesses have entirely different requirements and approaches to cybersecurity. So, how good are passkeys and FIDO2 WebAuthn in a corporate environment? Reasons for companies to switch to passkeys As with any large-scale migration, making the switch to passkeys requires a solid business case. On paper, passkeys tackle several pressing problems at once: Lower the risk of breaches caused by stolen legitimate credentials — phishing resistance is the top advertised benefit of passkeys. Strengthen defenses against other identity attacks, such as brute-forcing and credential stuffing. Help with compliance. In many industries, regulators mandate the use of robust authentication methods for employees, and passkeys usually qualify. Reduce costs. If a company opts for passkeys stored on laptops or smartphones, it can achieve a high level of security without the extra expense of USB devices, smart cards, and their associated management and logistics. Boost employee productivity. A smooth, efficient authentication process saves every employee time daily and reduces failed login attempts. Switching to passkeys usually goes hand in hand with getting rid of the universally loathed regular password changes. Lightens the helpdesk workload by decreasing the number of tickets related to forgotten passwords and locked accounts. (Of course, other types of issues pop up instead, such as lost devices containing passkeys.) How widespread is passkey adoption? A FIDO Alliance report suggests that 87% of surveyed organizations in the US and UK have either already transitioned to using passkeys or are currently in the process of doing so. However, a closer look at the report reveals that this impressive figure also includes the familiar enterprise options like smart cards and USB tokens for account access. Although some of these are indeed based on WebAuthn and passkeys, theyre not without their problems. Theyre quite expensive and create an ongoing burden on IT and cybersecurity teams related to managing physical tokens and cards: issuance, delivery, replacement, revocation, and so on. As for the heavily promoted solutions based on smartphones and even cloud sync, 63% of respondents reported using such technologies, but the full extent of their adoption remains unclear. Companies that transition their entire workforce to the new tech are few and far between. The process can get both organizationally challenging and just plain expensive. More often than not, the rollout is done in phases. Although pilot strategies may vary, companies typically start with those employees who have access to IP (39%), IT system admins (39%), and C-suite executives (34%). Potential obstacles to passkey adoption When an organization decides to transition to passkeys, it will inevitably face a host of technical challenges. These alone could warrant their own article. But for this piece, lets stick to the most obvious issues: Difficulty (and sometimes outright impossibility) of migrating to passkeys when using legacy and isolated IT systems — especially on-premises Active Directory Fragmentation of passkey storage approaches within the Apple, Google, and Microsoft ecosystems, complicating the use of a single passkey across different devices Additional management difficulties if the company allows the use of personal devices (BYOD), or, conversely, has strict prohibitions such as banning Bluetooth Ongoing costs for purchasing or leasing tokens and managing physical devices Specific requirement of non-syncable hardware keys for high-assurance-with-attestation scenarios (and even then, not all of them qualify — the FIDO Alliance provides specific recommendations on this) Necessity to train employees and address their concerns about the use of biometrics Necessity to create new, detailed policies for IT, cybersecurity, and the helpdesk to address issues related to fragmentation, legacy systems, and lost devices (including issues related to onboarding and offboarding procedures) What do regulators say about passkeys? Despite all these challenges, the transition to passkeys may be a foregone conclusion for some organizations if required by a regulator. Major national and industry regulators generally support passkeys, either directly or indirectly: The NIST SP 800-63 Digital Identity Guidelines permit the use of syncable authenticators (a definition that clearly implies passkeys) for Authenticator Assurance Level 2, and device-bound authenticators for Authenticator Assurance Level 3. Thus, the use of passkeys confidently checks the boxes during ISO 27001, HIPAA, and SOC 2 audits. In its commentary on DSS 4.0.1, the PCI Security Standards Council explicitly names FIDO2 as a technology that meets its criteria for phishing-resistant authentication. The EU Payment Services Directive 2 (PSD2) is written in a technology-agnostic manner. However, it requires Strong Customer Authentication (SCA) and the use of Public Key Infrastructure based devices for important financial transactions, as well as dynamic linking of payment data with the transaction signature. Passkeys support these requirements. The European directives DORA and NIS2 are also technology-agnostic, and generally only require the implementation of multi-factor authentication — a requirement that passkeys certainly satisfy. In short, choosing passkeys specifically isnt mandatory for regulatory compliance, but many organizations find it to be the most cost-effective path. Among the factors tipping the scales in favor of passkeys are the extensive use of cloud services and SaaS, an ongoing rollout of passkeys for customer-facing websites and apps, and a well-managed fleet of corporate computers and smartphones. Enterprise roadmap for transitioning to passkeys Assemble a cross-functional team. This includes IT, cybersecurity, business owners of IT systems, tech support, HR, and internal communications. Inventory your authentication systems and methods. Identify where WebAuthn/FIDO2 is already supported, which systems can be upgraded, where single sign-on (SSO) integration can be implemented, where a dedicated service needs to be created to translate new authentication methods into ones your systems support, and where youll have to continue using passwords — under beefed-up SOC monitoring. Define your passkey strategy. Decide whether to use hardware security keys or passkeys stored on smartphones and laptops. Plan and configure your primary sign-in methods, as well as emergency access options such as temporary access passcodes (TAP). Update your corporate information security policies to reflect the adoption of passkeys. Establish detailed sign-up and recovery rules. Establish protocols for cases where transitioning to passkeys isnt on the cards (for example, because the user must rely on a legacy device that has no passkey support). Develop auxiliary measures to ensure secure passkey storage, such as mandatory device encryption, biometrics use, and unified endpoint management or enterprise mobility management device health checks. Plan the rollout order for different systems and user groups. Set a long timeline to identify and fix problems step-by-step. Enable passkeys in access management systems such as Entra ID and Google Workspace, and configure allowed devices. Launch a pilot, starting with a small group of users. Collect feedback, and refine your instructions and approach. Gradually connect systems that dont natively support passkeys using SSO and other methods. Train your employees. Launch a passkey adoption campaign, providing users with clear instructions and working with champions on each team to speed up the transition. Track progress and improve processes. Analyze usage metrics, login errors, and support tickets. Adjust access and recovery policies accordingly. Gradually phase out legacy authentication methods once their usage drops to single-digit rates. First and foremost, eliminate one-time codes sent through insecure communication channels, such as text messages and email.

 Feed

The notorious cybercrime group known as Scattered Spider is targeting VMware ESXi hypervisors in attacks targeting retail, airline, and transportation sectors in North America. "The group's core tactics have remained consistent and do not rely on software exploits. Instead, they use a proven playbook centered on phone calls to an IT help desk," Google's Mandiant team said in an extensive

 Feed

Cybersecurity researchers have discovered over a dozen security vulnerabilities impacting Tridium's Niagara Framework that could allow an attacker on the same network to compromise the system under certain circumstances. "These vulnerabilities are fully exploitable if a Niagara system is misconfigured, thereby disabling encryption on a specific network device," Nozomi Networks Labs said in a

 Feed

Some risks don’t breach the perimeter—they arrive through signed software, clean resumes, or sanctioned vendors still hiding in plain sight. This week, the clearest threats weren’t the loudest—they were the most legitimate-looking. In an environment where identity, trust, and tooling are all interlinked, the strongest attack path is often the one that looks like it belongs. Security teams are

 Feed

Picture this: you’ve hardened every laptop in your fleet with real‑time telemetry, rapid isolation, and automated rollback. But the corporate mailbox—the front door for most attackers—is still guarded by what is effectively a 1990s-era filter. This isn't a balanced approach. Email remains a primary vector for breaches, yet we often treat it as a static stream of messages instead of a dynamic,

 Feed

In what's the latest instance of a software supply chain attack, unknown threat actors managed to compromise Toptal's GitHub organization account and leveraged that access to publish 10 malicious packages to the npm registry. The packages contained code to exfiltrate GitHub authentication tokens and destroy victim systems, Socket said in a report published last week. In addition, 73 repositories

 Data loss

European defence giant Naval Group has confirmed that it is investigating an alleged cyber attack which has seen what purports to be sensitive internal data published on the internet by hackers. Read more in my article on the Hot for Security blog.

 1 - Cyber Security News Post

Source: hackread.com – Author: Deeba Ahmed. An Arizona woman has been sentenced to over eight years in prison for her significant role in a fraudulent operation that funnelled more than $17 million to North Korea. According to the US Department of Justice (DoJ), Christina Marie Chapman, 50, from Litchfield   show more ...

Park, assisted North Korean Information Technology […] La entrada Arizona Woman Jailed for Helping North Korea in $17M IT Job Scam – Source:hackread.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.proofpoint.com – Author: Semiconductor chips are seen on a circuit board of a computer in this illustration picture taken February 25, 2022. REUTERS/Florence Lo/Illustration/File Photo Purchase Licensing Rights, opens new tab Hackers targeted 15-20 medium to large enterprises, according to   show more ...

researchers Targets include financial analysts at Asian and at least one U.S.-headquartered financial investment […] La entrada Exclusive: China-linked hackers target Taiwan’s chip industry with increasing attacks, researchers say – Source: www.proofpoint.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 allianz life

Source: securityaffairs.com – Author: Pierluigi Paganini Allianz Life data breach exposed data of most of 1.4M customers via third-party CRM hack using social engineering. Allianz Life confirmed a data breach exposing personal information of most of its 1.4 million customers. On July 16, 2025, a threat actor   show more ...

accessed a third-party CRM system using social engineering, […] La entrada Allianz Life data breach exposed the data of most of its 1.4M customers – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Breaking News

Source: securityaffairs.com – Author: Pierluigi Paganini We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit “Cookie Settings” to   show more ...

provide a controlled consent. Cookie SettingsAccept All Original Post […] La entrada SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 55 – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Breaking News

Source: securityaffairs.com – Author: Pierluigi Paganini A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Law   show more ...

enforcement operations seized BlackSuit ransomware gang’s darknet sites Arizona […] La entrada Security Affairs newsletter Round 534 by Pierluigi Paganini – INTERNATIONAL EDITION – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: thehackernews.com – Author: . The notorious cybercrime group known as Scattered Spider is targeting VMware ESXi hypervisors in attacks targeting retail, airline, and transportation sectors in North America. “The group’s core tactics have remained consistent and do not rely on software   show more ...

exploits. Instead, they use a proven playbook centered on phone calls to an […] La entrada Scattered Spider Hijacks VMware ESXi to Deploy Ransomware on Critical U.S. Infrastructure – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Critical

Source: thehackernews.com – Author: . Cybersecurity researchers have discovered over a dozen security vulnerabilities impacting Tridium’s Niagara Framework that could allow an attacker on the same network to compromise the system under certain circumstances. “These vulnerabilities are fully   show more ...

exploitable if a Niagara system is misconfigured, thereby disabling encryption on a specific network device,” Nozomi Networks […] La entrada Critical Flaws in Niagara Framework Threaten Smart Buildings and Industrial Systems Worldwide – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.troyhunt.com – Author: Troy Hunt Sponsored by: This will be the title of the blog post: “Court Injunctions are the Thoughts and Prayers of Data Breach Response”. It’s got a nice ring to it, and it resonates so much with the response to other disasters where the term is offered as a   show more ...

platitude that […] La entrada Weekly Update 462 – Source: www.troyhunt.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 0ktapus

Source: hackread.com – Author: Deeba Ahmed. A highly “aggressive” cyber campaign, identified in mid-2025 by Google’s Threat Intelligence Group (GTIG), is posing a severe threat to major industries, including retail, airlines, and insurance. This sophisticated operation is attributed to Scattered Spider, a   show more ...

financially motivated hacking group also known as 0ktapus and UNC3944, which has been […] La entrada Scattered Spider Launching Ransomware on Hijacked VMware Systems, Google – Source:hackread.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

Source: hackread.com – Author: Waqas. A newly disclosed macOS vulnerability is allowing attackers to bypass Apple’s privacy controls and access sensitive user data, including files cached by Apple Intelligence. Tracked as CVE-2025-31199, the flaw was identified by Microsoft Threat Intelligence and involves a   show more ...

method that abuses Spotlight plugins to leak protected files. Microsoft Threat Intelligence, […] La entrada macOS Sploitlight Flaw Exposes Apple Intelligence-Cached Data to Attackers – Source:hackread.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

Source: hackread.com – Author: Waqas. If you’re running a WordPress site and rely on the Post SMTP plugin for email delivery, there’s something important you should know. A critical vulnerability is affecting versions 3.2.0 and earlier allowed even the lowest-level users, like Subscribers, to access   show more ...

sensitive data and actions they were never supposed to see […] La entrada Post SMTP Plugin Flaw Allowed Subscribers to Take Over Admin Accounts – Source:hackread.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

2025-07
Aggregator history
Monday, July 28
TUE
WED
THU
FRI
SAT
SUN
MON
JulyAugustSeptember