A new offensive security tool named “RecoverIt” has been released, offering red teamers a stealthy method for lateral movement and persistence by abusing the Windows Service recovery mechanism. The tool circumvents traditional detection methods that focus on monitoring service creation…
European Commission probes intrusion into staff mobile management backend
Officials explore issue affecting infrastructure after CERT-EU detected suspicious activity Brussels is digging into a cyber break-in that targeted the European Commission’s mobile device management systems, potentially giving intruders a peek inside the official phones carried by EU staff.… This…
IT Security News Hourly Summary 2026-02-09 12h : 7 posts
7 posts were published in the last hour 10:32 : Vortex Werewolf Targets Organizations With Tor-Enabled RDP, SMB, SFTP, and SSH Backdoors 10:32 : Heimdal Claims Industry First with IASME-Aligned Cyber Essentials PEDM Mapping 10:32 : Critical FortiClientEMS Vulnerability Let…
Vortex Werewolf Targets Organizations With Tor-Enabled RDP, SMB, SFTP, and SSH Backdoors
A threat cluster tracked as “Vortex Werewolf” (also known as SkyCloak) has been observed targeting Russian government and defense organizations. The attack begins not with a typical malicious attachment, but with a highly credible phishing link. Vortex Werewolf distributes URLs…
Heimdal Claims Industry First with IASME-Aligned Cyber Essentials PEDM Mapping
London, UK, February 9, 2026 – Heimdal today announced it is the first vendor to publish an IASME Cyber Essentials aligned control mapping for Privilege Elevation and Delegation Management (PEDM), helping organisations evidence least privilege and stronger control over administrative access. Privileged access…
Critical FortiClientEMS Vulnerability Let Attackers Execute Malicious Code Remotely
Fortinet has issued a critical security advisory warning administrators to immediately patch instances of FortiClientEMS, its central management solution for endpoint protection. The vulnerability, tracked as CVE-2026-21643, carries a CVSSv3 score of 9.1 and could allow unauthenticated, remote attackers to…
New RecoverIt Tool Exploits Windows Service Failure Recovery Functions to Execute Payload
A new open-source offensive security tool named “RecoverIt” has been released, offering Red Teamers and penetration testers a novel method for establishing persistence and executing lateral movement on compromised Windows systems. The tool, developed by security researcher TwoSevenOneT, weaponizes the…
Vortex Werewolf Attacking Organizations to Gain Tor-Enabled Remote Access Over the RDP, SMB, SFTP, and SSH Protocols
A new cyber espionage cluster has recently emerged, focusing its aggressive targeting on Russian government and defense organizations. Active since at least December 2025, the group, designated as Vortex Werewolf, employs a combination of social engineering and legitimate software utilities…
TeamPCP Worm Exploits Cloud Infrastructure to Build Criminal Infrastructure
Cybersecurity researchers have called attention to a “massive campaign” that has systematically targeted cloud native environments to set up malicious infrastructure for follow-on exploitation. The activity, observed around December 25, 2025, and described as “worm-driven,” leveraged exposed Docker APIs, Kubernetes…
Social Media Platforms Earn Billions from Scam Ads
Revolut claims social media sites make £3.8bn annually from scam ads targeting European users This article has been indexed from www.infosecurity-magazine.com Read the original article: Social Media Platforms Earn Billions from Scam Ads
Critical Fortinet FortiClient EMS Vulnerability Allows Remote Code Execution
A critical security vulnerability has been discovered in Fortinet’s FortiClient EMS (Endpoint Management Server), potentially exposing organizations to remote code execution attacks. The flaw, tracked as CVE-2026-21643, was disclosed on February 6, 2026, and carries a severe CVSS score of…
Romania’s national oil pipeline firm Conpet reports cyberattack
Romania’s national oil pipeline operator Conpet said a cyberattack disrupted its business systems and temporarily knocked its website offline. Conpet is a state-controlled company that owns and operates the country’s crude oil, condensate, and liquid petroleum product pipeline network. Its…
New Paper and Tool Help Security Teams Move Beyond Blind Reliance on CISA’s KEV Catalog
The KEV list is useful but largely misunderstood. KEVology explains what it is, and how best to use it. The post New Paper and Tool Help Security Teams Move Beyond Blind Reliance on CISA’s KEV Catalog appeared first on SecurityWeek.…
US Agencies Told to Scrap End of Support Edge Devices
CISA has issued a new directive requiring federal agencies to decommission all end of support edge devices within 12 months to reduce ongoing exploitation risks This article has been indexed from www.infosecurity-magazine.com Read the original article: US Agencies Told to…
Researchers Find 40,000+ Exposed OpenClaw Instances
SecurityScorecard has identified over 40,000 OpenClaw deployments exposed to potential attack This article has been indexed from www.infosecurity-magazine.com Read the original article: Researchers Find 40,000+ Exposed OpenClaw Instances
Is it ok to reply ‘stop’ to unsolicited text messages?
It is generally not ok to reply with ‘stop’ or ‘unsubscribe’ to any unexpected text messages. A response signals to fraudsters whether a user is… The post Is it ok to reply ‘stop’ to unsolicited text messages? appeared first on…
Amazon To Spend $200bn This Year Amid AI Bet
Amazon capital expenditure projections far higher than expected, as it invests in AI data centres, broadband satellites This article has been indexed from Silicon UK Read the original article: Amazon To Spend $200bn This Year Amid AI Bet
Substack Discloses Major Data Breach
Media platform Substack has disclosed a data breach that exposed email addresses, phone numbers, and internal metadata of an unknown number of users. Credit card numbers, passwords, and financial information were not accessed. In an email, Substack CEO Chris Best informed affected…
A week in security (February 2 – February 8)
A list of topics we covered in the week of February 2 to February 8 of 2026 This article has been indexed from Malwarebytes Read the original article: A week in security (February 2 – February 8)
European Commission Investigating Cyberattack
The signs of a cyberattack were identified on systems EU’s main executive body uses for mobile device management. The post European Commission Investigating Cyberattack appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: European…
BeyondTrust Fixes Critical Pre-Auth RCE Vulnerability in Remote Support and PRA
BeyondTrust has released updates to address a critical security flaw impacting Remote Support (RS) and Privileged Remote Access (PRA) products that, if successfully exploited, could result in remote code execution. “BeyondTrust Remote Support (RS) and certain older versions of Privileged…
OpenClaw embraces VirusTotal, CISA EOL Deadline, ransomware hits BridgePay
OpenClaw turns to VirusTotal to boost security CISA gives federal agencies one year to remove end-of-life devices Payments platform BridgePay confirms ransomware attack Get the show notes here: https://cisoseries.com/cybersecurity-news-openclaw-embraces-virustotal-cisa-eol-deadline-ransomware-hits-bridgepay/ Huge thanks to our episode sponsor, ThreatLocker Want real Zero Trust…
Anthropic Targets ChatGPT Advertising In Super Bowl Spots
AI start-up satirises OpenAI move to introduce advertising to ChatGPT chatbot in series of Super Bowl commercials, as rivalry heats up This article has been indexed from Silicon UK Read the original article: Anthropic Targets ChatGPT Advertising In Super Bowl…
Detecting Ransomware Using Windows Minifilters to Intercept File Change Events
A security researcher has released a new proof-of-concept (PoC) tool on GitHub designed to stop ransomware at the deepest level of the operating system. Part of a broader Endpoint Detection and Response (EDR) strategy named “Sanctum,” the project demonstrates how…