23174
๐ The finest daily news on cybersecurity and privacy. ๐ Daily releases. ๐ป Is your online life secure? ๐ฉ lalilolalo.dev@gmail.com
๐ต๏ธโโ๏ธ Cyber Career Opportunities: Weighing Certifications vs. Degrees ๐ต๏ธโโ๏ธLongtime CISO Melina Scotto joins Dark Reading to discuss career advice gleaned from her 30 years in the cyber industry.
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
๐ต๏ธโโ๏ธ Cyber Career Opportunities: Weighing Certifications vs. Degrees ๐ต๏ธโโ๏ธLongtime CISO Melina Scotto joins Dark Reading to discuss career advice gleaned from her 30 years in the cyber industry.
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
๐ New Chaos Ransomware Emerges, Launches Wave of Attacks ๐Cisco Talos warned that the Chaos group, thought to be formed of former BlackSuit members, has launched a wave of attacks targeted a variety of sectors.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐ Prolonged Chinese Cyber Espionage Campaign Targets VMware Appliances ๐Sygnia observed Chinese cyber campaign dubbed Fire Ant deploying sophisticated techniques to gain full compromise of victim environments, discovering isolated assets.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ Patchwork Targets Turkish Defense Firms with Spear-Phishing Using Malicious LNK Files ๐๏ธThe threat actor known as Patchwork has been attributed to a new spearphishing campaign targeting Turkish defense contractors with the goal of gathering strategic intelligence. "The campaign employs a fivestage execution chain delivered via malicious LNK files disguised as conference invitations sent to targets interested in learning more about unmanned vehicle systems," Arctic Wolf Labs said.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐ข Can the UK ban ransomware payments? ๐ขAttempts to cut off ransomware group profits could instead harm businesses.
๐ Read more.
๐ Via "ITPro"
----------
๐๏ธ Seen on @cibsecurity
๐ข Can the UK ban ransomware payments? ๐ขAttempts to cut off ransomware group profits could instead harm businesses.
๐ Read more.
๐ Via "ITPro"
----------
๐๏ธ Seen on @cibsecurity
๐ Prolonged Chinese Cyber Espionage Campaign Targets VMware Appliances ๐Sygnia observed Chinese cyber campaign dubbed Fire Ant deploying sophisticated techniques to gain full compromise of victim environments, discovering isolated assets.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐ข Can the UK ban ransomware payments? ๐ขAttempts to cut off ransomware group profits could instead harm businesses.
๐ Read more.
๐ Via "ITPro"
----------
๐๏ธ Seen on @cibsecurity
๐ BlackSuit Ransomware Groupโs Dark Web Sites Seized in Operation Checkmate ๐The US and partners from nine countries have taken down part of the ransomware groups infrastructure.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐ BlackSuit Ransomware Groupโs Dark Web Sites Seized in Operation Checkmate ๐The US and partners from nine countries have taken down part of the ransomware groups infrastructure.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ U.S. Sanctions Firm Behind N. Korean IT Scheme; Arizona Woman Jailed for Running Laptop Farm ๐๏ธThe U.S. Department of the Treasury's Office of Foreign Assets Control OFAC sanctioned a North Korean front company and three associated individuals for their involvement in the fraudulent remote information technology IT worker scheme designed to generate illicit revenues for Pyongyang. The sanctions target Korea Sobaeksu Trading Company aka Sobaeksu United Corporation, and Kim Se Un, Jo.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐ฆ
The Week in Vulnerabilities: Time to Exploit Continues to Fall ๐ฆ
Cyble Vulnerability Intelligence researchers tracked more than 900 vulnerabilities in the last week, and nearly 200 of the disclosed vulnerabilities already have a publicly available ProofofConcept PoC, as the time between disclosure and exploitation continues to shrink.ย Cyble threat intelligence researchers also observed threat actors on underground forums discussing vulnerability exploits and PoCs, and Cyble honeypot sensors detected attack attempts on dozens of vulnerabilities.ย What follows are some of the more significant IT and industrial control system ICS vulnerabilities flagged by Cyble in reports to clients in the last week, making the flaws a high priority for security teams to address.ย The Weeks Top IT Vulnerabilitiesย The vulnerability thats perhaps drawn the mo...
๐ Read more.
๐ Via "CYBLE"
----------
๐๏ธ Seen on @cibsecurity
๐ข ExpressVPN updates Windows app to fix vulnerability ๐ขThe flaw was reported through ExpressVPN's bug bounty program.
๐ Read more.
๐ Via "ITPro"
----------
๐๏ธ Seen on @cibsecurity
๐ Russian Threat Actors Target NGOs with New OAuth Phishing Tactics ๐A new wave of phishing attacks exploiting Microsoft 365 OAuth tools has been observed impersonating diplomats to steal access codes.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ Soco404 and Koske Malware Target Cloud Services with Cross-Platform Cryptomining Attacks ๐๏ธThreat hunters have disclosed two different malware campaigns that have targeted vulnerabilities and misconfigurations across cloud environments to deliver cryptocurrency miners. The threat activity clusters have been codenamed Soco404 and Koske by cloud security firms Wiz and Aqua, respectively. Soco404 "targets both Linux and Windows systems, deploying platformspecific malware," Wiz.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐ต๏ธโโ๏ธ Cyber Career Opportunities: Weighing Certifications vs. Degrees ๐ต๏ธโโ๏ธLongtime CISO Melina Scotto joins Dark Reading to discuss career advice gleaned from her 30 years in the cyber industry.
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ Cyber Espionage Campaign Hits Russian Aerospace Sector Using EAGLET Backdoor ๐๏ธRussian aerospace and defense industries have become the target of a cyber espionage campaign that delivers a backdoor called EAGLET to facilitate data exfiltration. The activity, dubbed Operation CargoTalon, has been assigned to a threat cluster tracked as UNG0901 short for Unknown Group 901. "The campaign is aimed at targeting employees of Voronezh Aircraft Production Association VASO, one.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐ Automation QA Engineer ๐The post Automation QA Engineer appeared first on UnderDefense.
๐ Read more.
๐ Via "UnderDefense"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ U.S. Sanctions Firm Behind N. Korean IT Scheme; Arizona Woman Jailed for Running Laptop Farm ๐๏ธThe U.S. Department of the Treasury's Office of Foreign Assets Control OFAC sanctioned a North Korean front company and three associated individuals for their involvement in the fraudulent remote information technology IT worker scheme designed to generate illicit revenues for Pyongyang. The sanctions target Korea Sobaeksu Trading Company aka Sobaeksu United Corporation, and Kim Se Un, Jo.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ Patchwork Targets Turkish Defense Firms with Spear-Phishing Using Malicious LNK Files ๐๏ธThe threat actor known as Patchwork has been attributed to a new spearphishing campaign targeting Turkish defense contractors with the goal of gathering strategic intelligence. "The campaign employs a fivestage execution chain delivered via malicious LNK files disguised as conference invitations sent to targets interested in learning more about unmanned vehicle systems," Arctic Wolf Labs said.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐ BlackSuit Ransomware Groupโs Dark Web Sites Seized in Operation Checkmate ๐The US and partners from nine countries have taken down part of the ransomware groups infrastructure.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ U.S. Sanctions Firm Behind N. Korean IT Scheme; Arizona Woman Jailed for Running Laptop Farm ๐๏ธThe U.S. Department of the Treasury's Office of Foreign Assets Control OFAC sanctioned a North Korean front company and three associated individuals for their involvement in the fraudulent remote information technology IT worker scheme designed to generate illicit revenues for Pyongyang. The sanctions target Korea Sobaeksu Trading Company aka Sobaeksu United Corporation, and Kim Se Un, Jo.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐ Senior Apple Software Engineer ๐The post Senior Apple Software Engineer appeared first on UnderDefense.
๐ Read more.
๐ Via "UnderDefense"
----------
๐๏ธ Seen on @cibsecurity
๐ข Can the UK ban ransomware payments? ๐ขAttempts to cut off ransomware group profits could instead harm businesses.
๐ Read more.
๐ Via "ITPro"
----------
๐๏ธ Seen on @cibsecurity
๐ BlackSuit Ransomware Groupโs Dark Web Sites Seized in Operation Checkmate ๐The US and partners from nine countries have taken down part of the ransomware groups infrastructure.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ U.S. Sanctions Firm Behind N. Korean IT Scheme; Arizona Woman Jailed for Running Laptop Farm ๐๏ธThe U.S. Department of the Treasury's Office of Foreign Assets Control OFAC sanctioned a North Korean front company and three associated individuals for their involvement in the fraudulent remote information technology IT worker scheme designed to generate illicit revenues for Pyongyang. The sanctions target Korea Sobaeksu Trading Company aka Sobaeksu United Corporation, and Kim Se Un, Jo.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐ BlackSuit Ransomware Groupโs Dark Web Sites Seized in Operation Checkmate ๐The US and partners from nine countries have taken down part of the ransomware groups infrastructure.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ CISA Orders Urgent Patching After Chinese Hackers Exploit SharePoint Flaws in Live Attacks ๐๏ธThe U.S. Cybersecurity and Infrastructure Security Agency CISA, on July 22, 2025, added two Microsoft SharePoint flaws, CVE202549704 and CVE202549706, to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. To that end, Federal Civilian Executive Branch FCEB agencies are required to remediate identified vulnerabilities by July 23, 2025. "CISA is.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ Microsoft Links Ongoing SharePoint Exploits to Three Chinese Hacker Groups ๐๏ธMicrosoft has formally tied the exploitation of security flaws in internetfacing SharePoint Server instances to two Chinese hacking groups called Linen Typhoon and Violet Typhoon as early as July 7, 2025, corroborating earlier reports. The tech giant said it also observed a third Chinabased threat actor, which it tracks as Storm2603, weaponizing the flaws as well to obtain initial access to.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity