1 posts were published in the last hour 19:33 : Osiris ransomware emerges, leveraging BYOVD technique to kill security tools
Osiris ransomware emerges, leveraging BYOVD technique to kill security tools
Researchers identified a new Osiris ransomware used in a November 2025 attack, abusing the POORTRY driver via BYOVD to disable security tools. Symantec and Carbon Black researchers uncovered a new ransomware strain named Osiris, used in a November 2025 attack…
DAST vs Penetration Testing: Key Differences in 2026
Learn about the key differences between DAST and pentesting, the emerging role of AI pentesting, their roles in security testing, and which is right for your business. The post DAST vs Penetration Testing: Key Differences in 2026 appeared first on…
[Webinar] Doing More With Less: How Security Teams Escape Manual Work with Efficient Workflows
Security teams are under constant pressure to do more with the same resources. Manual processes, fragmented tools, and inefficient workflows can slow teams down and pull focus away from what matters most. In this live webinar, experienced security practitioners share…
How Generative AI Is Accelerating Password Attacks on Active Directory
Active Directory remains the backbone of identity management for most organizations, which is why it continues to be a prime target for cyberattacks. What has shifted is not the focus on Active Directory itself, but the speed and efficiency…
CISA Warns of Critical VMware vCenter RCE Vulnerability Now Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting Broadcom’s VMware vCenter Server to its Known Exploited Vulnerabilities (KEV) catalog. This addition confirms that active exploitation of CVE-2024-37079 has been detected in the wild, posing a…
FBI Accessed Windows Laptops After Microsoft Shared BitLocker Recovery Keys
If you are using a Windows PC, your privacy and security are nothing short of a myth, and this incident proves it. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI, and More Read the original…
Suspicious Polymarket Bets Spark Insider Trading Fears After Maduro’s Capture
A sudden, massive bet surfaced just ahead of a major political development involving Venezuela’s leader. Days prior to Donald Trump revealing that Nicolás Maduro had been seized by U.S. authorities, an individual on Polymarket placed a highly profitable position.…
Attackers Leveraging telnetd Exploit for Root Privileges After PoC Goes Public
The threat actors have begun actively exploiting a critical authentication bypass vulnerability in GNU InetUtils telnetd immediately after proof-of-concept code became publicly available. The flaw allows remote attackers to gain root access without authentication, triggering widespread exploitation attempts across internet-exposed…
Researchers Uncover Multi-Stage AiTM Attack Using SharePoint to Bypass Security Controls
Microsoft Defender researchers have exposed a sophisticated adversary-in-the-middle (AiTM) phishing campaign targeting energy sector organizations, leveraging SharePoint file-sharing services to bypass traditional email security controls and compromise multiple user accounts. SharePoint Abuse for Initial Access The attack began with a…
Microsoft Shared BitLocker Recovery Keys with the FBI to Unlock Encrypted Laptop Data
Microsoft has confirmed that it provided BitLocker encryption recovery keys to the FBI following a valid search warrant, marking the first publicly known case of the technology giant sharing encryption keys with law enforcement. The disclosure occurred after federal investigators…
Microsoft Open-Sources winapp, a New CLI Tool for Streamlined Windows App Development
Microsoft has announced the public preview of the Windows App Development CLI (winapp), a new open-source command-line tool designed to simplify Windows application development across multiple frameworks and toolchains. The tool is now available on GitHub for developers working outside…
Microsoft Teams to Begin Sharing Employee Location with Employers Based on Wi-Fi Networks
Microsoft has confirmed a controversial new feature coming to Teams that will automatically reveal employee work locations by detecting which Wi-Fi networks they connect to raising significant concerns about workplace surveillance and hybrid work policies. The feature, documented in Microsoft’s…
Lego’s Move Into Smart Toys Faces Scrutiny From Play Professionals
In the wake of its unveiling of the company’s smart brick technology, LEGO is seeking to reassure critics who argue that the initiative could undermine the company’s commitment to hands-on, imaginative play as well as its longstanding history of…
Chrome WebView Flaw Lets Hackers Bypass Security, Update Urgently Advised
Google has rolled out an urgent security fix for the Chrome browser to address a high severity flaw in the browser’s WebView tag. According to the tech firm, the flaw allows hackers to evade major browser security features to…
DOGE May Have Misused Social Security Data, DOJ Admits
Plus: The FAA blocks drones over DHS operations, Microsoft admits it hands over Bitlocker encryption keys to the cops, and more. This article has been indexed from Security Latest Read the original article: DOGE May Have Misused Social Security Data,…
Microsoft Teams to Share your Location With Your Employer Soon Based on Wi-Fi Network
Microsoft is preparing to deploy a significant, potentially controversial update to Microsoft Teams that automatically detects and displays a user’s physical work location based on the Wi-Fi network they connect to. According to the latest update on the Microsoft 365…
U.S. CISA adds a flaw in Broadcom VMware vCenter Server to its Known Exploited Vulnerabilities catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw impacting Broadcom VMware vCenter to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Broadcom VMware vCenter Server vulnerability, tracked as CVE-2024-37079 (CVSS score of…
ISO 27001:2013 vs 2022 – A Quick Comparison Guide
ISO 27001 is an internationally recognized standard that defines the requirements for establishing, implementing, maintaining, and continuously improving an Information Security Management System (ISMS) within an organization. First introduced in 1999, the standard has evolved through multiple revisions to address…
Multi-Stage Phishing Campaign Targets Russia with Amnesia RAT and Ransomware
A new multi-stage phishing campaign has been observed targeting users in Russia with ransomware and a remote access trojan called Amnesia RAT. “The attack begins with social engineering lures delivered via business-themed documents crafted to appear routine and benign,” Fortinet…
IT Security News Hourly Summary 2026-01-24 12h : 1 posts
1 posts were published in the last hour 10:9 : UK border tech budget swells by £100M as Home Office targets small boat crossings
UK border tech budget swells by £100M as Home Office targets small boat crossings
Drone, satellite, and other data combined to monitor unwanted vessels The UK Home Office is spending up to £100 million on intelligence tech in part to tackle the so-called “small boats” issue of refugees and irregular immigrants coming across the…
Microsoft Launches Open-Source WinApp CLI to Streamline Windows App Development
Microsoft has unveiled the public preview of WinApp CLI (winapp), a new open-source command-line tool designed to simplify Windows app development for developers using diverse frameworks outside Visual Studio or MSBuild. Hosted on GitHub, the tool targets web devs with…
Threat Actors Leverage SharePoint Services in Sophisticated AiTM Phishing Campaign
Microsoft Defender researchers have exposed a sophisticated adversary-in-the-middle (AiTM) phishing campaign targeting energy sector organizations through SharePoint file-sharing abuse. The multi-stage attack compromised multiple user accounts and evolved into widespread business email compromise (BEC) operations across several organisations. Initial Compromise…