ESET researchers analyzed a cyberespionage campaign conducted by BladedFeline, an Iran-aligned APT group with likely ties to OilRig This article has been indexed from WeLiveSecurity Read the original article: BladedFeline: Whispering in the dark
Category: EN
Ransomware and USB attacks are hammering OT systems
Ransomware, trojans, and malware delivered through USB devices are putting growing pressure on industrial systems, according to the Honeywell 2025 Cyber Threat Report, which draws on data from monitoring tools deployed across industrial sites around the world. The findings highlight…
AI becomes key player in enterprise ransomware defense
Ransomware breaches continue to rise even as fewer victims pay, according to a Delinea report. 69% of organizations globally have fallen victim to ransomware, with 27% being hit more than once. While only 57% of organizations paid ransoms, down from…
Misconfigured HMIs Expose US Water Systems to Anyone With a Browser
Censys researchers follow some clues and find hundreds of control-room dashboards for US water utilities on the public internet. The post Misconfigured HMIs Expose US Water Systems to Anyone With a Browser appeared first on SecurityWeek. This article has been…
New infosec products of the week: June 6, 2025
Here’s a look at the most interesting products from the past week, featuring releases from Akamai, AttackIQ, Barracuda Networks, Bitdefender, Fortinet, Malwarebytes, and Varonis. Bitdefender unifies security, risk management, and compliance in a single platform Bitdefender announced GravityZone Compliance Manager,…
PumaBot: A New Malware That Sneaks into Smart Devices Using Weak Passwords
A recently found malware called PumaBot is putting many internet-connected devices at risk. This malicious software is designed to attack smart systems like surveillance cameras, especially those that use the Linux operating system. It sneaks in by guessing weak…
Cerebras Unveils World’s Fastest AI Chip, Beating Nvidia in Inference Speed
In a move that could redefine AI infrastructure, Cerebras Systems showcased its record-breaking Wafer Scale Engine (WSE) chip at Web Summit Vancouver, claiming it now holds the title of the world’s fastest AI inference engine. Roughly the size of…
AMOS macOS Stealer Distributed Via Clickfix Bypasses macOS Security & Execute Malware
A sophisticated malware campaign has emerged targeting macOS users through typo-squatted domains mimicking Spectrum, the major U.S. telecommunications provider. The attack employs a new variant of Atomic macOS Stealer (AMOS) disguised as a CAPTCHA verification system, demonstrating cybercriminals’ evolving tactics…
CISA Warns of Chrome 0-Day Vulnerability Exploited in the Wild to Execute Arbitrary Code
CISA has issued an urgent warning about a critical zero-day vulnerability in Google Chrome’s V8 JavaScript engine that is being actively exploited by cybercriminals to execute arbitrary code on victims’ systems. On June 5, 2025, CISA added CVE-2025-5419 to its…
ISC Stormcast For Friday, June 6th, 2025 https://isc.sans.edu/podcastdetail/9482, (Fri, Jun 6th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Friday, June 6th, 2025…
Upcoming DShield Honeypot Changes and Customizations, (Fri, Jun 6th)
There are some upcoming DShield honeypot [1] changes that introduce some opportunities for additional customization and data analysis. For most users, no additional actions are needed. A couple of those changes: This article has been indexed from SANS Internet Storm…
The best secure browsers for privacy in 2025: Expert tested
I’ve found the best browsers around that prioritize user security and privacy over revenue through tracking and data collection. This article has been indexed from Latest stories for ZDNET in Security Read the original article: The best secure browsers for…
DCRat Attacking Users In Latin America To Steal Banking Credentials
A sophisticated malware campaign targeting Latin American users has emerged as a significant threat to the region’s banking sector, with cybercriminals deploying the DCRat banking trojan through elaborate phishing schemes designed to steal financial credentials. The malicious operations, which have…
SCATTERED SPIDER Hackers Attacking IT Support Teams & Bypass Multi-Factor Authentication
A sophisticated cybercriminal group known as SCATTERED SPIDER has emerged as one of the most dangerous threats facing organizations today, demonstrating an alarming ability to bypass multi-factor authentication through cunning social engineering tactics targeting IT support teams. This threat actor,…
Threat Actors Using Malware Loaders To Bypass Android 13+ Accessibility Restrictions
Cybercriminals have successfully circumvented Google’s Android 13 security enhancements designed to prevent malicious applications from abusing accessibility services, according to recent threat intelligence findings. The tech giant implemented these restrictions specifically to block accessibility access for sideloaded applications, a measure…
Keeping the Web Up Under the Weight of AI Crawlers
< div class=”field field–name-body field–type-text-with-summary field–label-hidden”> < div class=”field__items”> < div class=”field__item even”> If you run a site on the open web, chances are you’ve noticed a big increase in traffic over the past few months, whether or not your…
Securing AI at scale: Databricks and Noma close the inference vulnerability gap
Databricks Ventures and Noma Security partner to tackle critical AI inference vulnerabilities with real-time threat analytics, proactive red teaming, and robust governance, helping CISOs confidently scale secure enterprise AI deployments. This article has been indexed from Security News | VentureBeat…
Uncle Sam puts $10M bounty on RedLine dev and Russia-backed cronies
Any info on Maxim Rudometov and his associates? There’s $$$ in it for you The US government is offering up to $10 million for information on foreign government-backed threat actors linked to the RedLine malware, including its suspected developer, Maxim…
Skybox Is Gone. The Risk of Waiting Isn’t.
Skybox Is Gone. The Risk of Waiting Isn’t. Skybox is gone, but your compliance deadlines, audit obligations, and security risks are very much alive. Here’s why EMEA organisations must act… The post Skybox Is Gone. The Risk of Waiting Isn’t.…
Proxy Services Feast on Ukraine’s IP Address Exodus
Ukraine has seen nearly one-fifth of its Internet space come under Russian control or sold to Internet address brokers since February 2022, a new study finds. The analysis indicates large chunks of Ukrainian Internet address space are now in the…