Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history

 Feed

The U.S. Federal Bureau of Investigation (FBI) has issued a flash alert to release indicators of compromise (IoCs) associated with two cybercriminal groups tracked as UNC6040 and UNC6395 for a string of data theft and extortion attacks. "Both groups have recently been observed targeting organizations' Salesforce platforms via different initial access mechanisms," the FBI said. UNC6395 is a

 0CISO2CISO

Source: securityaffairs.com – Author: Pierluigi Paganini Pierluigi Paganini September 12, 2025 Cisco addressed multiple high-severity IOS XR vulnerabilities that can allow ISO image verification bypass and trigger DoS conditions. Cisco addressed multiple vulnerabilities in IOS XR software as part of its   show more ...

semiannual Software Security Advisory Bundled Publication published on September 10, 2025. Below are the […] La entrada Cisco fixes high-severity IOS XR flaws enabling image bypass and DoS – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Android

Source: securityaffairs.com – Author: Pierluigi Paganini Pierluigi Paganini September 12, 2025 Samsung fixed the remote code execution flaw CVE-2025-21043 that was exploited in zero-day attacks against Android devices. Samsung addressed the remote code execution vulnerability, tracked as CVE-2025-21043, that   show more ...

was exploited in zero-day attacks against Android users. The vulnerability is an out-of-bounds Write in libimagecodec.quram.so […] La entrada Samsung fixed actively exploited zero-day – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Breaking News

Source: securityaffairs.com – Author: Pierluigi Paganini Pierluigi Paganini September 12, 2025 LNER warns of a data breach via a third-party supplier, exposing customer contact details and other personal information. UK train operator LNER (London North Eastern Railway) reported a data breach through a   show more ...

third-party supplier, compromising customer contact details and other personal information. LNER (London […] La entrada UK train operator LNER (London North Eastern Railway) discloses a data breach – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 0CISO2CISO

Source: securityaffairs.com – Author: Pierluigi Paganini Pierluigi Paganini September 12, 2025 Apple warned users of a spyware campaign; France’s cyber agency confirmed targeted iCloud-linked devices may be compromised. Apple warned customers last week about new spyware attacks, the French national Computer   show more ...

Emergency Response Team (CERT-FR) said. The agency confirmed at least four such alerts since […] La entrada Apple issues spyware warnings as CERT-FR confirms attacks – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Breaking News

Source: securityaffairs.com – Author: Pierluigi Paganini Pierluigi Paganini September 12, 2025 U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Dassault Systèmes DELMIA Apriso flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency   show more ...

(CISA) added Dassault Systèmes DELMIA Apriso flaw, tracked as CVE-2025-5086 (CVSS score of 9.0), to its Known Exploited Vulnerabilities (KEV) catalog. Dassault […] La entrada U.S. CISA adds Dassault Systèmes DELMIA Apriso flaw to its Known Exploited Vulnerabilities catalog – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 CSOonline

Source: www.csoonline.com – Author: Service can get around cloud single-sign-on providers, warns Okta. Identity and access management provider Okta has discovered what it says is a novel phishing-as-a-service (PhaaS) operation that, if victims fall for an infected email, may get around the user account   show more ...

protections from third-party single sign-on providers to steal Microsoft and Google […] La entrada VoidProxy phishing-as-a-service operation steals Microsoft, Google login credentials – Source: www.csoonline.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cloud Security

Source: www.csoonline.com – Author: The Spectre-like CPU branch target injection (BTI) breaks the guest-host layer in virtualized environments, introducing a new threat to data centers and the cloud. Researchers have demonstrated a Spectre-like CPU branch target injection attack that allows malicious virtual   show more ...

machine users to leak sensitive information from host hypervisors such as KVM/QEMU on […] La entrada VMScape Spectre BTI attack breaks VM isolation on AMD and Intel CPUs – Source: www.csoonline.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 CSOonline

Source: www.csoonline.com – Author: by Shane O’Neill for CSO Events Feature Sep 12, 20256 mins The supply chain solutions provider used data consolidation and AI to turn overwhelming security alerts into clear priorities, saving time and reducing risk. Wesco is best known as a leading supply chain partner   show more ...

that provides electrical and communication systems and […] La entrada How Wesco cut through the noise and reimagined risk management – Source: www.csoonline.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 CSOonline

Source: www.csoonline.com – Author: Today’s security leaders should focus on continuous learning and strengthening defenses against evolving cyber threats. Laura Deaner, recently appointed chief information security officer at the Depository Trust & Clearing Corporation (DTCC), has spent more than 25   show more ...

years at the forefront of enterprise cybersecurity. From leading information security programs as CISO at […] La entrada 2025 CSO Hall of Fame: Laura Deaner on AI, quantum threats, and cyber leadership – Source: www.csoonline.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 CSOonline

Source: www.csoonline.com – Author: Attackers are abusing legitimate remote access tools and lightweight scripts to deliver AsyncRAT entirely in memory, bypassing file-based detection. Security researchers have discovered an open-source remote access trojan, AsyncRAT, being delivered through a multi-stage,   show more ...

in-memory loader as adversaries move to fileless techniques. According to LevelBlue Labs’ findings, attackers gained initial foothold […] La entrada Stealthy AsyncRAT flees the disk for a fileless infection – Source: www.csoonline.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.darkreading.com – Author: Rob Wright CERT-FR’s advisory follows last month’s disclosure of a zero-day flaw Apple said was used in “sophisticated” attacks against targeted individuals. Original Post URL: https://www.darkreading.   show more ...

com/vulnerabilities-threats/french-sheds-light-apple-spyware-activity Category & Tags: – Views: 0 La entrada French Advisory Sheds Light on Apple Spyware Activity – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.darkreading.com – Author: Riaz Lakhani Together, we can foster a culture of collaboration and vigilance, ensuring that we are not just waiting for a hero to save us, but actively working to protect ourselves and our communities. Original Post URL: https://www.darkreading.   show more ...

com/cyberattacks-data-breaches/without-federal-help-cyber-defense-cisa Category & Tags: – Views: 0 La entrada Without Federal Help, Cyber Defense Is Up to the Rest of Us – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: securityboulevard.com – Author: Gaurav Banga Here’s a scenario security teams increasingly face. A user—or an attacker pretending to be one—types something like: This is how many prompt injection attempts begin. The phrase looks harmless, but it’s a red flag: the user is telling the AI to forget   show more ...

its built‑in rules. What follows is often […] La entrada Safer Conversational AI for Cybersecurity: The BIX Approach – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: securityboulevard.com – Author: Sofia Naer Introduction On July 16, 2025, Europol revealed the details of Operation Eastwood, a coordinated international strike against one of the most active pro-Russian cybercrime groups, NoName057(016). The announcement promised a major disruption to the group’s   show more ...

activities.  In this blog, we explore whether Operation Eastwood had any real impact on […] La entrada Operation Eastwood: Measuring the Real Impact on NoName057(16) – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 CISA

Source: securityboulevard.com – Author: Jeffrey Burt Five months after the future of the CVE program was thrown in doubt, CISA this week released a roadmap that calls for steps to take for its new “quality era,” which includes public sponsorship, expanded public-private partnership, and   show more ...

modernization. The post CISA Lays Out Roadmap for CVE Program’s ‘Quality […] La entrada CISA Lays Out Roadmap for CVE Program’s ‘Quality Era’ – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: securityboulevard.com – Author: Marc Handelman via the comic artistry and dry wit of Randall Munroe, creator of XKCD Permalink The post Randall Munroe’s XKCD ‘Dual Roomba’ appeared first on Security Boulevard. Original Post URL: https://securityboulevard.   show more ...

com/2025/09/randall-munroes-xkcd-dual-roomba/?utm_source=rss&utm_medium=rss&utm_campaign=randall-munroes-xkcd-dual-roomba Category & Tags: Humor,Security Bloggers Network,Randall Munroe,Sarcasm,satire,XKCD – Humor,Security Bloggers Network,Randall Munroe,Sarcasm,satire,XKCD Views: 1 La entrada Randall Munroe’s XKCD ‘Dual Roomba’ – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.securityweek.com – Author: SecurityWeek News SecurityWeek’s cybersecurity news roundup provides a concise compilation of noteworthy stories that might have slipped under the radar. We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a   show more ...

comprehensive understanding of the cybersecurity landscape. Each week, we curate and […] La entrada In Other News: $900k for XSS Bugs, HybridPetya Malware, Burger King Censors Research – Source: www.securityweek.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: thehackernews.com – Author: . Samsung has released its monthly security updates for Android, including a fix for a security vulnerability that it said has been exploited in zero-day attacks. The vulnerability, CVE-2025-21043 (CVSS score: 8.8), concerns an out-of-bounds write that could result in   show more ...

arbitrary code execution. “Out-of-bounds Write in libimagecodec.quram.so prior to SMR Sep-2025 […] La entrada Samsung Fixes Critical Zero-Day CVE-2025-21043 Exploited in Android Attacks – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Apple

Source: thehackernews.com – Author: . Apple has notified users in France of a spyware campaign targeting their devices, according to the Computer Emergency Response Team of France (CERT-FR). The agency said the alerts were sent out on September 3, 2025, making it the fourth time this year that Apple has   show more ...

notified citizens in the county […] La entrada Apple Warns French Users of Fourth Spyware Campaign in 2025, CERT-FR Confirms – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: thehackernews.com – Author: . Cybersecurity researchers have discovered a new ransomware strain dubbed HybridPetya that resembles the notorious Petya/NotPetya malware, while also incorporating the ability to bypass the Secure Boot mechanism in Unified Extensible Firmware Interface (UEFI) systems using a   show more ...

now-patched vulnerability disclosed earlier this year. Slovakian cybersecurity company ESET said the samples were […] La entrada New HybridPetya Ransomware Bypasses UEFI Secure Boot With CVE-2024-7344 Exploit – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.cyberdefensemagazine.com – Author: News team Software supply chain attacks have emerged as a serious threat in the rapidly evolving field of cybersecurity, especially in medical devices. As these devices become more and more interconnected and dependent on complex software ecosystems, the potential   show more ...

for exploitation through the supply chain has grown exponentially. One powerful tool […] La entrada The Critical Role of Sboms (Software Bill of Materials) In Defending Medtech From Software Supply Chain Threats – Source: www.cyberdefensemagazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.cyberdefensemagazine.com – Author: News team It’s common knowledge in the cybersecurity industry that ransomware is on the rise, with median demands rising 20% year-over-year across virtually all industries. But it’s not only the ransom sums themselves that are escalating; threat actors are   show more ...

engaging in increasingly aggressive tactics and techniques to extort their victims. It’s […] La entrada Ransomware Tactics Are Shifting. Here’s How to Keep Up – Source: www.cyberdefensemagazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 0CISO2CISO

NCEES explains why licensure matters for engineers and answers your top questions about the FE and PE exams. Source Views: 0 La entrada Thinking About Becoming a Licensed Engineer? Start Here. se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 0CISO2CISO

View our compilation of online stories and resources highlighting the Hispanic community and their contributions to STEM.  Source Views: 0 La entrada Celebrate Hispanic Heritage Month With SWE se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: go.theregister.com – Author: Jessica Lyons A new ransomware strain dubbed HybridPetya was able to exploit a patched vulnerability to bypass Unified Extensible Firmware Interface (UEFI) Secure Boot on unrevoked Windows systems, making it the fourth publicly known bootkit capable of punching through the   show more ...

feature and hijacking a PC before the operating system loads. ESET […] La entrada HybridPetya: More proof that Secure Boot bypasses are not just an urban legend – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: go.theregister.com – Author: Jessica Lyons Samsung has fixed a critical flaw that affects its Android devices – but not before attackers found and exploited the bug, which could allow remote code execution on affected devices. The vulnerability, tracked as CVE-2025-21043, affects Android OS   show more ...

versions 13, 14, 15, and 16. It’s due to an out-of-bounds […] La entrada Samsung fixes Android 0-day that may have been used to spy on WhatsApp messages – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: go.theregister.com – Author: Brandon Vigliarolo The Cybersecurity and Infrastructure Security Agency (CISA) nearly let the Common Vulnerabilities and Exposures (CVE) program lapse earlier this year, but a new “vision” document it released this week signals that it now wants more control over   show more ...

the global standard for vulnerability identification. CISA published a two-page summary of […] La entrada All your vulns are belong to us! CISA wants to maintain gov control of CVE program – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.troyhunt.com – Author: Troy Hunt Sponsored by: So I had this idea around training a text-to-speech engine with my voice, then using that to speak over the Sonos at home to announce AI-driven events, such as people ringing the doorbell. A few hours’ worth of video from these weekly updates fed   show more ...

into ElevenLabs and […] La entrada Weekly Update 469 – Source: www.troyhunt.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: thehackernews.com – Author: . The U.S. Federal Bureau of Investigation (FBI) has issued a flash alert to release indicators of compromise (IoCs) associated with two cybercriminal groups tracked as UNC6040 and UNC6395 for a string of data theft and extortion attacks. “Both groups have recently been   show more ...

observed targeting organizations’ Salesforce platforms via different initial […] La entrada FBI Warns of UNC6040 and UNC6395 Targeting Salesforce Platforms in Data Theft Attacks – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

2025-09
Aggregator history
Saturday, September 13
MON
TUE
WED
THU
FRI
SAT
SUN
September