🖋️ Unpatched Versa Concerto Flaws Let Attackers Escape Docker and Compromise Host 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Cybersecurity researchers have uncovered multiple critical security vulnerabilities impacting the Versa Concerto network security and SDWAN orchestration platform that could be exploited to take control of susceptible instances. It's worth noting that the identified shortcomings remain unpatched despite responsible disclosure on February 13, 2025, prompting a public release of the issues.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
📔 #Infosec2025: NCC Group Expert Warns UK Firms to Prepare for Cyber Security and Resilience Bill 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
UK businesses should start to plan for required changes to their cybersecurity programs ahead of the Cyber Security and Resilience Bill.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
NCC Group Expert Warns UK Firms to Prepare for New Cybersecurity Bill
UK businesses should start to plan for required changes to their cybersecurity programs ahead of the Cyber Security and Resilience Bill
🖋️ FBI and Europol Disrupt Lumma Stealer Malware Network Linked to 10 Million Infections 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
A sprawling operation undertaken by global law enforcement agencies and a consortium of private sector firms has disrupted the online infrastructure associated with a commodity information stealer known as Lumma aka LummaC or LummaC2, seizing 2,300 domains that acted as the commandandcontrol C2 backbone to commandeer infected Windows systems. "Malware like LummaC2 is deployed to steal.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🚨 UK and allies expose Russian intelligence campaign targeting western logistics and technology organisations 🚨
📖 Read more.
🔗 Via "UK NCSC"
----------
👁️ Seen on @cibsecurity
Organisations urged to familiarise themselves with the threat and take immediate action to protect themselves.📖 Read more.
🔗 Via "UK NCSC"
----------
👁️ Seen on @cibsecurity
www.ncsc.gov.uk
UK and allies expose Russian intelligence campaign targeting western logistics and technology organisations
Organisations urged to familiarise themselves with the threat and take immediate action to protect themselves.
🖋️ CISA Warns of Suspected Broader SaaS Attacks Exploiting App Secrets and Cloud Misconfigs 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday revealed that Commvault is monitoring cyber threat activity targeting applications hosted in their Microsoft Azure cloud environment. "Threat actors may have accessed client secrets for Commvault's Metallic Microsoft 365 M365 backup softwareasaservice SaaS solution, hosted in Azure," the agency said. "This.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ GitLab Duo Vulnerability Enabled Attackers to Hijack AI Responses with Hidden Prompts 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Cybersecurity researchers have discovered an indirect prompt injection flaw in GitLab's artificial intelligence AI assistant Duo that could have allowed attackers to steal source code and inject untrusted HTML into its responses, which could then be used to direct victims to malicious websites. GitLab Duo is an artificial intelligence AIpowered coding assistant that enables users to write,.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ U.S. Dismantles DanaBot Malware Network, Charges 16 in $50M Global Cybercrime Operation 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
The U.S. Department of Justice DoJ on Thursday announced the disruption of the online infrastructure associated with DanaBot aka DanaTools and unsealed charges against 16 individuals for their alleged involvement in the development and deployment of the malware, which it said was controlled by a Russiabased cybercrime organization. The malware, the DoJ said, infected more than 300,000.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🌊 Sixteen Doors In: A Red Team Tale of Phishing, Certificates, and Domain Takeover 🌊
📖 Read more.
🔗 Via "UnderDefense"
----------
👁️ Seen on @cibsecurity
What happens when one phishing email opens sixteen different doors into a targets environment? In this realworld red team operation, our experts used minimal resources to simulate how an attacker could move from a single email to full domain takeover, without triggering a single alert. This isnt your average we got in story. Its a The post Sixteen Doors In A Red Team Tale of Phishing, Certificates, and Domain Takeover appeared first on UnderDefense.📖 Read more.
🔗 Via "UnderDefense"
----------
👁️ Seen on @cibsecurity
UnderDefense
Sixteen Doors In: A Red Team Tale of Phishing, Certificates, and Domain Takeover - UnderDefense
Discover how a phishing attack led to domain takeover and certificate abuse in this detailed study. Learn key lessons, red flags, and how to strengthen your defenses against similar threats.
📔 DragonForce Engages in "Turf War" for Ransomware Dominance 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Sophos has observed DragonForce attacking rival ransomware operators including RansomHub as it seeks to expand its reach in the cybercrime marketplace.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
DragonForce Engages in "Turf War" for Ransomware Dominance
Sophos has observed DragonForce attacking rival ransomware operators including RansomHub as it seeks to expand its reach in the cybercrime marketplace
📢 It's been a bad week for ransomware operators 📢
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
A host of ransomware strains have been neutralized, servers seized, and key players indicted.📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
IT Pro
It's been a bad week for ransomware operators
A host of ransomware strains have been neutralized, servers seized, and key players indicted
🖋️ SafeLine WAF: Open Source Web Application Firewall with Zero-Day Detection and Bot Protection 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
From zeroday exploits to largescale bot attacks the demand for a powerful, selfhosted, and userfriendly web application security solution has never been greater. SafeLine is currently the most starred opensource Web Application Firewall WAF on GitHub, with over 16.4K stars and a rapidly growing global user base. This walkthrough covers what SafeLine is, how it works, and why its.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
📔 Law Enforcement Busts Initial Access Malware Used to Launch Ransomware 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
A new Europolled operation has dismantled infrastructure for key initial access malware used to launch ransomware attacks.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Law Enforcement Busts Initial Access Malware Used to Launch Ransomware
A new Europol-led operation has dismantled infrastructure for key initial access malware used to launch ransomware attacks
📔 Global Dark Web Sting Sees 270 Arrested 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Operation Raptor also resulted in the seizure of 184m and a record amount of illegal drugs, firearms and drug trafficking proceeds.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Global Dark Web Sting Sees 270 Arrested
Operation Raptor also resulted in the seizure of $184m and a record amount of illegal drugs, firearms and drug trafficking proceeds
🦅 The Week in Vulnerabilities: Firefox, Roundcube and ICS Flaws Flagged by Cyble 🦅
📖 Read more.
🔗 Via "CYBLE"
----------
👁️ Seen on @cibsecurity
Cyble The Week in Vulnerabilities Firefox, Roundcube and ICS Flaws Flagged by Cyble " dataimagecaption"Cyble The Week in Vulnerabilities Firefox, Roundcube and ICS Flaws Flagged by Cyble " datamediumfile"httpscyble.comwpcontentuploads202505CybleBlogsITVulnerability300x150.jpg" datalargefile"httpscyble.comwpcontentuploads202505CybleBlogsITVulnerability.jpg" title"The Week in Vulnerabilities Firefox, Roundcube and ICS Flaws Flagged by Cyble 1" Cyble vulnerability intelligence researchers investigated nearly 100 IT and industrial control system ICS vulnerabilities this week and flagged eight as meriting highpriority attention by security teams including two targeted by Russian threat actors. In all, Cyble investigated 21 IT vulnerabilities this week, 68 ICS vulnerabilities, and eight v...📖 Read more.
🔗 Via "CYBLE"
----------
👁️ Seen on @cibsecurity
Cyble
Critical IT Vulnerabilities Flagged In Latest Cyble Report
Cyble highlights major IT vulnerabilities and ICS flaws, including those exploited by threat actors. Security teams urged to prioritize critical patches.
👍1
🖋️ 300 Servers and €3.5M Seized as Europol Strikes Ransomware Networks Worldwide 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
As part of the latest "season" of Operation Endgame, a coalition of law enforcement agencies have taken down about 300 servers worldwide, neutralized 650 domains, and issued arrest warrants against 20 targets. Operation Endgame, first launched in May 2024, is an ongoing law enforcement operation targeting services and infrastructures assisting in or directly providing initial or consolidating.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🤔1
🖋️ ViciousTrap Uses Cisco Flaw to Build Global Honeypot from 5,300 Compromised Devices 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Cybersecurity researchers have disclosed that a threat actor codenamed ViciousTrap has compromised nearly 5,300 unique network edge devices across 84 countries and turned them into a honeypotlike network. The threat actor has been observed exploiting a critical security flaw impacting Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers CVE202320118 to corral them into.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🕵️♂️ Critical Bugs Left Unpatched in Versa's Concerto Tool 🕵️♂️
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Three zerodays allow an attacker to completely compromise the Concerto application and the host system running it. The vendor has yet to address the issues after being notified three months ago.📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Darkreading
Critical Bugs Left Unpatched in Versa's Concerto Tool
Three zero-days allow an attacker to completely compromise the Concerto application and the host system running it. The vendor has yet to address the issues after being notified three months ago.
🕵️♂️ Rethinking Data Privacy in the Age of Generative AI 🕵️♂️
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
The key to navigating this new GenAI landscape is a balanced approach one that fosters transparency, strengthens regulatory frameworks, and embraces privacyenhancing technologies.📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Darkreading
Rethinking Data Privacy in the Age of Generative AI
The key to navigating this new GenAI landscape is a balanced approach — one that fosters transparency, strengthens regulatory frameworks, and embraces privacy-enhancing technologies.
👍1
📢 US healthcare firm postponed procedures after cyber attack knocked systems offline 📢
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
The incident at Kettering Health disrupted procedures for patients.📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
IT Pro
US healthcare firm postponed procedures after cyber attack knocked systems offline
The incident at Kettering Health disrupted procedures for patients
🚀 Danabot: Analyzing a fallen empire 🚀
📖 Read more.
🔗 Via "ESET - WeLiveSecurity"
----------
👁️ Seen on @cibsecurity
ESET Research shares its findings on the workings of Danabot, an infostealer recently disrupted in a multinational law enforcement operation.📖 Read more.
🔗 Via "ESET - WeLiveSecurity"
----------
👁️ Seen on @cibsecurity
Welivesecurity
Danabot: Analyzing a fallen empire
ESET Research shares its findings on the workings of Danabot, an infostealer recently disrupted in a multinational law enforcement operation.
🌊 12 Top Threat Detection Tools That Cybersecurity Pros Are Using in 2025 🌊
📖 Read more.
🔗 Via "UnderDefense"
----------
👁️ Seen on @cibsecurity
Cyber threats are getting faster, smarter, and bolderand so should your threat detection tools to fight them. Slow threat detection and response lead to data loss, reputational damage, regulatory fines, and costly downtime. Add to it alert fatigue, understaffed security teams, and disconnected tools, and youre facing a perfect risk storm with limited time to The post 12 Top Threat Detection Tools That Cybersecurity Pros Are Using in 2025 appeared first on UnderDefense.📖 Read more.
🔗 Via "UnderDefense"
----------
👁️ Seen on @cibsecurity
UnderDefense
12 Best Threat Detection Tools for Cybersecurity
Discover the latest threat detection tools that cybersecurity experts are choosing today to secure their environments.