The Interlock ransomware group has leaked data allegedly stolen from Kettering Health in a recent cyberattack. The post Ransomware Gang Leaks Alleged Kettering Health Data appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
Tag: EN
Critical Cisco Nexus Dashboard Vulnerability Lets Attackers Impersonate Managed Devices
Cisco has issued a high-severity security advisory (ID: cisco-sa-ndfc-shkv-snQJtjrp) regarding a critical SSH host key validation vulnerability in its Nexus Dashboard Fabric Controller (NDFC), tracked as CVE-2025-20163. The flaw, assigned a CVSS 3.1 base score of 8.7, could allow unauthenticated,…
Critical flaw in Cisco ISE impacts cloud deployments on AWS, Microsoft Azure, and Oracle Cloud Infrastructure
Cisco fixed a critical flaw in the Identity Services Engine (ISE) that could allow unauthenticated attackers to conduct malicious actions. A vulnerability tracked as CVE-2025-20286 (CVSS score 9.9) in cloud deployments of Cisco ISE on AWS, Microsoft Azure, and Oracle…
China Issues Warrants for Alleged Taiwanese Hackers and Bans a Business for Pro-Independence Links
China issued warrants for 20 Taiwanese people it said carried out hacking missions in the Chinese mainland on behalf of the island’s ruling party. The post China Issues Warrants for Alleged Taiwanese Hackers and Bans a Business for Pro-Independence Links…
Navigating DORA: How Sekoia.io can support your compliance journey
As the cyber threat landscape evolves and the digital landscape changes, regulatory frameworks continue to emerge, aiming to bolster the security posture of organisations, particularly in the financial sector. One such regulation is the Digital Operational Resilience Act (DORA), effective…
Cisco Alerts Users to Critical ISE Vulnerability Exposing Sensitive Data
Cisco has issued a critical security advisory (Advisory ID: cisco-sa-ise-aws-static-cred-FPMjUcm7) for its Identity Services Engine (ISE) when deployed on major cloud platforms—Amazon Web Services (AWS), Microsoft Azure, and Oracle Cloud Infrastructure (OCI). The vulnerability, tracked as CVE-2025-20286 and classified under…
#Infosec2025: Securing Endpoints is Still Vital Amid Changing Threats
Endpoint and network security is still essential, even as malicious actors turn to supply chains, identities and AI This article has been indexed from www.infosecurity-magazine.com Read the original article: #Infosec2025: Securing Endpoints is Still Vital Amid Changing Threats
U.S. Authorities Shut Down Major Dark Web Marketplace with 117,000 Users
In a blow to the cybercrime underworld, the U.S. Attorney’s Office for the Eastern District of Virginia announced the seizure of approximately 145 domains, spanning both darknet and traditional internet spaces, associated with the notorious BidenCash marketplace. This coordinated operation,…
Authorities Seized 145 Dark Web Marketplace Having 117,000 Registered Customers
Federal authorities have successfully dismantled BidenCash, one of the largest criminal marketplaces operating on both the dark web and the traditional internet. In a coordinated law enforcement operation, approximately 145 domains associated with the platform were seized. The BidenCash marketplace…
Outlook Users Targeted by New HTML-Based Phishing Scheme
A recent phishing campaign has revealed a sophisticated technique that exploits Microsoft Outlook’s unique handling of HTML emails to conceal malicious links from corporate users. The attack, initially appearing as a standard phishing attempt impersonating a Czech bank, leverages conditional…
Russian bomber maker popped, vishing targets Salesforce, MS helps out governments
Ukraine claims cyberattack on Russian bomber maker Vishing campaign targets Salesforce Microsoft lends a hand to European governments Huge thanks to our sponsor, Conveyor Ever wish you had a teammate that could handle the most annoying parts of customer security…
Be Careful With Fake Zoom Client Downloads, (Thu, Jun 5th)
Collaborative tools are really popular these days. Since the COVID-19 pandemic, many people switched to remote work positions and we need to collaborate with our colleagues or customers every day. Tools like Microsoft Teams, Zoom, WebEx, (name your best solution),…
ColoCrossing – 7,183 breached accounts
In May 2025, hosting provider ColoCrossing identified a data breach that impacted customers of their ColoCloud virtual server product. ColoCrossing advised the incident was isolated to their cloud/VPS platform and stemmed from a single sign-on vulnerability. 7k email addresses were…
AI kept 15-year-old zombie vuln alive, but its time is drawing near
Researchers have come up with a fix for a path traversal bug first spotted in 2010 A security bug that surfaced fifteen years ago in a public post on GitHub has survived developers’ attempts on its life.… This article has…
Vodafone Germany Fined $51 Million Over Privacy, Security Failures
Germany fined Vodafone $51 million for failing to protect user data from partners and unauthorized third-parties. The post Vodafone Germany Fined $51 Million Over Privacy, Security Failures appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
Addressing API Security with NIST SP 800-228
According to the Wallarm Q1 2025 ThreatStats report, 70% of all application attacks target APIs. The industry can no longer treat API security as a sidenote; it’s time to treat it as the main event. NIST seems to be on…
35,000 Solar Power Systems Exposed To Internet Are Vulnerable To Cyberattacks
A comprehensive cybersecurity investigation has revealed alarming vulnerabilities in the rapidly expanding solar energy infrastructure, with nearly 35,000 solar power devices found exposed to internet-based attacks across 42 vendors worldwide. The discovery underscores growing security concerns as renewable energy systems…
Meta open-sources AI tool to automatically classify sensitive documents
Meta has released an open source AI tool called Automated Sensitive Document Classification. It was originally built for internal use and is designed to find sensitive information in documents and apply security labels automatically. The tool uses customizable classification rules…
FortiMail Workspace Security expands protection beyond email to web and collaboration tools
Fortinet has enhanced its data and productivity security portfolio, expanding FortiMail with the launch of the FortiMail Workspace Security suite. These new capabilities extend protection not only to email but also to browser and collaboration security. These advancements, combined with new…
Critical Cisco ISE Auth Bypass Flaw Impacts Cloud Deployments on AWS, Azure, and OCI
Cisco has released security patches to address a critical security flaw impacting the Identity Services Engine (ISE) that, if successfully exploited, could allow unauthenticated actors to carry out malicious actions on susceptible systems. The security defect, tracked as CVE-2025-20286, carries…