CrowdStrike has disclosed two critical vulnerabilities affecting its Falcon sensor for Windows that could enable attackers to delete arbitrary files and potentially compromise system stability. The cybersecurity company released patches for both security flaws in its latest sensor version 7.29,…
IT Security News Hourly Summary 2025-10-09 06h : 4 posts
4 posts were published in the last hour 3:32 : ISC Stormcast For Thursday, October 9th, 2025 https://isc.sans.edu/podcastdetail/9648, (Thu, Oct 9th) 3:32 : [Guest Diary] Building Better Defenses: RedTail Observations from a Honeypot, (Thu, Oct 9th) 3:32 : CrowdStrike Falcon…
Turning the human factor into your strongest cybersecurity defense
In this Help Net Security video, Jacob Martens, Field CISO at Upwind Security, explores one of cybersecurity’s most enduring challenges: the human factor behind breaches. Despite advances in technology, most attacks still begin with people, not code. He explains how…
Behind the screens: Building security customers appreciate
In this Help Net Security interview, Jess Vachon, CISO at PRA Group, discusses the company’s multi-layered defense against fraud and its commitment to protecting customer trust. Vachon explains how PRA Group balances identity verification with a seamless customer experience. Vachon…
2025-10-08: Infection from Kongtuke campaign’s ClickFix page
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2025-10-08: Infection from Kongtuke campaign’s ClickFix page
Microsoft 365 Outage Blocks Access to Teams, Exchange Online, and Admin Center – Updated
A significant Microsoft 365 outage blocked user access to several critical services, including Microsoft Teams, Exchange Online, and the Microsoft 365 admin center. The incident began late on Wednesday, October 8, 2025, leaving organizations worldwide unable to utilize essential communication…
Six metrics policymakers need to track cyber resilience
Most countries are still making national cyber policy decisions without reliable numbers. Regulations often focus on incident reporting after damage is done, but they fail to give governments a forward-looking picture of resilience. A new report from Zurich Insurance Group…
ISC Stormcast For Thursday, October 9th, 2025 https://isc.sans.edu/podcastdetail/9648, (Thu, Oct 9th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Thursday, October 9th, 2025…
[Guest Diary] Building Better Defenses: RedTail Observations from a Honeypot, (Thu, Oct 9th)
[This is a Guest Diary by Jin Quan Low, an ISC intern as part of the SANS.edu Bachelor's Degree in Applied Cybersecurity (BACS) program [1].] This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original…
CrowdStrike Falcon Windows Sensor Vulnerability Enables Code Execution and File Deletion
CrowdStrike has disclosed and released patches for two medium-severity vulnerabilities in its Falcon sensor for Windows that could allow an attacker to delete arbitrary files. The security vulnerabilities, designated as CVE-2025-42701 and CVE-2025-42706, require an attacker to have already gained…
Discord Data Breach – 1.5 TB of Data and 2 Million Government ID Photos Extorted
The popular communication platform Discord is facing an extortion attempt following a significant data breach at one of its third-party customer service providers, Zendesk. Threat actors claim to have stolen 1.5 terabytes of sensitive data, including over 2.1 million government-issued…
IT Security News Hourly Summary 2025-10-09 03h : 4 posts
4 posts were published in the last hour 1:2 : FreePBX SQL Injection Vulnerability Exploited to Modify The Database 0:32 : Crimson Collective Leverages AWS Services to Exfiltrate Sensitive Data 0:32 : Exciting Developments in Cloud-Native Security 0:32 : Zero…
FreePBX SQL Injection Vulnerability Exploited to Modify The Database
A critical SQL injection vulnerability in FreePBX has emerged as a significant threat to VoIP infrastructure worldwide, enabling attackers to manipulate database contents and achieve arbitrary code execution. FreePBX, a widely deployed PBX system built around the open-source Asterisk VoIP…
Crimson Collective Leverages AWS Services to Exfiltrate Sensitive Data
A new threat group calling itself Crimson Collective has emerged as a significant cybersecurity concern, targeting Amazon Web Services (AWS) cloud environments with sophisticated data exfiltration and extortion campaigns. The group has recently claimed responsibility for attacking Red Hat, asserting…
Exciting Developments in Cloud-Native Security
Are Machine Identities the Hidden Key to Cloud-Native Security? Effective cybersecurity strategies rely not only on safeguarding human credentials but also on ensuring the security of non-human identities (NHIs). These machine identities, often overshadowed by their human counterparts, play a…
Zero Trust for AI Agents: Implementing Dynamic Authorization in an Autonomous World
Traditional role-based access control assumes predictable behavior, but AI agents exhibit emergent behaviors no human anticipated. Dynamic authorization using ABAC and JWT tokens enables real-time policy decisions that adapt to AI behavior, environmental context, and risk levels automatically. The post…
IT Security News Hourly Summary 2025-10-09 00h : 5 posts
5 posts were published in the last hour 22:55 : IT Security News Daily Summary 2025-10-08 22:2 : Mustang Panda Using New DLL Side-Loading Technique to Deliver Malware 22:2 : Scattered Lapsus$ Hunters Launched a New Leak Site to Release…
Research Finds That API Security Blind Spots Could Put AI Agent Deployments at Risk
New research by Salt Security has revealed an alarming disconnect between rapid API adoption and immature security practices, threatening the success of critical AI and automation initiatives. The H2 2025 State of API Security Report shows that, as enterprises race to…
Research Finds Budgets, Staffing and Skills Fail to Keep Pace with Rising Cyber Threats
New research by ISACA has found that over a third (39%) of European IT and cybersecurity professionals report that their organisation is experiencing more cybersecurity attacks than this time last year. Yet despite this rising wave of attacks, confidence in…
IT Security News Daily Summary 2025-10-08
153 posts were published in the last hour 21:32 : OpenAI Blocks Global Hackers Misusing ChatGPT for Cyberattacks 21:32 : How to configure and verify ACM certificates with trust stores 21:2 : Critical Redis Flaw Could Compromise Most Cloud Environments…
Qilin ransomware claimed responsibility for the attack on the beer giant Asahi
Qilin ransomware claimed responsibility for the recent attack on the beer giant Asahi that disrupted operations in Japan. Asahi Group Holdings, Ltd (commonly called Asahi) is Japan’s largest brewing company, known for producing top-selling beers like Asahi Super Dry, as…
Hackers Actively Compromising Databases Using Legitimate Commands
A sophisticated new breed of ransomware attacks is leveraging legitimate database commands to compromise organizations worldwide, bypassing traditional security measures through “malware-less” operations. Unlike conventional ransomware that encrypts files using malicious binaries, threat actors are exploiting exposed database services by…
Mustang Panda Using New DLL Side-Loading Technique to Deliver Malware
In recent weeks, cybersecurity analysts have observed a resurgence of the Mustang Panda threat actor deploying a novel DLL side-loading approach to deliver malicious payloads. Emerging in June 2025, this campaign leverages politically themed lures targeting Tibetan advocacy groups. Victims…
Scattered Lapsus$ Hunters Launched a New Leak Site to Release Data Stolen from Salesforce Instances
The notorious cybercriminal collective known as Scattered Lapsus$ Hunters has escalated their extortion campaign by launching a dedicated leak site to threaten organizations with the exposure of stolen Salesforce data. This supergroup, comprised of established threat actors including ShinyHunters, Scattered…