PLUS: Discord invite links may not be safe; Miscreants find new way to hide malicious JavaScript; and more! Infosec In Brief A pair of Congressional Democrats have demanded a review of the Common Vulnerabilities and Exposures (CVE) program amid uncertainties…
Tag: EN
Introducing Guernsey Cyber Security Centre
In creating Guernsey Cyber Security Centre, JCSC are working with the States of Guernsey to ensure all the Channel Islands have access to specialist support for cyber security incidents, as well as advice and guidance to built better and more…
Mirai Botnet Variant is Building Swarm by Exploiting DVR Flaw
A command injection flaw in internet-connected digital video recorders used for CCTV monitoring is the target of a Mirai botnet malware variant, which allows hackers to take over the devices and add them to a botnet. Cybersecurity researchers at…
Stolen Customer Data from Ticketmaster Incident Resurfaces Online
Ticketmaster, one of the most prominent ticketing companies in the world, suffered a high-profile cyber-attack in May 2024 that affected the entire digital infrastructure of the company. The incident resulted in the unauthorised exposure of vast amounts of customer…
DVLA Scams Target Thousands of UK Drivers with Fake Fines, Car Deals, and Fraudulent Fees
A surge in vehicle-related scams across the UK has left thousands of drivers out of pocket, with fraudulent activity disguised as legitimate DVLA communications. In 2023 alone, nearly 20,000 motorists were tricked by fake car tax messages, insurance schemes,…
Cloudfare CAPTCHA Page Tricks Users Into Downloading Malware
An advanced but simple phishing tactic is being distributed, it deploys fake Cloudflare CAPTCHA pages to target users with malware. A recent research by SlashNext says the technique, called ClickFix tricks users into running commands that deploy malware. ClickFix shows…
LinuxFest Northwest: Clonezilla Live On RISC-V Crafting Open Source Live Systems For Open Hardware
Authors/Presenters: Steven Shiau (Clonezilla Project Leader); Yu-Chin Tsai (Clonezilla NCHC Partclone); Chen-Kai Sun (Clonezilla Project / Engineer In NCHC) Our sincere appreciation to LinuxFest Northwest (Now Celebrating Their Organizational 25th Anniversary Of Community Excellence), and the Presenters/Authors for publishing their…
The Growing Threat of AI-powered Cyberattacks in 2025
Data breach costs are rising at breakneck speed. IBM reported that the global average security breach cost is $4.9 million, marking a 10% increase since 2024. And it won’t stop here… The post The Growing Threat of AI-powered Cyberattacks in 2025…
Sensata Technologies Confirms Data Breach After April Ransomware Attack, Notifies Employees of Exposed Personal Information
Sensata Technologies has begun notifying current and former employees of a data breach following the conclusion of an internal investigation into a ransomware attack that took place in April 2025. A global leader in industrial technology, Sensata specializes in…
Canada’s second-largest airline WestJet is containing a cyberattack
Canada’s airline WestJet has suffered a cyberattack that impactd access to some internal systems and the company app. WestJet is a Canadian airline that operates both domestic and international flights. Founded in 1996, it started as a low-cost carrier and…
The Cost of Ignoring Patches: How State and Local Governments Can Mitigate Damaging Security Breaches
According to a recent report released by the Multi-State Information Sharing and Analysis Center, governmental agencies are facing an increase in ransomware attacks from nation-state actors and other increasingly clever hackers…. The post The Cost of Ignoring Patches: How State and…
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 49
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Supply chain attack hits Gluestack NPM packages with 960K weekly downloads Analysis of the latest Mirai wave exploiting TBK DVR devices…
Expanding on ChunkyIngress – Clippy Goes Rogue (GoClipC2)
GoClipC2: A covert Windows clipboard-based C2 channel for VDI/RDP environments. Bypasses network monitoring with encrypted Base64 messaging. This article has been indexed from ZephrSec – Adventures In Information Security Read the original article: Expanding on ChunkyIngress – Clippy Goes Rogue…
Security Affairs newsletter Round 528 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Palo…
Guardrails Breached: The New Reality of GenAI-Driven Attacks
From vibe hacking to malware development to deepfakes, bad actors are discovering more vulnerabilities to attack generative AI tools while also using AI to launch cyber attacks. The post Guardrails Breached: The New Reality of GenAI-Driven Attacks appeared first on…
Week in review: Microsoft fixes exploited zero-day, Mirai botnets target unpatched Wazuh servers
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft fixes zero-day exploited for cyber espionage (CVE-2025-33053) For June 2025 Patch Tuesday, Microsoft has fixed 66 new CVEs, including a zero-day exploited in the…
Upcoming Speaking Engagements
This is a current list of where and when I am scheduled to speak: I’m speaking at the International Conference on Digital Trust, AI and the Future in Edinburgh, Scotland on Tuesday, June 24 at 4:00 PM. The list is…
How Can NHIs Enhance Overall System Security?
How Can NHIs Serve as the Crucial Backbone in Overall System Protection? What if there was a foolproof method for safeguarding your organization’s systems and data from potential threats? A diligent layer of security that offers complete visibility and control…
Why Proactive NHI Management is a Must?
Is Proactive NHI Management Our Best Bet Against Cyber Threats? The importance of non-human identities (NHIs) in cybersecurity cannot be overstated. These unique identifiers for automated systems and machine-to-machine communication form the bedrock of modern business infrastructure. But how can…
Are Your Cloud Secrets Safe From Threats?
Why Is Secrets Management Crucial for Your Cloud Environment? Do you think your cloud infrastructure is immune to threats? If you believe that solely relying on encrypted passwords, keys, or tokens is enough, you might want to reconsider. My research…