In this Help Net Security video, Rob Demain, CEO of e2e-assure, explains the essentials of OT cybersecurity resilience. He discusses the importance of understanding remote access points, supply chain connections, and the need for specialized sensors to monitor OT networks…
Tag: EN
Attackers Exploit Defender for Endpoint Cloud API to Bypass Authentication and Disrupt Incident Response
Microsoft Defender for Endpoint’s cloud communication can be abused to bypass authentication, intercept commands, and spoof results, allowing attackers to derail incident response and mislead analysts. Recent research shows that multiple backend endpoints accept requests without effectively validating tokens, enabling…
SonicWall SSLVPN Under Attack Following the Breach of All Customers’ Firewall Backups
A surge in attacks targeting SonicWall SSLVPN devices, affecting numerous customer networks, just weeks after a major breach exposed sensitive firewall data. Starting October 4, 2025, threat actors have rapidly authenticated into over 100 accounts across 16 environments, using what…
RealBlindingEDR Tool That Permanently Turns Off AV/EDR Using Kernel Callbacks
An open-source tool called RealBlindingEDR enables attackers to blind, permanently disable, or terminate antivirus (AV) and endpoint detection and response (EDR) software by clearing critical kernel callbacks on Windows systems. Released on GitHub in late 2023, the utility leverages signed…
Discord confirms third-party support breach; some users’ ID photos, support messages and limited payment details were accessed
Discord, the popular communication platform used by millions worldwide, has confirmed a data breach that compromised the systems of one of its third-party customer support providers. The incident, which occurred on September 20, 2025, allowed an unauthorized individual to…
When hackers hit, patient safety takes the fall
93% of U.S. healthcare organizations experienced at least one cyberattack in the past year, with an average of 43 incidents per organization, according to Proofpoint. The study found that most of these attacks involved cloud account compromises, ransomware, supply chain…
Attackers don’t linger, they strike and move on
Cyber attacks are happening faster than ever. Intrusions that once took weeks or months now unfold in minutes, leaving little time to react. Attackers move quickly once they gain access, aiming to run their payloads and get results before defenders…
Oracle E-Business Suite RCE Vulnerability Exposes Sensitive Data to Hackers Without Authentication
Oracle has disclosed a critical vulnerability in its E-Business Suite that enables unauthenticated attackers to remotely access sensitive data, raising alarms for enterprises relying on the platform for core operations. Tracked as CVE-2025-61884, the flaw affects the Oracle Configurator component…
Our APWG eCrimes Paper on Tech Support Scam Facebook Groups
My colleague Raghavendra Cherupalli will be at APWG eCrime next month sharing a paper based on our research into the Facebook Groups where illicit Indian Call Centers share “Crime-as-a-Service” offerings with one another. In our paper, “Classification of Cybercriminal Posts…
ISC Stormcast For Monday, October 13th, 2025 https://isc.sans.edu/podcastdetail/9652, (Sun, Oct 12th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Monday, October 13th, 2025…
New Oracle E-Business Suite Bug Could Let Hackers Access Data Without Login
Oracle on Saturday issued a security alert warning of a fresh security flaw impacting its E-Business Suite that it said could allow unauthorized access to sensitive data. The vulnerability, tracked as CVE-2025-61884, carries a CVSS score of 7.5, indicating high…
NDSS 2025 – Keynote 2: Towards Resilient Systems In An Increasingly Hostile World
Author, Creator & Presenter: Dr. Kathleen Fisher PhD, Director, Information Innovation Office (I2O), US Defense Advanced Research Projects Agency (DARPA) Our thanks to the Network and Distributed System Security (NDSS) Symposium for publishing their Creators, Authors and Presenter’s superb NDSS…
Microsoft to end support for Windows 10, 400 million PCs will be impacted
Microsoft is ending software updates for Windows 10 From October 14, Microsoft will end its support for Windows 10, experts believe it will impact around 400 million computers, exposing them to cyber threats. People and groups worldwide are requesting that…
Threat Actors Exploit Discord Webhooks for C2 via npm, PyPI, and Ruby Packages
Threat actors are increasingly abusing Discord webhooks as covert command-and-control (C2) channels inside open-source packages, enabling stealthy exfiltration of secrets, host telemetry, and developer environment data without standing up bespoke infrastructure. Socket’s Threat Research Team has documented active abuse across…
Clop Ransomware group claims the hack of Harvard University
The notorious Clop Ransomware group claims the hack of Harvard University and added the prestigious institute to its Tor data leak site. The Clop Ransomware group announced the hack of the prestigious Harvard University. The cybercrime group created a page…
Is CMMC 3.0 on the Horizon? How Defense Contractors Can Prepare Now
The Department of Defense recently sent defense contractors a clear signal: an update to the recently finalized CMMC 2.0 is likely coming and the time to prepare is now. In… The post Is CMMC 3.0 on the Horizon? How Defense…
Zimbra Zero-Day Exploit Used in ICS File Attacks to Steal Sensitive Data
Security researchers have discovered that hackers exploited a zero-day vulnerability in Zimbra Collaboration Suite (ZCS) earlier this year using malicious calendar attachments to steal sensitive data. The attackers embedded harmful JavaScript code inside .ICS files—typically used to schedule and…
Cybersecurity Newsletter Weekly – Discord, Red Hat Data Breach, 7-Zip Vulnerabilities and Sonicwall Firewall Hack
Welcome to this week’s edition of the Cybersecurity Newsletter Weekly, where we dive into the most pressing threats and vulnerabilities shaping the digital landscape. As cyber risks continue to evolve at breakneck speed, our October 12, 2025, roundup spotlights a…
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 66
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Ransomware and Cyber Extortion in Q3 2025 Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability XWorm V6:…
Security Affairs newsletter Round 545 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. CVE-2025-11371:…