With cybercrime now a $10.5 trillion industry, the CISO's role must evolve. Discover the 4 critical shifts every cybersecurity leader needs to master for true resilience.| CISOteria - CISOs Advisor
Die Zahlung des Lösegelds nach einer Ransomware-Attacke ist keine Garantie für eine reibungslose oder gar erfolgreiche Wiederherstellung der Daten. AndryDj – shutterstock.com Zwei von fünf Unternehmen, die Cyberkriminellen für die Entschlüsselung von Ransomware bezahlen, können ihre Daten nicht wiederherstellen. Das hat eine weltweite Umfrage des Versicherungsanbieters Hiscox unter 1.000 mittelständischen Unternehmen ergeben. Die Ergebnisse zeigen, dass Ransomware nach wie vor eine g...| How evolving regulations are redefining CISO responsibility | CSO Online
Are you sure you’re still alive? If so, you may fall for a phishing scam aimed at getting the master login passwords of LastPass password manager users. OK, this sounds weird, but in some ways it isn’t. If a person dies, their immediate family may not know how to get into the deceased’s password manager, and may contact the vendor asking for access. Scammers suspected of being part of the CryptoChameleon cyber criminal group are trying to take advantage of that by sending oddly-worded ...| How evolving regulations are redefining CISO responsibility | CSO Online
Cybersecurity researchers could face criminal charges for performing their legitimate work if the United Nations Convention against Cybercrime is ratified in a process beginning in Hanoi, Vietnam, this weekend, critics say. Tech industry group Cybersecurity Tech Accord said today that little has changed since it presented a detailed critique of the UN Convention against Cybercrime more than a year ago. The group, comprising tech heavyweights Arm, Cisco, Cloudflare, Dell, Meta, Microsoft, Sale...| How evolving regulations are redefining CISO responsibility | CSO Online
Happy October and Cyber Awareness Month! While October ends with ghosts and goblins and other scary monsters for Halloween, the entire month of October is| Data Protection Report
Phishing remains one of the most significant cyber threats impacting organizations worldwide, according to SlashNext.| Help Net Security
Threat actors behind the gift card fraud campaign Jingle Thief target retail via phishing and smishing, maintaining long-term access in cloud environments. The post Jingle Thief: Inside a Cloud-Based Gift Card Fraud Campaign appeared first on Unit 42.| Unit 42
Given the media coverage over just the last couple of weeks, you could be forgiven for thinking the UK is in the midst of a ransomware crisis| London Tech News | londonlovestech.com
“Juice jacking” has become a modern cybersecurity myth — a catchy scare story built on a long-patched Android debugging issue … Continue reading A threat to sanity – Cyber Myth: Juice Jacking| PwnDefend
Firewalls are often both a defended gate but also the front door to access corporate network. That is all lovely until it’s not! You see so many corporate network intrusion incidents occur from threat actors simply logging into the VPN (due to lack of VPN), and then we have the software vulnerabilities where they shell their way in, but did you think that another way could be from stealing all the backups from a ‘security’ provider? Well now you might! There’s been bit of an incident ...| PwnDefend
Careless developers publishing Visual Studio extensions to two open marketplaces have been including access tokens and other secrets that can be exploited by threat actors, a security vendor has found. The discovery was made earlier this year by researchers at Wiz, who quietly worked with Microsoft and its VSCode Marketplace as well as those behind the OpenVSX marketplace to improve guardrails in their platforms. It released a report on its investigation this week. Wiz found over 550 validate...| AWS DNS error hits DynamoDB, causing problems for multiple services and custo...
Verticals Targeted: Not specified Regions Targeted: Not specified Related Families: LockBit Executive Summary LockBit 5.0, the latest evolution of the notorious ransomware, targets Windows, Linux, and VMware ESXi systems with advanced obfuscation, DLL reflection, and anti-analysis techniques. Its cross-platform capabilities and enhanced encryption methods make it a formidable threat to enterprise networks.| PolySwarm Main Blog
A massive crypto wallet-drain conspiracy links fake trading sites to a single criminal IP address. See our investigative deep dive into how these orchestrated scams are draining user funds. The post Inside a Crypto Scam Nexus appeared first on DomainTools Investigations | DTI.| DomainTools Investigations | DTI
Starting in September 2024, a financially motivated cluster of more than 80 spoofed domain names and lure websites began targeting users with fake applications and websites themed as government tax sites, consumer banking, age 18+ social media content, and Windows assistant applications. The actor used these spoofed domains to deliver Android and Windows trojans likely for the purpose of stealing credentials or more overtly through the use of fake login pages. The post SecuritySnack: 18+E-Cri...| DomainTools Investigations | DTI
A group has been targeting Indonesian and Vietnamese Android users with banking trojans disguised as legitimate payment and government identity applications. The operators exhibit distinct domain registration patterns, often reusing TLS certificates and grouping domains to resolve to the same IP addresses, with a strong operational focus during Eastern Asia's daytime hours. The post Banker Trojan Targeting Indonesian and Vietnamese Android Users appeared first on DomainTools Investigations | ...| DomainTools Investigations | DTI
"We can stop these threat actors - we just need the right tools, technology, and people behind the scenes to do it."| Machine
Though GenAI offers financial firms remarkable cybersecurity utility, cyberthreats relating to GenAI are a consistent concern.| Help Net Security
SMS Stealer malware targeting Android users: Over 105,000 samples identified| Help Net Security
This video talks about social engineering (also known as human hacking), how can it be performed, and how can you fight against it.| Help Net Security
How attackers abuse Milesight cellular router APIs to run smishing at scale via unauthenticated SMS endpoints—targeting Belgium (CSAM/eBox).| Sekoia.io Blog
Shiny Hunters/Scattered spider have published a leaked download site (DLS)/extortion site etc.| PwnDefend
INTERPOL has announced the arrest of 260 suspects and the seizure of 1,235 electronic devices in a coordinated international operation... Source| CIO Africa
Japanese brewing giant Asahi Group Holdings announced that its operations in the country have been disrupted by a cyberattack.| SecurityWeek
The market leading smartphone operating systems, Android and iOS, allow users to install apps through official pre-installed markets. Android also supports app installation from third-party sources, known as sideloading. Sideloading fosters competition and enables open source app markets. However, it also enables the proliferation of markets distributing pirated and modded apps: apps whose features and functionality have been altered by a third-party. Modded apps typically claim to offer user...| Light Blue Touchpaper
Cybersecurity professionals horrified as threat actors publish pictures of innocent children and families' "sensitive" data.| Machine
AI improves phishing defense by spotting unusual behaviors and subtle threats early, helping security teams respond faster.| Help Net Security
Children have been told for decades not to trust everything they see on a screen; adults today, farmers included, should remember that lesson in their newly online worlds. The post Guarding against misinformation: Do you believe in house hippos? appeared first on Manitoba Co-operator.| Manitoba Co-operatorOp/Ed & Farming Articles - Manitoba Co-operator
75% of external relationships that enabled third-party breaches involved software or other technology products and services.| Help Net Security
Fraudsters behind €460 million crypto scam arrested in Spain| Help Net Security
Disaster was averted after widely used open-source packages were compromised via social engineering.| CyberScoop
In December 2022, we first blogged about a law enforcement takedown of DDoS-for-hire services (often known as “booters”), sharing details about their changing landscape shortly after the initial seizures. Now that we have more data covering a longer period post-takedown, we can form a clearer picture of the impact.| Light Blue Touchpaper
–Arnav Kaman & Gauri Sidana Introduction Before the start of the Paris AI summit, President Macron shared a video with deepfake AI generated versions of himself in popular movies and TV shows. An ill attempt at humour by the president wanting to bring attention back on to himself. One cannot help but feel the video … Continue reading Criminalising Deepfake NCII: A Swift and Just Sword| The Criminal Law Blog
– Adeeba Hasan, Asad Naushad Khan ABSTRACT The intersection of warfare and legislation poses significant challenges in balancing national security with legal and ethical standards. Section 125 of the Indian Penal Code (IPC), which criminalizes waging war against an Asiatic power allied with or at peace with India, epitomizes this complexity. Rooted in colonial-era concerns, … Continue reading WARFARE AND LEGISLATION: IPC SECTION 125’S STANCE ON ASIATIC POWER CONFLICTS| The Criminal Law Blog
~By Parth Kantak INTRODUCTION This piece deals with the issue of bail in the cases of the cyber-crimes given in the Information Technology (IT) Act, 2000. It has been a relatively muted issue however a really pertinent one due to the impact that it has on the investigation of cyber-crimes, which is an extremely crucial stage … Continue reading Bail in Cases of Cyber-Crimes under the Information Technology Act, 2000: A Critical Re-Evaluation of the Penal Framework.| The Criminal Law Blog
The Dutch Data Protection Authority (Autoriteit Persoonsgegevens) (Dutch DPA) recently published a report on personal data breaches, which provides valuable insights into the Dutch DPA’s views on incident response. It also contains some helpful statistics. Increase in follow-up action by the Dutch DPA It is clear from the report that the Dutch DPA is still... Continue Reading| Data Protection Report
A woman who defrauded Eskom in 2020 has been handed a serious, if not confusing sentence by a criminal court in Middelburg.| Hypertext
ScamAgent study reveals how AI agents simulate scam calls, bypass safety guardrails, adapt across conversations, exploit text-to-speech.| Help Net Security
85% of phishing emails utilized malicious links in the content of the email, and spam emails increased by 30% from Q1 to Q2 2023.| Help Net Security
In its latest security alert, the team behind Drupal reported finding a set of severe vulnerabilities in a third-party library.... The post <strong>High-Risk Vulnerability in Third-Party Service Allows Take Control of Drupal Websites</strong> appeared first on IICS.| IICS
An investigation uncovers India’s black market for bank accounts, exposing systemic lapses exploited by cybercriminals for scams.| CySecurity News - Latest Information Security and Hacking Incidents
Investigators find that crooks offer consumer-style hack'n'mix bundles that package access with privilege or other treats.| Machine
A report indicates that more than 8% of borrowers will be using these financing structures by 2025.| CySecurity News - Latest Information Security and Hacking Incidents
CyberheistNews Vol 15 #32 How Hackers Exploit Microsoft Teams in Social Engineering Attacks| blog.knowbe4.com
Cybersecurity incidents nearly tripled in the first half of 2025, jumping from 6% in the second half of 2024 to 17% in 2025, according to a new report....| blog.knowbe4.com
ClickFix attacks have been around for decades; only the name is new.| blog.knowbe4.com
Researchers have witnessed an increase in ransomware attacks occurring when criminals know IT staff won’t be around, mostly night time.| Help Net Security
Major regional and global events – such as military exercises, political or economic summits, and elections – drove cyber threat activities.| Help Net Security
In 2023, malicious email threats bypassing secure email gateways (SEGs) increased by more than 100%, according to Cofense.| Help Net Security
There has been a 44% increase in organized ID fraud in North America. This upsurge is believed to be driven by the ongoing economic recovery.| Help Net Security
AI advancements give malicious groups access to tools that will allow them to create more elaborate social engineering attacks in the future.| Help Net Security
Infostealer malware remains widely available to buy through underground forums, while Russian Market remains the top seller.| Help Net Security
Across all BEC attacks seen over the past year, 57% relied on language as the main attack vector to get BEC attacks in front of employees.| Help Net Security
With growing AI app usage, employees are more likely to expose sensitive data like credentials or personal information.| Help Net Security
In this article, you will find excerpts from various reports that offer statistics and insights about the current phishing landscape.| Help Net Security
Businesses reported a growth in synthetic identity fraud, while biometric spoofs and counterfeit ID fraud attempts also increased.| Help Net Security
There has been an increase in the volume of DDoS attacks over the last two years, and in H1 of 2023, we see a capacity of about 800 Gbps.| Help Net Security
The ransomware activity in Q1 of 2024 continues the substantial growth pattern that we saw develop over the course of 2023.| Help Net Security
Russian Dmitry Khoroshev is "LockBitSupp", the creator, developer and administator of the infamous LockBit ransomware group.| Help Net Security
The increase in reported ransomware victims across Q1 2023 reflects the continued prevalence of ransomware as a worldwide threat.| Help Net Security
Companies using Google Workspace experienced a 25% risk reduction for FTF or BEC claims and a 10% risk reduction for ransomware claims.| Help Net Security
Lawbreaking language models lower the barrier of entry for unskilled crooks and make it frighteningly easy to launch crime campaigns.| Machine
Safepay gang says 3.5TB of oh, dearstolen data will be released if Ingram doesn't capitulate.| CSO Online
Avast has released a free decryptor for the AI-powered FunkSec ransomware, allowing victims to recover files after the notorious group was declared defunct.| WinBuzzer
Ransomware attacks are disrupting and undermining business operations and draining revenue streams, according to Illumio.| Help Net Security
From defending against phishing to safeguarding personal apps and managing GenAI, data security is no longer just a perimeter defense.| Help Net Security
The incoming government hands over the Federal Ministry of the Interior to the Conservatives. The coalition agreement proclaims a ‘turning point’ in internal security. Stricter surveillance measures and laws are planned. With the new coalition agreement published on Wednesday, the German Social Democrats will lose the Federal Ministry of the Interior – it will once […] Der Beitrag Grand control coalition: German conservatives and social democrats call for ‘zero tolerance’ on inter...| Matthias Monroy
The UK Parliament’s Intelligence & Security Committee found “Russia has sought to employ organised crime groups to supplement its cyber skills” This is pivotal, as it makes attribution much, much harder. Using crime groups, or just co-opting their tools and software, makes it easier for states such as Russia to hide their cyber activities. It’s…| Geoff White
It could well be coronavirus is hurting cybercrime as much as it's helping it.| Geoff White
The Cambridge Cybercrime Centre‘s eight one day conference on cybercrime was held on Monday, 23rd June 2025, which marked 10 years of the Centre.| Light Blue Touchpaper
TL;DR In 2025, UK cyber attacks have intensified dramatically and we have seen a wave of high-profile cyber attacks in the UK. From M&S and Co-op to platforms like Mailchimp and HubSpot, major businesses have been hit by phishing, supply chain compromise, and social engineering. This article outlines the top incidents so far, how attackers ... The post Major Cyber Attacks on UK Businesses in 2025 (So Far) appeared first on Dial A Geek.| Dial A Geek
Three insurance companies have publicly disclosed cyberattacks in the past week. Scattered Spider, an amorphous band of cybercriminals, has been actively targeting the sector.| CyberScoop
Multiple U.S.-based companies in the insurance sector have already been hit over the past week and a half, according to Mandiant.| CyberScoop
Cryptocurrency theme is a Klondike for various scammers. Here is how to stay away from the possibility of being robbed.| Gridinsoft Blogs
This report explores current trends in the AitM phishing landscape and the prevalence of leading kits. La publication suivante Global analysis of Adversary-in-the-Middle phishing threats est un article de Sekoia.io Blog.| Sekoia.io Blog
© 2025 Peter N. M. Hansteen| That grumpy BSD guy
© 2025 Peter N. M. Hansteen| That grumpy BSD guy
Chinese hackers used the CoGUI phishing kit to send over 580 million scam emails to Japanese users in early 2025, impersonating brands like Amazon and PayPal.| eSecurity Planet
Ransomware remains a concerning cybersecurity threat, with attacks becoming more frequent, severe, and costly.| Help Net Security
Consumers are concerned about the risks associated with GenAI and deepfakes, including the potential for online fraud or identity theft.| Help Net Security
As the political landscape heats up during a polarizing election year, so do concerns about deepfake technology.| Help Net Security
While employees have long been trained to avoid clicking on suspicious links, QR codes are an emerging and lesser-known malicious tactic.| Help Net Security
Consumers ranked identity theft (84%) and stolen credit cardinformation (80%) as their top online security concerns.| Help Net Security
2023 saw a surge in the duration of DDoS attacks, and in the first half of 2024, it’s clear that surge has become the new normal.| Help Net Security
A cyberpunk-styled visualization of the Scattered Spider attack flow, defensive countermeasures, and an interactive checklist with activity log, designed for WordPress compatibility.| PwnDefend
Currently there appears to be a relatively significant cyber security incident at Marks and Spencer. So I thought I would give a demo of using AI (LLM, GROK) to create a timeline:| PwnDefend
When a suspected email mailbox compromise is reported, initiating an investigation promptly is critical. However, to ensure the investigation is effective, certain minimum intelligence requirements must be met. This blog outlines the bare minimum data needed to start investigating a suspected email mailbox compromise, whether the intelligence comes from an internal team or a third-party source.| PwnDefend
Lampion malware distributors are now using the social engineering method ClickFix. Read our analysis of a recent campaign. Lampion malware distributors are now using the social engineering method ClickFix. Read our analysis of a recent campaign.| Unit 42
Cybercrime is on the rise in Georgia and around the country.| The Georgia Sun
Learn about detecting multi-stage infection chains using Cloudflare tunnel infrastructures delivering RATs.| Sekoia.io Blog
ClearFake spreads malware via compromised websites, using fake CAPTCHAs, JavaScript injections, and drive-by downloads.| Sekoia.io Blog
Сybercrime has been growing, and hackers are invading your systems and networks to steal data, install malware, and more. So why do these individuals commit attacks in cyberspace? The way to gain a better understanding of the mindset of different types of hackers is to be able to better protect your| Retail Technology Innovation Hub
Matthijs van Amelsfort is directeur van het NCSC. Ruimte geven aan vakmensen kenmerkt zijn leiderschapsstijl. “Houd het oog op de bal en vooral op het team.”| Digitale Overheid
Delve into Finance-related cyber threats in 2024. Our report highlights major actors and tactics impacting the financial sector.| Sekoia.io Blog
© 2025 Peter N. M. Hansteen| That grumpy BSD guy
A commendable attack data dump, lightly analyzed.| That grumpy BSD guy
Natalia here speaks to our imaginary friend 185.150.184.92| That grumpy BSD guy
Discover the challenges of ClickFix12 and the newly identified I2PRAT. Uncover the advanced techniques employed by this multi-stage RAT.| Sekoia.io Blog
Threat actors continue to probe the payments ecosystem for vulnerabilities and were successful in conducting fraud schemes.| Help Net Security
The threat of deepfakes lies not in the technology itself, but in people's natural tendency to trust what they see.| Help Net Security