π¦Ώ How to Secure Your Email Via Encryption and Password Management π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
From emailing vendors to communicating with team members, serious business happens in the inbox. That's why it's critical to secure it. These TechRepublic Premium resources can help.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
How to Secure Your Email Via Encryption and Password Management
From emailing vendors to communicating with team members, serious business happens in the inbox.
ποΈ Shadow AI Discovery: A Critical Part of Enterprise AI Governance ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The Harsh Truths of AI Adoption MITs State of AI in Business report revealed that while 40 of organizations have purchased enterprise LLM subscriptions, over 90 of employees are actively using AI tools in their daily work. Similarly, research from Harmonic Security found that 45.4 of sensitive AI interactions are coming from personal email accounts, where employees are bypassing corporate.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
β€1
ποΈ Ukrainian Network FDN3 Launches Massive Brute-Force Attacks on SSL VPN and RDP Devices ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have flagged a Ukrainian IP network for engaging in massive bruteforce and password spraying campaigns targeting SSL VPN and RDP devices between June and July 2025. The activity originated from a Ukrainebased autonomous system FDN3 AS211736, per French cybersecurity company Intrinsec. "We believe with a high level of confidence that FDN3 is part of a wider abusive.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Silver Fox Exploits Microsoft-Signed WatchDog Driver to Deploy ValleyRAT Malware ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The threat actor known as Silver Fox has been attributed to abuse of a previously unknown vulnerable driver associated with WatchDog Antimalware as part of a Bring Your Own Vulnerable Driver BYOVD attack aimed at disarming security solutions installed on compromised hosts. The vulnerable driver in question is "amsdk.sys" version 1.0.600, a 64bit, validly signed Windows kernel device driver.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π UK NCSC Supports Public Disclosure for AI Safeguard Bypass Threats π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The UK National Cyber Security Centre thinks public disclosure programs could help mitigate AI safety threats.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
UK NCSC Supports Public Disclosure for AI Safeguard Bypass Threats
The UK National Cyber Security Centre thinks public disclosure programs could help mitigate AI safety threats
π Jaguar Cyber Incident "Severely Disrupts" Sales and Operations π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Jaguar has proactively shut down systems to mitigate the impact of the incident, amid reports that workers at a UK manufacturing plant had been told to stay at home.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Jaguar Cyber Incident "Severely Disrupts" Sales and Operations
Jaguar has proactively shut down systems to mitigate the impact of the incident, amid reports that workers at a UK manufacturing plant had been told to stay at home
π’ Blackpoint Cyber and NinjaOne partner to bolster MSP cybersecurity π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
The collaboration combines Blackpoint Cybers MDR expertise with NinjaOnes automated endpoint management platform.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ChannelPro
Blackpoint Cyber and NinjaOne partner to bolster MSP cybersecurity
The collaboration combines Blackpoint Cyberβs MDR expertise with NinjaOneβs automated endpoint management platform
π’ The Salesloft Drift victim list keeps growing: Zscaler is the latest to confirm a breach, warning customers to remain wary of follow-up phishing attacks π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
The company has warned customers that their data may have been accessed, saying it's implemented extra safeguards in response.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
The Salesloft Drift victim list keeps growing: Zscaler is the latest to confirm a breach, warning customers to remain wary of followβ¦
The company has warned customers that their data may have been accessed, saying it's implemented extra safeguards in response
π Azure AD Credentials Exposed in Public App Settings File π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Experts have revealed an Azure AD vulnerability exposing ClientId and ClientSecret in a publicly accessible appsettings.json file.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Azure AD Credentials Exposed in Public App Settings File
Experts have revealed an Azure AD vulnerability exposing ClientId and ClientSecret in a publicly accessible appsettings.json file
π Malicious npm Package Masquerades as Popular Email Library π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
A malicious npm package nodejssmtp has been discovered impersonating nodemailer and injecting code to drain crypto wallets.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Malicious npm Package Masquerades as Popular Email Library
A malicious npm package βnodejs-smtpβ has been discovered impersonating nodemailer and injecting code to drain crypto wallets
ποΈ Researchers Warn of MystRodX Backdoor Using DNS and ICMP Triggers for Stealthy Control ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have disclosed a stealthy new backdoor called MystRodX that comes with a variety of features to capture sensitive data from compromised systems. "MystRodX is a typical backdoor implemented in C, supporting features like file management, port forwarding, reverse shell, and socket management," QiAnXin XLab said in a report published last week. "Compared to typical.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π ICE Reinstates Contract with Spyware Vendor Paragon π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The US Immigration agency has resumed a 2m contract with the Graphite spyware developer, now owned by US investor AE Industrial Partners.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
ICE Reinstates Contract with Spyware Vendor Paragon
The US Immigration agency has resumed a $2m contract with the Graphite spyware developer, now owned by US investor AE Industrial Partners
ποΈ Lazarus Group Expands Malware Arsenal With PondRAT, ThemeForestRAT, and RemotePE ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The North Korealinked threat actor known as the Lazarus Group has been attributed to a social engineering campaign that distributes three different pieces of crossplatform malware called PondRAT, ThemeForestRAT, and RemotePE. The attack, observed by NCC Group's FoxIT in 2024, targeted an organization in the decentralized finance DeFi sector, ultimately leading to the compromise of an.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π¦Ώ Top Tech Conferences & Events to Add to Your Calendar in 2025 π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
A great way to stay current with the latest tech trends and innovations is to attend conferences. Read and bookmark TechRepublic's events guide.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Top Tech Conferences & Events to Add to Your Calendar in 2025
Discover the top tech conferences and events to add to your calendar in 2025, and stay updated on the latest trends and innovations.
ποΈ Salesloft Takes Drift Offline After OAuth Token Theft Hits Hundreds of Organizations ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Salesloft on Tuesday announced that it's taking Drift temporarily offline "in the very near future," as multiple companies have been ensnared in a farreaching supply chain attack spree targeting the marketing softwareasaservice product, resulting in the mass theft of authentication tokens. "This will provide the fastest path forward to comprehensively review the application and build.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π¦
How Chinese State-Sponsored APT Actors Exploit Routers for Stealthy Cyber Espionage π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Chinese statesponsored " dataimagecaption"" datamediumfile"httpscyble.comwpcontentuploads202509Chinesestatesponsored300x150.webp" datalargefile"httpscyble.comwpcontentuploads202509Chinesestatesponsored1024x512.webp" title"How Chinese StateSponsored APT Actors Exploit Routers for Stealthy Cyber Espionage 1" Chinese statesponsored cyber espionage campaigns have been reportedly targeting critical sectors across the globe. From telecommunications and government to transportation, lodging, and military operations, cyber actors linked to the Peoples Republic of China PRC are conducting extensive, stealthy operations to infiltrate and control key network devices. This ongoing cyber onslaught has been documented by leading government agencies, revealing a complex web of tactics designed for l...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
Chinese State-Sponsored Group Targets Global Networks
Chinese state-sponsored hackers exploit router vulnerabilities to infiltrate global telecom, government, and military networks in stealthy.
ποΈ CISA Adds TP-Link and WhatsApp Flaws to KEV Catalog Amid Active Exploitation ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday added a highseverity security flaw impacting TPLink TLWA855RE WiFi Ranger Extender products to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The vulnerability, CVE202024363 CVSS score 8.8, concerns a case of missing authentication that could be abused to obtain.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Cloudflare Blocks Record-Breaking 11.5 Tbps DDoS Attack ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cloudflare on Tuesday said it automatically mitigated a recordsetting volumetric distributed denialofservice DDoS attack that peaked at 11.5 terabits per second Tbps. "Over the past few weeks, we've autonomously blocked hundreds of hypervolumetric DDoS attacks, with the largest reaching peaks of 5.1 Bpps and 11.5 Tbps," the web infrastructure and security company said in a post on X. ".π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Brazilian FinTech Giant Sinqia Reveals $130m Heist Attempt π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Evertec subsidiary Sinqia has posted details of an attempt to steal 130m from two B2B partners.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Brazilian Fintech Giant Sinqia Reveals $130m Heist Attempt
Evertec subsidiary Sinqia has posted details of an attempt to steal $130m from two B2B partners
π’ Jaguar Land Rover βdid the right thingβ shutting down systems to thwart cyber attack π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
The attack on Jaguar Land Rover highlights the growing attractiveness of the automotive sector.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
Jaguar Land Rover βdid the right thingβ shutting down systems to thwart cyber attack
The attack on Jaguar Land Rover highlights the growing attractiveness of the automotive sector
ποΈ Iranian Hackers Exploit 100+ Embassy Email Accounts in Global Phishing Targeting Diplomats ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
An Irannexus group has been linked to a "coordinated" and "multiwave" spearphishing campaign targeting the embassies and consulates in Europe and other regions across the world. The activity has been attributed by Israeli cybersecurity company Dream to Iranianaligned operators connected to broader offensive cyber activity undertaken by a group known as Homeland Justice. "Emails were sent to.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity