🚨 CISA KEV 1[−]
30 Jun KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2025-6543 Citrix NetScaler ADC and Gateway Buffer Overflow Vulnerability These types of vulnerabilities are frequent attack vecto…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 7[−]
30 JunSynology ABM Vulnerability Leaks Microsoft 365 Sensitive InformationA critical vulnerability in Synology’s Active Backup for Microsoft 365 (ABM) has exposed sensitive data from Microsoft 365 tenants worldwide, potentially impacting over a million organizations relying on the popular backup solution. The flaw, tracked as CVE-2025-4679, a…GBHACKERS.COM
30 Jun KEVBeyond CVE: The hunt for other sources of vulnerability intelThe recent brief scare over the potential discontinuation of the Common Vulnerabilities and Exposures (CVE) program highlighted the security industry’s heavy reliance on it and sparked discussions on contingency strategies should the standardized vulnerability identification and …CSOONLINE.COM
30 JunIBM WebSphere Application Server Vulnerability Allows Remote Code ExecutionA critical security vulnerability, tracked as CVE-2025-36038, has been discovered in IBM WebSphere Application Server, exposing organizations to the risk of remote code execution by unauthenticated attackers. This flaw, which affects widely deployed versions 8.5 and 9.0, is rated…GBHACKERS.COM
30 JunGefährliche Lücke in Brother DruckernEine Schwachstelle in Brother Druckern zur Umgehung der Authentifizierung kann mit einer anderen Lücke gekoppelt werden, um Remotecode auf den betroffenen Geräten auszuführen. VGV MEDIA Brother Industries hat mit einer kritischen Sicherheitslücke zu kämpfen, die Hunderte verschie…CSOONLINE.COM
30 Jun KEVPatch now: Citrix Bleed 2 vulnerability actively exploited in the wildCitrix users are back in the crosshairs, as a new out-of-bounds read vulnerability, reminiscent of the notorious “Citrix Bleed,” has surfaced with signs already pointing to active exploitation. The vulnerability tracked as CVE-2025-5777 and dubbed “Citrix Bleed 2” by the research…CSOONLINE.COM
30 JunHackers Leverage Critical Langflow Flaw to Deploy Flodrix Botnet and Seize System ControlA sophisticated cyberattack campaign has emerged, exploiting a critical vulnerability in Langflow, a widely-used Python-based framework for building AI applications, to deploy the destructive Flodrix botnet. Identified as CVE-2025-3248 and carrying a near-perfect CVSS score of 9.…GBHACKERS.COM
30 JunCISA and Partners Urge Critical Infrastructure to Stay Vigilant in the Current Geopolitical EnvironmentToday, CISA, in collaboration with the Federal Bureau of Investigation (FBI), the Department of Defense Cyber Crime Center (DC3), and the National Security Agency (NSA), released a Fact Sheet urging organizations to remain vigilant against potential targeted cyber operations by I…CISA.GOV
⚠️ VULNERABILITY DISCLOSURE 23[−]
30 JunDie besten XDR-Toolssrcset="https://b2b-contenthub.com/wp-content/uploads/2025/02/original2cso_ArtemisDiana.jpg?quality=50&strip=all 6500w, https://b2b-contenthub.com/wp-content/uploads/2025/02/original2cso_ArtemisDiana.jpg?resize=300%2C168&quality=50&strip=all 300w, https://b2b-contenth…CSOONLINE.COM
30 JunHackers Exploit Bluetooth Flaws to Eavesdrop via Headphones and EarbudsIn a major security revelation, researchers have uncovered critical vulnerabilities in millions of Bluetooth headphones and earbuds, enabling hackers to eavesdrop on conversations, hijack devices, and access sensitive data—all without user authentication or pairing. The flaws, di…GBHACKERS.COM
30 JunCriminal Organizations Exploit UTS, Airlines Hit by Cyber Attacks, and Supreme Court Upholds Porn ID LawIn today's episode of Cybersecurity Today, hosted by David Shipley, a report from the US Department of Justice unveils how criminal organizations use Ubiquitous Technical Surveillance (UTS) to track and kill FBI informants. Hawaiian Airlines experiences a cyber attack, potentiall…CYBERSECURITYTODAY.LIBSYN.COM
30 JunRDP Under Siege: How RansomHub Uses Mimikatz and IP Scanners to Breach NetworksA threat actor using the RansomHub ransomware carried out a painstakingly planned attack beginning in November 2024 in a terrifying cyber intrusion that was recently reported by DFIR Labs. The assault began with a password spray attack targeting an exposed Remote Desktop Protocol…GBHACKERS.COM
30 JunNew Report Reveals Exploited Vulnerabilities as Leading Cause of Ransomware Attacks on OrganizationsA groundbreaking report titled “The State of Ransomware 2025” by Sophos, released in June 2025, has shed light on the persistent and evolving threat of ransomware attacks targeting organizations worldwide. The study, based on responses from 3,400 victims, identifies e…GBHACKERS.COM
30 JunCybercriminals take malicious AI to the next levelCybercriminals have begun refining malicious large language models (LLMs) using underground forum posts and breach dumps to tailor AI models for specific fraud schemes, threat intel firm Flashpoint warns. More specifically, fraudsters are fine-tuning illicit LLMs — including Worm…CSOONLINE.COM
30 JunMicrosoft hints at revoking access to the Windows kernel — eventuallyAs Microsoft watchers know, the software giant’s exact words don’t always say what the company means. Last Thursday delivered another example of that, as Microsoft tried to dance around the politically explosive Windows kernel access issue. Cybersecurity executives working with M…CSOONLINE.COM
30 JunCritical D-Link Router Flaws Allow Remote Code Execution by AttackersA series of critical security vulnerabilities have been identified in D-Link DIR-816 routers, exposing users worldwide to the risk of remote code execution and network compromise. The flaws affect all hardware revisions and firmware versions of the DIR-816 (non-US), which h…GBHACKERS.COM
30 JunRIFT: Open-Source Rust Malware Analyzer Released by MicrosoftAs cybercriminals and nation-state actors increasingly turn to the Rust programming language for malware development, Microsoft’s Threat Intelligence Center has unveiled a powerful new open-source tool called RIFT to help security analysts combat this growing threat. Rust, renown…GBHACKERS.COM
30 JunLeveraging Credentials As Unique Identifiers: A Pragmatic Approach To NHI InventoriesIdentity-based attacks are on the rise. Attacks in which malicious actors assume the identity of an entity to easily gain access to resources and sensitive data have been increasing in number and frequency over the last few years. Some recent reports estimate that 83% of attacks …THEHACKERNEWS.COM
30 Jun⚡ Weekly Recap: Airline Hacks, Citrix 0-Day, Outlook Malware, Banking Trojans and moreEver wonder what happens when attackers don’t break the rules—they just follow them better than we do? When systems work exactly as they’re built to, but that “by design” behavior quietly opens the door to risk? This week brings stories that make you stop and rethink what’s truly…THEHACKERNEWS.COM
30 Jun KEVOver 1,200 Citrix servers unpatched against critical auth bypass flawOver 1,200 Citrix NetScaler ADC and NetScaler Gateway appliances exposed online are unpatched against a critical vulnerability believed to be actively exploited, allowing threat actors to bypass authentication by hijacking user sessions. [...]BLEEPINGCOMPUTER.COM
30 JunScattered Spider shifts focus to airlines with strikes on Hawaiian and WestJetMajor cybersecurity firms are warning enterprise clients that the notorious Scattered Spider hacking group has shifted its focus to targeting airlines, following confirmed attacks on Hawaiian Airlines and WestJet that security experts say bear the group’s signature social enginee…CSOONLINE.COM
30 JunCitrixBleed 2 Vulnerability Exploited - Infosecurity Magazinesubmitted by kid to cybersecurity 1 points | 0 comments https://www.infosecurity-magazine.com/news/citrixbleed-2-vulnerability/SH.ITJUST.WORKS
30 JunSiloking von Ransomware-Attacke betroffensrcset="https://b2b-contenthub.com/wp-content/uploads/2025/06/unternehmen-salzburger-strasse_large.jpg?quality=50&strip=all 1977w, https://b2b-contenthub.com/wp-content/uploads/2025/06/unternehmen-salzburger-strasse_large.jpg?resize=300%2C168&quality=50&strip=all 300w…CSOONLINE.COM
30 JunThe Illusion of Control: Shadow IT, SSO Shortcomings, and the True Path to Security - ESW #413Interview with Dave Lewis Organizations believe they have a firm grip on security with SSO and corporate IT policies, but in reality, shadow IT lurks in the background—expanding attack surfaces and exposing sensitive data. Employees bypass security controls for the sake of conven…YOUTUBE.COM
30 JunScattered Spider nimmt Luftfahrtbranche ins VisierScattered Spider nutzt Social Engineering statt Brute Force um sich Zugang zu verschaffen. VZ_Art – shutterstock.com Die Cybersecurity-Anbieter Mandiant und Palo Alto Networks sowie das FBI warnen vor zunehmenden Cyberangriffen der Hackergruppe „ Scattered Spider “ auf den Luftfa…CSOONLINE.COM
30 JunEuropol Dismantles $540 Million Cryptocurrency Fraud Network, Arrests Five SuspectsEuropol on Monday announced the takedown of a cryptocurrency investment fraud ring that laundered €460 million ($540 million) from more than 5,000 victims across the world. The operation, the agency said, was carried out by the Spanish Guardia Civil, along with support from law e…THEHACKERNEWS.COM
30 JunNews alert: SquareX research finds browser AI agents are proving riskier than human employeesPalo Alto, Calif., Jun. 30, 2025, CyberNewswire–Every security practitioner knows that employees are the weakest link in an organization, but this is no longer the case. SquareX ’s research reveals that Browser AI Agents are more likely to fall prey … (more…) The post…LASTWATCHDOG.COM
30 Jun KEVActively exploited vulnerability gives extraordinary control over server fleetssubmitted by KarnaSubarna to cybersecurity 1 points | 0 comments https://arstechnica.com/security/2025/06/active-exploitation-of-ami-management-tool-imperils-thousands-of-servers/SH.ITJUST.WORKS
30 JunDragonForce Ransomware Equips Affiliates with Modular Toolkit for Crafting Custom PayloadsDragonForce Ransomware has emerged as a formidable player in the Ransomware-as-a-Service (RaaS) landscape since its debut in December 2023. Initially rooted in ideologically driven cyberattacks, the group has pivoted to financially motivated operations, establishing itself as a k…GBHACKERS.COM
30 JunThreat Actors Exploit Facebook Ads to Distribute Malware and Steal Wallet PasswordsThe Pi Network community eagerly celebrated Pi2Day, an event traditionally associated with platform updates, feature launches, and significant milestones. However, this year’s festivities have been overshadowed by a sinister wave of cyberattacks. Cybercriminals have capitalized o…GBHACKERS.COM
30 JunThree steps to boost Amazon S3 data securityThe amount of data in modern systems has skyrocketed beyond what traditional security tools can handle. As organizations embrace AI to boost productivity, security teams face mounting pressure to protect sensitive information across sprawling cloud infrastructures and application…INFOWORLD.COM
📋 SECURITY BULLETINS 1[−]
30 JunMicrosoft warns of Windows update delays due to wrong timestampMicrosoft has confirmed a new known issue causing delivery delays for June 2025 Windows security updates due to an incorrect metadata timestamp. [...]BLEEPINGCOMPUTER.COM
📢 SECURITY ADVISORIES 12[−]
30 JunCanada Orders Chinese Vendor Hikvision to Cease Local Surveillance ActivitiesThe Canadian government has ordered Hikvision, one of the world’s largest manufacturers of surveillance cameras, to halt all operations in Canada and shut down its local business. The decision, announced late Friday by Industry Minister Mélanie Joly, follows a comprehensive natio…GBHACKERS.COM
30 JunCasie Antalis Named Executive Director of CISACasie Antalis is the new executive director of the Cybersecurity and Infrastructure Security Agency after the departure of Bridget Bean. The post Casie Antalis Named Executive Director of CISA appeared first on SecurityWeek .SECURITYWEEK.COM
30 JunCISA warns of flaws in Mitsubishi Electronics ICS hardware | SC Mediasubmitted by kid to cybersecurity 1 points | 0 comments https://www.scworld.com/news/cisa-warns-of-flaws-in-mitsubishi-electronics-ics-hardwareSH.ITJUST.WORKS
30 JunGermany Urges Apple and Google to Ban Chinese AI App DeepSeek Over Privacy ConcernsBerlin’s data protection commissioner, Meike Kamp, has raised serious alarms over the Chinese AI application DeepSeek, accusing the company of unlawfully transferring personal data of German users to China in violation of the European Union’s stringent General Data Protection Reg…GBHACKERS.COM
30 JunJoint Statement from CISA, FBI, DC3 and NSA on Potential Targeted Cyber Activity Against U.S. Critical Infrastructure by IranCISA.GOV
30 JunYour KnowBe4 Compliance Plus Fresh Content Updates from June 2025Check out the June updates in Compliance Plus so you can stay on top of featured compliance training content.KNOWBE4.COM
30 JunU.S. Agencies Warn of Rising Iranian Cyberattacks on Defense, OT Networks, and Critical InfrastructureU.S. cybersecurity and intelligence agencies have issued a joint advisory warning of potential cyber-attacks from Iranian state-sponsored or affiliated threat actors. "Over the past several months, there has been increasing activity from hacktivists and Iranian government-a…THEHACKERNEWS.COM
30 JunWhat Your Cyber Insurance Isn’t Telling You 😳Most cybersecurity professionals don’t realize what’s missing from their cyber insurance policies—until it’s too late. In this short, Mandy breaks down why asking your insurer the right questions could save your organization thousands. From the NIST framework to hidden policy gap…YOUTUBE.COM
🔥 INCIDENT REPORTING 14[−]
30 JunQilin Ransomware Attack on National Health Service in June 2024 Causes Patient Death in the UKsubmitted by Hotznplotzn to cybersecurity 1 points | 0 comments https://hackread.com/qilin-ransomware-attack-nhs-causes-patient-death-uk cross-posted from: lemmy.sdf.org/post/37703162 Archived […] A patient’s death has been officially connected to a cyber attack carried out by th…INFOSEC.PUB
30 JunQilin Ransomware Attack on National Health Service in June 2024 Causes Patient Death in the UKsubmitted by Hotznplotzn to cybersecurity 4 points | 0 comments https://hackread.com/qilin-ransomware-attack-nhs-causes-patient-death-uk cross-posted from: lemmy.sdf.org/post/37703162 Archived […] A patient’s death has been officially connected to a cyber attack carried out by th…SH.ITJUST.WORKS
30 JunAhold Delhaize Data Breach Impacts 2.2 Million PeopleThe ransomware attack against grocery giant Ahold Delhaize has resulted in the personal information of millions getting stolen. The post Ahold Delhaize Data Breach Impacts 2.2 Million People appeared first on SecurityWeek .SECURITYWEEK.COM
30 JunHawaiian Airlines Hacked as Aviation Sector Warned of Scattered Spider AttacksScattered Spider is targeting airlines and the recent WestJet hack is believed to be the work of the notorious cybercrime group. The post Hawaiian Airlines Hacked as Aviation Sector Warned of Scattered Spider Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
30 JunAhold Delhaize Data Breach Exposes Personal Information of 2.2 Million ShoppersAhold Delhaize USA Services, LLC, a major grocery retail operator, has confirmed a significant data breach that compromised the personal information of over 2.2 million shoppers across the United States, including nearly 100,000 residents of Maine. The breach, which was the resul…GBHACKERS.COM
30 JunGlasgow City Warns of Parking Fine Scam Amid Ongoing Cybersecurity IncidentGlasgow City Council has issued an urgent alert to drivers across the region following a surge in scam text messages targeting unsuspecting motorists with fraudulent demands for parking fine payments. The authority has confirmed that these deceptive communications, often embedded…GBHACKERS.COM
30 JunRetail giant Ahold Delhaize says data breach affects 2.2 million peoplesubmitted by kid to cybersecurity 2 points | 0 comments https://www.bleepingcomputer.com/news/security/retail-giant-ahold-delhaize-says-data-breach-affects-22-million-people/SH.ITJUST.WORKS
30 JunHackers Breach Norwegian Dam, Triggering Full Valve OpeningHackers successfully took control of critical operational systems at a dam facility near Risevatnet in Bremanger, Norway, during April. The attackers managed to seize command over the minimum water flow controls and gained access to the dam’s valve closure mechanism, leading to a…GBHACKERS.COM
30 JunSwitzerland says government data stolen in ransomware attackThe government in Switzerland is informing that sensitive information from various federal offices has been impacted by a ransomware attack at the third-party organization Radix. [...]BLEEPINGCOMPUTER.COM
30 JunHow much an ICS incident costs | Kaspersky official blogHow integrated industrial cybersecurity solutions protect OT networks and reduce the cost of critical incidents.KASPERSKY.COM
30 JunMexican drug cartel hacker spied on FBI official’s phone to track and kill informants, report saysThe watchdog revealed the 2018 incident as part of an audit of the FBI"s counter-surveillance efforts.TECHCRUNCH.COM
30 JunMassive Botnet Found in ASUS Routers 🔥A new botnet called "AYSHUSH" has compromised over 8,000 ASUS routers, targeting home networks and even disabling Trend Micro security tools. Doug White breaks down how this malware gains persistent access and what it means for cybersecurity experts. ⚠️ Stay informed and stay sec…YOUTUBE.COM
30 Jun🏥 Hospitals, Airports, Banks—One Mistake Could Be FatalWhen milliseconds matter, cybersecurity isn't just a job—it’s life or death. In this powerful short, Danny Jenkins breaks down why elite response times are critical in sectors like healthcare, aviation, and finance. With support teams delivering responses in 23 seconds and MDRs r…YOUTUBE.COM
30 JunU.S. warns of Iranian cyber threats on critical infrastructureU.S. cyber agencies, the FBI, and NSA issued an urgent warning today about potential cyberattacks from Iranian-affiliated hackers targeting U.S. critical infrastructure. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 28[−]
30 JunISC Stormcast For Monday, June 30th, 2025 https://isc.sans.edu/podcastdetail/9510, (Mon, Jun 30th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
30 JunZig Strike: New Offensive Toolkit Generates Payloads to Evade AV, EDR, and XDRA newly released offensive cybersecurity toolkit, Zig Strike, is making waves in the security community for its advanced ability to generate payloads that evade traditional and next-generation security defenses, including antivirus (AV), Endpoint Detection and Response (EDR)…GBHACKERS.COM
30 JunThreat Actors Impersonate WPS Office and DeepSeek to Spread Sainbox RATA malicious campaign has emerged, targeting Chinese-speaking users through fake installers of popular software such as WPS Office, Sogou, and DeepSeek. This operation, attributed with medium confidence to the China-based adversary group Silver Fox, leverages phishing websites tha…GBHACKERS.COM
30 JunPatrick Ware Named Executive Director of US Cyber CommandThe NSA’s Patrick Ware has taken up the role of Cybercrom executive director after the departure of Morgan Adamski. The post Patrick Ware Named Executive Director of US Cyber Command appeared first on SecurityWeek .SECURITYWEEK.COM
30 JunScattered Spider Targets Tech Companies with Phishing Frameworks like Evilginx and Social Engineering TacticsThe notorious hacking collective Scattered Spider, also known as UNC3944 or Octo Tempest, has emerged as a formidable threat to high-value industries, with a particular focus on technology, finance, and retail sectors. Recent research reveals that 81% of the group’s registered do…GBHACKERS.COM
30 JunCanada Gives Hikvision the Boot on National Security GroundsCanada has ordered Hikvision to cease all operations in the country and prohibited the purchase and use of Hikvision products within government entities. The post Canada Gives Hikvision the Boot on National Security Grounds appeared first on SecurityWeek .SECURITYWEEK.COM
30 JunHow Cybersecurity Fears Affect Confidence in Voting SystemsAmerican democracy runs on trust, and that trust is cracking. Nearly half of Americans, both Democrats and Republicans, question whether elections are conducted fairly . Some voters accept election results only when their side wins . The problem isn’t just political polariz…SCHNEIER.COM
30 JunAiroha Chip Vulnerabilities Expose Headphones to TakeoverVulnerabilities in Airoha Bluetooth SoCs expose headphone and earbud products from multiple vendors to takeover attacks. The post Airoha Chip Vulnerabilities Expose Headphones to Takeover appeared first on SecurityWeek .SECURITYWEEK.COM
30 JunHacker Conversations: Rachel Tobac and the Art of Social EngineeringRachel Tobac is a cyber social engineer. She is skilled at persuading people to do what she wants, rather than what they know they ought to do. The post Hacker Conversations: Rachel Tobac and the Art of Social Engineering appeared first on SecurityWeek .SECURITYWEEK.COM
30 JunBsides Seattle 2025submitted by ashar to security_cpe 1 points | 0 comments https://youtube.com/playlist?list=PL7qpYrr4UPU8AioMqozfYb4nhDfwO5nU6 Bsides Seattle 2025 BSides Seattle is a community based conference for individuals in or interested in Information Security. Founded in 2012, BSides Seatt…INFOSEC.PUB
30 JunFeds Warn Patients, Healthcare Entities of Phishing Scamssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bankinfosecurity.in/feds-warn-patients-healthcare-entities-phishing-scams-a-28852SH.ITJUST.WORKS
30 JunScattered Spider hackers shift focus to aviation, transportation firmssubmitted by kid to cybersecurity 2 points | 0 comments https://www.bleepingcomputer.com/news/security/scattered-spider-hackers-shift-focus-to-aviation-transportation-firms/SH.ITJUST.WORKS
30 JunOneClik Malware Targets Energy Sector Using Microsoft ClickOnce and Golang Backdoorssubmitted by kid to cybersecurity 3 points | 0 comments https://thehackernews.com/2025/06/oneclik-malware-targets-energy-sector.htmlSH.ITJUST.WORKS
30 JunBluetooth flaws could let hackers spy through your microphonesubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/bluetooth-flaws-could-let-hackers-spy-through-your-microphone/SH.ITJUST.WORKS
30 JunFrom “What’s Your Color?” to “Tell Me Your Passion” 🔥In this quick but powerful clip, cybersecurity experts Evgeniy Kharam and Sean Metcalf break down why surface-level questions like “What’s your favorite color?” fall flat in tech interviews. Instead, they show how asking “why?” can unlock personal stories, deeper insights, and re…YOUTUBE.COM
30 JunNASA Needs Agency-Wide Cybersecurity Risk Assessment: GAONASA needs to perform an agency-wide cybersecurity risk assessment and to complete important cybersecurity tasks for each of its projects. The post NASA Needs Agency-Wide Cybersecurity Risk Assessment: GAO appeared first on SecurityWeek .SECURITYWEEK.COM
30 JunBlind Eagle Uses Proton66 Hosting for Phishing, RAT Deployment on Colombian BanksThe threat actor known as Blind Eagle has been attributed with high confidence to the use of the Russian bulletproof hosting service Proton66. Trustwave SpiderLabs, in a report published last week, said it was able to make this connection by pivoting from Proton66-linked digital …THEHACKERNEWS.COM
30 JunWhy Identity Isn’t Just About Permissions Anymore 👀Most cybersecurity pros still think identity is just about access and permissions—but Paul Nguyen breaks that myth wide open. In this short, he dives into the overlooked concept of identity risk management—explaining why understanding both threat detection and inherent static ris…YOUTUBE.COM
30 JunA WiFi Camera You Can’t Even See…Tiny, cheap, and nearly invisible — this WiFi spy camera is causing chaos. In this short, cybersecurity expert Doug White shares how modern surveillance gadgets, like pinhole cameras bought for a few bucks, are showing up in offices and recording private moments. With built-in Wi…YOUTUBE.COM
30 JunStumbled on to StormShield - opinions?submitted by Cyber to cybersecurity 1 points | 0 comments https://www.stormshield.com/ A colleague was discussing an option to use different vendors either side of a DMZ and suggested StormShield… I’d not heard of them before. Looks interesting, albeit an old Gartner “magic quadr…INFOSEC.PUB
30 JunHikvision Canada ordered to cease operations over security riskssubmitted by cm0002 to cybersecurity 2 points | 0 comments https://www.bleepingcomputer.com/news/security/hikvision-canada-ordered-to-cease-operations-over-security-risks/INFOSEC.PUB
30 JunUS government takes down major North Korean ‘remote IT workers’ operationThe Department of Justice indicated a total of 13 people involved in the fraudulent scheme to steal and launder money for North Korea’s regime.TECHCRUNCH.COM
30 JunThis is What Happens When Cyber Guys Get Weird…When two cybersecurity pros dive into a random conversation about a bizarre British spread called "Johnston’s Fluid Beef" — things get weird. Doug and Josh go from secure networks to insecure sandwiches, comparing it with Marmite and debating if “fluidbeef.com” is a domain worth …YOUTUBE.COM
30 JunCato Networks Raises $359 Million to Expand SASE BusinessFounded in 2015, the Tel Aviv based company has now raised more than $1 billion and claims more than 3,500 customers. The post Cato Networks Raises $359 Million to Expand SASE Business appeared first on SecurityWeek .SECURITYWEEK.COM
30 JunHackers Deliver Remcos Malware Via .pif Files and UAC Bypass in WindowsA sophisticated phishing campaign has emerged, distributing the notorious Remcos Remote Access Trojan (RAT) through the DBatLoader malware. This attack chain, analyzed in ANY.RUN’s Interactive Sandbox, leverages a combination of User Account Control (UAC) bypass techniques, obfus…GBHACKERS.COM
30 JunYou Follow Agile… But What About This Rule?Most developers trust their agile workflows—but few realize what they’re missing. In this short, cybersecurity expert Summer Craze Fowler drops a crucial truth: no matter how modern your dev method is—agile, spiral, or waterfall—if your AI model isn’t backed by strong governance …YOUTUBE.COM
30 JunJasper Sleet: North Korean remote IT workers’ evolving tactics to infiltrate organizationsSince 2024, Microsoft Threat Intelligence has observed remote IT workers deployed by North Korea leveraging AI to improve the scale and sophistication of their operations, steal data, and generate revenue for the North Korean government. The post Jasper Sleet: North Korean remote…MICROSOFT.COM
30 JunS3 Storage Hack Every CISO Should KnowWhile most cybersecurity teams burn cash sending all their logs to a SIM, this short reveals how smart CISOs are cutting costs by rerouting non-critical data to S3 or cheap object storage. Real-time threat detection doesn’t have to drain the budget—this strategy proves it. Learn …YOUTUBE.COM
📡 INFOSEC NEWS 8[−]
30 JunUsing AI to identify cybercrime mastermindsAnalyzing dark web forums to identify key experts on e-crimeSOPHOS.COM
30 JunFBI: Cybercriminals steal health data posing as fraud investigatorsThe Federal Bureau of Investigation (FBI) has warned Americans of cybercriminals impersonating health fraud investigators to steal their sensitive information. [...]BLEEPINGCOMPUTER.COM
30 JunEuropol helps disrupt $540 million crypto investment fraud ringSpanish authorities have arrested five individuals in Madrid and the Canary Islands, suspected of laundering $540 million (€460 million) from illegal cryptocurrency investment schemes and defrauding more than 5,000 victims. [...]BLEEPINGCOMPUTER.COM
30 JunHikvision Canada ordered to cease operations over security risksThe Canadian government has ordered Hikvision's subsidiary in the country to cease all operations following a review that determined them to pose a national security risk. [...]BLEEPINGCOMPUTER.COM
30 JunMicrosoft Defender for Office 365 now blocks email bombing attacksMicrosoft says its Defender for Office 365 cloud-based email security suite will now automatically detect and block email bombing attacks. [...]BLEEPINGCOMPUTER.COM
30 JunSenator Chides FBI for Weak Advice on Mobile SecurityAgents with the Federal Bureau of Investigation (FBI) briefed Capitol Hill staff recently on hardening the security of their mobile devices, after a contacts list stolen from the personal phone of the White House Chief of Staff Susie Wiles was reportedly used to fuel a series of …KREBSONSECURITY.COM
30 JunGermany asks Google, Apple remove DeepSeek AI from app storesThe Berlin Commissioner for Data Protection has formally requested Google and Apple to remove the DeepSeek AI application from the application stores due to GDPR violations. [...]BLEEPINGCOMPUTER.COM