The cybersecurity community has raised a serious alarm following the recent daily reporting of vulnerable WatchGuard devices impacted by a major security flaw. According to new data published on October 18, 2025, security researchers at Shadowserver observed over 71,000 WatchGuard…
Category: EN
New LOSTKEYS Malware Tied to Russian State-Sponsored Hacker Group COLDRIVER
Russian state-sponsored threat actor COLDRIVER, long known for targeting high-profile NGOs, policy advisors, and dissidents, has been linked to a rapidly evolving malware campaign following the public disclosure of its LOSTKEYS malware in May 2025. After details of LOSTKEYS surfaced,…
CISA Warns of Actively Exploited Windows SMB Vulnerability
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Microsoft Windows Server Message Block (SMB) vulnerability to its Known Exploited Vulnerabilities catalog, warning that threat actors are actively exploiting the security flaw in the wild. The vulnerability, tracked…
Hackers Attacking Remote Desktop Protocol Services With 30,000+ New IP Addresses Daily
A persistent campaign targeting Microsoft Remote Desktop Protocol (RDP) services, with attackers deploying over 30,000 new IP addresses daily to exploit timing-based vulnerabilities. This coordinated effort, linked to a global botnet, has seen unique IPs surge past 500,000 since September…
AI’s split personality: Solving crimes while helping conceal them
What happens when investigators and cybercriminals start using the same technology? AI is now doing both, helping law enforcement trace attacks while also being tested for its ability to conceal them. A new study from the University of Cagliari digs…
Microsoft Windows Cloud Minifilter Flaw Enables Privilege Escalation
A critical security vulnerability in Microsoft Windows Cloud Minifilter has been patched, addressing a race condition that allowed attackers to escalate privileges and create files anywhere on the system. The vulnerability, tracked as CVE-2025-55680, was discovered by security researchers at…
10 data security companies to watch in 2026
At Help Net Security, we’ve been tracking the cybersecurity world for nearly three decades. Through our Industry News section, we’ve watched countless companies rise, and push the limits of what’s possible in data protection. Some vendors consistently stand out, not…
Cybersecurity jobs available right now: October 21, 2025
CISO Open-Xchange | Germany | Remote – View job details As a CISO, you will lead the development and implementation of security strategies and requirements across the OX Group. You will advise management on information security matters, provide transparent reporting,…
Grand Canyon: Rim-to-Rim 1 of n
I hadn’t intended to drive for 16 hours. It’s around midnight and my friend and I are about two hours away from Bright Angel Lodge at the South Rim of the Grand Canyon. I pull over for gas, to stretch…
71,000+ WatchGuard Devices Vulnerable to Remote Code Execution Attacks
The Shadowserver Foundation has uncovered more than 71,000 internet-exposed WatchGuard devices running vulnerable versions of Fireware OS. The flaw, tracked as CVE-2025-9242, stems from an out-of-bounds write vulnerability in the IKEv2 implementation, potentially allowing remote attackers to execute arbitrary code…
CISA Warns of Windows SMB Vulnerability Actively Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent alert on October 20, 2025, highlighting a severe vulnerability CVE-2025-33073 in Microsoft’s Windows SMB Client. Dubbed an improper access control flaw, this vulnerability tracked under CVE details yet to be…
Automatic BitLocker Encryption May Silently Lock Away Your Data
A Reddit poster detailed how reinstalling Windows 11 unexpectedly encrypted two of their backup drives with BitLocker, locking away 3TB of irreplaceable data without any prior setup. The incident, shared onReddit, highlights the risks of Microsoft’s automatic encryption feature in…
Cybersecurity Awareness Month – Two Email Scams Every Student and Parent Should Know About
October is Cybersecurity Awareness Month, and for campus IT teams, that means more than patching servers and updating firewalls. It means protecting students who’ve never encountered sophisticated phishing attacks, international students unfamiliar with US financial aid processes, and families trying…
ISC Stormcast For Tuesday, October 21st, 2025 https://isc.sans.edu/podcastdetail/9664, (Mon, Oct 20th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Tuesday, October 21st, 2025…
The Golden Scale: Notable Threat Updates and Looking Ahead
Unit 42 shares notable developments of cybercrime group Scattered LAPSUS$ Hunters. Learn how this group may operate in the future. The post The Golden Scale: Notable Threat Updates and Looking Ahead appeared first on Unit 42. This article has been…
Russian Lynk group leaks sensitive UK MoD files, including info on eight military bases
Russian hackers stole and leaked MoD files on eight RAF and Navy bases, exposing staff data in a “catastrophic” cyberattack via Dodd Group breach. Russian cybercrime group Lynx breached Dodd Group, a contractor for the UK Ministry of Defence, stealing…
Amazon identifies the issue that broke much of the internet today, but is still working to restore services
The outage affected websites like Coinbase and Fortnite, and disrupted services like Signal, Zoom, and Amazon’s own products, including Ring. This article has been indexed from Security News | TechCrunch Read the original article: Amazon identifies the issue that broke…
Maine 2025 Ballot Questions Redux
QUESTION 1: “Do you want to change Maine election laws to eliminate two days of absentee voting, prohibit requests for absentee ballots by phone or family members, end ongoing absentee voter status for seniors and people with disabilities, ban prepaid…
NDSS 2025 – Workshop On Security And Privacy In Standardized IoT (SDIoTSec) 2025, Paper Presentation Session: Security And Privacy In Iot Standards, Protocols And Implementations
PAPERS SecuWear: Secure Data Sharing Between Wearable Devices Sujin Han (KAIST) Diana A. Vasile (Nokia Bell Labs), Fahim Kawsar (Nokia Bell Labs, University of Glasgow), Chulhong Min (Nokia Bell Labs) Analysis of Misconfigured IoT MQTT Deployments and a Lightweight Exposure…
Major AWS Outage Now Mitigated: Global Impact and What Happened
A global AWS outage disrupted major apps and services across regions before being fully mitigated, exposing heavy dependence on cloud infrastructure. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More Read the…