Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history
image for Qilin Remains Top Ra ...

 Cyber News

Qilin continues to stake a claim as the top ransomware group in the wake of the decline of RansomHub earlier this year. In July, Qilin led all ransomware groups in claimed victims for the third time in the four months since RansomHub went offline in a possible compromise by rival DragonForce, according to a Cyble blog   show more ...

post published this week. Qilin’s 73 victims in July accounted for 17% of the month’s total of 423 victims, while INC Ransom was second with 59, boosted by critical infrastructure attacks and an increase in victim disclosures, Cyble said. SafePay, Akira and Play rounded out the top five ransomware groups for the month. Qilin Leads as Ransomware Attacks Rise July’s total was the third consecutive monthly increase in ransomware victims, Cyble said, following a three month decline from February’s record ransomware attacks (image below). [caption id="attachment_104537" align="aligncenter" width="729"] Ransomware attacks by month through July 2025 (Cyble)[/caption] Cyble noted that while ransomware victims in recent months have been half of February’s record, the long-term uptrend for ransomware attacks remains intact, as 2025’s lowest month (402 attacks in May) remains well above the lows of 2023 (161 in January 2023) and 2024 (243 in January 2024). The U.S. remains by far the most attacked country with 223 victims, eight times greater than second-place Canada (chart below). [caption id="attachment_104535" align="aligncenter" width="936"] Top countries for ransomware attacks, July 2025 (Cyble)[/caption] Critical Infrastructure, Supply Chain Targeted by Ransomware Cyble noted that there were 25 possible critical infrastructure ransomware incidents in July, and an additional 20 incidents targeted the software supply chain, highlighting the seriousness of many of the attacks. The blog post detailed eight of the more significant incidents during the month, in addition to technical details on attacks, emerging ransomware groups and new ransomware variants. Professional Services, Construction, Manufacturing, Healthcare and IT were the five most attacked sectors, accounting for nearly half of all ransomware attacks during July. Among the vulnerabilities apparently exploited by ransomware groups were CVE‑2025‑5777, a Citrix NetScaler ADC and Gateway Out-of-Bounds Read vulnerability, and four Microsoft SharePoint vulnerabilities (CVE-2025-53770, CVE-2025-53771, CVE‑2025‑49704 and CVE‑2025‑49706), among others. Nearly 40 new ransomware variants were identified in July, in addition to several new threat groups. Emerging ransomware groups identified in the Cyble blog included the BEAST Ransomware Group, D4RK4RMY, Payouts King, Sinobi, AiLock ransomware, and KaWaLocker ransomware. New ransomware variants included DeadLock, Crux, and a powerful new Linux ransomware variant from the Gunra ransomware group. “With the finances and motivation to support ongoing research and development, ransomware groups can be counted on to continually evolve, and security teams must prepare for these evolving threats,” Cyble concluded.

image for I never ordered this ...

 Threats

You get a delivery notification — or simply find a package sitting by your front door. But you didnt order anything! Of course, everyone loves a free gift, but in this case you should be wary. There are several scams that start with the delivery of a package to your home. Of course, check with friends and family   show more ...

first — someone might have sent you something without mentioning it. But if nobody steps forward, theres a good chance youre facing one of the schemes described below. Spoiler alert: under no circumstances scan QR codes or call phone numbers printed on the packaging. Polishing orders The term brushing scam comes from Chinese e-commerce slang. ?? literally means to polish orders — effectively referring to a kind of sales-pumping scam. Originally, this brushing was relatively harmless: you received a product you didnt order, and the seller posted a glowing review in your name to boost their sales ranking. To pull this off, unscrupulous sellers buy leaked databases of personal data, then register new marketplace accounts using victims names and mailing addresses — but their (the sellers) own email address and payment method. As such, the victims dont suffer direct financial loss. Lucky you; but first — your review Over time, such relatively gentle brushing has evolved into a much rougher sweep up. These days, scammers try to rip off package recipients by luring them to a malicious website. To do this, they include a card or sticker with a QR code with the delivery. The story accompanying the code varies, with common examples including the following: Youve received a gift! Scan the code to find out who sent it Leave a review of our product and get a $100 gift card! Confirm receipt of your free delivered item! If the victim scans the QR code to find out who the sender is or claim another gift, the rest follows the classic pattern of quishing (QR phishing): either coaxing the victim into entering their payment data (for example, to activate the gift card) or codes from banking/government apps, or urging them to install an app for confirmation or activation — which, of course, is malware. What if theres no product at all? The above schemes only work when an online store can afford to give away products as a promotional tactic. But can scammers still get your data without sending any goods? They can — and do. Instead of a package, the victim finds a professionally printed postcard at their door: Unfortunately, our courier service couldnt deliver your parcel because you werent home. A gift valued at $200 can only be handed over in person — please contact us to arrange redelivery. The postcard includes a QR code, a website address, and sometimes even a phone number to reschedule delivery. A phishing postcard supposedly from Royal Mail, complete with a website address and QR code, looks highly convincing — the scammers paid great attention to detail. Source If you call the number or visit the malicious site linked in the QR code, youll be tricked into giving payment details, passwords, or one-time codes through one of the common delivery scam scenarios: Choose a delivery time right away so the item wont be returned to sender Pay a $2 fee for redelivery. The goal here is to get your payment data and then charge much larger amounts. Pay the customs duty. Youre told a valuable parcel has been sent to you, but you must pay the duty yourself. And these amounts can be quite significant (depending on the supposed items value). In some countries, a courier may even come in person to collect the fee in cash. All these schemes can lead to the loss of personal and financial information — but sometimes they escalate into phone fraud with much larger losses. For example, after you pay a fake delivery fee, scammers may call you and claim the parcel cannot be delivered because it contains drugs. This is followed by the psychological pressure of calls from a police officer, and attempts to extort a large sum of money to protect you from criminal charges. Cash on delivery Another popular scam involves products with payment upon delivery. Sometimes scammers advertise a product in advance and send it to the victim with their consent — but theres also a version where a parcel arrives out of the blue. One day, a courier turns up at your door with a package in your name. Usually, an attractive product name is prominently displayed on the box — for example, a high-end smartphone. But… you have to pay for it. The price is 2–3 times lower than the market rate. The scammers count on greed and urgency (the couriers in a hurry, lets get this done quickly!) to make the victim pay without checking the item properly. The courier rushes off, and the victim opens the box to find either a cheap knockoff of the claimed product — or just plain garbage. If the target refuses to pay for the mystery item, the scammers may have a Plan B ready — tricking them into giving a one-time verification code for a marketplace or bank, under the pretext of confirming the order cancellation. Targeted attacks Sometimes, physical delivery scams target specific victims. For example, criminals have attempted to steal cryptocurrency by sending Ledger hardware wallet owners packages claiming to be a free warranty replacement for defective devices. Inside the package was a new crypto wallet — actually a USB stick loaded with malware designed to steal the wallets seed phrase. Mailing USB sticks has also been used by the FIN7 ransomware gang as part of targeted ransomware attacks on selected organizations. The hidden threat Brushing and quishing scams have an unpleasant root cause. If youre receiving these packages, it means your address and other contact information have been leaked in databases and are circulating on underground forums. These data sets are sold repeatedly, so you may well be targeted by other types of scam too. Be prepared: enable two-factor authentication everywhere, expect scam calls, install to protect yourself from such spam calls, check your bank statements frequently, and be sure to install reliable protection on all your devices. What to do if you receive an unexpected package? Carefully examine the packaging, labels, and any accompanying documents. Take a photo of the package just in case, but never follow any links from QR codes or printed text. Keep the packaging in case theres an investigation later. Never call the phone numbers or, again, visit the links printed on the parcel. Never pay any delivery fees or customs duties, and never provide your payment details. Never connect unexpectedly received digital storage devices to your computer or smartphone. If the package was delivered by a major, well-known courier service (Amazon, eBay, DHL Express, UPS, FedEx, AliExpress, national postal services, etc.), go to the companys official website, find their contact numbers, online tracking service, or live chat, and check the shipment status and sender information. If the parcel has a tracking number, enter it manually — dont scan any QR codes on the label. Report the suspicious package to the courier service and the police — even if no money was stolen from you. Read more on scams involving QR codes, marketplaces, and delivery services: Package for you. Please scan the QR code (Un)safe QR codes QR: quick response or quite risky? Message boards hit by new video-call scam

image for Mobile Phishers Targ ...

 A Little Sunshine

Cybercriminal groups peddling sophisticated phishing kits that convert stolen card data into mobile wallets have recently shifted their focus to targeting customers of brokerage services, new research shows. Undeterred by security controls at these trading platforms that block users from wiring funds directly out of   show more ...

accounts, the phishers have pivoted to using multiple compromised brokerage accounts in unison to manipulate the prices of foreign stocks. Image: Shutterstock, WhataWin. This so-called ‘ramp and dump‘ scheme borrows its name from age-old “pump and dump” scams, wherein fraudsters purchase a large number of shares in some penny stock, and then promote the company in a frenzied social media blitz to build up interest from other investors. The fraudsters dump their shares after the price of the penny stock increases to some degree, which usually then causes a sharp drop in the value of the shares for legitimate investors. With ramp and dump, the scammers do not need to rely on ginning up interest in the targeted stock on social media. Rather, they will preposition themselves in the stock that they wish to inflate, using compromised accounts to purchase large volumes of it and then dumping the shares after the stock price reaches a certain value. In February 2025, the FBI said it was seeking information from victims of this scheme. “In this variation, the price manipulation is primarily the result of controlled trading activity conducted by the bad actors behind the scam,” reads an advisory from the Financial Industry Regulatory Authority (FINRA), a private, non-profit organization that regulates member brokerage firms. “Ultimately, the outcome for unsuspecting investors is the same—a catastrophic collapse in share price that leaves investors with unrecoverable losses.” Ford Merrill is a security researcher at SecAlliance, a CSIS Security Group company. Merrill said he has tracked recent ramp-and-dump activity to a bustling Chinese-language community that is quite openly selling advanced mobile phishing kits on Telegram. “They will often coordinate with other actors and will wait until a certain time to buy a particular Chinese IPO [initial public offering] stock or penny stock,” said Merrill, who has been chronicling the rapid maturation and growth of the China-based phishing community over the past three years. “They’ll use all these victim brokerage accounts, and if needed they’ll liquidate the account’s current positions, and will preposition themselves in that instrument in some account they control, and then sell everything when the price goes up,” he said. “The victim will be left with worthless shares of that equity in their account, and the brokerage may not be happy either.” Merrill said the early days of these phishing groups — between 2022 and 2024 — were typified by phishing kits that used text messages to spoof the U.S. Postal Service or some local toll road operator, warning about a delinquent shipping or toll fee that needed paying. Recipients who clicked the link and provided their payment information at a fake USPS or toll operator site were then asked to verify the transaction by sharing a one-time code sent via text message. In reality, the victim’s bank is sending that code to the mobile number on file for their customer because the fraudsters have just attempted to enroll that victim’s card details into a mobile wallet. If the visitor supplies that one-time code, their payment card is then added to a new mobile wallet on an Apple or Google device that is physically controlled by the phishers. The phishing gangs typically load multiple stolen cards to digital wallets on a single Apple or Android device, and then sell those phones in bulk to scammers who use them for fraudulent e-commerce and tap-to-pay transactions. An image from the Telegram channel for a popular Chinese mobile phishing kit vendor shows 10 mobile phones for sale, each loaded with 4-6 digital wallets from different financial institutions. This China-based phishing collective exposed a major weakness common to many U.S.-based financial institutions that already require multi-factor authentication: The reliance on a single, phishable one-time token for provisioning mobile wallets. Happily, Merrill said many financial institutions that were caught flat-footed on this scam two years ago have since strengthened authentication requirements for onboarding new mobile wallets (such as requiring the card to be enrolled via the bank’s mobile app). But just as squeezing one part of a balloon merely forces the air trapped inside to bulge into another area, fraudsters don’t go away when you make their current enterprise less profitable: They just shift their focus to a less-guarded area. And lately, that gaze has settled squarely on customers of the major brokerage platforms, Merrill said. THE OUTSIDER Merrill pointed to several Telegram channels operated by some of the more accomplished phishing kit sellers, which are full of videos demonstrating how every feature in their kits can be tailored to the attacker’s target. The video snippet below comes from the Telegram channel of “Outsider,” a popular Mandarin-speaking phishing kit vendor whose latest offering includes a number of ready-made templates for using text messages to phish brokerage account credentials and one-time codes.  According to Merrill, Outsider is a woman who previously went by the handle “Chenlun.” KrebsOnSecurity profiled Chenlun’s phishing empire in an October 2023 story about a China-based group that was phishing mobile customers of more than a dozen postal services around the globe. In that case, the phishing sites were using a Telegram bot that sent stolen credentials to the “@chenlun” Telegram account. Chenlun’s phishing lures are sent via Apple’s iMessage and Google’s RCS service and spoof one of the major brokerage platforms, warning that the account has been suspended for suspicious activity and that recipients should log in and verify some information. The missives include a link to a phishing page that collects the customer’s username and password, and then asks the user to enter a one-time code that will arrive via SMS. The new phish kit videos on Outsider’s Telegram channel only feature templates for Schwab customers, but Merrill said the kit can easily be adapted to target other brokerage platforms. One reason the fraudsters are picking on brokerage firms, he said, has to do with the way they handle multi-factor authentication. Schwab clients are presented with two options for second factor authentication when they open an account. Users who select the option to only prompt for a code on untrusted devices can choose to receive it via text message, an automated inbound phone call, or an outbound call to Schwab. With the “always at login” option selected, users can choose to receive the code through the Schwab app, a text message, or a Symantec VIP mobile app. In response to questions, Schwab said it regularly updates clients on emerging fraud trends, including this specific type, which the company addressed in communications sent to clients earlier this year. The 2FA text message from Schwab warns recipients against giving away their one-time code. “That message focused on trading-related fraud, highlighting both account intrusions and scams conducted through social media or messaging apps that deceive individuals into executing trades themselves,” Schwab said in a written statement. “We are aware and tracking this trend across several channels, as well as others like it, which attempt to exploit SMS-based verification with stolen credentials. We actively monitor for suspicious patterns and take steps to disrupt them. This activity is part of a broader, industry-wide threat, and we take a multi-layered approach to address and mitigate it.” Other popular brokerage platforms allow similar methods for multi-factor authentication. Fidelity requires a username and password on initial login, and offers the ability to receive a one-time token via SMS, an automated phone call, or by approving a push notification sent through the Fidelity mobile app. However, all three of these methods for sending one-time tokens are phishable; even with the brokerage firm’s app, the phishers could prompt the user to approve a login request that they initiated in the app with the phished credentials. Vanguard offers customers a range of multi-factor authentication choices, including the option to require a physical security key in addition to one’s credentials on each login. A security key implements a robust form of multi-factor authentication known as Universal 2nd Factor (U2F), which allows the user to complete the login process simply by connecting an enrolled USB or Bluetooth device and pressing a button. The key works without the need for any special software drivers, and the nice thing about it is your second factor cannot be phished. THE PERFECT CRIME? Merrill said that in many ways the ramp-and-dump scheme is the perfect crime because it leaves precious few connections between the victim brokerage accounts and the fraudsters. “It’s really genius because it decouples so many things,” he said. “They can buy shares [in the stock to be pumped] in their personal account on the Chinese exchanges, and the price happens to go up. The Chinese or Hong Kong brokerages aren’t going to see anything funky.” Merrill said it’s unclear exactly how those perpetrating these ramp-and-dump schemes coordinate their activities, such as whether the accounts are phished well in advance or shortly before being used to inflate the stock price of Chinese companies. The latter possibility would fit nicely with the existing human infrastructure these criminal groups already have in place. For example, KrebsOnSecurity recently wrote about research from Merrill and other researchers showing the phishers behind these slick mobile phishing kits employed people to sit for hours at a time in front of large banks of mobile phones being used to send the text message lures. These technicians were needed to respond in real time to victims who were supplying the one-time code sent from their financial institution. The ashtray says: You’ve been phishing all night. “You can get access to a victim’s brokerage with a one-time passcode, but then you sort of have to use it right away if you can’t set new security settings so you can come back to that account later,” Merrill said. The rapid pace of innovations produced by these China-based phishing vendors is due in part to their use of artificial intelligence and large language models to help develop the mobile phishing kits, he added. “These guys are vibe coding stuff together and using LLMs to translate things or help put the user interface together,” Merrill said. “It’s only a matter of time before they start to integrate the LLMs into their development cycle to make it more rapid. The technologies they are building definitely have helped lower the barrier of entry for everyone.”

 Feed

Cisco has released security updates to address a maximum-severity security flaw in Secure Firewall Management Center (FMC) Software that could allow an attacker to execute arbitrary code on affected systems. The vulnerability, assigned the CVE identifier CVE-2025-20265 (CVSS score: 10.0), affects the RADIUS subsystem implementation that could permit an unauthenticated, remote attacker to inject

 Feed

The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) on Thursday renewed sanctions against Russian cryptocurrency exchange platform Garantex for facilitating ransomware actors and other cybercriminals by processing more than $100 million in transactions linked to illicit activities since 2019. The Treasury said it's also imposing sanctions on Garantex's successor, Grinex

 Feed

We used to think of privacy as a perimeter problem: about walls and locks, permissions, and policies. But in a world where artificial agents are becoming autonomous actors — interacting with data, systems, and humans without constant oversight — privacy is no longer about control. It’s about trust. And trust, by definition, is about what happens when you’re not looking. Agentic AI — AI that

 Feed

A Chinese-speaking advanced persistent threat (APT) actor has been observed targeting web infrastructure entities in Taiwan using customized versions of open-sourced tools with an aim to establish long-term access within high-value victim environments. The activity has been attributed by Cisco Talos to an activity cluster it tracks as UAT-7237, which is believed to be active since at least 2022.

 Cyber Security News

Source: thehackernews.com – Author: . Multiple HTTP/2 implementations have been found susceptible to a new attack technique called MadeYouReset that could be explored to conduct powerful denial-of-service (DoS) attacks. “MadeYouReset bypasses the typical server-imposed limit of 100 concurrent HTTP/2   show more ...

requests per TCP connection from a client. This limit is intended to mitigate DoS attacks by […] La entrada New HTTP/2 ‘MadeYouReset’ Vulnerability Enables Large-Scale DoS Attacks – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: thehackernews.com – Author: . Japan’s CERT coordination center (JPCERT/CC) on Thursday revealed it observed incidents that involved the use of a command-and-control (C2) framework called CrossC2, which is designed to extend the functionality of Cobalt Strike to other platforms like Linux and Apple   show more ...

macOS for cross-platform system control. The agency said the activity was […] La entrada Hackers Found Using CrossC2 to Expand Cobalt Strike Beacon’s Reach to Linux and macOS – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: thehackernews.com – Author: . You check that the windows are shut before leaving home. Return to the kitchen to verify that the oven and stove were definitely turned off. Maybe even circle back again to confirm the front door was properly closed. These automatic safety checks give you peace of mind   show more ...

because you know […] La entrada Have You Turned Off Your Virtual Oven? – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Android

Source: thehackernews.com – Author: . Cybersecurity researchers have disclosed a new Android trojan called PhantomCard that abuses near-field communication (NFC) to conduct relay attacks for facilitating fraudulent transactions in attacks targeting banking customers in Brazil. “PhantomCard relays NFC data   show more ...

from a victim’s banking card to the fraudster’s device,” ThreatFabric said in a report. “PhantomCard is […] La entrada New Android Malware Wave Hits Banking via NFC Relay Fraud, Call Hijacking, and Root Exploits – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

Source: www.mcafee.com – Author: Jasdev Dhaliwal. You can request data brokers to remove your personal info from their databases. But finding their request forms is another challenge entirely, especially when they’re hidden. Recent reporting from CalMatters and The Markup found that 35 data brokers injected   show more ...

code into their websites that hid their opt out pages […] La entrada You Have a Right to Delete Your Data—But Dozens of Data Brokers Hide How to Do It – Source:www.mcafee.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

Source: www.mcafee.com – Author: Jasdev Dhaliwal. Even years after its release, Fortnite still stands as the online “battle royale” game of choice, with millions of younger gamers packing its servers every month—along with fair share of scammers who want to target them both in and out of the game. What   show more ...

makes Fortnite such a proverbial […] La entrada Fortnite Impersonation Scams: A No-Nonsense Parent Guide – Source:www.mcafee.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

Source: hackread.com – Author: Deeba Ahmed. Cisco Talos researchers have discovered a dangerous new malware framework called PS1Bot. Active since early 2025, this sophisticated threat spreads through malvertising and is designed to steal cryptocurrency wallets, passwords, and other sensitive information.   show more ...

Hackread.com has learned about a new, highly active cyberattack from research carried out by cybersecurity […] La entrada New Malvertising Attack Spreads Crypto Stealing PS1Bot Malware – Source:hackread.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: go.theregister.com – Author: Jessica Lyons At least a dozen ransomware gangs have incorporated kernel-level EDR killers into their malware arsenal, allowing them to bypass almost every major endpoint security tool on the market, escalate privileges, and ultimately steal and encrypt data before extorting   show more ...

victims into paying a ransom. One of the most recent examples […] La entrada Ransomware crews don’t care about your endpoint security – they’ve already killed it – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: go.theregister.com – Author: Jessica Lyons Criminals are selling access to FBI and other law enforcement and government email accounts to other criminals via dark web marketplaces for as little as $40. These are active accounts, which miscreants have compromised so their peers can pose as government   show more ...

officials and cops in pursuit of further crimes, […] La entrada Psst: wanna buy a legit FBI email account for $40? – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: go.theregister.com – Author: Gareth Halfacree Security researchers Gal Bar Nahum, Anat Bremler-Barr, and Yaniv Harel have published details of a “common design flaw” in implementations of the HyperText Transfer Protocol 2 (HTTP/2) allowing those with ill intent to create “massive   show more ...

Denial of Service attacks”. And, being the underpinnings of the modern web, HTTP/2 is […] La entrada ‘MadeYouReset’ HTTP/2 flaw lets attackers DoS servers – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Critical

Source: go.theregister.com – Author: Brandon Vigliarolo CISA is urging companies with operational technology environments to set a better cybersecurity posture, and not just by adopting some new best practices and purchasing some new software. Operational technology (OT) refers to any technology that deals with   show more ...

physical processes, be it manufacturing equipment, energy distribution, oil and gas […] La entrada Lock down your critical infrastructure, CISA begs admins – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 BtcTurk

Source: go.theregister.com – Author: Connor Jones Turkish cryptocurrency exchange BtcTurk is halting all deposits and withdrawals amid fears that blockchain bandits succeeded in significantly compromising its hot wallets. Mozilla founder blasts browser maker for accepting ‘planet incinerating’   show more ...

cryptocurrency donations FROM THE ARCHIVES “During our routine checks on August 14, 2025, we detected unusual activity in […] La entrada BtcTurk suspends operations amid alleged $49M hot wallet heist – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: go.theregister.com – Author: Carly Page Russian attackers reportedly spent months rummaging through the US federal court’s creaky case-management system, while Norway reckons the same Kremlin-friendly miscreants took control of a dam’s controls – a transatlantic double-act in legal files   show more ...

and floodgates. The attack on Washington’s systems, confirmed by the Administrative Office of the United […] La entrada Law and water: Russia blamed for US court system break-in and Norwegian dam drama – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: go.theregister.com – Author: Connor Jones Italy’s digital agency (AGID) says a cybercriminal’s claims concerning a spate of data thefts affecting various hotels across the country are genuine. The miscreant, operating under the alias of mydocs, claims to have gained access to the booking   show more ...

systems used by Italian hotels and stolen thousands of guests’ sensitive […] La entrada Italian hotels breached en masse since June, government confirms – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: go.theregister.com – Author: Connor Jones A UK-based multinational that provides tech stock availability tools is telling customers that its website outage is due to a cyber attack. Stock in the Channel (STIC) provides a “digital platform” that lets users – mostly managed service   show more ...

providers and resellers – “view accurate stock and prices for over […] La entrada Stock in the Channel pulls website amid cyberattack – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 authentication

Source: securityboulevard.com – Author: Roman Kadinsky, Cofounder, President & COO, HYPR The New York State Department of Financial Services (NYDFS) has long been a leader in setting cybersecurity standards for the financial services and insurance sectors. Under 23 NYCRR Part 500, regulated entities are   show more ...

required to implement a comprehensive cybersecurity program that addresses governance, access […] La entrada The Cost of NYDFS Cybersecurity Noncompliance: What You Need to Know in 2025 – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Careers

Source: www.csoonline.com – Author: Cybersecurity certifications can pave a path to lucrative career advancement. But timing the job market with the right credentials can be challenging. Here are the certs providing the largest pay boosts right now. With change a constant, IT professionals looking to improve   show more ...

their careers can benefit from the latest insights into […] La entrada 9 hottest IT security certs for higher pay today – Source: www.csoonline.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Communications Security

Source: www.csoonline.com – Author: The Matrix Foundation has released patches and mitigation details for two vulnerabilities that use its open standard communications protocol to transmit sensitive information. The nonprofit Matrix Foundation, custodian of the eponymous open standard communications protocol,   show more ...

has released details and patching information for two vulnerabilities that could allow hackers to take over […] La entrada Matrix protocol bugs could let hackers seize control of sensitive chat rooms – Source: www.csoonline.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 CSOonline

Source: www.csoonline.com – Author: Security researchers have found a way to bypass FIDO-based authentication. The FIDO standard is generally regarded as secure and user-friendly. It is used for passwordless authentication and is considered an effective means against phishing attempts. However, research experts   show more ...

from Proofpoint have now discovered a new way to circumvent FIDO-based authentication. The […] La entrada FIDO authentication undermined – Source: www.csoonline.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 CSOonline

Source: www.csoonline.com – Author: News Aug 14, 20253 mins Security Information and Event Management SoftwareVulnerabilities Fortinet fixed a critical command injection vulnerability in FortiSIEM, which is subject to a working exploit in the wild, as well as a high-severity authentication bypass in FortiOS,   show more ...

FortiProxy, and FortiPAM and several other medium-risk flaws. Fortinet fixed multiple vulnerabilities […] La entrada Fortinet patches critical flaw with public exploit in FortiSIEM – Source: www.csoonline.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 CSOonline

Source: www.csoonline.com – Author: Users must configure updated settings in SQLite and Infinity plugins to defend against attackers gaining admin privileges on Grafana instances. Two now-patched critical flaws in Grafana’s plugin architecture could let attackers take full control of an organization’s   show more ...

observability instance. Grafana is a widely used DevOps observability platform for visualizing metrics, logs, […] La entrada Flaws in a pair of Grafana plugins could hand over DevOps control – Source: www.csoonline.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cisco

Source: thehackernews.com – Author: . Cisco has released security updates to address a maximum-severity security flaw in Secure Firewall Management Center (FMC) Software that could allow an attacker to execute arbitrary code on affected systems. The vulnerability, assigned the CVE identifier CVE-2025-20265   show more ...

(CVSS score: 10.0), affects the RADIUS subsystem implementation that could permit an unauthenticated, […] La entrada Cisco Warns of CVSS 10.0 FMC RADIUS Flaw Allowing Remote Code Execution – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 'Cyber

Source: sec.cloudapps.cisco.com – Author: . Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Network Address Translation DNS Inspection Denial of Service Vulnerability High CVE-2025-20136 CWE-835 Download CSAF Email Summary A vulnerability in the function that   show more ...

performs IPv4 and IPv6 Network Address Translation (NAT) DNS inspection for Cisco Secure Firewall Adaptive Security […] La entrada Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Network Address Translation DNS Inspection Denial of Service Vulnerability – Source:sec.cloudapps.cisco.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 'Cyber

Source: sec.cloudapps.cisco.com – Author: . Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Remote Access VPN Web Server Denial of Service Vulnerability High CVE-2025-20244 CWE-1287 Download CSAF Email Summary A vulnerability in the Remote Access SSL VPN service for   show more ...

Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall […] La entrada Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Remote Access VPN Web Server Denial of Service Vulnerability – Source:sec.cloudapps.cisco.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

Source: hackread.com – Author: Deeba Ahmed. Thai police arrest SMS Blaster operator in smishing scam and bust crypto laundering gang moving $30M monthly through cross-border networks. Learn how law enforcement arrested on-the-ground scam operators with SMS blasters and dismantled a cross-border money laundering   show more ...

network. A series of successful operations by Thai law enforcement has led […] La entrada Police Bust Crypto Scammers, Nab Smishing SMS Blaster Operator – Source:hackread.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

Source: hackread.com – Author: Deeba Ahmed. NIST has released a concept paper for new control overlays to secure AI systems, built on the SP 800-53 framework. Learn what the new framework covers and why experts are calling for more detailed descriptions. In a significant step towards managing the security risks   show more ...

of artificial intelligence (AI), the […] La entrada New NIST Concept Paper Outlines AI-Specific Cybersecurity Framework – Source:hackread.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 'Cyber

Source: sec.cloudapps.cisco.com – Author: . Cisco Secure Firewall Threat Defense Software Geolocation Remote Access VPN Bypass Vulnerability Medium CVE-2025-20268 CWE-229 Download CSAF Email Summary A vulnerability in the Geolocation-Based Remote Access (RA) VPN feature of Cisco Secure Firewall Threat Defense   show more ...

(FTD) Software could allow an unauthenticated, remote attacker to bypass configured policies to allow or […] La entrada Cisco Secure Firewall Threat Defense Software Geolocation Remote Access VPN Bypass Vulnerability – Source:sec.cloudapps.cisco.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 'Cyber

Source: sec.cloudapps.cisco.com – Author: . Cisco IOS, IOS XE, Secure Firewall Adaptive Security Appliance, and Secure Firewall Threat Defense Software IKEv2 Denial of Service Vulnerabilities High CVE-2025-20224 CVE-2025-20225 CVE-2025-20239 More… CWE-401 CWE-835 Download CSAF Email Summary Multiple   show more ...

vulnerabilities in the Internet Key Exchange Version 2 (IKEv2) feature of Cisco IOS Software, Cisco IOS XE Software, […] La entrada Cisco IOS, IOS XE, Secure Firewall Adaptive Security Appliance, and Secure Firewall Threat Defense Software IKEv2 Denial of Service Vulnerabilities – Source:sec.cloudapps.cisco.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Breaking News

Source: securityaffairs.com – Author: Pierluigi Paganini PhantomCard, an NFC-driven Android Trojan in Brazil, relays card data to fraudsters, spread via fake Google Play “card protection” apps. ThreatFabric warns of PhantomCard, a new Android NFC-driven trojan targeting Brazilian banking customers and   show more ...

possibly expanding globally. The malicious code is based on Chinese NFC relay Malware-as-a-Service, it relays victims’ card […] La entrada New NFC-Driven Android Trojan PhantomCard targets Brazilian bank customers – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

2025-08
Aggregator history
Friday, August 15
FRI
SAT
SUN
MON
TUE
WED
THU
AugustSeptemberOctober