A new and carefully crafted phishing campaign is currently targeting LastPass users, with attackers sending fake support emails designed to steal vault master passwords. The campaign, which began on or around March 1, 2026, relies on social engineering tactics to…
Cisco Secure Firewall Management Vulnerability Allow Attackers to Bypass Authentication
Cisco has released a critical security advisory warning of a severe vulnerability in its Secure Firewall Management Center (FMC) Software. This flaw allows an unauthenticated, remote attacker to bypass authentication and execute script files, thereby gaining full root access to…
Beazley Exposure Management platform identifies external exposures and prioritizes cyber risk
Beazley Security has announced its Exposure Management product, which delivers continuous, automated discovery and intelligence-driven exposure notifications to help security teams accelerate risk mitigation in an era where AI-assisted attackers have compressed the time between vulnerability disclosure, weaponization, and exploitation.…
Nvidia Chief Says Will ‘Probably’ Not Invest $100bn In OpenAI
Nvidia chief executive Jensen Huang says company will probably not have opportunity to invest $100bn in OpenAI after all, due to IPO This article has been indexed from Silicon UK Read the original article: Nvidia Chief Says Will ‘Probably’ Not…
Google Rolls Out Emergency Chrome Update to Patch 10 Critical Security Vulnerabilities
Google released an urgent security update for its Chrome browser to address 10 vulnerabilities. Deployed on March 3, 2026, this stable channel update fixes three critical flaws and seven high-severity issues. The emergency patch protects users from potential exploits that…
Cisco Patches Critical Vulnerabilities in Enterprise Networking Products
Cisco has rolled out patches for 48 vulnerabilities in Firewall ASA, Secure FMC, and Secure FTD products. The post Cisco Patches Critical Vulnerabilities in Enterprise Networking Products appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
Authorities pull plug on Tycoon 2FA phishing-as-a-service platform
Tycoon 2FA, a phishing-as-a-service platform that allowed cybercriminals to bypass MFA and break into online accounts, has been disrupted by law enforcement agencies and cybersecurity partners. Takedown of the Tycoon 2FA phishing-as-a-service platform (Source: Europol) Active since August 2023, Tycoon…
LeakBase cybercrime forum with 142,000 users taken down in global operation
LeakBase, an open-web cybercrime forum facilitating the trade of leaked databases and “stealer logs” containing stolen credentials, has been taken down in an international law enforcement operation coordinated by Europol and involving authorities from 14 countries. Police in action (Source:…
Security Architecture Part 2: Network Security Design, DMZ Segmentation, and IDS Systems
Explains network segmentation, DMZ architecture, and IDS deployment strategies used to contain threats and monitor enterprise network environments. This article has been indexed from CyberMaterial Read the original article: Security Architecture Part 2: Network Security Design, DMZ Segmentation, and IDS…
Google Announces Android Changes Amid Epic Settlement
Google, Epic submit new proposed settlement to judge after previous arrangement deemed ‘sweetheart deal’ for Google This article has been indexed from Silicon UK Read the original article: Google Announces Android Changes Amid Epic Settlement
Cisco Secure Firewall Management Flaw Allows Remote Code Execution
Cisco recently disclosed a critical security vulnerability affecting its Secure Firewall Management Centre (FMC) software. This severe flaw carries a maximum severity score of 10.0 and allows unauthenticated, remote attackers to execute arbitrary code with root privileges. CVE ID CVSS…
Possible iPhone-hacking toolkit used by spies, Hacker mass-mails HungerRush extortion emails, Tycoon 2FA phishing platform dismantled
Possible iPhone-hacking toolkit used by spies Hacker mass-mails HungerRush extortion emails Tycoon 2FA phishing platform dismantled Get the show notes here: https://cisoseries.com/cybersecurity-news-iphone-hacking-toolkit-used-by-spies-hungerrush-extortion-emails-tycoon-phishing-platform-dismantled/ Huge thanks to our sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first…
Meta Contractors Review Sensitive Videos From AI Glasses
UK ICO contacts Meta over ‘concerning’ Swedish report that contractors in Kenya are reviewing videos featuring bank cards, people having sex This article has been indexed from Silicon UK Read the original article: Meta Contractors Review Sensitive Videos From AI…
RedAlert Mobile Espionage Campaign Exploits Trojanized Rocket Alert App to Spy on Civilians
A newly discovered mobile espionage operation dubbed “RedAlert” has surfaced amid the ongoing Israel–Iran conflict, exploiting wartime fear and dependency on early-warning systems. The campaign targets civilians by distributing a trojanized version of the Israeli Home Front Command’s official Rocket Alert application, aiming…
AI Is Making Social Engineering Harder to Detect—But We’re Still Training People Like It’s 2015
Last year, Hong Kong police disclosed a reported case that would become a watershed moment in cybersecurity: a finance worker at global engineering firm Arup transferred $25 million to fraudsters after attending a video conference call with what appeared to…
IT Security News Hourly Summary 2026-03-05 09h : 10 posts
10 posts were published in the last hour 7:32 : NIS-2: What the end of the registration period means for management teams 7:32 : Thales Data Threat Report: AI and Cloud Complexity Fuel New Data Security Risks 7:32 : 2,622…
NIS-2: What the end of the registration period means for management teams
March 6, 2026, marks the end of the registration period for companies that fall under the NIS-2-Directive. Registration with the “Bundesamt für Sicherheit in der Informationstechnik” (BSI) will transform the regulatory transition period into a binding supervisory situation. This will…
Thales Data Threat Report: AI and Cloud Complexity Fuel New Data Security Risks
A new report from Thales highlights how artificial intelligence is reshaping the cybersecurity landscape, introducing new attack vectors while amplifying existing data protection challenges. The 2026 Thales Data Threat Report finds that as organizations accelerate AI adoption, they are simultaneously increasing their exposure to cloud threats, identity…
2,622 Valid Certificates Exposed: A Google-GitGuardian Study Maps Private Key Leaks to Real-World Risk
GitGuardian partnered with Google to answer: what happens when private keys leak? Using Certificate Transparency, we mapped about 1M leaked keys to 140k certificates. Result: 2,622 were valid as of September 2025, exposing major organizations. Our disclosure campaign achieved 97%…
FBI and Europol Seize LeakBase Forum Used to Trade Stolen Credentials
A joint law enforcement operation has dismantled LeakBase, one of the world’s largest online forums for cybercriminals to buy and sell stolen data and cybercrime tools. The LeakBase forum, per the U.S. Department of Justice (DoJ), had over 142,000 members…
Europol-Led Operation Takes Down Tycoon 2FA Phishing-as-a-Service Linked to 64,000 Attacks
Tycoon 2FA, one of the prominent phishing-as-a-service (PhaaS) toolkits that allowed cybercriminals to stage adversary-in-the-middle (AitM) credential harvesting attacks at scale, was dismantled by a coalition of law enforcement agencies and security companies. The subscription-based phishing kit, which first emerged…
Threat Actors Intensify Targeting of IP Cameras Across the Middle East Amid Ongoing Conflict
Cyber operations have once again become an integral component of the ongoing conflict across the Middle East, with researchers identifying a wave of attacks against Internet-connected IP cameras beginning on February 28, 2026. According to CPR, the observed campaigns appear to…
Cisco Secure Firewall Vulnerability Exposes Networks to Authentication Bypass Attacks
Cisco recently disclosed a critical vulnerability in its Secure Firewall Management Centre (FMC) Software that allows unauthenticated remote attackers to gain complete root access to affected devices. Holding a maximum severity CVSS score of 10.0, this flaw demands immediate attention…
Google uncovers Coruna iOS Exploit Kit targeting iOS 13–17.2.1
Google warns of the Coruna iOS exploit kit, using 23 exploits across five chains to target iPhones running iOS 13–17.2.1, but not the latest iOS. Google’s Threat Intelligence Group has identified a powerful new iOS exploit kit called Coruna (also…