LockBit Ransomware Developer Extradited to US –
US authorities have extradited Rostislav Panev on charges of being a developer of the notorious LockBit ransomware – Read More –
AttackFeed Cybersecurity News
New Microsoft 365 Phishing Scam Tricks Users Into Calling Fake Support – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
New Microsoft 365 phishing scam exploits fake support numbers to steal credentials. Learn how attackers bypass security and how to stay protected. – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
Protecting Data Across Industries: Best Practices for Compliance and Security – JISA Softech Pvt Ltd
Data is the backbone of modern enterprises, fueling strategic decisions, operational efficiencies, and customer experiences. However, as organizations increasingly… The post Protecting Data Across Industries: Best Practices for Compliance and Security appeared first on JISA Softech Pvt Ltd. – Read More – JISA Softech Pvt Ltd
Why Most Microsegmentation Projects Fail—And How Andelyn Biosciences Got It Right – The Hacker News
Most microsegmentation projects fail before they even get off the ground—too complex, too slow, too disruptive. But Andelyn Biosciences proved it doesn’t have to be that way. Microsegmentation: The Missing Piece in Zero Trust Security Security teams today are under constant pressure to defend against increasingly sophisticated cyber threats. Perimeter-based defenses alone can no – Read More – The Hacker...
Live Ransomware Demo: See How Hackers Breach Networks and Demand a Ransom – The Hacker News
Cyber threats evolve daily. In this live webinar, learn exactly how ransomware attacks unfold—from the initial breach to the moment hackers demand payment. Join Joseph Carson, Delinea’s Chief Security Scientist and Advisory CISO, who brings 25 years of enterprise security expertise. Through a live demonstration, he will break down every technical step of a ransomware attack, showing you how –...
Fraudsters Impersonate Clop Ransomware to Extort Businesses –
Barracuda observed threat actors impersonating the Clop ransomware group via email to extort payments, claiming to have exfiltrated sensitive data – Read More –
Cybersecurity Industry Falls Short on Collaboration, Says Former GCHQ Director –
Sir Jeremy Fleming spoke during Palo Alto Networks’ Ignite event in London on March 13 – Read More –
New MassJacker Malware Targets Piracy Users, Hijacking Cryptocurrency Transactions – The Hacker News
Users searching for pirated software are the target of a new malware campaign that delivers a previously undocumented clipper malware called MassJacker, according to findings from CyberArk. Clipper malware is a type of cryware (as coined by Microsoft) that’s designed to monitor a victim’s clipboard content and facilitate cryptocurrency theft by substituting copied cryptocurrency wallet addresses – Read More –...
OBSCURE#BAT Malware Uses Fake CAPTCHA Pages to Deploy Rootkit r77 and Evade Detection – The Hacker News
A new malware campaign has been observed leveraging social engineering tactics to deliver an open-source rootkit called r77. The activity, condemned OBSCURE#BAT by Securonix, enables threat actors to establish persistence and evade detection on compromised systems. It’s currently not known who is behind the campaign. The rootkit “has the ability to cloak or mask any file, registry key or task ...
AI Chatbot DeepSeek R1 Can Be Manipulated to Create Malware – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
Tenable Research reveals that AI chatbot DeepSeek R1 can be manipulated to generate keyloggers and ransomware code. While… – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
FBI and CISA Urge Enabling 2FA to Counter Medusa Ransomware – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
FBI and CISA warn of Medusa ransomware attacks impacting critical infrastructure. Learn about Medusa’s tactics, prevention tips, and… – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
US must prioritize cybersecurity training for the military’s engineers – CyberScoop
The post US must prioritize cybersecurity training for the military’s engineers appeared first on CyberScoop. – Read More – CyberScoop
Ransomware Hits Record High: 126% Surge in Attacks in February 2025 – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
February 2025 saw a record 126% surge in ransomware attacks, with Cl0p leading the charge. Hackers exploited file… – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
Volt Typhoon Accessed US OT Network for Nearly a Year –
Volt Typhoon’s ten-month intrusion of Littleton Electric Light and Water Departments exposes vulnerabilities in the US electric grid – Read More –
HealthTech Database Exposed 108GB Medical and Employment Records – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
A misconfigured database exposed 108.8 GB of sensitive data, including information on over 86,000 healthcare workers affiliated with… – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
Chromecast chaos – 2nd gen devices go belly-up as Google struggles to fix certificate issue – Graham Cluley
Has your old Chromecast suddenly developed a problem? You’re not alone it seems. Read more in my article on the Hot for Security blog. – Read More – Graham Cluley
Protecting AI-Enabled IoT Ecosystems from Cyber Threats – JISA Softech Pvt Ltd
In today’s hyper-connected world, the integration of Artificial Intelligence (AI) and the Internet of Things (IoT) is revolutionizing how… The post Protecting AI-Enabled IoT Ecosystems from Cyber Threats appeared first on JISA Softech Pvt Ltd. – Read More – JISA Softech Pvt Ltd
Siemens Teamcenter Visualization and Tecnomatrix Plant Simulation – All CISA Advisories
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, see Siemens’ ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.3 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Teamcenter Visualization and...
Siemens Tecnomatix Plant Simulation – All CISA Advisories
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, see Siemens’ ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.0 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Tecnomatix Plant Simulation...
CISA, FBI Warn of Medusa Ransomware Impacting Critical Infrastructure –
CISA and FBI warn of Medusa ransomware impacting over 300 victims across critical infrastructure sectors with double extortion tactics – Read More –
Microsoft Warns of ClickFix Phishing Campaign Targeting Hospitality Sector via Fake Booking[.]com Emails – The Hacker News
Microsoft has shed light on an ongoing phishing campaign that targeted the hospitality sector by impersonating online travel agency Booking.com using an increasingly popular social engineering technique called ClickFix to deliver credential-stealing malware. The activity, the tech giant said, started in December 2024 and operates with the end goal of conducting financial fraud and theft. It’s – Read More –...
Siemens SINEMA Remote Connect Server – All CISA Advisories
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, see Siemens’ ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SINEMA Remote...
Siemens SCALANCE LPE9403 – All CISA Advisories
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, see Siemens’ ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SCALANCE LPE9403...
‘ClickFix’ Phishing Scam Impersonates Booking.com to Target Hospitality –
Microsoft said the ongoing phishing campaign is designed to infect hospitality firms with multiple credential-stealing malware – Read More –
North Korea’s ScarCruft Deploys KoSpy Malware, Spying on Android Users via Fake Utility Apps – The Hacker News
The North Korea-linked threat actor known as ScarCruft is said to have been behind a never-before-seen Android surveillance tool named KoSpy targeting Korean and English-speaking users. Lookout, which shared details of the malware campaign, said the earliest versions date back to March 2022. The most recent samples were flagged in March 2024. It’s not clear how successful these efforts were....
New OBSCURE#BAT Malware Targets Users with Fake Captchas – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
OBSCURE#BAT malware campaign exploits social engineering & fake software downloads to evade detection, steal data and persist on… – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
Medusa ransomware: FBI and CISA urge organisations to act now to mitigate threat – Graham Cluley
The Medusa ransomware gang continues to present a major threat to the critical infrastructure sector, according to a newly-released – with at least one organisation hit with a “triple-extortion” threat. Read more in my article on the Tripwire State of Security blog. – Read More – Graham Cluley
GitHub Uncovers New ruby-saml Vulnerabilities Allowing Account Takeover Attacks – The Hacker News
Two high-severity security flaws have been disclosed in the open-source ruby-saml library that could allow malicious actors to bypass Security Assertion Markup Language (SAML) authentication protections. SAML is an XML-based markup language and open-standard used for exchanging authentication and authorization data between parties, enabling features like single sign-on (SSO), which allows – Read More – The Hacker News
INE Security Alert: Using AI-Driven Cybersecurity Training to Counter Emerging Threats – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
Cary, North Carolina, 13th March 2025, CyberNewsWire – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
Future-Proofing Business Continuity: BCDR Trends and Challenges for 2025 – The Hacker News
As IT environments grow more complex, IT professionals are facing unprecedented pressure to secure business-critical data. With hybrid work the new standard and cloud adoption on the rise, data is increasingly distributed across different environments, providers and locations, expanding the attack surface for emerging cyberthreats. While the need for a strong data protection strategy has become – Read More –...
Tech Complexity Puts UK Cybersecurity at Risk –
Palo Alto Networks found that nearly two-thirds of UK organizations cited technology complexity as the most significant challenge towards building a sophisticated security posture – Read More –
The problems with patching – NCSC Feed
Applying patches may be a basic security principle, but that doesn’t mean it’s always easy to do in practice. – Read More – NCSC Feed
There’s a hole in my bucket – NCSC Feed
…or ‘Why do people leave sensitive data in unprotected AWS S3 buckets?’ – Read More – NCSC Feed
Thinking about the security of AI systems – NCSC Feed
Why established cyber security principles are still important when developing or implementing machine learning models. – Read More – NCSC Feed
The logic behind three random words – NCSC Feed
Whilst not a password panacea, using ‘three random words’ is still better than enforcing arbitrary complexity requirements. – Read More – NCSC Feed
The security benefits of modern collaboration in the cloud – NCSC Feed
By exploiting cloud services, organisations no longer have to choose between ‘more security’ and ‘better usability’. – Read More – NCSC Feed
The problems with forcing regular password expiry – NCSC Feed
Why the NCSC decided to advise against this long-established security guideline. – Read More – NCSC Feed
The problems with forcing regular password expiry – NCSC Feed
Why the NCSC decided to advise against this long-established security guideline. – Read More – NCSC Feed
The security benefits of modern collaboration in the cloud – NCSC Feed
By exploiting cloud services, organisations no longer have to choose between ‘more security’ and ‘better usability’. – Read More – NCSC Feed
Thanking the vulnerability research community with NCSC Challenge Coins – NCSC Feed
Reflecting on the positive impact of the Vulnerability Reporting Service – and introducing something new for selected contributors. – Read More – NCSC Feed
The Cyber Assessment Framework 3.1 – NCSC Feed
Latest version of the CAF focusses on clarification and consistency between areas of the CAF. – Read More – NCSC Feed
Spotlight on shadow IT – NCSC Feed
New guidance to help organisations manage rogue devices and services within the enterprise. – Read More – NCSC Feed
VC Investment in Cyber Startups Surges 35% –
VC firms invested 35% more in cybersecurity startups in North America and Europe in Q4 2024 than a year previously – Read More –
UK ICO Fires GDPR “Warning Shot” Over Use of Children’s Data –
The UK’s information commissioner has warned that all digital firms using children’s data must follow the GDPR – Read More –
Modat launches premier product, Modat Magnify for Cybersecurity Professionals – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
The Hague, the Netherlands, 13th March 2025, CyberNewsWire – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
Security, complexity and Huawei; protecting the UK’s telecoms networks – NCSC Feed
With 5G set to transform mobile services, Ian Levy explains how the UK has approached telecoms security, and what that means for the future. – Read More – NCSC Feed
Supplier assurance: having confidence in your suppliers – NCSC Feed
Questions to ask your suppliers that will help you gain confidence in their cyber security. – Read More – NCSC Feed
WARNING: Expiring Root Certificate May Disable Firefox Add-Ons, Security Features, and DRM Playback – The Hacker News
Browser maker Mozilla is urging users to update their Firefox instances to the latest version to avoid facing issues with using add-ons due to the impending expiration of a root certificate. “On March 14, 2025, a root certificate used to verify signed content and add-ons for various Mozilla projects, including Firefox, will expire,” Mozilla said. “Without updating to Firefox –...
Meta Warns of FreeType Vulnerability (CVE-2025-27363) With Active Exploitation Risk – The Hacker News
Meta has warned that a security vulnerability impacting the FreeType open-source font rendering library may have been exploited in the wild. The vulnerability has been assigned the CVE identifier CVE-2025-27363, and carries a CVSS score of 8.1, indicating high severity. Described as an out-of-bounds write flaw, it could be exploited to achieve remote code execution when parsing certain font –...
Researching the hard problems in hardware security – NCSC Feed
Introducing the next chapter of the NCSC research problem book, which aims to inspire research on the biggest impact topics in hardware cyber security. – Read More – NCSC Feed