matlock.ca // THREAT INTELLIGENCE — 2025-09-22

72Articles

8Categories

2025-09-22Date

🚨

CISA Shares Lessons Learned from an Incident Response EngagementAdvisory at a Glance Executive Summary CISA began incident response efforts at a U.S. federal civilian executive branch (FCEB) agency following the detection of potential malicious activity identified through security alerts generated by the agency’s endpoint detection and respon…

KEVCISA.GOV — 22 Sep 2025

🐛

Microsoft Patches Critical Entra ID Flaw Enabling Global Admin Impersonation Across Tenants

THEHACKERNEWS.COM — 22 Sep 2025

🐛

Attackers Bypass Windows “Mark of the Web” Protections Using LNK-Stomping

GBHACKERS.COM — 22 Sep 2025

🐛

Fortra Patches Critical GoAnywhere MFT Vulnerability

SECURITYWEEK.COM — 22 Sep 2025

🐛

God Mode Vulnerability Lets Attackers Access Any Resource in Microsoft Cloud Tenants

GBHACKERS.COM — 22 Sep 2025

🐛

Code Analysis Published for Chrome Type Confusion 0-Day Vulnerability

GBHACKERS.COM — 22 Sep 2025

⚠️

Agentic AI – der neue Horror für Sicherheitsentscheider?

CSOONLINE.COM — 22 Sep 2025

⚠️

Hackers Deploy New EDR-Freeze Tool to Disable Security Software

GBHACKERS.COM — 22 Sep 2025

⚠️

Extinction Level Cyber Vulnerability Now Fixed

CYBERSECURITYTODAY.LIBSYN.COM — 22 Sep 2025

⚠️

Hackers Abuse GitHub Pages to Spread Stealer Malware to macOS Users

GBHACKERS.COM — 22 Sep 2025

⚠️

CSO Awards winners highlight security innovation and transformation

CSOONLINE.COM — 22 Sep 2025

⚠️

Cybercriminals Exploit ICS Computers via Scripts and Phishing Attacks

GBHACKERS.COM — 22 Sep 2025

⚠️

Canada Police Shuts Down TradeOgre After $56M Crypto Theft

GBHACKERS.COM — 22 Sep 2025

⚠️

Disruption is Coming for the Vulnerability Management Market - Tod Beardsley - ESW #425

YOUTUBE.COM — 2025-09-22

⚠️

Subtle Snail Impersonation Tactics: How HR Representatives Can Engage Employees to Steal Login Credentials

GBHACKERS.COM — 22 Sep 2025

⚠️

Inboxfuscation Tool Bypasses Exchange Inbox Rules and Evades Detection

GBHACKERS.COM — 22 Sep 2025

⚠️

European airports continue to crawl after a cyberattack on Collins’ MUSE systems

CSOONLINE.COM — 22 Sep 2025

⚠️

⚡ Weekly Recap: Chrome 0-Day, AI Hacking Tools, DDR5 Bit-Flips, npm Worm & More

THEHACKERNEWS.COM — 22 Sep 2025

⚠️

AI-powered phishing scams now use fake captcha pages to evade detection

CSOONLINE.COM — 22 Sep 2025

⚠️

Researchers Earn $150,000 for L1TF Exploit Leaking Data From Public Cloud

SECURITYWEEK.COM — 22 Sep 2025

⚠️

Threat Actors Exploit Oracle Database Scheduler to Infiltrate Corporate Networks

GBHACKERS.COM — 22 Sep 2025

⚠️

Security review of PHP documentation

QUARKSLAB.COM — 2025-09-22

⚠️

New EDR-Freeze tool uses Windows WER to suspend security software

BLEEPINGCOMPUTER.COM — 22 Sep 2025

⚠️

Ex-lobbyist for Meta becomes Irish data protection commissioner

CSOONLINE.COM — 22 Sep 2025

⚠️

Automaker giant Stellantis confirms data breach after Salesforce hack

BLEEPINGCOMPUTER.COM — 22 Sep 2025

⚠️

American Archive of Public Broadcasting fixes bug exposing restricted media

BLEEPINGCOMPUTER.COM — 22 Sep 2025

⚠️

SonicWall Releases Advisory for Customers after Security Incident

CISA.GOV — Mon, 22 Sep 25 1

⚠️

Anton’s Security Blog Quarterly Q3 2025

KEVMEDIUM.COM — 22 Sep 2025

📢

Mycroft Raises $3.5 Million for AI-Powered Security and Compliance Platform

SECURITYWEEK.COM — 22 Sep 2025

📢

Dell security advisory (AV25-607)

CYBER.GC.CA — 2025-09-22

📢

IBM security advisory (AV25-606)

CYBER.GC.CA — 2025-09-22

📢

Red Hat security advisory (AV25-609)

CYBER.GC.CA — 2025-09-22

📢

Ubuntu security advisory (AV25-608)

CYBER.GC.CA — 2025-09-22

📢

Microsoft Edge security advisory (AV25-611)

CYBER.GC.CA — 2025-09-22

📢

[Control systems] CISA ICS security advisories (AV25–610)

CYBER.GC.CA — 2025-09-22

📢

Top 10 Best Cybersecurity Compliance Management Software in 2025

GBHACKERS.COM — 22 Sep 2025

🔥

MalTerminal: New GPT-4-Powered Malware That Writes Its Own Ransomware

GBHACKERS.COM — 22 Sep 2025

🔥

Hackerangriff legt Flughäfen lahm

CSOONLINE.COM — 22 Sep 2025

🔥

Kawa4096 Ransomware Targets Multinational Corporations to Steal Sensitive Data

GBHACKERS.COM — 22 Sep 2025

🔥

BlackLock Ransomware Targets Windows, Linux, and VMware ESXi Systems

GBHACKERS.COM — 22 Sep 2025

🔥

European Airport Disruptions Caused by Ransomware Attack

SECURITYWEEK.COM — 22 Sep 2025

🔥

Stellantis Confirms Data Breach Affecting Citroën, Fiat, Jeep, and More

GBHACKERS.COM — 22 Sep 2025

🔥

EU cyber agency confirms ransomware attack causing airport disruptions

TECHCRUNCH.COM — 22 Sep 2025

🔥

ComicForm and SectorJ149 Hackers Deploy Formbook Malware in Eurasian Cyberattacks

THEHACKERNEWS.COM — 22 Sep 2025

🔥

Automaker giant Stellantis says customers’ personal data stolen during breach

TECHCRUNCH.COM — 22 Sep 2025

🔥

Airport disruptions in Europe caused by a ransomware attack

BLEEPINGCOMPUTER.COM — 22 Sep 2025

🕵️

ISC Stormcast For Monday, September 22nd, 2025 https://isc.sans.edu/podcastdetail/9622, (Mon, Sep 22nd)

ISC.SANS.EDU — 22 Sep 2025

🕵️

Threat Actors Market Stealthy New RAT as Alternative to ScreenConnect FUD

GBHACKERS.COM — 22 Sep 2025

🕵️

Privacy and Security Risks in the eSIM Ecosystem [pdf]

INFOSEC.PUB — 22 Sep 2025

🕵️

Threat Actors Fake FBI IC3 Portal to Steal Visitor Information

GBHACKERS.COM — 22 Sep 2025

🕵️

FBI Warns of Spoofed IC3 Website

SECURITYWEEK.COM — 22 Sep 2025

🕵️

Massive Lucid PhaaS Campaign: 17,500 Phishing Domains Mimic 316 Global Brands

GBHACKERS.COM — 22 Sep 2025

🕵️

Widespread Infostealer Campaign Targeting macOS Users

SECURITYWEEK.COM — 22 Sep 2025

🕵️

Details About Chinese Surveillance and Propaganda Companies

SCHNEIER.COM — 2025-09-22

🕵️

HoundBytes Launches Automated Security Analyst

SECURITYWEEK.COM — 22 Sep 2025

🕵️

BlockBlasters Steam Game Disguises Malware as Patch for Computer Download

GBHACKERS.COM — 22 Sep 2025

🕵️

Unit 221B raises $5 million to help track and disrupt today’s top hacking groups

TECHCRUNCH.COM — 22 Sep 2025

🕵️

FBI warns of cybercriminals using fake FBI crime reporting portals

SH.ITJUST.WORKS — 22 Sep 2025

🕵️

17,500 Phishing Domains Target 316 Brands Across 74 Countries in Global PhaaS Surge

SH.ITJUST.WORKS — 22 Sep 2025

🕵️

Safe by Default: Building a Minimal Sandbox in Linux

INFOSEC.PUB — 22 Sep 2025

🕵️

Mentorship Monday - Discussions for career and learning!

INFOSEC.PUB — 22 Sep 2025

🌐

LastPass: Fake password managers infect Mac users with malware

BLEEPINGCOMPUTER.COM — 22 Sep 2025

🌐

Why attackers are moving beyond email-based phishing attacks

BLEEPINGCOMPUTER.COM — 22 Sep 2025

🌐

Watch out for SVG files booby-trapped with malware

WELIVESECURITY.COM — 22 Sep 2025

📡

Verified Steam game steals streamer's cancer treatment donations

BLEEPINGCOMPUTER.COM — 22 Sep 2025

📡

What happens when a cybersecurity company gets phished?

SOPHOS.COM — 22 Sep 2025

📡

How to Gain Control of AI Agents and Non-Human Identities

THEHACKERNEWS.COM — 22 Sep 2025

📡

Microsoft says recent updates cause DRM video playback issues

BLEEPINGCOMPUTER.COM — 22 Sep 2025

📡

Mozilla now lets Firefox add-on devs roll back bad updates

BLEEPINGCOMPUTER.COM — 22 Sep 2025

📡

VMScape attack | Kaspersky official blog

KASPERSKY.COM — 22 Sep 2025

📡

Microsoft lifts Windows 11 update block after face detection fix

BLEEPINGCOMPUTER.COM — 22 Sep 2025

📡

Recommended Contract Clauses for Cryptography (ITSM.00.501)

CYBER.GC.CA — 2025-09-22