π΅οΈββοΈ Accused Snowflake Attacker 'Judische' Agrees to US Extradition π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Though there is no confirmation as to when this extradition will occur, Alexander Moucka agreed to be transferred in writing before a judge.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Accused Snowflake Attacker 'Judische' Agrees to US Extradition
Though there is no confirmation as to when this extradition will occur, Moucka agreed to be transferred in writing before a judge.
π΅οΈββοΈ 5 Considerations for a Data Loss Prevention Rollout π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Strong DLP can be a gamechanger but it can also become a slowmoving, overcomplicated mess if not executed properly.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
5 Considerations for a Data Loss Prevention Rollout
Strong DLP can be a game-changer β but it can also become a slow-moving, overcomplicated mess if not executed properly.
π΅οΈββοΈ Meet the Low-Key Access Broker Supercharging Russian State Cybercrime π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Raspberry Robin breaks into organizations and sells access to Russian threat actors, including the military cyber unit behind attempted coups, assassinations, and influence operations throughout Europe.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Meet the Access Broker Supercharging Russian Cybercrime
Raspberry Robin breaks into organizations and sells access to Russian threat actors, including the military cyber unit behind attempted coups, assassinations, and influence operations throughout Europe.
π΅οΈββοΈ 23andMe Bankruptcy Filing May Put Sensitive Data at Risk π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Security experts worry the company's Chapter 11 status and aim to sell its assets could allow threat actors to exploit and misuse the genetic information it collected.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
23andMe Bankruptcy Filing May Put Sensitive Data at Risk
The company's Chapter 11 status and plans to sell its assets could allow threat actors to exploit and misuse the genetic information it collected.
π¦Ώ After Detecting 30B Phishing Attempts, Microsoft Adds Even More AI to Its Security Copilot π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Microsoft is partnering with top firms to launch new AI security tools, boosting breach analysis, threat detection, and AI model protection across cloud platforms.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
After Detecting 30B Phishing Attempts, Microsoft Adds Even More AI to Its Security Copilot
Microsoft is partnering with top firms to launch new AI security tools, boosting breach analysis, threat detection, and AI model protection across cloud platforms.
π1
π¦Ώ Europol Warns Criminal Networks Are Embracing AI, Making Fraud Smarter and Harder to Detect π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
The same qualities that make AI revolutionary accessibility, adaptability and sophistication also make it a powerful tool for criminal networks, Europol says.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Europol Warns Criminal Networks Are Embracing AI, Making Fraud Smarter and Harder to Detect
βThe same qualities that make AI revolutionary β accessibility, adaptability and sophistication β also make it a powerful tool for criminal networks,β Europol says.
π1
ποΈ Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Google has released outofband fixes to address a highseverity security flaw in its Chrome browser for Windows that it said has been exploited in the wild as part of attacks targeting organizations in Russia. The vulnerability, tracked as CVE20252783, has been described as a case of "incorrect handle provided in unspecified circumstances in Mojo on Windows." Mojo refers to a.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ New Security Flaws Found in VMware Tools and CrushFTP β High Risk, No Workaround ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Broadcom has issued security patches to address a highseverity security flaw in VMware Tools for Windows that could lead to an authentication bypass. Tracked as CVE202522230, the vulnerability is rated 7.8 on the tenpoint Common Vulnerability Scoring System CVSS. "VMware Tools for Windows contains an authentication bypass vulnerability due to improper access control," Broadcom said in an.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Researchers Uncover ~200 Unique C2 Domains Linked to Raspberry Robin Access Broker ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A new investigation has unearthed nearly 200 unique commandandcontrol C2 domains associated with a malware called Raspberry Robin. "Raspberry Robin also known as Roshtyak or Storm0856 is a complex and evolving threat actor that provides initial access broker IAB services to numerous criminal groups, many of which have connections to Russia," Silent Push said in a report shared with The.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Chinese Hackers Breach Asian Telecom, Remain Undetected for Over 4 Years ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A major telecommunications company located in Asia was allegedly breached by Chinese statesponsored hackers who spent over four years inside its systems, according to a new report from incident response firm Sygnia. The cybersecurity company is tracking the activity under the name Weaver Ant, describing the threat actor as stealthy and highly persistent. The name of the telecom provider was not.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ AI-Powered SaaS Security: Keeping Pace with an Expanding Attack Surface ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Organizations now use an average of 112 SaaS applicationsa number that keeps growing. In a 2024 study, 49 of 644 respondents who frequently used Microsoft 365 believed that they had less than 10 apps connected to the platform, despite the fact that aggregated data indicated over 1,000 Microsoft 365 SaaStoSaaS connections on average per deployment. And thats just one major SaaS provider.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Hackers Use .NET MAUI to Target Indian and Chinese Users with Fake Banking, Social Apps ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers are calling attention to an Android malware campaign that leverages Microsoft's .NET Multiplatform App UI .NET MAUI framework to create bogus banking and social media apps targeting Indian and Chinesespeaking users. "These threats disguise themselves as legitimate apps, targeting users to steal sensitive information," McAfee Labs researcher Dexter Shin said. .NET.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π New Android Malware Uses .NET MAUI to Evade Detection π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
McAfee researchers have identified a new wave of Android malware campaigns leveraging .NET MAUI to steal sensitive user information through fake apps.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
New Android Malware Uses .NET MAUI to Evade Detection
McAfee researchers have identified a new wave of Android malware campaigns leveraging .NET MAUI to steal sensitive user information through fake apps
π Cybercriminals Use Atlantis AIO to Target 140+ Platforms π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Cybercriminals are increasingly leveraging Atlantis AIO, which automates credential stuffing attacks across more than 140 platforms.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Cybercriminals Use Atlantis AIO to Target 140+ Platforms
Cybercriminals are increasingly leveraging Atlantis AIO, which automates credential stuffing attacks across more than 140 platforms
π NIST Warns of Significant Limitations in AI/ML Security Mitigations π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
NIST has urged more research and emphasis on developing mitigations for attacks on AI and ML systems.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
NIST Warns of Significant Limitations in AI/ML Security Mitigations
NIST has urged more research and emphasis on developing mitigations for attacks on AI and ML systems
π China-Linked Weaver Ant Hackers Exposed After Four-Year Telco Infiltration π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Sygnia has uncovered Weaver Ant, a Chinese threat actor that spied on telecommunications networks for years.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
China-Linked Weaver Ant Hackers Exposed After Four-Year Telco Infiltration
Sygnia has uncovered Weaver Ant, a Chinese threat actor that spied on telecommunications networks for years
π Dark Web Mentions of Malicious AI Tools Spike 200% π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Kela researchers detect a 200 increase in dark web chatter about malicious AI tools.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Dark Web Mentions of Malicious AI Tools Spike 200%
Kela researchers detect a 200%+ increase in dark web chatter about malicious AI tools
π IngressNightmare: Four Critical Bugs Found in 40% of Cloud Systems π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Wiz Security finds four critical RCE vulnerabilities in the Ingress NGINX Controller for Kubernetes.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
IngressNightmare: Four Critical Bugs Found in 40% of Cloud Systems
Wiz Security finds four critical RCE vulnerabilities in Ingress NGINX Controller for Kubernetes
π΅οΈββοΈ Public-Private Ops Net Big Wins Against African Cybercrime π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Three cybersecurity firms worked with Interpol and authorities in Nigeria, South Africa, Rwanda, and four other African nations to arrest more than 300 cybercriminals.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Public-Private Ops Net Big Wins Against African Cybercrime
Three cybersecurity firms worked with Interpol and authorities in Nigeria, South Africa, Rwanda, and four other African nations to arrest more than 300 cybercriminals.
π’ Have I Been Pwned owner Troy Huntβs mailing list compromised in phishing attack π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Troy Hunt, the security blogger behind databreach site Have I Been Pwned, has fallen victim to a phishing attack targeting his email subscriber list.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
Have I Been Pwned owner Troy Huntβs mailing list compromised in phishing attack
Industry experts say the incident shows even seasoned professionals can fall victim
ποΈ Hackers Using E-Crime Tool Atlantis AIO for Credential Stuffing on 140+ Platforms ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Threat actors are leveraging an ecrime tool called Atlantis AIO MultiChecker to automate credential stuffing attacks, according to findings from Abnormal Security. Atlantis AIO "has emerged as a powerful weapon in the cybercriminal arsenal, enabling attackers to test millions of stolen credentials in rapid succession," the cybersecurity company said in an analysis. Credential stuffing is a.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity