Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history
image for UAE Cyber Security C ...

 Cyber News

The UAE Cyber Security Council (CSC) has issued a stark warning that 70 per cent of smart home devices are vulnerable to cyberattacks if not properly secured. The council emphasized that the growing popularity of connected technologies, from smart speakers to security cameras, has created new openings for   show more ...

cybercriminals. Smart technologies such as voice assistants, connected cameras, smart lighting, and air conditioning systems are now common in households across the Emirates. While these devices have brought greater comfort and convenience, they are also creating new openings for hackers. The UAE CSC cautioned that weak security awareness among users and the continued use of default device settings are making homes easy targets for cybercriminals. Smart Home Devices Under Attack According to the council, simple behaviours like leaving voice assistants permanently active, connecting them to unsecured networks, or sharing the main Wi-Fi password with guests can expose sensitive data. Once inside a home network, intruders could gain remote control of smart devices, access personal files, or even monitor private conversations. One of the most concerning areas highlighted by the CSC is the use of baby monitors. While designed to provide peace of mind to parents, many models are easily hacked if left unsecured. In the worst-case scenario, attackers could use them to track movement inside homes, listen in on conversations, or even attempt direct communication with children or family members. Steps to Strengthen Home Security To counter these risks, the UAE Cyber Security Council urged residents to follow essential safety measures: Use strong, unique passwords for all devices. Update device software regularly. Manage all smart systems through a central controller to limit entry points. Switch off voice assistants when not in use. Enable built-in security and privacy settings. Create a separate network for smart devices, apart from the main Wi-Fi. “We urge every household to take small but critical steps — from updating devices to using separate Wi-Fi networks — to close the door on attackers,” the council advised. Cyber Pulse Campaign As part of its ongoing ‘Cyber Pulse’ awareness campaign, the CSC is dedicating this week to educating families on smart home threats and practical steps to reduce them. The initiative also ties into broader awareness on digital fraud, particularly around Buy Now, Pay Later (BNPL) scams. In a recent LinkedIn post, the UAE Cyber Security council cautioned: “Buy Now Pay Later can be an open door to fraudsters. BNPL scams often use fake offers and unsafe links to steal personal data and banking details. As fast payment methods grow, so do the risks. Stay aware. Secure your accounts to protect your future.” Another post further notaed: “Buy Now, Pay Later promises comfort and convenience, but it also opens the door to fraud. Account takeovers, weak security checks, and poor provider response can leave victims with major financial losses.” Key Risks Before Using BNPL The CSC highlighted three major risks consumers should be aware of before using BNPL services: Account Takeover – Stolen logins allow fraudsters to shop under a victim’s name. Weak Authentication – Lack of OTPs or alerts makes it hard to stop suspicious transactions. Unresponsive Providers – Delayed responses from providers can leave victims to bear losses. [caption id="attachment_105060" align="aligncenter" width="542"] LinkedIn[/caption] By strengthening awareness and taking simple but vital precautions, households and consumers can protect not only their smart home devices and data but also their financial well-being. The CSC’s message is clear: the convenience of smart living must be matched by a commitment to smart security.

image for Pakistan Launches Pr ...

 Firewall Daily

The Pakistani government has launched an urgent investigation following reports of a massive data leak involving SIM holders’ personal information, including that of Interior Minister Mohsin Naqvi. The leaked SIM data, reportedly being sold openly online, has sparked national concern over digital security and   show more ...

privacy.  The Ministry of Interior confirmed in an official press release that Minister Naqvi had taken immediate notice of the situation and ordered the formation of a special investigation team. The National Cyber Crimes Investigation Agency, acting on the minister's directives, has constituted this team with a strict deadline to complete its probe and submit findings within 14 days.  The team will thoroughly examine the circumstances, and those involved in the data leakage will be identified and brought to justice through legal action," the press release stated.  SIM Data Being Sold Online for Pennies  According to media reports, the breach involves the sale of sensitive SIM data on Google platforms. It is claimed that the mobile location of individuals is being sold for Rs 500, mobile data records for Rs 2,000, and even details of foreign trips for Rs 5,000. Disturbingly, these illicit transactions include data related to government officials and private citizens alike, reported Pakistani English-language newspaper Dawn. This news comes just months after the Pakistan National Cyber Emergency Response Team (PKCERT) issued a dire warning about a global data breach that affected more than 180 million Pakistani internet users. PKCERT identified a publicly accessible, unencrypted database containing over 184 million unique account credentials, including usernames, emails, and passwords.  The data, linked to social media services, banking institutions, healthcare platforms, and government portals, had been stolen using infostealer malware. This malicious software extracts sensitive data from infected systems. The stolen information was stored without any encryption or password protection, making it easily exploitable.  “The leaked database is believed to have been compiled using infostealer malware... This data was stored in plain text and left completely unprotected,” the advisory noted.  PKCERT, the federal agency responsible for protecting Pakistan’s digital assets and critical infrastructure, warned that the breach could lead to:  Credential stuffing attacks  Identity theft  Unauthorized access to sensitive accounts  Targeted phishing and social engineering  Malware deployment using stolen credentials  The advisory urged citizens, especially SIM holders, to change their passwords regularly and use credible online tools to check for data breaches.  Previous Breaches Raise Questions About Data Security  This is not the first high-profile breach of sensitive Pakistani data. In March 2024, a Joint Investigation Team (JIT) reported to the Interior Ministry that the credentials of 2.7 million people were compromised between 2019 and 2023 in a separate incident involving the National Database and Registration Authority (NADRA).  The overlapping timelines and repeated breaches have raised serious questions about the effectiveness of digital security protocols in Pakistan. With the increasing digital footprint of citizens, including the widespread use of mobile phones and SIM cards, the protection of SIM data and related personal information is more important than ever.  As the investigation ordered by Interior Minister Naqvi unfolds, public attention will remain focused on both the Interior Ministry and PKCERT to ensure accountability, transparency, and most importantly, stronger data protection mechanisms for Pakistan’s millions of SIM holders. 

image for Roblox Turns to AI-B ...

 Compliance

Roblox is rolling out a bold move to bolster child protection on its platform. In a Safety + Civility update, Chief Safety Officer Matt Kaufman announced that, by the end of 2025, every user accessing communication features—including chat and voice—will go through age estimation via a combination of facial AI, ID   show more ...

verification, or parental consent. These updates aim to provide safer, age-appropriate experiences and could become a best practice across the gaming and social media industries. Layered Approach Roblox’s new system will replace the old self-reported age entry—a method easily manipulated. Instead, the platform will: Use facial age estimation, where a selfie is processed with AI to estimate a user’s age. If age is uncertain, fall back on government ID verification, or parental consent. Data captured is used to segment users into under 13, 13–17, and 18+ tiers, unlocking different communication capabilities. This stratified approach ties into Roblox’s "Trusted Connections" feature: users aged 13–17 can only communicate with adults they know in real life—verified via QR codes or contact imports. For those under 13, private messaging is disabled altogether. Building on Prior Safety Efforts Since early 2025, Roblox has introduced over 100 safety initiatives—everything from Roblox Sentinel, an open-source AI that flags concerns of child endangerment, to enhanced chat filters and avatar moderation using real-time detection. These changes build on existing safeguards like public chat filtering, and default blocks on voice and image sharing for users under 13. Also read: AI, Teens, and Trust: Roblox’s New Safety Tools Raise Old Questions Roblox has also adopted ESRB/IARC age ratings for its experiences, reinforcing context for parents and creators about content maturity levels. Balancing Safety and Privacy Concerns While the new age assessment system promises tighter control over risky communications, it also raises valid privacy questions. Facial scans and ID checks are sensitive data streams, and privacy advocates warn about potential misuse, spoofing, or false positives—especially for kids. Malwarebytes notes that age-verification systems using biometric data may well increase safety, but they are not foolproof. Techniques like “double-anonymity,” where verification is separated from service use, offer better privacy but remain rare. The Pressure Behind the Push Regulatory scrutiny and public pressure have undoubtedly influenced Roblox’s strategy. The company is currently facing a high-profile lawsuit from Louisiana’s Attorney General, who accuses it of failing to safeguard children. The AG labeled the platform "the perfect place for pedophiles," arguing Roblox prioritized profit over protective measures. Simultaneously, Roblox’s banning of a popular YouTuber known as “Schlep”—a self-styled predator hunter—drew backlash from both the public and lawmakers, with a petition led by Rep. Ro Khanna demanding stronger safety reforms. Roblox says it hopes to build a safety-first playbook that others follow—even if laws mandating age verification don’t arrive first. The UK’s Online Safety Act and Missouri’s age-assurance requirements may soon make such practices compulsory for broader platforms. Also read: Ofcom Finalizes Online Child Safety Rules to Protect UK’s Youngest Internet Users Roblox’s shift to AI-driven age verification marks one of the boldest safety efforts yet in social gaming—a recognition of both the platform’s risks and its responsibility. While the technology isn’t perfect, the multi-layered strategy suggests Roblox is moving beyond voluntary filters toward systematic protection, even amid debates about privacy and implementation. As Roblox continues to expand into branded experiences and social hangouts, the effectiveness of these measures will be a critical case study for regulators, developers, and parents alike. Also read: Third-Party Data Breach Exposes Video Gaming Giant Roblox Developers’ Data

image for Qantas Airways Slash ...

 Cyber Essentials

Australia’s Qantas Airways has announced a cut in short-term incentives for its Group CEO and executive team following a major Qantas July cyberattack in that exposed the personal data of 5.7 million customers. In its latest annual report, the Qantas Board said it recognized the significant impact of the Qantas   show more ...

cyberattack on customers and reduced annual bonuses for senior leadership by 15 percentage points. For Group CEO Vanessa Hudson, this translates to a $250,000 reduction in her pay. “Despite the strong performance, the Board decided to reduce annual bonuses by 15 percentage points as a result of the impact the cyber incident had on our customers,” said Qantas Group Chairman John Mullen. “This reflects their shared accountability, while acknowledging the ongoing efforts to support customers and put in place additional protections.” Details of the Qantas Cyberattack The Australian airline confirmed that the Qantas data breach stemmed from unauthorized access to a third-party customer service platform used by one of its contact centers. While flight operations and safety were not affected, sensitive customer data was compromised. A forensic investigation revealed that 2.8 million customers had their names, email addresses, and frequent flyer numbers exposed. For another 1.7 million, additional details such as home addresses, dates of birth, phone numbers, meal preferences, or genders were accessed. In total, the Qantas cyberattack impacted 5.7 million customers. Qantas stressed that no passport or credit card details were leaked, and the stolen data was not sufficient to gain access to frequent flyer accounts. To protect customers, Qantas secured an injunction from the NSW Supreme Court to prevent the stolen data from being published or accessed by third parties. The airline also notified the Australian Federal Police, the National Cyber Security Coordinator, and the Australian Cyber Security Centre, along with relevant regulators in other jurisdictions. Support and Remediation Efforts The airline of Australia has been proactive in communicating with affected customers of Qantas cyberattack, offering a dedicated support line and access to specialist identity protection services. Qantas also said it has put in place stronger monitoring and security controls across its systems to prevent similar Qantas cyberattack incidents. “We continue to incorporate lessons learned from this breach into our risk management framework,” the company said in its annual report. The airline highlighted the rise of social engineering and phishing threats targeting both businesses and individuals. To counter this, it has introduced several initiatives, including annual Cyber Safety Week, phishing simulations based on real-world threats, and tailored training for higher-risk employees such as developers, privileged users, and pilots. Qantas has also introduced recognition programs to reward employees who demonstrate strong cybersecurity practices, reinforcing what it describes as a “CyberSafe culture” across the organization. Financial Performance and Employee Rewards Despite the Qantas July cyberattack, Australian Airline reported a profit of $1.5 billion for the last fiscal year, buoyed by strong travel demand and cost efficiencies. Alongside executive pay cuts, the airline announced measures to reward its wider workforce. This year, around 25,000 non-executive employees will be granted $1,000 worth of company shares under a new annual share plan, subject to company performance. This follows a $1,000 “Thank You” payment made in December 2024. “With a highly skilled and passionate workforce, compelling dual-brand proposition, our largest-ever fleet order, and one of the world’s best airline loyalty programs, we are well placed to achieve our long-term goals,” said Chairman Mullen. The Qantas July 2025 cyberattack has highlighted the growing threat of cyber incidents to global airlines and the broader aviation sector. While investigations into the Qantas cyberattack are still ongoing, Qantas says it is determined to strengthen its defenses and restore customer trust. The Australian airline has also pledged to continue investing in technology, staff training, and partnerships with government agencies to enhance its resilience.

image for LockBit Attempts Com ...

 Cyber News

LockBit was once the most feared ransomware group until global law enforcement action sent the group into decline last year. Now the threat group hopes to mount a comeback with LockBit 5.0. LockBit announced the release of LockBit version 5.0 on the underground forum RAMP last week (image below), coinciding with the   show more ...

sixth anniversary of the group’s ransomware operations. LockBit says the update includes a complete redevelopment of their ransomware panel and lockers, and the new malware is more modular and offers faster encryption and better evasion of security defenses. [caption id="attachment_105101" align="aligncenter" width="625"] LockBit 5 0 ransomware announcement (source: Cyble)[/caption] LockBit shared the panel address and claimed their program is highly profitable for affiliates, adding that a more detailed announcement will be coming soon. However, it remains to be seen whether the new features will be enough to reverse the group’s long-term decline. Can LockBit 5.0 Reverse Ransomware Group’s Decline? LockBit is the all-time top ransomware group in Cyble’s threat intelligence database (chart below), with more than 2,700 claimed victims, roughly three times more than competitors like Play, CL0P and Akira. [caption id="attachment_105103" align="aligncenter" width="1200"] LockBit has claimed by far the most ransomware victims during its history (Cyble)[/caption] However, in the last year LockBit has claimed only about 60 victims total, according to Cyble data, a dramatic decline for the group and about 90% less than the new leaders that have emerged during that time. Akira, Qilin and RansomHub have all claimed around 600 victims each since September 2024, but leadership has shifted dramatically during that time, as a possible act of sabotage by rival DragonForce sent RansomHub into decline in late March 2025 and Qilin has emerged as the most active ransomware group in the months since then. LockBit 4.0 failed to gain much traction and was never completely rolled out, and now the group is attempting to mount a comeback against rivals that have done well attracting ransomware affiliates on terms like profit sharing and features, so the road back for LockBit appears to be a challenging one. Enforcement Actions Against LockBit Met with Success LockBit’s decline began after an international law enforcement action in February 2024 severely disrupted the group, resulting in arrests, shutdown of infrastructure, seizure of servers and data leak sites, and freezing of cryptocurrency accounts linked to the group. More arrests have since followed, and the group has averaged just five new victims a month in the last year. The group’s own leaked source code has been used by rivals in their ransomware development, and another leak in May 2025 further exposed the group’s operations. In short, LockBit may face a steep challenge in its comeback attempt, but the group's history still makes it one to be wary of.

image for Argo CD Security Fla ...

 Firewall Daily

A security flaw in Argo CD, the popular open-source GitOps tool for Kubernetes, has been targeted at the DevOps and cloud-native communities. Tracked as CVE-2025-55190, the vulnerability has been rated critical with a CVSS score of 9.8 out of 10, as it allows attackers to retrieve sensitive repository credentials,   show more ...

including usernames and passwords, through a project-level API token. The flaw resides in the Project API endpoint (/api/v1/projects/{project}/detailed) of Argo CD. According to the official security advisory, API tokens assigned only basic project-level permissions were able to access repository credentials that should have been off-limits unless explicitly granted. In simpler terms, even if a token was meant just for managing application sync or triggering rollouts, it could still be used to extract credentials for repositories, including Helm chart repositories, associated with the project. These credentials appeared in API responses, making them visible to anyone with token access. Security researcher @crenshaw-dev, who coordinated the disclosure along with other contributors, made the vulnerability public three days ago. The bug was identified in Argo CD versions starting from 2.2.0-rc1, and patched updates have since been released in versions v3.1.2, v3.0.14, v2.14.16, and v2.13.9. Further, the vulnerability was reported and coordinated by @crenshaw-dev, with credits also given to @ashishgoyal111, @ntammineni5, @34fathombelow, @alexmt, and @svghadi for identifying, reporting, and helping remediate the issue.  A Closer Look at CVE-2025-55190  The CVE-2025-55190 flaw is considered severe due to the combination of factors involved:  Attack vector: Network  Attack complexity: Low  Privileges required: Low  User interaction: None  Scope: Changed  Confidentiality/Integrity/Availability Impact: High  This essentially means an attacker with only minor access (e.g., an automation role token) and no user interaction could exploit this to obtain credentials and further compromise a Kubernetes environment.  The vulnerability isn’t limited to project-specific roles. Tokens with broader permissions, such as projects. get across the system is also affected. This greatly expands the potential attack surface, especially in large enterprise Kubernetes environments using Argo CD for continuous deployment.  Real-World Impact  A proof-of-concept shared in the security advisory showed how an attacker could exploit the flaw. By creating an API token with limited permissions and querying the /projects/{project}/detailed endpoint, the attacker receives a JSON response containing cleartext usernames and passwords for repositories:  "repositories": [  {    "username": "admin",    "password": "secret123",    "type": "helm",    "name": "test-helm-repo",    "project": "myProject"  } ] The misuse of these credentials could enable attackers to alter application deployments, insert malicious container images, or interfere with the entire software supply chain. Given the widespread use of Argo CD in Kubernetes clusters.  Mitigation and Patching  The Argo CD team has issued immediate patches across multiple branches:  v3.1.2  v3.0.14  v2.14.16  v2.13.9  Users running affected versions should upgrade immediately. For organizations unable to apply updates right away, it's advised to rotate all repository credentials, audit API token permissions, and limit API access until patches can be implemented. 

image for Chinese Hackers Impe ...

 Espionage

Chinese hackers, allegedly linked to the state, attempted to infiltrate the U.S. networks during sensitive trade discussions earlier this year by impersonating a sitting congressman, according to a report in The Wall Street Journal. In July, as Washington and Beijing prepared for high-level trade negotiations in   show more ...

Sweden, targeted emails were sent to American trade groups, law firms, and federal agencies. The messages, appearing to come from Representative John Moolenaar — chairman of the House committee on U.S.–China strategic competition — urged recipients to review draft sanctions legislation. The attachment, however, contained spyware, the Journal reported. Investigators later attributed the activity to APT41, a hacking group long suspected of ties to China’s Ministry of State Security. Cyber analysts told the Journal that if opened, the attachment could have given attackers deep access to victim systems, enabling them to extract sensitive documents and monitor ongoing negotiations. The FBI confirmed it was investigating. “We are working with our partners to identify and pursue those responsible,” an FBI spokesperson told the newspaper. Capitol Police declined to comment. Moolenaar condemned the operation, calling it “another example of China’s offensive cyber operations designed to steal American strategy and leverage it.” He added, “We will not be intimidated.” Beijing rejected the allegations, with a Chinese Embassy statement insisting that the country “firmly opposes and combats all forms of cyber attacks and cyber crime” and warning against “smearing others without solid evidence.” APT41’s Technical Playbook APT41, also tracked under aliases such as Double Dragon and Barium, is one of China’s most versatile state-sponsored groups. Analysts told the Journal that the group’s hallmark is its dual-use capability — conducting espionage on behalf of the state while also engaging in financially motivated cybercrime. The group has a long history of using spear-phishing and watering-hole attacks, often impersonating trusted figures or exploiting zero-day vulnerabilities. Its malware arsenal includes ShadowPad, a modular backdoor frequently used in Chinese espionage campaigns, and other custom loaders designed to maintain persistence. Also read: Chinese Hackers Targeted Taiwanese Research Institute with ShadowPad and Cobalt Strike APT41 also makes heavy use of publicly available exploits. Past alerts from U.S. agencies note the group’s exploitation of vulnerabilities in Citrix, Atlassian Confluence, and Microsoft Exchange. Analysts believe the spyware used in the Moolenaar impersonation likely followed a familiar playbook: reconnaissance, credential harvesting, lateral movement, and long-term surveillance. A Track Record of Global Intrusions The campaign described by the Journal is not an isolated incident. In 2020, the U.S. Department of Justice indicted five Chinese nationals linked to APT41 on charges of hacking more than 100 companies worldwide. Victims included software firms, universities, telecom providers, and even non-profit organizations. Prosecutors alleged the group stole source code, proprietary business information, and intellectual property on a massive scale. Beyond espionage, APT41 has been tied to cybercrime for profit. Researchers have documented its role in stealing digital gaming currency and selling access to compromised servers. The group’s ability to switch seamlessly between state-directed intelligence operations and financially motivated crime sets it apart from many other advanced persistent threat (APT) groups. More recently, APT41 has been implicated in targeting the healthcare sector, with reports of attempted intrusions into hospitals and pharmaceutical firms during the COVID-19 pandemic. Security analysts say such activity aligns with Beijing’s interest in gaining access to sensitive medical research and health data. Espionage Pattern The phishing campaign took place just days before negotiators agreed to extend a tariff truce and resume discussions on a possible summit between President Trump and Chinese President Xi Jinping. Experts noted that compromising advisory groups or law firms tied to the talks would allow Beijing to anticipate U.S. positions and adjust its strategy. Mandiant told the Journal that the spyware in this case could have burrowed deep into networks, enabling long-term monitoring. For adversaries like APT41, analysts said, such access is more valuable than short-term disruption — it provides leverage in negotiations and insights into political decision-making. Earlier this year, hackers impersonated Secretary of State Marco Rubio using AI-generated content, while phishing attempts targeted White House staff, including Chief of Staff Susie Wiles, the Journal reported. Together, these incidents point to an intensifying focus on U.S. political leadership and policy processes. The attempt to compromise U.S. trade stakeholders shows how cyber operations increasingly run parallel to geopolitical negotiations. Experts said that while military maneuvers often capture headlines, cyber espionage has become a quieter but equally potent front. As tensions over technology, tariffs, and national security continue to define U.S.–China relations, espionage campaigns exploiting trust, urgency, and political credibility are likely to remain central to Beijing’s toolkit.

 Cybercrime

Secretary of State Marco Rubio said U.S. officials sanctioned nine people and companies involved in running Shwe Kokko — a hub for scam centers in Myanmar — as well as four individuals and six entities for their roles operating forced labor compounds in Cambodia.

 Feed

When Attackers Get Hired: Today’s New Identity Crisis What if the star engineer you just hired isn’t actually an employee, but an attacker in disguise? This isn’t phishing; it’s infiltration by onboarding. Meet “Jordan from Colorado,” who has a strong resume, convincing references, a clean background check, even a digital footprint that checks out. On day one, Jordan logs into email and attends

 Feed

Cybersecurity never slows down. Every week brings new threats, new vulnerabilities, and new lessons for defenders. For security and IT teams, the challenge is not just keeping up with the news—it’s knowing which risks matter most right now. That’s what this digest is here for: a clear, simple briefing to help you focus where it counts. This week, one story stands out above the rest: the

 Feed

Salesloft has revealed that the data breach linked to its Drift application started with the compromise of its GitHub account. Google-owned Mandiant, which began an investigation into the incident, said the threat actor, tracked as UNC6395, accessed the Salesloft GitHub account from March through June 2025. So far, 22 companies have confirmed they were impacted by a supply chain breach. "With

 Feed

Cybersecurity researchers have detailed a new sophisticated malware campaign that leverages paid ads on search engines like Google to deliver malware to unsuspecting users looking for popular tools like GitHub Desktop. While malvertising campaigns have become commonplace in recent years, the latest activity gives it a little twist of its own: Embedding a GitHub commit into a page URL containing

 Artificial Intelligence

Source: www.csoonline.com – Author: As the race to invest in AI tools, technologies and capabilities continues, it is critical for cybersecurity leaders to not only look at whether the AI-embedded software is secure but also to scrutinize whether the AI data centers are secure as well. Investment into AI data   show more ...

center development is exponentially increasing: […] La entrada The importance of reviewing AI data centers’ policies – Source: www.csoonline.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Careers

Source: www.csoonline.com – Author: From failing to align security strategy to business priorities, to fumbling a breach, CISOs and aspiring security leaders can hamper their professional ambitions through a range of preventable missteps. There are some bad behaviors that can get executives in trouble. Illegal   show more ...

and unethical actions are the most obvious, and they typically […] La entrada 10 security leadership career-killers — and how to avoid them – Source: www.csoonline.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.cyberdefensemagazine.com – Author: News team Imagine a world where today’s encryption, the very foundation of digital trust, can be unraveled in seconds. This isn’t science fiction – it’s the promise and peril of quantum computing. Quantum technology, once confined to theory, is rapidly   show more ...

advancing and reshaping what we know about cybersecurity. While its applications […] La entrada Unbreakable? Defending Data in A Quantum-powered World – Source: www.cyberdefensemagazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 cyber

Source: www.cyberdefensemagazine.com – Author: News team It’s that time of the year again– time to renew the corporate cyber insurance policy, and as the most senior cyber security professional in the company you are asked to fill out the annual cyber security questionnaire. From the CIO or CISO’s chair   show more ...

it can seem like the different […] La entrada Your Cyber Policy is a Security Control: Why CISOs Need a Seat at the Table – Source: www.cyberdefensemagazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

Source: hackread.com – Author: Waqas. Heard about the recent data breaches where attackers used the Salesloft Drift application to access Salesforce data? There’s now a major update. The company has provided new details about the recent security incident involving its Drift application, confirming that the   show more ...

breach has been contained and customer protections are in place. […] La entrada Salesloft Drift Breach Traced to GitHub Compromise and Stolen OAuth Tokens – Source:hackread.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 AI

Source: www.securityweek.com – Author: Matias Madou Thanks to security teams improving exponentially at protecting networks, cyber criminals are increasingly targeting vulnerabilities in software. And, due to the near-ubiquitous deployment of artificial intelligence (AI) tools in the software development   show more ...

lifecycle (SDLC), these criminals are finding exploitable flaws more easily than ever. According to the Stack Overflow […] La entrada How to Close the AI Governance Gap in Software Development – Source: www.securityweek.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Contagious Interview

Source: www.securityweek.com – Author: Ionut Arghire At least 230 individuals were targeted by North Korean hackers in fake cryptocurrency job interview attacks earlier this year, SentinelOne and Validin report. In continuation of the Contagious Interview campaign that started in 2022, and which was seen   show more ...

employing the ClickFix technique in early 2025, the threat actors pose […] La entrada North Korean Hackers Targeted Hundreds in Fake Job Interview Attacks – Source: www.securityweek.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Apple

Source: www.securityweek.com – Author: Eduard Kovacs Apple has kicked off the application period for the 2026 Security Research Device Program. White hat hackers interested in obtaining an iPhone that was specifically configured for security research can apply until October 31. Apple has been offering these   show more ...

‘hackable’ iPhones to security researchers since 2020.  Through the Security […] La entrada Apple Seeks Researchers for 2026 iPhone Security Program – Source: www.securityweek.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.proofpoint.com – Author: Rob Wright, Senior News Director, Dark Reading August 20, 2025 3 Min Read Source: Alon Harel, via Alamy Stock Photo Cybercriminals are increasingly abusing vibe coding startup Lovable to quickly create malicious websites for phishing attacks, crypto scams, and other threats.   show more ...

Lovable, based in Stockholm, Sweden, launched its generative AI-powered vibe […] La entrada Cybercriminals Abuse Vibe Coding Service to Create Malicious Sites – Source: www.proofpoint.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Critical

Source: www.darkreading.com – Author: Amar Ramakrishnan Source: designer491 via Alamy Stock Photo COMMENTARY Business has slowed considerably in the vulnerability management market segment, yet there are more vulnerabilities to contend with than ever before. When security mainstays experience the same harsh   show more ...

conditions, it’s worth paying attention.  Through rose-colored glasses, it’s a success story; they’ve reached […] La entrada The Critical Failure in Vulnerability Management – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.darkreading.com – Author: Elizabeth Montalbano, Contributing Writer The China-backed threat actors have used the previously undiscovered infrastructure to obtain long-term, stealthy access to targeted organizations. Original Post URL: https://www.darkreading.   show more ...

com/threat-intelligence/new-domains-salt-typhoon-unc4841 Category & Tags: – Views: 2 La entrada 45 New Domains Linked to Salt Typhoon, UNC4841 – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Breaking News

Source: securityaffairs.com – Author: Pierluigi Paganini Pierluigi Paganini September 08, 2025 Wealthsimple reported a data breach affecting some customers due to a supply chain attack via a third-party software package. Canadian investment platform Wealthsimple disclosed a data breach that impacted some   show more ...

customers. The company discovered the security breach on August 30, which stemmed from a supply […] La entrada Canadian investment platform Wealthsimple disclosed a data breach – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Breaking News

Source: securityaffairs.com – Author: Pierluigi Paganini Pierluigi Paganini September 08, 2025 Venezuela’s President Maduro shows Huawei Mate X6 gift from China’s President Xi Jinping, hailing it as “unhackable” by U.S. spies. Last week, Venezuelan President Nicolás Maduro showcased a Huawei Mate X6   show more ...

smartphone, reportedly gifted by China’s President Xi Jinping, claiming that US cyber spies […] La entrada Venezuela’s President Maduro said his Huawei Mate X6 cannot be hacked by US cyber spies – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 APT31

Source: securityaffairs.com – Author: Pierluigi Paganini Pierluigi Paganini September 08, 2025 Czech cybersecurity agency NUKIB warns of Chinese cyber threats to critical infrastructure, citing the cyberespionage group APT31 and risky devices. The Czech Republic’s National Cyber and Information Security   show more ...

Agency (NUKIB) warns of growing risks from Chinese-linked technologies in critical sectors like energy, healthcare, transport, […] La entrada Czech cyber agency NUKIB flags Chinese espionage risks to critical infrastructure – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Breaking News

Source: securityaffairs.com – Author: Pierluigi Paganini We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit “Cookie Settings” to   show more ...

provide a controlled consent. Cookie SettingsAccept All Original Post […] La entrada SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 61 – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.infosecurity-magazine.com – Author: Canadian fintech firm Wealthsimple has confirmed a data breach that exposed sensitive information belonging to roughly 30,000 customers. The incident, detected on August 30, was traced to compromised software supplied by a third-party vendor. According to   show more ...

Wealthsimple, the exposed data included contact details, government-issued IDs, Social Insurance Numbers, dates of birth, […] La entrada Wealthsimple Confirms Data Breach After Supply Chain Attack – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.infosecurity-magazine.com – Author: A phishing campaign delivering a new strain of malware, MostereRAT, has been uncovered by cybersecurity researchers. The Remote Access Trojan (RAT) targets Microsoft Windows systems and gives attackers complete control over compromised machines. According to   show more ...

FortiGuard Labs, which discovered the threat, what sets this campaign apart is its layered use of […] La entrada MostereRAT Targets Windows Users With Stealth Tactics – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.infosecurity-magazine.com – Author: Abuses of remote access software and services are the most common ‘pre-ransomware’ indicators, according to new research from Cisco Talos. Adversaries frequently leverage legitimate remote services such as RDP, PsExec and PowerShell, the researchers observed.   show more ...

Additionally, remote access software such as AnyDesk, Atera and Microsoft Quick Assist were often exploited. Cisco […] La entrada Remote Access Abuse Biggest Pre-Ransomware Indicator – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.infosecurity-magazine.com – Author: Cybersecurity providers Tenable and Qualys are the latest in a growing list of companies affected by a significant supply chain attack targeting Salesforce customer data. The campaign involved the theft of OAuth authentication tokens connected to Salesloft Drift,   show more ...

a third-party application integrated with Salesforce used to automate workflows and manage leads […] La entrada Qualys, Tenable Latest Victims of Salesloft Drift Hack – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

2025-09
Aggregator history
Monday, September 08
MON
TUE
WED
THU
FRI
SAT
SUN
September