Crossing into the United States has become riskier since the start of Trump’s second administration. Foreign visitors and US visa holders are increasingly being detained, questioned, or deported. As uncertainty grows, travel demand from Canada and Europe has dropped…
Category: EN
‘Fog’ Attackers Mock Victims With DOGE Ransom Notes
Fog ransomware assaults over the last month have included a new ransom note mentioning the US Department of Government Efficiency (DOGE) and enticing victims to propagate the malware to other PCs, Trend Micro said earlier this week. Analysis of…
Cybercriminals Are Now Focusing More on Stealing Credentials Than Using Ransomware, IBM Warns
A new report from IBM’s X-Force 2025 Threat Intelligence Index shows that cybercriminals are changing their tactics. Instead of mainly using ransomware to lock systems, more hackers are now trying to quietly steal login information. IBM studied over 150…
Storm-1977 targets education sector with password spraying, Microsoft warns
Microsoft warns that threat actor Storm-1977 is behind password spraying attacks against cloud tenants in the education sector. Over the past year, Microsoft Threat Intelligence researchers observed a threat actor, tracked as Storm-1977, using AzureChecker.exe to launch password spray attacks against…
Make the Most of Your Holiday Cybersecurity Awareness Efforts
The holiday season is a time for joy, celebration, and, unfortunately, an uptick in cyber threats. From phishing scams that mimic festive deals to exploitation of end-of-year operational freezes, cybercriminals… The post Make the Most of Your Holiday Cybersecurity Awareness…
Common Tool Errors – Kerberos
So you are performing your favourite kerberos attacks, such as pass the ticket, Public Key Cryptography for Initial Authentication (PKINIT), Shadow Credentials or Active Directory Certificate Services (AD CS) vulnerabilities but you run into a kerberos error and despite troubleshooting…
Critical IXON VPN Vulnerabilities Let Attackers Gain Access to Windows & Linux Systems
A recent security assessment by Shelltrail has uncovered three critical vulnerabilities in the IXON VPN client, potentially allowing attackers to escalate privileges on both Windows and Linux systems. Identified as CVE-2025-ZZZ-01, CVE-2025-ZZZ-02, and CVE-2025-ZZZ-03, these flaws expose users to local…
GDPR Data Breach Notification Template With Examples [Download]
The GDPR is a law developed by the European Union (EU) to protect individuals’ personal data. Although it originated in the EU, several countries and organisations outside Europe have to date also adopted this regulation, which shows how detailed and…
MDR vs. Traditional Security Operations: What’s Right For Your Penetration Testing Team?
In the ever-changing world of cybersecurity, organizations are constantly challenged to choose the right security operations model that best supports their penetration testing teams. The decision often comes down to selecting between traditional security operations and the more advanced Managed…
Identity and Access Management (IAM) – The CISO’s Core Focus in Modern Cybersecurity
In an era where digital identities have become the primary attack vector, CISOs face unprecedented pressure to secure access across increasingly complex ecosystems. Identity and Access Management (IAM) is no longer a siloed IT function but the cornerstone of organizational…
How Digital Forensics Supports Incident Response: Insights For Security Leaders
Digital forensics and incident response (DFIR) have become fundamental pillars of modern cybersecurity. As cyber threats escalate in complexity and frequency, security leaders are increasingly aware that a reactive approach is no longer sufficient. Instead, organizations must integrate digital forensics…
Navigating Cybersecurity Frameworks – CISO Resource Guide
The role of the Chief Information Security Officer (CISO) has never been more critical. As organizations face a rapidly evolving threat landscape, CISOs must defend against cyberattacks and ensure compliance with a growing patchwork of regulations and standards. Cybersecurity frameworks…
Security Affairs newsletter Round 521 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. African multinational telco…
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 43
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Inside Gamaredon’s PteroLNK: Dead Drop Resolvers and evasive Infrastructure XRP supply chain attack: Official NPM package infected with crypto stealing backdoor …
Building A Strong Compliance Framework: A CISO’s Guide To Meeting Regulatory Requirements
In the current digital landscape, Chief Information Security Officers (CISOs) are under mounting pressure to ensure their organizations meet a growing array of regulatory requirements while maintaining robust cybersecurity. The proliferation of regulations such as the General Data Protection Regulation…
How To Use Digital Forensics To Strengthen Your Organization’s Cybersecurity Posture
Digital forensics has become a cornerstone of modern cybersecurity strategies, moving beyond its traditional role of post-incident investigation to become an essential proactive defense mechanism. Organizations today face an ever-expanding threat landscape, with attackers employing increasingly sophisticated tactics to breach…
Building Trust Through Transparency – CISO Cybersecurity Practices
In an era of digital transformation and rising cyber threats, Building Trust Through Transparency has become a critical mission for the Chief Information Security Officer (CISO), who has evolved from a technical expert to a strategic leader responsible for protecting…
Week in review: MITRE ATT&CK v17.0 released, PoC for Erlang/OTP SSH bug is public
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Released: MITRE ATT&CK v17.0, now with ESXi attack TTPs MITRE has released the latest version of its ATT&CK framework, which now also includes a new…
A Comprehensive Review of BlackFog’s ADX Platform for Ransomware Defense
The evolving ransomware landscape and the growing threat of data exfiltration. Ransomware is more than just a cyberthreat—in recent years it has evolved into a major societal crisis. A single successful attack can disrupt essential services, destabilize local economies, and…
Storm-1977 Hits Education Clouds with AzureChecker, Deploys 200+ Crypto Mining Containers
Microsoft has revealed that a threat actor it tracks as Storm-1977 has conducted password spraying attacks against cloud tenants in the education sector over the past year. “The attack involves the use of AzureChecker.exe, a Command Line Interface (CLI) tool…