NCC Group this week revealed it has allied with Qualys to expand the scope of its managed attack surface management (ASM) services to address instances of shadow IT. Amber Mitchell, lead product manager for ASM at NCC Group, said the…
Apache Log4j Flaw Enables Interception of Sensitive Logging Data
The Apache Software Foundation has released a critical security update for its widely used Log4j logging library. A newly discovered vulnerability, tracked as CVE-2025-68161, allows attackers to intercept or redirect sensitive log data by exploiting a flaw in how the software…
Hackers Leverage Gladinet Triofox 0-Day Vulnerability to Run Malicious Code
A critical remote code execution vulnerability in Gladinet Triofox is now under active exploitation by threat actors, and security researchers have demonstrated that weaponizing the flaw requires far more sophistication than initial analyses suggest. CVE-2025-12480, tracked by UNC6485, represents a…
Cloud Atlas Exploits Office Vulnerabilities to Execute Malicious Code
The Cloud Atlas threat group, active since 2014, continues to pose a significant risk to organizations in Eastern Europe and Central Asia through sophisticated attacks leveraging legacy Microsoft Office vulnerabilities. Security researchers have documented the group’s expanded arsenal and evolving…
Mapping the Emerging Alliance Between Qilin, DragonForce, and LockBit
In mid-September 2025, the ransomware landscape witnessed a significant development when DragonForce announced an alliance with Qilin and LockBit on a Russian underground forum. The announcement, posted on September 15, 2025, claimed the three groups were joining forces to navigate…
BlueDelta Hackers Target Users of Popular Ukrainian Webmail and News Service
Russian state-sponsored threat group BlueDelta has conducted a sustained credential-harvesting campaign targeting users of UKR.NET, one of Ukraine’s most popular webmail and news services, between June 2024 and April 2025. According to research by Recorded Future’s Insikt Group, the operation…
Hundreds of Cisco customers are vulnerable to new Chinese hacking campaign, researchers say
Cisco warned that Chinese government hackers are exploiting a zero-day in some of its products. Researchers now say there are hundreds of vulnerable Cisco customers. This article has been indexed from Security News | TechCrunch Read the original article: Hundreds…
ATM jackpotting gang accused of unleashing Ploutus malware across US
Latest charges join the mountain of indictments facing alleged Tren de Aragua members A Venezuelan gang described by US officials as “a ruthless terrorist organization” faces charges over alleged deployment of malware on ATMs across the country, illegally siphoning millions…
Preventing This Week’s AWS Cryptomining Attacks: Why Detection Fails and Permissions Matter
The recent discovery of a cryptomining campaign targeting Amazon compute resources highlights a critical gap in traditional cloud defense. Attackers are bypassing perimeter defenses by leveraging compromised credentials to execute legitimate but privileged API calls like ec2:CreateLaunchTemplate, ecs:RegisterTaskDefinition, ec2:ModifyInstanceAttribute, and…
NIS2 Compliance: Maintaining Credential Security
Strengthen NIS2 compliance by preventing weak and compromised passwords with Enzoic’s continuous credential protection. The post NIS2 Compliance: Maintaining Credential Security appeared first on Security Boulevard. This article has been indexed from Security Boulevard Read the original article: NIS2 Compliance:…
IT Security News Hourly Summary 2025-12-19 21h : 3 posts
3 posts were published in the last hour 19:32 : HubSpot Phishing Campaign Bypasses Trusted Email Defenses 19:32 : Thailand Conference Launches International Initiative to Fight Online Scams 19:32 : Russia-Linked Hackers Use Microsoft 365 Device Code Phishing for Account…
HubSpot Phishing Campaign Bypasses Trusted Email Defenses
A phishing campaign targeting HubSpot users bypassed email defenses by abusing trusted platforms and authenticated infrastructure. The post HubSpot Phishing Campaign Bypasses Trusted Email Defenses appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the…
Thailand Conference Launches International Initiative to Fight Online Scams
Similar pledges to fight scam networks were made by members of the Association of Southeast Asian Nations in the months leading up to the Bangkok conference. The post Thailand Conference Launches International Initiative to Fight Online Scams appeared first on…
Russia-Linked Hackers Use Microsoft 365 Device Code Phishing for Account Takeovers
A suspected Russia-aligned group has been attributed to a phishing campaign that employs device code authentication workflows to steal victims’ Microsoft 365 credentials and conduct account takeover attacks. The activity, ongoing since September 2025, is being tracked by Proofpoint under…
Fortifying Cloud Security Operations with AI-Driven Threat Detection
With the rapid adoption of cloud technologies, organizations are rushing to migrate their workloads and data to the cloud — often at a breakneck pace. Cyber hackers are not far behind in this race. On-premises systems are no longer the…
25,000+ FortiCloud SSO-Enabled Devices Exposed to Remote Attacks
Over 25,000 Fortinet devices worldwide with FortiCloud Single Sign-On (SSO) enabled, leaving them potentially exposed to remote attacks. The finding stems from enhanced device fingerprinting in a new Device Identification report, which scanned global IP addresses and flagged these systems…
WatchGuard sounds alarm as critical Firebox flaw comes under active attack
Newly disclosed vulnerability already being abused, users urged to lock down exposed firewalls WatchGuard is in emergency patch mode after confirming that a critical remote code execution flaw in its Firebox firewalls is under active attack.… This article has been…
Randall Munroe’s XKCD ‘Fifteen Years’
via the insightful artistry and dry wit of Randall Munroe, creator of XKCD Permalink The post Randall Munroe’s XKCD ‘Fifteen Years’ appeared first on Security Boulevard. This article has been indexed from Security Boulevard Read the original article: Randall Munroe’s…
Vulnerability Management’s New Mandate: Remediate What’s Real
Live from AWS re:Invent, Snir Ben Shimol makes the case that vulnerability management is at an inflection point: visibility is no longer the differentiator—remediation is. Organizations have spent two decades getting better at scanning, aggregating and reporting findings. But the…
Wordfence Intelligence Weekly WordPress Vulnerability Report (December 8, 2025 to December 14, 2025)
Last week, there were disclosed in and that have been added to the Wordfence Intelligence Vulnerability Database, and there were that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not…
Hacks, thefts, and disruption: The worst data breaches of 2025
TechCrunch looks back at the biggest data breaches, disruptive cyberattacks, and damaging hacks of 2025, from the raiding of U.S. government databases to a hack every month in South Korea. This article has been indexed from Security News | TechCrunch…
CultureAI Selected for Microsoft’s Agentic Launchpad Initiative to Advance Secure AI Usage
UK-based AI safety and governance company CultureAI has been named as one of the participants in Microsoft’s newly launched Agentic Launchpad, a technology accelerator aimed at supporting startups working on advanced AI systems. The inclusion marks a milestone for CultureAI’s…
Keeper Security Bolsters Federal Leadership to Advance Government Cybersecurity Initiatives
Keeper Security has announced the appointment of two new additions to its federal team, with Shannon Vaughn as Senior Vice President of Federal and Benjamin Parrish, Vice President of Federal Operations. Vaughn will lead Keeper’s federal business strategy and expansion,…
Amazon Warns Perncious Fake North Korea IT Worker Threat Has Become Widespread
Amazon is warning organizations that a North Korean effort to impersonate IT workers is more extensive than many cybersecurity teams may realize after discovering the cloud service provider was also victimized. A North Korean imposter was uncovered working as a…