Activision last week brought offline the Microsoft Store version of Call of Duty: WWII as the company was investigating “reports of an issue.” This article has been indexed from Security News | TechCrunch Read the original article: Activision took down…
US government confirms arrest of Chinese national accused of stealing COVID research and mass-hacking email servers
Accused hacker and Chinese national Xu Zewei was arrested in Italy at the request of U.S. prosecutors. This article has been indexed from Security News | TechCrunch Read the original article: US government confirms arrest of Chinese national accused of…
Digging Gold with a Spoon – Resurgence of Monero-mining Malware
“Criminals go where the money flows.” This quote is indeed true among cybercriminals lately, as our team of Security Analysts discovered and examined a resurgence of malware deploying XMRig cryptominer in mid-April this year after a two-year hiatus. This article…
IT Worker arrested for selling access in $100M PIX cyber heist
Brazil arrests IT worker João Roque for aiding $100M PIX cyber heist, one of Brazil’s biggest banking system breaches. Brazilian police arrested João Roque (48), an IT employee at C&M, for allegedly aiding a cyberattack that stole over 540 million…
U.S. CISA adds MRLG, PHPMailer, Rails Ruby on Rails, and Synacor Zimbra Collaboration Suite flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Multi-Router Looking Glass (MRLG), PHPMailer, Rails Ruby on Rails, and Synacor Zimbra Collaboration Suite (ZCS) flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Multi-Router Looking…
Italian police arrested a Chinese national suspected of cyberespionage on a U.S. warrant
Italian police arrested a Chinese national linked to Silk Typhoon APT group at Milan’s Malpensa Airport on a U.S. warrant. Italian police arrested a Chinese national, Zewei Xu (33), at Milan’s Malpensa Airport on a U.S. warrant. Xu was arrested…
Microsoft Patch Tuesday security updates for July 2025 fixed a zero-day
Microsoft released Patch Tuesday security updates for July 2025, which addressed 130 flaws, including one a Microsoft SQL Server zero-day. Microsoft Patch Tuesday security updates for July 2025 addressed 130 vulnerabilities in Windows and Windows Components, Office and Office Components,…
Hackers weaponize Shellter red teaming tool to spread infostealers
Hackers are abusing the legitimate red teaming tool Shellter to spread stealer malware after a licensed copy was leaked. Elastic Security Labs has identified several malware campaigns using the commercial AV/EDR evasion tool SHELLTER. The tool was originally built for…
Batavia spyware steals data from Russian organizations
Kaspersky experts have discovered a new spyware called Batavia, which steals data from corporate devices. This article has been indexed from Securelist Read the original article: Batavia spyware steals data from Russian organizations
Approach to mainframe penetration testing on z/OS. Deep dive into RACF
We have explored the RACF security package in z/OS and developed a utility to interact with its database. Now, we are assessing RACF configuration security for penetration testing. This article has been indexed from Securelist Read the original article: Approach…
Now available: Red Hat Enterprise Linux Security Select Add-On
When you subscribe to Red Hat Enterprise Linux (RHEL), you get security fixes for Common Vulnerabilities and Exposures (CVE). As defined in the RHEL Life Cycle Policy, we classify any issue rated with a Common Vulnerability Scoring System score of…
Modernizing Cybersecurity for State and Local Government
State IT must shift to integrated, efficient and smarter cybersecurity investments, leveraging public/private partnerships for innovation. The post Modernizing Cybersecurity for State and Local Government appeared first on Palo Alto Networks Blog. This article has been indexed from Palo Alto…
Building Trust in the Digital Age
Regulatory frameworks in Europe call for solutions delivering strong cybersecurity, operational resilience and support organization’s control over their data. The post Building Trust in the Digital Age appeared first on Palo Alto Networks Blog. This article has been indexed from…
Scattered Spider’s Pre-Attack Infrastructure Exposed: 500+ Phishing Domains Mimic Enterprise Logins
The infamous cybercrime group known as Scattered Spider is expanding its playbook, and laying the groundwork long before the breach. New findings from Check Point Research reveal a sprawling infrastructure of more than 500 phishing domains, many designed to impersonate…
Ransomware in 2025: More Attacks, Bigger Targets, Fewer Confirmations
The ransomware crisis continues to deepen. In the first half of 2025, 3,627 attacks were logged worldwide, a 47% jump from the same period last year. But confirmation remains scarce. According to Comparitech, of those incidents, just 445 were publicly…
Stolen Identities Now the Biggest Threat in Cybersecurity
The biggest threat to your business may no longer be malware or ransomware. It’s your people. Or rather, their identities. Between 2023 and the first quarter of 2025, identity-driven threats surged by 156%, now accounting for 59% of all confirmed…
Ransomware Attack Cripples Ingram Micro, Disrupts Global Services
Ingram Micro has confirmed a ransomware attack that has forced systems offline and disrupted core services across its global operations. The breach, first reported as an unexplained outage on 3 July has now been linked to the SafePay ransomware group,…
Mitigating the Toxic Cloud Trilogy to Empower Everyone from the Most to the Least Tech-Savvy
Cloud computing has its perks: speed, scalability, and innovation, to name just a few. However, increasing reliance on cloud computing has changed the threat landscape and created substantial points of vulnerability. The toxic cloud trilogy of cloud workload risks –…
Hijacking Ollama’s Signed Installer for Code Execution
This blog post is part of an ongoing series exploring how AI related tools aimed at developers can be exploited to compromise their machines. As these tools increasingly integrate deep system access, they also expand the attack surface available to…
Behind the Booking: How Bots Are Undermining Airline Revenue
The airline industry is under constant attack from malicious bots. Bad actors use automation to scrape fares, hoard inventory, commit fraud, and compromise customer accounts. While every airline faces its own unique challenges, the business impacts are remarkably consistent—lost revenue,…
How to Secure Your Promo Codes Against Cyber Exploits
Promo codes provide a fantastic opportunity to increase customer traffic and generate sales, yet there is a potential risk with them. Promo codes are one of the objects of interest to cybercriminals because they exploit those codes and use them…
Empowered employees strengthen financial sector digital resilience
Ensuring that any organisation can withstand, respond effectively to and recover quickly from ICT disruptions is a strategic imperative. This is particularly true within the financial sector. The Digital Operational Resilience Act (DORA), which became mandatory on 17 January this…
Trust nothing, verify everything: Why the UK public sector must embrace Zero Trust
The UK’s public sector is under siege. Not by visible enemies, but by a wave of cyber threats. In 2024, the National Cyber Security Centre reported a 16% increase in serious attacks impacting national security. These aren’t theoretical risks. They…
Black Duck Sets New Standard with Polaris, First AppSec SaaS Hosted in Saudi Arabia
Leading global application security provider Black Duck has reinforced its commitment to the Saudi Arabian market with the introduction of the Black Duck Polaris® Platform as the first application security software as a service (SaaS) platform hosted in the Kingdom of…