Aeza Group accused of assisting data bandits and BianLian ransomware crooks The US Treasury has sanctioned Aeza Group, a Russian bulletproof hosting (BPH) provider, and four of its cronies for enabling ransomware and other cybercriminal activity.… This article has been…
IT Security News Hourly Summary 2025-07-02 15h : 12 posts
12 posts were published in the last hour 12:35 : Microsoft Ends Authenticator App’s Password Management Support From 2025 12:35 : Office 365 Introduces New Mail Bombing Detection to Shield Users 12:35 : Hackers Target Linux SSH Servers to Deploy TinyProxy…
Like Ransoming a Bike: Organizational Muscle Memory Drives the Most Effective Response
Ransomware is a major threat to the enterprise. Tools and training help, but survival depends on one thing: your organization’s muscle memory to respond fast and recover stronger. The post Like Ransoming a Bike: Organizational Muscle Memory Drives the Most…
Agentic AI Is Here ? and It?s Shaping the Future of Bot Defense
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Blog Read the original article: Agentic AI Is Here ? and It?s Shaping the Future of Bot…
New macOS Malware Uses Process Injection and Remote Access to Steal Keychain Credentials
A sophisticated campaign by North Korean (DPRK)-aligned threat actors targeting Web3 and cryptocurrency businesses has been uncovered, showcasing an alarming evolution in macOS malware tactics. According to detailed analysis by SentinelLABS, alongside corroborating reports from Huntabil.IT and Huntress, the attackers…
US Calls Reported Threats by Pro-Iran Hackers to Release Trump-Tied Material a ‘Smear Campaign’
The United States has warned of continued Iranian cyberattacks following American strikes on Iran’s nuclear facilities. The post US Calls Reported Threats by Pro-Iran Hackers to Release Trump-Tied Material a ‘Smear Campaign’ appeared first on SecurityWeek. This article has been…
Blind Eagle Linked to Russian Host Proton66 in Latin America Attacks
Blind Eagle hackers linked to Russian host Proton66 to target banks in Latin America using phishing and RATs. Trustwave urges stronger security. This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto Read the…
IDE Extensions Like VSCode Allow Attackers to Bypass Trust Checks and Deliver Malware to Developer Systems
OX Research conducted a ground-breaking study in May and June 2025 that revealed concerning security flaws in the extension verification procedures of some of the most popular Integrated Development Environments (IDEs), such as Visual Studio Code (VSCode), Visual Studio, IntelliJ…
YONO SBI Banking App Vulnerability Exposes Users to Man-in-the-Middle Attack
A critical security flaw has been discovered in the widely used YONO SBI: Banking & Lifestyle app, potentially exposing millions of users to man-in-the-middle (MITM) attacks and putting sensitive financial data at risk. The vulnerability, catalogued as CVE-2025-45080, affects version…
US drops sanctions on second Russian bulletproof hosting vehicle this year
Aeza Group accused of assisting data bandits and BianLian ransomware crooks The US Treasury has sanctioned Aeza Group, a Russian bulletproof hosting (BPH) provider, and four of its cronies for enabling ransomware and other cybercriminal activity.… This article has been…
International Criminal Court Hit by Advanced Cyber Attack, No Major Damage
Swift discovery helped the ICC Last week, the International Criminal Court (ICC) announced that it had discovered a new advanced and targeted cybersecurity incident. Its response mechanism and prompt discovery helped to contain the attack. The ICC did not provide…
Polymorphic Security Approaches for the Next Generation of Cyber Threats
Considering the rapid evolution of cybersecurity today, organisations and security professionals must continue to contend with increasingly sophisticated adversaries in an ever-increasing contest. There is one class of malware known as polymorphic malware, which is capable of continuously changing…
Microsoft Ends Authenticator App’s Password Management Support From 2025
Microsoft has announced it will discontinue password management features in its widely used Authenticator app, marking a significant shift in its approach to digital security. Starting July 2025, the app’s autofill capability will be disabled, and by August 2025, all…
Office 365 Introduces New Mail Bombing Detection to Shield Users
Microsoft has announced a significant security upgrade for its Office 365 platform, introducing a new Mail Bombing Detection feature within Microsoft Defender for Office 365. This enhancement, rolling out globally from late June through early July 2025, is designed to…
Hackers Target Linux SSH Servers to Deploy TinyProxy and Sing-Box Proxy Tools
Hackers are exploiting poorly managed Linux servers, particularly those with weak SSH credentials, to install proxy tools such as TinyProxy and Sing-box. The AhnLab Security Intelligence Center (ASEC) has been closely monitoring these intrusions through honeypots mimicking vulnerable SSH services.…
Cybersecurity M&A Roundup: 41 Deals Announced in June 2025
Forty-one cybersecurity merger and acquisition (M&A) deals were announced in June 2025. The post Cybersecurity M&A Roundup: 41 Deals Announced in June 2025 appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Cybersecurity M&A…
Qantas hack results in theft of 6 million passengers’ personal data
Qantas, the largest airline in Australia, confirmed the theft of 6 million customers’ personal information. This article has been indexed from Security News | TechCrunch Read the original article: Qantas hack results in theft of 6 million passengers’ personal data
97% of MSPs Still Use Excel. Here’s the Risk – With Kevin Lancaster
Too many vendors, too little time, and more logins than you can count. Sound familiar? Our guest today is Kevin Lancaster, an advisor, investor, and founder of Channel Program, a platform that gives MSPs and vendors the data they need…
U.S. Treasury Sanctioned Bulletproof Hosting Provider Used by Ransomware Operator Groups
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has imposed comprehensive sanctions on Aeza Group, a Russia-based bulletproof hosting (BPH) services provider that enabled cybercriminal activities worldwide. The action, announced July 1, 2025, targets the critical…
Anthropic MCP Inspector Tool Vulnerability Let Attackers Execute Arbitrary Code on Developer Machines
A critical Remote Code Execution (RCE) vulnerability in Anthropic’s MCP Inspector tool, designated as CVE-2025-49596, has a severe CVSS score of 9.4. This vulnerability represents one of the first critical security flaws found in Anthropic’s Model Context Protocol (MCP) ecosystem,…
Critical WordPress Plugin Vulnerability Exposes 600,000+ Sites to Remote Takeover
A severe arbitrary file deletion vulnerability has been discovered in the popular Forminator WordPress plugin, affecting over 600,000 active installations worldwide. The vulnerability, assigned CVE-2025-6463 with a high CVSS rating of 8.8, allows unauthenticated attackers to delete critical system files,…
10 Best VPN Alternative Solutions In 2025
As digital security and privacy demands evolve, users and businesses are increasingly seeking VPN alternatives that offer more robust protection, better scalability, and seamless remote access. While traditional VPNs remain popular, their limitations such as latency, complex management, and scalability…
YONO SBI Banking App Vulnerability Let Attackers Execute a Man-in-the-Middle Attack
A significant security flaw has been identified in the popular YONO SBI banking application that could potentially expose millions of users to cybersecurity threats. The vulnerability, designated as CVE-2025-45080, affects version 1.23.36 of the YONO SBI: Banking & Lifestyle app…
Qantas: Breach affects 6 million people, “significant” amount of data likely taken
Australian airline Qantas has confirmed a data breach at a third party provider that affects six million customers. This article has been indexed from Malwarebytes Read the original article: Qantas: Breach affects 6 million people, “significant” amount of data likely…
US Senate Eliminates State AI Restrictions In 99-1 Vote
Senators vote 99-1 in favour of amendment to remove proposed 10-year ban on AI regulation by US states, in defeat for tech lobbyists This article has been indexed from Silicon UK Read the original article: US Senate Eliminates State AI…
California Jury Finds Google Liable For $314.6m Data Payout
California state jury finds Google wrongly used Android users’ data for its own purposes, ahead of federal case alleging billions in damages This article has been indexed from Silicon UK Read the original article: California Jury Finds Google Liable For…
Qantas confirms customer data breach amid Scattered Spider attacks
Qantas reports a cyberattack after hackers accessed customer data via a third-party platform, amid ongoing Scattered Spider aviation breaches. Qantas, Australia’s largest airline, disclosed a cyberattack after hackers accessed a third-party platform used by a call centre, stealing significant customer…