A list of topics we covered in the week of October 20 to October 26 of 2025 This article has been indexed from Malwarebytes Read the original article: A week in security (October 20 – October 26)
Tag: EN
Delivering often in small increments with Scrum
Agile software development, particularly using Scrum, has revolutionized the way software is built and delivered. At its core, Agile embraces iterative and incremental development, a stark contrast to traditional “waterfall” methodologies. The primary objective is to deliver working software frequently…
Microsoft WSUS vulnerability, LastPass death hoax, Copilot phishing technique
Microsoft WSUS vulnerability could allow for remote code execution Fake LastPass death claims used to breach password vaults New CoPhish attack steals OAuth tokens via Copilot Studio agents Huge thanks to our sponsor, Conveyor If security questionnaires make you feel…
North Korean Chollima Actors Added BeaverTail and OtterCookie to its Arsenal
Famous Chollima, a DPRK-aligned threat group, has evolved its arsenal, with BeaverTail and OtterCookie increasingly merging functionalities to steal credentials and cryptocurrency via deceptive job offers. A recent campaign involved a trojanized Node.js application distributed through a malicious NPM package,…
It’s Always DNS: Lessons from the AWS Outage
In episode 404 (no pun intended!) we discuss the recurring issue of DNS outages, the recent Amazon AWS disruption, and what this reveals about our dependency on cloud services. The conversation touches on the need for tested business continuity plans,…
Can your earbuds recognize you? Researchers are working on it
Biometric authentication has moved from fingerprints to voices to facial scans, but a team of researchers believes the next step could be inside the ear. New research explores how the ear canal’s unique acoustic properties can be used to verify…
Dependency-Track: Open-source component analysis platform
Software is a patchwork of third-party components, and keeping tabs on what’s running under the hood has become a challenge. The open-source platform Dependency-Track tackles that problem head-on. Rather than treating software composition as a one-time scan, it continuously monitors…
706,000+ BIND 9 DNS Resolvers Exposed to Cache Poisoning – PoC Released
A critical vulnerability affecting more than 706,000 BIND 9 DNS resolvers worldwide has been disclosed with proof-of-concept exploit code now publicly available. The security flaw enables attackers to perform cache poisoning attacks by injecting malicious DNS records into vulnerable resolver…
AI writes code like a junior dev, and security is feeling it
The industry is entering a phase where code is being deployed faster than it can be secured, according to OX Security. Findings from the Army of Juniors: The AI Code Security Crisis report show that AI-generated code often appears clean…
DDoS, data theft, and malware are storming the gaming industry
When the pandemic kept people at home in 2020, millions turned to games for an escape. The surge turned every console, PC, and phone into part of a vast online network. More players meant more logins, payments, and personal data.…
WhatsApp 0-Click Exploit Disclosed to Meta at Pwn2Own Security Event
Cybersecurity researchers from Team Z3 have withdrawn their planned demonstration of a zero-click remote code execution vulnerability in WhatsApp at the Pwn2Own Ireland 2025 hacking competition, opting instead for private coordinated disclosure to Meta. The high-stakes exploit, which stood to…
Product showcase: Neo Network Utility makes network checks simple
Want to see if a remote server is still alive, or trace the path your data takes across the internet? Network Utility had you covered, until Apple removed it. Network Utility was the go-to macOS app for quick network checks.…
Pwn2Own Ireland 2025: Major Cybersecurity Revelations & Critical Vulnerabilities
In this episode of Cybersecurity Today, host David Shipley covers the latest updates from the Pwn2Own 2025 event in Ireland, where top hackers earned over $1 million for uncovering 73 zero-day vulnerabilities. Despite significant hype, AI’s impact on cybersecurity remains…
New CoPhish Attack Exploits Copilot Studio to Exfiltrate OAuth Tokens
A sophisticated phishing technique called CoPhish exploits Microsoft Copilot Studio to trick users into granting attackers unauthorized access to their Microsoft Entra ID accounts. Dubbed by Datadog Security Labs, this method uses customizable AI agents hosted on legitimate Microsoft domains…
New EDR-Redir Tool Breaks EDR Exploiting Bind Filter and Cloud Filter Driver
A new tool called EDR-Redir has emerged, allowing attackers to redirect or isolate the executable folders of popular Endpoint Detection and Response (EDR) solutions. Demonstrated by cybersecurity researcher TwoSevenOneT, the technique leverages Windows’ Bind Filter driver (bindflt.sys) and Cloud Filter…
UN Cybercrime Treaty wins dozens of signatories, to go with its many critics
Allows surveillance and cross-border evidence sharing, which worries human rights groups The United Nations on Saturday staged a signing ceremony for the Convention against Cybercrime, the world’s first agreement to combat online crime. And while 72 nations picked up the…
MyVidster (2025) – 3,864,364 breached accounts
In October 2025, the data of almost 4M MyVidster users was posted to a public hacking forum. Separate to the 2015 breach, this incident exposed usernames, email addresses and in a small number of cases, profile photos. This article has…
Mem3nt0 mori – The Hacking Team is back!
Kaspersky researchers discovered previously unidentified commercial Dante spyware developed by Memento Labs (formerly Hacking Team) and linked it to the ForumTroll APT attacks. This article has been indexed from Securelist Read the original article: Mem3nt0 mori – The Hacking Team…
ISC Stormcast For Monday, October 27th, 2025 https://isc.sans.edu/podcastdetail/9672, (Mon, Oct 27th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Monday, October 27th, 2025…
Uncovering Qilin attack methods exposed through multiple cases
Cisco Talos investigated the Qilin ransomware group, uncovering its frequent attacks on the manufacturing sector, use of legitimate tools for credential theft and data exfiltration, and sophisticated methods for lateral movement, evasion, and persistence. This article has been indexed from…