Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history
image for Middle East Cybersec ...

 Cyber News

The Middle East Cybersecurity Market is experiencing unprecedented momentum, driven by rapid digital transformation, a surge in cyberattacks, and strong government-led security initiatives. According to a new report by Mordor Intelligence, the market is projected to expand from USD 20.55 billion in 2025 to USD 40.97   show more ...

billion by 2030, growing at a robust 14.8% CAGR. As digital adoption accelerates across industries, cybersecurity in the Middle East has become a top business priority. Both public and private sectors are investing heavily in modern security frameworks to protect operational infrastructure, customer data, and national digital assets. The increasing frequency of targeted cyberattacks and complex ransomware incidents has reinforced the importance of building cyber resilience at every level of the ecosystem. Governments in the region, particularly within the GCC Cybersecurity Market, have integrated cybersecurity into national transformation agendas such as Saudi Vision 2030 and UAE Vision 2021. These initiatives view cybersecurity not merely as an IT function, but as a strategic pillar for ensuring economic stability, innovation, and citizen trust. Middle East Cybersecurity Trends Driving Market Expansion Rising Nation-State and Infrastructure Attacks: The rise in nation-state attacks has placed pressure on critical infrastructure operators and enterprises to strengthen defense postures. Long-term infiltration campaigns targeting regional energy and industrial networks have led to the adoption of zero-trust architectures and proactive threat monitoring systems, setting a new standard in the Middle East Cybersecurity Market. Government-Driven Cybersecurity Initiatives: Across the GCC Cybersecurity Market, governments are driving progress through funding, regulations, and awareness programs. National “Vision” plans have institutionalized cybersecurity spending, fostering compliance, resilience testing, and workforce training across vital sectors like energy, finance, and healthcare. Cloud Adoption Creating New Security Demands: The rapid migration toward cloud-first and SaaS environments is reshaping cybersecurity in the Middle East. Data sovereignty, identity management, and secure access are emerging as major challenges, prompting organizations to invest in advanced cloud security solutions. Public sector agencies, in particular, are deploying dedicated security layers to safeguard sensitive workloads. Rise of AI and Managed Security Services: Artificial intelligence (AI) and automation are key forces behind Cybersecurity Market Growth in the region. AI-powered analytics enable faster threat detection and incident response, while Managed Security Service Providers (MSSPs) are consolidating capabilities through mergers and alliances to offer comprehensive, region-specific protection solutions. Middle East Cybersecurity Market Insights and Breakdown The Middle East Cybersecurity Market remains diverse and dynamic, with both international and local players expanding rapidly: Solutions accounted for 53% of market share in 2024, though services are projected to grow faster at 19% CAGR through 2030 as enterprises increasingly outsource cybersecurity operations. Cloud-based deployments are growing at 18.9% CAGR, outpacing traditional on-premise models that held 27.6% of the market in 2024. Large enterprises continue to dominate spending with 52.8% share, but SMEs are quickly catching up, growing at 17.8% CAGR as cyber threats become more democratized. The BFSI sector led with 21.4% revenue share in 2024, followed by healthcare, forecast to grow at 20.6% CAGR. Geographically, the United Arab Emirates leads with 30% share, while Israel is emerging as the fastest-growing market at 18% CAGR. Drivers and Challenges The key forces behind Cybersecurity Market Growth include rising nation-state attacks, cloud transformation, and regulatory cybersecurity mandates. AI-driven analytics and modernization of operational technology (OT) systems—particularly in oil and gas—are further enhancing demand. However, talent shortages remain a major challenge. The region’s accelerated digitalization has outpaced the availability of skilled cybersecurity professionals. For instance, utilities in Saudi Arabia are struggling to fill critical positions despite offering double-digit salary increases. Universities are responding with expanded programs, but expertise in AI security, cloud protection, and incident response remains limited. As governments continue to prioritize cyber resilience and local MSSPs strengthen their capabilities, the Middle East cybersecurity market is on track for sustained, double-digit growth over the coming decade.

image for FCC Set to Reverse C ...

 Regulations

The Federal Communications Commission will vote next month to rescind a controversial January 2025 Declaratory Ruling that attempted to impose sweeping cybersecurity requirements on telecommunications carriers by reinterpreting a 1994 wiretapping law. In an Order on Reconsideration circulated Thursday, the FCC   show more ...

concluded that the previous interpretation was both legally erroneous and ineffective at promoting cybersecurity. The reversal marks a dramatic shift in the FCC's approach to telecommunications security, moving away from mandated requirements toward voluntary industry collaboration—particularly in response to the massive Salt Typhoon espionage campaign sponsored by China that compromised at least eight U.S. communications companies in 2024. CALEA Reinterpretation On January 16, 2025—just five days before a change in administration—the FCC adopted a Declaratory Ruling claiming that section 105 of the Communications Assistance for Law Enforcement Act (CALEA) "affirmatively requires telecommunications carriers to secure their networks from unlawful access to or interception of communications." CALEA, enacted in 1994, was designed to preserve law enforcement's ability to conduct authorized electronic surveillance as telecommunications technology evolved. Section 105 specifically requires that interception of communications within a carrier's "switching premises" can only be activated with a court order and with intervention by a carrier employee. The January ruling took this narrow provision focused on lawful wiretapping and expanded it dramatically, interpreting it as requiring carriers to prevent all unauthorized interceptions across their entire networks. The Commission stated that carriers would be "unlikely" to satisfy these obligations without adopting basic cybersecurity practices including role-based access controls, changing default passwords, requiring minimum password strength, and adopting multifactor authentication. The ruling emphasized that "enterprise-level implementation of these basic cybersecurity hygiene practices is necessary" because vulnerabilities in any part of a network could provide attackers unauthorized access to surveillance systems. It concluded that carriers could be in breach of statutory obligations if they failed to adopt certain cybersecurity practices—even without formal rules adopted by the Commission. Industry Pushback and Legal Questions CTIA – The Wireless Association, NCTA – The Internet & Television Association, and USTelecom – The Broadband Association filed a petition for reconsideration on February 18, arguing that the ruling exceeded the FCC's statutory authority and misinterpreted CALEA. The new FCC agreed with these concerns, finding three fundamental legal flaws in the January ruling: Enforcement Authority: The Commission concluded it lacks authority to enforce its interpretation of CALEA without first adopting implementing rules through notice-and-comment rulemaking. CALEA section 108 commits enforcement authority to the courts, not the FCC. The Commission noted that when it previously wanted to enforce CALEA requirements, it codified them as rules in 2006 specifically to gain enforcement authority. "Switching Premises" Limitation: Section 105 explicitly refers to interceptions "effected within its switching premises," but the ruling appeared to impose obligations across carriers' entire networks. The Commission found this expansion ignored clear statutory limits. "Interception" Definition: CALEA incorporates the Wiretap Act's definition of "intercept," which courts have consistently interpreted as limited to communications intercepted contemporaneously with transmission—not stored data. The ruling's required practices target both data in transit and at rest, exceeding section 105's scope. "It was unlawful because the FCC purported to read a statute that required telecommunications carriers to allow lawful wiretaps within a certain portion of their network as a provision that required carriers to adopt specific network management practices in every portion of their network," the new order states. The Voluntary Approach of Provider Commitments Rather than mandated requirements, the FCC pointed to voluntary commitments from communications providers following collaborative engagement throughout 2025. In an October 16 ex parte filing, industry associations detailed "extensive, urgent, and coordinated efforts to mitigate operational risks, protect consumers, and preserve national security interests. These voluntary measures include: Accelerated patching cycles for outdated or vulnerable equipment Updated and reviewed access controls Disabled unnecessary outbound connections to limit lateral network movement Improved threat-hunting efforts Increased cybersecurity information sharing with federal government and within the communications sector Establishment of the Communications Cybersecurity Information Sharing and Analysis Center (C2 ISAC) for real-time threat intelligence sharing New collaboration forum for Chief Information Security Officers from U.S. and Canadian providers The government-industry partnership model of collaboration has enabled communications providers to respond swiftly and agilely to Salt Typhoon, reduce vulnerabilities exposed by the attack, and bolster network cyber defenses," the industry associations stated. Salt Typhoon Context The Salt Typhoon attacks, disclosed in September 2024, involved a PRC-sponsored advanced persistent threat group infiltrating U.S. communications companies as part of a massive espionage campaign affecting dozens of countries. Critically, the attacks exploited publicly known common vulnerabilities and exposures (CVEs) rather than zero-day vulnerabilities—meaning they targeted avoidable weaknesses rather than previously unknown flaws. The FCC noted that following its engagement with carriers after Salt Typhoon, providers agreed to implement additional cybersecurity controls representing "a significant change in cybersecurity practices compared to the measures in place in January." Also read: Salt Typhoon Cyberattack: FBI Investigates PRC-linked Breach of US Telecoms Targeted Regulatory Actions Continue While rescinding the broad CALEA interpretation, the FCC emphasized it continues pursuing targeted cybersecurity regulations in specific areas where it has clear legal authority: Rules requiring submarine cable licensees to create and implement cybersecurity risk management plans Rules ensuring test labs and certification bodies in the equipment authorization program aren't controlled by foreign adversaries Investigations of Chinese Communist Party-aligned businesses whose equipment appears on the FCC's Covered List Proceedings to revoke authorizations for entities like HKT (International) Limited over national security concerns "The Commission is leveraging the full range of the Commission's regulatory, investigatory, and enforcement authorities to protect Americans and American companies from foreign adversaries," the order states, while maintaining that collaboration with carriers coupled with targeted, legally robust regulatory and enforcement measures, has proven successful. The FCC also set to withdraw the Notice of Proposed Rulemaking that accompanied the January Declaratory Ruling, which would have proposed specific cybersecurity requirements for a broad array of service providers. The NPRM was never published in the Federal Register, so the public comment period never commenced. The Commission's new approach reflects a bet that voluntary industry cooperation, supported by targeted regulations in specific high-risk areas, will likely prove more effective than sweeping mandates of questionable legal foundation.

image for India’s Cyber Secu ...

 Cyber News

India’s cybersecurity landscape is witnessing rapid growth, with the Indian Computer Emergency Response Team (CERT-In) playing a central role in driving this transformation. According to Dr. Sanjay Bahl, Director General of CERT-In under the Ministry of Electronics and Information Technology (MeitY), the   show more ...

nation’s cybersecurity ecosystem has evolved into a $20 billion industry, supported by over 400 startups and 6.5 lakh professionals.  Dr. Bahl shared these insights during an interactive session held in New Delhi on October 29, 2025, with visiting journalists from European Union countries. The discussion, jointly organized by CERT-In, the Ministry of Electronics and Information Technology, and the Ministry of External Affairs, focused on strengthening India’s position as a secure and resilient digital economy.  Rising Startups and Skilled Workforce  India’s expanding cybersecurity sector now includes more than 400 startups developing advanced solutions in threat detection, cyber forensics, and AI-based monitoring systems. These innovations are at the forefront of building defenses against cyber threats.  Alongside this entrepreneurial surge, the workforce of nearly 650,000 cybersecurity professionals contributes across diverse areas such as vulnerability assessment, incident response, digital forensics, and auditing.  Dr. Bahl noted that this growing ecosystem has positioned Indian cybersecurity as a formidable player globally. With a combination of skilled manpower and cutting-edge research, India’s cyber industry is scaling to meet both domestic and international security challenges.  CERT-In’s Expanding Role in Cyber Defense  As the national agency responsible for cybersecurity incident response, CERT-In, under the Ministry of Electronics and Information Technology, plays a crucial role in managing crises, assessing vulnerabilities, and coordinating information sharing across sectors. Dr. Bahl emphasized that CERT-In now increasingly relies on artificial intelligence (AI) and automation to detect, prevent, and respond to cyber incidents in real time.  He described AI as a “double-edged sword” — a tool that empowers defenders but is also exploited by adversaries. To stay ahead of such threats, CERT-In continues to refine its AI-driven analytics systems to improve situational awareness and strengthen proactive threat mitigation.  Dr. Bahl also highlighted the agency’s role in coordinating large-scale cyber drills, issuing real-time advisories, and supporting digital forensics for incident investigations. He revealed that India recorded 147 ransomware incidents in 2024, many of which were mitigated due to prompt action and information sharing led by CERT-In.  Collaborative Approach to National Cybersecurity  The session further discussed the collaborative model that CERT-In follows, uniting government agencies, industry stakeholders, academia, and international partners. This model reflects the Ministry of Electronics and Information Technology’s broader mission to build a secure digital India through capacity building, indigenous innovation, and public-private partnerships.  Dr. Bahl underlined that India’s cyber resilience depends not only on technological innovation but also on awareness and preparedness. The increasing number of startups and professionals entering the field is a strong indicator of how cybersecurity has evolved from a niche concern into a mainstream industry critical to national security and digital trust.  Facing the Digital Challenge  Despite these achievements, challenges remain. Cybercriminals are becoming technically advanced, leveraging AI, deepfakes, and advanced phishing tactics to target individuals and organizations. According to CERT-In, the use of forged digital credentials and automated attack tools has increased.   Dr. Bahl reiterated that while technological solutions are essential, the human element, skilled professionals, ethical hackers, and informed users, remains equally important. The Ministry of Electronics and Information Technology continues to focus on regulatory agility, workforce training, and international cooperation to counteract new cyber risks. 

image for Defense Contractor M ...

 Cyber News

Peter Williams, a 39-year-old Australian national and former general manager at a U.S. defense contractor, pleaded guilty to theft of trade secrets charges after selling sensitive cyber exploit components to a Russian broker that costed his company $35 million. The case, announced by the Department of Justice, reveals   show more ...

a deliberate insider threat operation spanning three years that compromised national security software intended exclusively for the U.S. government and select allies. Between 2022 and 2025, Williams exploited his privileged access to his employer's secure network to steal at least eight sensitive and protected cyber-exploit components. These tools represented sophisticated offensive cybersecurity capabilities—software designed to identify and exploit vulnerabilities in computer systems—that the defense contractor developed for government intelligence and security operations. Williams sold the stolen components to a Russian cyber-tools broker that openly advertises itself as a reseller of cyber exploits to various customers, including the Russian government. The transactions were structured through multiple written contracts involving cryptocurrency payments totaling millions of dollars, with provisions for both initial sales and ongoing support services. Williams transferred the components through encrypted channels, obscuring the transfers from his employer's monitoring systems. He received payment in cryptocurrency, which provided perceived anonymity and complicated law enforcement tracing efforts. Williams used the proceeds to purchase high-value personal items, converting his betrayal into immediate personal enrichment. Also read: Iranian State Hackers Act as Access Brokers for Ransomware Gangs, Target U.S. and Allies’ Critical Infrastructure Cyber Exploits 'NOT FOR SALE' to Russian Brokers Attorney General Pamela Bondi called out the gravity of Williams' actions: "America's national security is NOT FOR SALE, especially in an evolving threat landscape where cybercrime poses a serious danger to our citizens." Assistant Attorney General John Eisenberg noted that Williams' "conduct was deliberate and deceitful, imperiling our national security for the sake of personal gain." The stolen cyber exploits likely enabled Russian cyber actors to conduct operations against U.S. citizens and businesses, with capabilities they couldn't have developed independently or obtained through legitimate channels. U.S. Attorney Jeanine Ferris Pirro characterized international cyber brokers as "the next wave of international arms dealers," emphasizing that these intermediaries create markets connecting those with access to sensitive capabilities and foreign governments seeking offensive cyber tools. The $35 million loss to the District of Columbia-based contractor represents not just financial damage but the compromise of years of research and development investment. The Insider Threat Reality Williams' case exemplifies the insider threat that keeps cybersecurity leaders awake at night: trusted personnel with legitimate access who deliberately abuse that trust for personal gain. His position as general manager provided both the access necessary to obtain sensitive materials and sufficient authority to avoid immediate suspicion. FBI Assistant Director Roman Rozhavsky stated that Williams "placed greed over freedom and democracy" and gave "Russian cyber actors an advantage in their massive campaign to victimize U.S. citizens and businesses." The three-year duration of Williams' theft operation suggests either insufficient monitoring of privileged user activity or inadequate detection capabilities that allowed sustained data exfiltration. Williams' Australian Signals Directorate Connection While the U.S. authorities only revealed Williams' recent job credentials, the Australian media established a deeper concern by linking him to the ASD, Australia's national cyber agency. ABC network said several sources confirmed with the publication that Williams' worked at ASD somewhere around 2010 but it could not confirm the claims as ASD declined to comment on the matter. "ASD is aware of reporting regarding an Australian national,...[but it] does not comment on individual cases," an ASD spokesperson told ABC network. "ASD has layered security controls and procedures to protect our people, information, assets and capabilities." Consequences and Deterrence Williams faces two counts of theft of trade secrets, each carrying a statutory maximum of 10 years in prison and fines up to $250,000 or twice the pecuniary gain or loss. While these penalties may seem modest compared to the $35 million value of stolen materials, the guilty plea demonstrates law enforcement capability to identify, investigate, and prosecute insider threats even when they employ sophisticated tradecraft. The case was investigated by the FBI's Baltimore Field Office and prosecuted by multiple Justice Department divisions, reflecting the cross-jurisdictional complexity of insider threat cases involving national security materials. The prosecution sends a clear deterrent signal: privileged access creates obligations, and betraying those obligations for personal enrichment carries serious consequences regardless of operational security measures employed.

 Feed

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a high-severity security flaw impacting Broadcom VMware Tools and VMware Aria Operations to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation in the wild. The vulnerability in question is CVE-2025-41244 (CVSS score: 7.8), which could be exploited by an attacker to attain

 Feed

A design firm is editing a new campaign video on a MacBook Pro. The creative director opens a collaboration app that quietly requests microphone and camera permissions. MacOS is supposed to flag that, but in this case, the checks are loose. The app gets access anyway. On another Mac in the same office, file sharing is enabled through an old protocol called SMB version one. It’s fast and

 Feed

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and National Security Agency (NSA), along with international partners from Australia and Canada, have released guidance to harden on-premise Microsoft Exchange Server instances from potential exploitation. "By restricting administrative access, implementing multi-factor authentication, enforcing strict transport security

 Feed

Eclipse Foundation, which maintains the open-source Open VSX project, said it has taken steps to revoke a small number of tokens that were leaked within Visual Studio Code (VS Code) extensions published in the marketplace. The action comes following a report from cloud security company Wiz earlier this month, which found several extensions from both Microsoft's VS Code Marketplace and Open VSX

 Feed

A China-affiliated threat actor known as UNC6384 has been linked to a fresh set of attacks exploiting an unpatched Windows shortcut vulnerability to target European diplomatic and government entities between September and October 2025. The activity targeted diplomatic organizations in Hungary, Belgium, Italy, and the Netherlands, as well as government agencies in Serbia, Arctic Wolf said in a

 Feed

The exploitation of a recently disclosed critical security flaw in Motex Lanscope Endpoint Manager has been attributed to a cyber espionage group known as Tick. The vulnerability, tracked as CVE-2025-61932 (CVSS score: 9.3), allows remote attackers to execute arbitrary commands with SYSTEM privileges on on-premise versions of the program. JPCERT/CC, in an alert issued this month, said that it

 Feed

MSPs are facing rising client expectations for strong cybersecurity and compliance outcomes, while threats grow more complex and regulatory demands evolve. Meanwhile, clients are increasingly seeking comprehensive protection without taking on the burden of managing security themselves. This shift represents a major growth opportunity. By delivering advanced cybersecurity and compliance

 Feed

OpenAI has announced the launch of an "agentic security researcher" that's powered by its GPT-5 large language model (LLM) and is programmed to emulate a human expert capable of scanning, understanding, and patching code. Called Aardvark, the artificial intelligence (AI) company said the autonomous agent is designed to help developers and security teams flag and fix security vulnerabilities at

 Feed

A suspected nation-state threat actor has been linked to the distribution of a new malware called Airstalk as part of a likely supply chain attack. Palo Alto Networks Unit 42 said it's tracking the cluster under the moniker CL-STA-1009, where "CL" stands for cluster and "STA" refers to state-backed motivation. "Airstalk misuses the AirWatch API for mobile device management (MDM), which is now

2025-10
Aggregator history
Friday, October 31
WED
THU
FRI
SAT
SUN
MON
TUE
OctoberNovemberDecember