A suspected zero-day vulnerability in SonicWall firewall devices that the Akira ransomware group is actively exploiting. The flaw allows attackers to gain initial access to corporate networks through SonicWall’s SSL VPN feature, leading to subsequent ransomware deployment. In late July…
CISA roasts unnamed critical national infrastructure body for shoddy security hygiene
Plaintext passwords, shared admin accounts, and insufficient logging rampant at mystery org CISA is using the findings from a recent probe of an unidentified critical infrastructure organization to warn about the dangers of getting cybersecurity seriously wrong.… This article has…
CMMC Assessor FAQ: What Can You Expect From Them?
Part of the process of achieving certification with CMMC is undergoing an audit to validate your security posture across all of the relevant security controls. This can’t be done internally; part of maintaining a valid security framework is using third-party…
IT Security News Hourly Summary 2025-08-02 09h : 2 posts
2 posts were published in the last hour 7:4 : Akira Ransomware Exploits SonicWall VPNs in Likely Zero-Day Attack on Fully-Patched Devices 7:4 : Combating the Grandparent Scam: A Deep Dive into Cybersecurity and Law Enforcement Efforts
I put the Galaxy Ring to the test – and it’s better than my Apple Watch in one critical area
Samsung’s smart ring is exceeding sales expectations, and I found a lot to like about the Galaxy Ring in my real-world tests. This article has been indexed from Latest news Read the original article: I put the Galaxy Ring to…
SafePay Ransomware Infected 260+ Victims Across Multiple Countries
A new ransomware threat has emerged as one of the most aggressive cybercriminal operations of 2025, with SafePay ransomware claiming responsibility for over 265 successful attacks spanning multiple continents. The group, which first appeared in September 2024 with limited activity…
Lazarus Hackers Weaponized 234 Packages Across npm and PyPI to Infect Developers
A sophisticated cyber espionage campaign targeting software developers has infiltrated two of the world’s largest open source package repositories, with North Korea’s notorious Lazarus Group successfully deploying 234 malicious packages across npm and PyPI ecosystems. Between January and July 2025,…
Akira Ransomware Exploits SonicWall VPNs in Likely Zero-Day Attack on Fully-Patched Devices
SonicWall SSL VPN devices have become the target of Akira ransomware attacks as part of a newfound surge in activity observed in late July 2025. “In the intrusions reviewed, multiple pre-ransomware intrusions were observed within a short period of time,…
Combating the Grandparent Scam: A Deep Dive into Cybersecurity and Law Enforcement Efforts
This episode explores the ‘Grandparent Scam,’ a prevalent and profitable fraud targeting seniors by exploiting their concern for their grandchildren. Experts Deirdre and John from Ireland’s National Cybersecurity Center and the Ontario Provincial Police share insights into the scam’s mechanics,…
Hackers Abuse Microsoft 365’s Direct Send Feature to Deliver Internal Phishing Attacks
Cybercriminals have discovered a sophisticated new attack vector by exploiting Microsoft 365’s Direct Send feature to deliver phishing campaigns that masquerade as legitimate internal communications. This emerging threat leverages a legitimate Microsoft service designed for multifunction printers and legacy applications,…
11,000 Android Devices Hacked by Chinese Threats Actors to Deploy PlayPraetor Malware
A sophisticated malware-as-a-service operation orchestrated by Chinese-speaking threat actors has successfully compromised over 11,000 Android devices worldwide through the deployment of PlayPraetor, a powerful Remote Access Trojan designed for on-device fraud. The campaign represents a significant escalation in mobile banking…
LockBit Operators Using Stealthy DLL Sideloading Technique to Load Malicious App as Legitimate One
LockBit ransomware operators have adopted an increasingly sophisticated approach to evade detection by leveraging DLL sideloading techniques that exploit the inherent trust placed in legitimate applications. This stealthy method involves tricking legitimate, digitally signed applications into loading malicious Dynamic Link…
Qilin Ransomware Surging Following The Fall of dominant RansomHub RaaS
The ransomware landscape experienced a significant shift in the second quarter of 2025 as Qilin ransomware emerged as the dominant threat following the unexpected collapse of RansomHub, previously the most prolific ransomware-as-a-service operation. This transition has reshaped the cybercriminal ecosystem,…
IT Security News Hourly Summary 2025-08-02 06h : 1 posts
1 posts were published in the last hour 4:2 : 15+ Vegas Gems for Black Hat 2025
15+ Vegas Gems for Black Hat 2025
Stop drowning in security alerts. See Morpheus autonomous SOC platform live at booth #1851and discover why analysts are smiling again. The post 15+ Vegas Gems for Black Hat 2025 appeared first on D3 Security. The post 15+ Vegas Gems for…
Storm-2603 Using Custom Malware That Leverages BYOVD to Tamper with Endpoint Protections
A newly identified threat actor designated Storm-2603 has emerged as a sophisticated adversary in the ransomware landscape, leveraging advanced custom malware to circumvent endpoint security protections through innovative techniques. The group first gained attention during Microsoft’s investigation into the “ToolShell”…
BrainDamage – Payload Generator and Encrypted Shell Stager for Red Teams
Generate and stage encrypted payloads with BrainDamage, a flexible toolkit for red teamers focused on stealth, staging, and remote command delivery. This article has been indexed from Darknet – Hacking Tools, Hacker News & Cyber Security Read the original article:…
One Week of the Online Safety Act: Cyber Experts Weigh In
The conversation around the UK’s Online Safety Act has transformed over the past week. Since it came into force last Friday (25th July 2025), there has been a lot of public outcry, including a petition, which was signed by over…
IT Security News Hourly Summary 2025-08-02 00h : 8 posts
8 posts were published in the last hour 22:55 : IT Security News Daily Summary 2025-08-01 21:33 : DHS Launches Over $100 Million in Funding to Strengthen Communities’ Cyber Defenses 21:33 : NASA Sends International Crew Of Four Into Orbit…
IT Security News Daily Summary 2025-08-01
174 posts were published in the last hour 21:33 : DHS Launches Over $100 Million in Funding to Strengthen Communities’ Cyber Defenses 21:33 : NASA Sends International Crew Of Four Into Orbit 21:33 : Verizon will give you up to…
Malicious AI-generated npm package hits Solana users
AI-generated npm package @kodane/patch-manager drained Solana wallets; 1,500+ downloads before takedown on July 28, 2025. AI-generated npm package @kodane/patch-manager was flagged for hiding malicious software to drain Solana wallets. The package was uploaded on July 28, 2025, and it was…
DHS Launches Over $100 Million in Funding to Strengthen Communities’ Cyber Defenses
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from CISA News Read the original article: DHS Launches Over $100 Million in Funding to Strengthen Communities’ Cyber…
NASA Sends International Crew Of Four Into Orbit
NASA sends crew of four to ISS, including three whose planned trips were changed due to Boeing Starliner technical troubles This article has been indexed from Silicon UK Read the original article: NASA Sends International Crew Of Four Into Orbit
Verizon will give you up to four free iPhone 15 Plus phones – here’s how to get yours
What’s better than a free phone? Four free phones. Verizon will give you up to four iPhone 15 Plus smartphones free when you sign up for an eligible Unlimited Plan. This article has been indexed from Latest news Read the…