Author: Andy Stern
-
DIG AI: Uncensored Darknet AI Assistant at the Service of Criminals and Terrorists
First seen on resecurity.com Jump to article: www.resecurity.com/blog/article/dig-ai-uncensored-darknet-ai-assistant-at-the-service-of-criminals-and-terrorists
-
New password spraying attacks target Cisco, PAN VPN gateways
An automated campaign is targeting multiple VPN platforms, with credential-based attacks being observed on Palo Alto Networks GlobalProtect and Cisco SSL VPN. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-password-spraying-attacks-target-cisco-pan-vpn-gateways/
-
Why AppSec and Network Risk Management Must Be Unified in the Modern Enterprise
See how Mend.io’s ServiceNow integration unifies application, network, and operational risk. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/why-appsec-and-network-risk-management-must-be-unified-in-the-modern-enterprise/
-
The Ultra-Realistic AI Face Swapping Platform Driving Romance Scams
Capable of creating “nearly perfect” face swaps during live video chats, Hoatian has made millions, mainly via Telegram. But its main channel vanished after WIRED’s inquiry into scammers using the app. First seen on wired.com Jump to article: www.wired.com/story/the-ultra-realistic-ai-face-swapping-platform-driving-romance-scams/
-
US seizes E-Note crypto exchange for laundering ransomware payments
Law enforcement has seized the servers and domains of the E-Note cryptocurrency exchange, allegedly used by cybercriminal groups to launder more than $70 million. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/us-seizes-e-note-crypto-exchange-for-laundering-ransomware-payments/
-
Iranian APT ‘Prince of Persia’ Resurfaces With New Tools and Targets
SafeBreach reports the resurgence of the Iranian APT group Prince of Persia (Infy). Discover how these state-sponsored hackers are now using Telegram bots and Thunder and Lightning malware to target victims globally across Europe, India, and Canada. First seen on hackread.com Jump to article: hackread.com/iran-apt-prince-of-persia-resurfaces/
-
Chinese attackers exploiting zero-day to target Cisco email security products
Chinese hackers have been exploiting a vulnerability in a popular Cisco email management tool since late November, the company said in an advisory. First seen on therecord.media Jump to article: therecord.media/chinese-attackers-zero-day
-
Iranian APT ‘Prince of Persia’ Resurfaces With New Tools and Targets
SafeBreach reports the resurgence of the Iranian APT group Prince of Persia (Infy). Discover how these state-sponsored hackers are now using Telegram bots and Thunder and Lightning malware to target victims globally across Europe, India, and Canada. First seen on hackread.com Jump to article: hackread.com/iran-apt-prince-of-persia-resurfaces/
-
Making Sense of Complex Operations With Semantic Data
Tags: dataSemantic Operations First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/making-sense-of-complex-operations-with-semantic-data/
-
US seizes E-Note crypto exchange for laundering ransomware payments
Law enforcement has seized the servers and domains of the E-Note cryptocurrency exchange, allegedly used by cybercriminal groups to launder more than $70 million. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/us-seizes-e-note-crypto-exchange-for-laundering-ransomware-payments/
-
Senate Intel chair urges national cyber director to safeguard against open-source software threats
Tom Cotton, R-Okla., cited Chinese and Russian involvement in open-source tech and the risks to government and defense systems. First seen on cyberscoop.com Jump to article: cyberscoop.com/tom-cotton-open-source-software-foreign-influence-national-cyber-director/
-
Senate Intel chair urges national cyber director to safeguard against open-source software threats
Tom Cotton, R-Okla., cited Chinese and Russian involvement in open-source tech and the risks to government and defense systems. First seen on cyberscoop.com Jump to article: cyberscoop.com/tom-cotton-open-source-software-foreign-influence-national-cyber-director/
-
Der Raspberry-Pi-Weckruf für CISOs
Tags: access, authentication, ceo, ciso, control, cyberattack, dns, firewall, group, hacker, Hardware, infrastructure, linux, monitoring, office, risk, switch, tool, voip, vpnKleines Device, große Wirkung.Mitte Dezember wurde eine Fähre in Besitz der Mediterranean Shipping Company über Stunden in einem französischen Hafen festgesetzt, wie Bloomberg berichtete. Der Grund: Es bestand der Verdacht, dass russische Cyberkriminelle versucht haben, das Netzwerk des Schiffs zu hacken mit einem Raspberry Pi. Dieser war demnach mit einem Mobilfunkmodem gekoppelt, das den Fernzugriff…
-
Surge of credential-based hacking targets Palo Alto Networks GlobalProtect
After weeks of unusual scanning activity, the same campaign took aim at Cisco SSL VPNs. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/credential-based-hacking-palo-alto-networks/808269/
-
China-linked hackers exploit insecure setting in Cisco security products
The company urged customers to immediately reconfigure affected products. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisco-china-cyberattacks-asyncos-configuration/808258/
-
OAuth Device Code Phishing Campaigns Surge Targets Microsoft 365
A surge in phishing attacks exploiting Microsoft’s OAuth device code flow has been identified by Proofpoint First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/oauth-phishing-campaigns/
-
NIS2 compliance: How to get passwords and MFA right
NIS2 puts identity and access controls under the spotlight, with weak passwords and poor authentication now a compliance risk. Specops Software explains how to align password policies and MFA with NIS2 requirements. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/nis2-compliance-how-to-get-passwords-and-mfa-right/
-
Cisco says China-linked hackers exploiting insecure setting in security products
The company urged customers to immediately reconfigure affected products. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisco-china-cyberattacks-asyncos-configuration/808258/
-
Impact of Poor PKI Management: Real-World Consequences and Solutions
Tags: emailIntroduction Safety protocols in the virtual domain are perhaps more important than ever in the current world. There can be no denying that PKI management is one of the most crucial aspects of protecting our increasingly digital world. It is the element of most, if not all, secure transfers such as emails and monetary transactions.Read…
-
SSH vs SSL/TLS: Definitions Differences of Communication Protocols
What is SSL/TLS? SSL and TLS are protocols used on the transport layer, which is used to provide a secure connection between two nodes in a computer network. The first widely used protocol that was aimed to secure the Internet connections was SSL, which was created by Netscape in mid 1995. It uses both publicRead…
-
Tech provider for NHS England confirms data breach
U.K.-based healthcare tech provider DXS International said it discovered and contained a data breach on Sunday. A ransomware gang took credit for the breach. First seen on techcrunch.com Jump to article: techcrunch.com/2025/12/18/tech-provider-for-nhs-england-confirms-data-breach/
-
Crypto theft in 2025: North Korean hackers continue to dominate
When they strike cryptocurrency-related targets, North Korean hacking groups are increasingly aiming for large services where a single breach can move serious money, a new … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/12/18/crypto-theft-2025-north-korean-domination/
-
AI Agent Attacks in Q4 2025 Signal New Risks for 2026
Q4 2025 attacks show early AI agents are already expanding the attack surface, pushing enterprises to rethink AI security for 2026. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/artificial-intelligence/ai-agent-attacks-in-q4-2025-signal-new-risks-for-2026/
-
Ink Dragon Angriffe verwandeln Opfer in Relais-Knoten
Ink Dragon steht exemplarisch für eine neue Generation staatlicher Cyber-Operationen. Angriffe sind keine isolierten Ereignisse mehr, sondern Teil eines größeren, verteilten Systems. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/ink-dragon-angriffe-verwandeln-opfer-in-relais-knoten/a43242/
-
The Power of Large Language Models for Cybersecurity
Our dependence on digital infrastructure has grown exponentially amid unprecedented technological advancements. With this reliance comes an increasingly threatening landscape and expanding attack surfaces. As cyberthreats become more sophisticated, so must our defensive strategies. Enter large language models (LLMs) and domain-specific language models, potent weapons in the fight against threats. LLMs have gained prominence due to..…
-
HPE OneView Flaw Rated CVSS 10.0 Allows Unauthenticated Remote Code Execution
Tags: control, cve, cvss, exploit, flaw, infrastructure, remote-code-execution, software, vulnerabilityHewlett Packard Enterprise (HPE) has resolved a maximum-severity security flaw in OneView Software that, if successfully exploited, could result in remote code execution.The critical vulnerability, assigned the CVE identifier CVE-2025-37164, carries a CVSS score of 10.0. HPE OneView is an IT infrastructure management software that streamlines IT operations and controls all systems via a First…
-
The Future of Quantum-Safe Networks Depends on Interoperable Standards
As quantum computing advances, secure, interoperable standards will be critical to making quantum key distribution (QKD) practical, trusted, and future-proof. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/securing-future-building-quantum-safe-networks-today
-
Raspberry Pi used in attempt to take over ferry
Tags: ceo, control, dns, Hardware, infrastructure, intelligence, malware, monitoring, network, phoneProceed with caution: Villanustre encouraged anyone discovering such a device to proceed cautiously. “Disconnecting the device could result in losing important forensic information if not careful. It’s not too hard to equip the device with a tiny battery or supercapacitor that would give it enough time to wipe itself out if disconnected from the network or…
-
Self-Harm Prevention Kit Guide for Schools: Identifying Risks and Protecting Students
A self-harm prevention kit is becoming an essential part of school safety planning as student mental health challenges continue to rise across the United States. Schools are increasingly responsible for supporting the emotional well-being of their students and creating safe environments that reduce the risk of self-harming behavior, suicide attempts, or harmful coping patterns. The…
-
Another bad week for SonicWall as SMA 1000 zero-day under active exploit
Flaw in remote-access appliance lets attackers chain bugs for root-level takeover First seen on theregister.com Jump to article: www.theregister.com/2025/12/18/sonicwall_sma_1000_0day/