Incident responders suggested sweeping improvements following Active Directory database heist Exclusive Cybercriminals broke into systems belonging to the UK’s NHS Professionals body in May 2024, stealing its Active Directory database, but the healthcare organization never publicly disclosed it, The Register…
Category: EN
Hackers Launch Coordinated Attack on Apache Tomcat Manager from 400 Unique IPs
Cybersecurity researchers at GreyNoise Intelligence have identified a significant coordinated attack campaign targeting Apache Tomcat Manager interfaces across the globe. On June 5, 2025, the company’s threat detection systems registered activity levels far exceeding normal baselines, with nearly 400 unique…
U.S. CISA adds Wazuh, and WebDAV flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Wazuh, and WebDAV flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added ASUS RT-AX55 devices, Craft CMS, and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities…
New Campaign Targets Entra ID User Accounts Using Pentesting Tool for Account Takeover
Proofpoint Threat Intelligence has uncovered a large-scale Account Takeover (ATO) campaign, internally tracked as UNK_SneakyStrike, that leverages the open-source penetration testing framework TeamFiltration to target Microsoft Entra ID user accounts across global organizations. The campaign, which began in late 2024,…
Securing the SaaS Browser Experience Through Proactive Measures
Increasingly, organisations are using cloud-based technologies, which has led to the rise of the importance of security concerns surrounding Software as a Service (SaaS) platforms. It is the concept of SaaS security to ensure that applications and sensitive data…
Europol Says Criminal Demand for Data is “Skyrocketing”
Europol warns of “vicious circle” of data breaches and cybercrime This article has been indexed from www.infosecurity-magazine.com Read the original article: Europol Says Criminal Demand for Data is “Skyrocketing”
European Social Media Ban For Under-15s Urged By France’s Macron
French President signals support for European Union regulation to ban social media for children under the age of 15 This article has been indexed from Silicon UK Read the original article: European Social Media Ban For Under-15s Urged By France’s…
Windows SMB Client Zero-Day Vulnerability Exploited via Reflective Kerberos Relay Attack
A newly disclosed vulnerability, CVE-2025-33073, dubbed the “Reflective Kerberos Relay Attack,” has shaken the Windows security landscape. Discovered by RedTeam Pentesting and patched by Microsoft on June 10, 2025, this flaw allows low-privileged Active Directory users to escalate privileges to…
Hackers Advertising New Blackhat Tool Nytheon AI on Popular Hacking Forums
A sophisticated new threat platform, Nytheon AI, has emerged, which combines multiple uncensored large language models (LLMs) built specifically for malicious activities. The platform, discovered by Cato CTRL, is being actively promoted on popular hacking forums, including XSS and various…
CISA Releases Guide to Protect Network Edge Devices From Hackers
CISA and international cybersecurity partners have released a comprehensive suite of guidance documents aimed at protecting critical network edge devices from increasingly sophisticated cyberattacks. This coordinated effort, involving cybersecurity authorities from nine countries, including Australia, Canada, the United Kingdom, and…
Phishing Alert as Erie Insurance Reveals Cyber “Event”
Erie Insurance reveals suspected network breach and ongoing outage This article has been indexed from www.infosecurity-magazine.com Read the original article: Phishing Alert as Erie Insurance Reveals Cyber “Event”
WiredBucks – 918,529 breached accounts
In May 2022, the now defunct social media influencer platform WiredBucks suffered a data breach that was later redistributed as part of a larger corpus of data. The incident exposed over 900k email and IP addresses alongside names, usernames, earnings…
Interpol Targets Infostealers: 20,000 IPs Taken Down, 32 Arrested, 216,000 Victims Notified
Interpol has announced a crackdown on infostealer malware in Asia as part of an effort called Operation Secure. The post Interpol Targets Infostealers: 20,000 IPs Taken Down, 32 Arrested, 216,000 Victims Notified appeared first on SecurityWeek. This article has been…
Palo Alto Networks Patches Privilege Escalation Vulnerabilities
Palo Alto Networks has released patches for seven vulnerabilities and incorporated the latest Chrome fixes in its products. The post Palo Alto Networks Patches Privilege Escalation Vulnerabilities appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
Why Open-Source Encryption and Automated Key Rotation Aren’t Enough Without Certificate Management
As organizations scale and adopt cloud-native architectures, the way they manage encryption — particularly how they issue, track and rotate certificates — has never been more critical. The post Why Open-Source Encryption and Automated Key Rotation Aren’t Enough Without Certificate…
File Data: The Hidden Ransomware Threat Costing Enterprises Millions
Your weakest link doesn’t have to stay weak. Rethink file data management strategy today to secure your organization’s data—and trust. The post File Data: The Hidden Ransomware Threat Costing Enterprises Millions appeared first on Security Boulevard. This article has been…
ConnectWise to Rotate ScreenConnect Code Signing Certificates Due to Security Risks
ConnectWise has disclosed that it’s planning to rotate the digital code signing certificates used to sign ScreenConnect, ConnectWise Automate, and ConnectWise remote monitoring and management (RMM) executables due to security concerns. The company said it’s doing so “due to concerns…
0-Click Vulnerability in Microsoft 365 Copilot Exposes Sensitive Data via Teams
Security researchers have uncovered the first-ever zero-click vulnerability in an AI agent, targeting Microsoft 365 Copilot and potentially exposing sensitive organizational data through a sophisticated attack chain dubbed “EchoLeak.” The critical flaw, assigned CVE-2025-32711 with a CVSS score of 9.3,…
Exposed eyes: 40,000 security cameras vulnerable to remote hacking
Over 40,000 internet-exposed security cameras worldwide are vulnerable to remote hacking, posing serious privacy and security risks. Bitsight warns that over 40,000 security cameras worldwide are exposed to remote hacking due to unsecured HTTP or RTSP (Real-Time Streaming Protocol) access.…
Top 12 Continuous Security Monitoring (CSM) Tools for Proactive Defense
As your business grows, so do the risks. Regulatory requirements pile up, and new attack methods evolve. At some point or other, you’re left wondering: Is it time to invest in Continuous Security Monitoring (CSM) tools? This is where the…