Defendnot, a sophisticated new tool that effectively disables Windows Defender by exploiting the Windows Security Center (WSC) API to register itself as a legitimate antivirus solution. The Windows Security Center service is designed to ensure Windows computers maintain adequate security…
Category: EN
Critical Vulnerabilities in Mitel SIP Phones Let Attackers Inject Malicious Commands
Security researchers have discovered two significant vulnerabilities affecting Mitel’s suite of SIP phones that could allow attackers to execute arbitrary commands and upload malicious files. The more severe vulnerability, identified as CVE-2025-47188, received a critical CVSS score of 9.8 and…
Japan finance hacks, Pearson suffers cyberattack, Teams blocks screen captures
Hackers hijack Japanese financial accounts to conduct billions in trades Education giant Pearson hit by cyberattack exposing customer data Microsoft Teams will soon block screen capture during meetings Huge thanks to our sponsor, Vanta Do you know the status of…
Microsoft Teams to Safeguard Meetings by Blocking Screen Snaps
Microsoft has announced the upcoming release of a groundbreaking “Prevent Screen Capture” feature for Teams, designed to block unauthorized screenshots and recordings during virtual meetings. The new capability, slated for worldwide deployment in July 2025, underscores Microsoft’s increasing commitment to…
German police seized eXch crypto exchange
Germany’s BKA shut down eXch crypto exchange, seizing its infrastructure over money laundering and illegal trading platform charges. On April 30, 2025, Germany’s Federal Criminal Police (BKA) shut down the eXch crypto exchange (eXch.cx), seizing its infrastructure over money laundering…
When Visibility Meets Action in NHS Cybersecurity
In NHS cybersecurity, one problem keeps security teams up at night: the gap between spotting issues and actually fixing them. If you work in healthcare IT, you know this headache all too well. Legacy systems that can’t be easily patched,…
Bluetooth 6.1 released, enhances privacy and power efficiency
The Bluetooth Special Interest Group has released Bluetooth 6.1, and one of the most important new features is an update to how devices manage privacy and power. The update, called Bluetooth Randomized RPA (resolvable private address) Updates, helps protect users…
Cyber Threats Target HR, AI Tools, and Critical Infrastructure: A Comprehensive Update
In this episode of Cybersecurity Today, host David Shipley covers a range of cyber threats including the Venom Spider malware targeting HR professionals, the emergence of the Noodlofile info stealer disguised as an AI video generator, and misinformation campaigns amid…
DragonForce Ransomware targeting M&S vows not to target Russia or Soviet Union
In a surprising twist, DragonForce Ransomware, the group responsible for a recent attack on UK retailer Marks & Spencer, has made an unusual public plea. The group is reportedly asking other cybercriminal organizations to avoid targeting businesses operating in Russia…
Can Your Photos Stored Online Cause Privacy Concerns
In this digital age, photos have become one of the most shared and stored types of content online. Whether it’s a picture shared on social media, an image saved to a cloud service, or even photos attached to an email,…
New Exploit Method Extracts Microsoft Entra Tokens Through Beacon
A novel exploit method leveraging Beacon Object Files (BOFs) has emerged, enabling attackers to extract Microsoft Entra (formerly Azure AD) tokens from compromised endpoints, even on non-domain-joined or BYOD devices. This technique sidesteps traditional detection mechanisms and expands access to…
How to give better cybersecurity presentations (without sounding like a robot)
Most people think great presenters are born with natural talent. Luka Krejci, a presentation expert, disagrees. “They are called presentation skills. Skills, not talent,” he says. “Any skill, be it dancing, football, or presenting, can be developed only if you…
Why security teams cannot rely solely on AI guardrails
In this Help Net Security interview, Dr. Peter Garraghan, CEO of Mindgard, discusses their research around vulnerabilities in the guardrails used to protect large AI models. The findings highlight how even billion-dollar LLMs can be bypassed using surprisingly simple techniques,…
PoC Code Published for Linux nftables Security Vulnerability
Security researchers have published proof-of-concept (PoC) exploit code for CVE-2024-26809, a high-severity double-free vulnerability in Linux’s nftables firewall subsystem. The flaw allows local attackers to escalate privileges and execute arbitrary code, posing significant risks to unpatched systems. Technical Breakdown of CVE-2024-26809…
SPIRE: Toolchain of APIs for establishing trust between software systems
SPIRE is a graduated project of the Cloud Native Computing Foundation (CNCF). It’s a production-ready implementation of the SPIFFE APIs that handles node and workload attestation to securely issue SVIDs to workloads and verify the SVIDs of other workloads, all…
DOGE worker’s old creds found exposed in infostealer malware dumps
PLUS: Celsius scammer sent to slammer; Death-by-hacking victim warns you’re never safe; and more Infosec in brief Good cybersecurity habits don’t appear to qualify anyone to work at DOGE, as one Musk minion seemingly fell victim to infostealer malware.… This…
Facebook Flaws and Privacy Laws: A Journey into Early Social Media Security from 2009
Join hosts Tom Eston, Scott Wright, and Kevin Johnson in a special best-of episode of the Shared Security Podcast. Travel back to 2009 with the second-ever episode featuring discussions on early Facebook bugs, cross-site scripting vulnerabilities, and a pivotal Canadian…
Layoffs pose a cybersecurity risk: Here’s why offboarding matters
In this Help Net Security video, Chase Doelling, Principal Strategist at JumpCloud, discusses the overlooked security risks associated with improper offboarding. Though many organizations focus on securely onboarding new employees, they often overlook the security risks associated with properly offboarding…
Despite drop in cyber claims, BEC keeps going strong
Ransomware claims stabilized in 2024 despite remaining the most costly and disruptive type of cyberattack, according to Coalition. 60% of 2024 claims originated from BEC and funds transfer fraud (FTF) incidents, with 29% of BEC events resulting in FTF. BEC…
ISC Stormcast For Monday, May 12th, 2025 https://isc.sans.edu/podcastdetail/9446, (Mon, May 12th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Monday, May 12th, 2025…