A Russia-linked hacking group known as COLDRIVER is showing signs of a heightened operations tempo, according to Google Threat Intelligence Group (GTIG). The post Google Finds New Russian Malware first appeared on CyberMaterial. This article has been indexed from CyberMaterial…
Tag: EN
PolarEdge Expands Router Botnet
Cybersecurity researchers have recently detailed the inner workings of a potent botnet malware known as PolarEdge. First identified by Sekoia in February 2025 The post PolarEdge Expands Router Botnet first appeared on CyberMaterial. This article has been indexed from CyberMaterial…
SharkStealer Adopts EtherHiding Technique for C2 Communication Evasion
SharkStealer, a Golang-based information stealer, has been observed leveraging the Binance Smart Chain (BSC) Testnet as a covert dead-drop mechanism for command-and-control (C2) communications. By adopting an “EtherHiding” pattern, the malware retrieves encrypted C2 details from smart contracts through Ethereum…
Azure Apps Vulnerability Lets Hackers Create Malicious Apps Mimicking Microsoft Teams
Security flaws in Microsoft’s Azure ecosystem enable cybercriminals to create deceptive applications that imitate official services like the “Azure Portal”. Varonis found that Azure’s safeguards, designed to block reserved names for cross-tenant apps, could be bypassed using invisible Unicode characters.…
Russian APT Switches to New Backdoor After Malware Exposed by Researchers
Star Blizzard started using the NoRobot (BaitSwitch) and MaybeRobot (SimpleFix) malware after public reporting on the LostKeys malware. The post Russian APT Switches to New Backdoor After Malware Exposed by Researchers appeared first on SecurityWeek. This article has been indexed…
Retail Cyberattacks Reveal Hidden Weaknesses In Supply Chain Security
Cyberattacks on UK retailers show rising supply chain risks. Learn how zero-trust, vendor vetting, and continuous monitoring strengthen cyber resilience. The post Retail Cyberattacks Reveal Hidden Weaknesses In Supply Chain Security appeared first on Security Boulevard. This article has been…
Rubrik Agent Cloud speeds enterprise AI with built-in security and guardrails
Rubrik announced the launch of the Rubrik Agent Cloud to accelerate enterprise AI agent adoption while managing risk of AI deployments. AI transformation is now mandatory for most organizations. However, IT leaders are constrained because agentic AI has significant risks…
Attackers turn trusted OAuth apps into cloud backdoors
Attackers are increasingly abusing internal OAuth-based applications to gain persistent access to cloud environments, Proofpoint researchers warn. These apps often remain unnoticed for quite some time and allow attackers to maintain access to high-privileged accounts even after passwords are reset…
Bridging the Remediation Gap: Introducing Pentera Resolve
From Detection to Resolution: Why the Gap Persists A critical vulnerability is identified in an exposed cloud asset. Within hours, five different tools alert you about it: your vulnerability scanner, XDR, CSPM, SIEM, and CMDB each surface the issue in…
Hackers Exploit Microsoft 365 Direct Send to Evade Filters and Steal Data
Cybercriminals are increasingly exploiting a legitimate Microsoft 365 feature designed for enterprise convenience, turning Exchange Online’s Direct Send into a dangerous vector for phishing campaigns and business email compromise attacks. Security researchers across the industry are sounding the alarm as…
What Makes a Great Field CXO: Lessons from the Front Lines
If you are recruiting for a Field CISO, Field CTO, etc., or are looking to leverage a resource at your company in one of these roles, what are some things you should be aware of? The post What Makes a…
Phishing Scams Weaponize Common Apps to Fool Users
From fake PDFs to AI voice scams, phishing attacks are evolving fast. Learn key tactics and defenses to protect against fraud, identity theft, and account loss. The post Phishing Scams Weaponize Common Apps to Fool Users appeared first on Security…
JLR Hack UK’s Costliest Ever, Hitting Economy with £1.9bn Loss
The Cyber Monitoring Centre has classified the cyber-attack against Jaguar Land Rover as a “systemic cyber event” This article has been indexed from www.infosecurity-magazine.com Read the original article: JLR Hack UK’s Costliest Ever, Hitting Economy with £1.9bn Loss
Hackers Use ASP.NET Machine Keys to Break Into IIS, Push Malicious Extensions
In September 2025, Texas A&M University System (TAMUS) Cybersecurity, a managed detection and response provider, in collaboration with Elastic Security Labs, uncovered a sophisticated post-exploitation campaign by a Chinese-speaking threat actor. Using this method, the attackers installed a malicious IIS…
Failures in Face Recognition
Interesting article on people with nonstandard faces and how facial recognition systems fail for them. Some of those living with facial differences tell WIRED they have undergone multiple surgeries and experienced stigma for their entire lives, which is now being…
Fencing and Pet Company Jewett-Cameron Hit by Ransomware
Jewett-Cameron Company says hackers stole sensitive information and are threatening to release it unless a ransom is paid. The post Fencing and Pet Company Jewett-Cameron Hit by Ransomware appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Jaguar Land Rover cyber-meltdown tipped to cost the UK almost £2B
That’s a lot of extended warranties The Jaguar Land Rover (JLR) cyberattack could end up being the costliest such incident in UK history, billed at an estimated £1.9 billion and affecting over 5,000 organizations.… This article has been indexed from…
How Proxies Help Combat Data Scraping and Fraud
Proxies block malicious bots, prevent data scraping, and detect proxy-aided fraud by filtering traffic and enforcing centralized security policies. The post How Proxies Help Combat Data Scraping and Fraud appeared first on Security Boulevard. This article has been indexed from…
China’s DNA Data Bank Initiative Sparks Debate on Privacy and Surveillance
Xilinhot, Inner Mongolia, a northern city that has been subject to widespread scrutiny as a result of a police initiative that has reignited debate over privacy and government surveillance, has recently received widespread attention from the Chinese public. In…
Axoflow Security Data Layer unifies data pipeline, storage, and analytics for security team
Axoflow has launched its Security Data Layer, extending its pipeline offering with multiple storage solutions. The Security Data Layer addresses challenges in log management, SIEM optimization, pipeline reliability, and data accessibility. In addition to a full-fledged security data pipeline that…