Tag: defense

Phishing Scams Weaponize Common Apps to Fool Users

Oct 22, 2025 2:26 PM

Tags: ai, attack, defense, fraud, identity, phishing, scam, tactics, theft

From fake PDFs to AI voice scams, phishing attacks are evolving fast. Learn key tactics and defenses to protect against fraud, identity theft, and account loss. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/phishing-scams-weaponize-common-apps-to-fool-users/
‘I am not a robot’: Russian hackers use fake CAPTCHA lures to deploy espionage tools

Oct 22, 2025 2:26 PM

Tags: access, attack, authentication, awareness, captcha, ceo, communications, control, credentials, cyber, cybersecurity, data, defense, detection, edr, email, endpoint, espionage, exploit, group, hacker, incident response, least-privilege, login, malicious, malware, mfa, monitoring, network, phishing, powershell, russia, strategy, tactics, theft, threat, tool, training, update, vulnerability, vulnerability-management, zero-trust

Evolving tactics and strategies: Analysts said ColdRiver, which for years focused on credential theft and email account compromise, is shifting toward multi-stage intrusions that rely on users to execute malicious code.By using ClickFix pages that mimic CAPTCHA verification screens, the group can bypass email security filters and deliver malware directly to victims’ devices, increasing the…
4 factors creating bottlenecks for enterprise GenAI adoption

Oct 22, 2025 12:26 PM

Tags: access, ai, api, authentication, blockchain, business, cloud, compliance, computing, control, data, ddos, defense, email, finance, fintech, firewall, framework, governance, infrastructure, injection, leak, least-privilege, LLM, metric, privacy, RedTeam, risk, sap, service, software, strategy, supply-chain, switch, technology, tool, unauthorized, zero-trust

see and do. Unlike traditional models, where erecting digital walls at the perimeter can secure the system, GenAI systems can be attacked with prompt injections, agentic manipulations or shadow models created by reverse engineering.Perimeter defenses, like firewalls, authentication and DDoS protection, are crucial, but they only control who can access the system or how much data can…
Salesforce’s glaring Dreamforce omission: Vital security lessons from Salesloft Drift

Oct 22, 2025 10:26 AM

Tags: access, advisory, ai, api, attack, authentication, best-practice, breach, ciso, cloud, control, cybersecurity, data, defense, email, exploit, finance, framework, healthcare, iam, Internet, LLM, login, malicious, mfa, monitoring, network, okta, password, risk, saas, service, software, supply-chain, threat, tool, unauthorized

The biggest blind spot: When companies delegate access to third parties via OAuth integrations, it creates a systemic security blind spot that spans all industries.By stealing those tokens, attackers can gain access to all connected systems. “Authorizing a malicious connected app bypasses many traditional defenses such as MFA, password resets and login monitoring, and because…
Salesforce’s glaring Dreamforce omission: Vital security lessons from Salesloft Drift

Oct 22, 2025 10:26 AM

Tags: access, advisory, ai, api, attack, authentication, best-practice, breach, ciso, cloud, control, cybersecurity, data, defense, email, exploit, finance, framework, healthcare, iam, Internet, LLM, login, malicious, mfa, monitoring, network, okta, password, risk, saas, service, software, supply-chain, threat, tool, unauthorized

The biggest blind spot: When companies delegate access to third parties via OAuth integrations, it creates a systemic security blind spot that spans all industries.By stealing those tokens, attackers can gain access to all connected systems. “Authorizing a malicious connected app bypasses many traditional defenses such as MFA, password resets and login monitoring, and because…
MITRE ATTCK is Deprecating a Tactic: 3 Takeaways from the “Defense Evasion” Break-up

Oct 22, 2025 5:26 AM

Tags: defense, mitre, soc, tactics

MITRE ATT&CK v18 is deprecating Defense Evasion (TA0005). Learn about the new Stealth and Impair Defenses tactics and what SOC teams need to do next. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/mitre-attck-is-deprecating-a-tactic-3-takeaways-from-the-defense-evasion-break-up/
Dead-Drop Resolvers: Malware’s Quiet Rendezvous and Why Adaptive Defense Matters

Oct 22, 2025 5:26 AM

Tags: blockchain, ciso, control, data, defense, detection, dns, framework, github, infrastructure, malware, military, mitre, network, service, threat

At this weekend’s BSides NYC, Dr. Jonathan Fuller, CISO of the U.S. Military Academy at West Point, delivered an extremely clear talk on how modern malware hides its command-and-control (C2) infrastructure through dead-drop resolvers. Fuller, who co-authored Georgia Tech’s VADER project, described how adversaries increasingly use public platforms-GitHub, Dropbox, Pastebin, even blockchain transactions-as-covert meeting points…
Stopping Coordinated Attacks from Mumbai – Application Detection Response – Contrast Security

Oct 22, 2025 12:26 AM

Tags: attack, credentials, defense, detection, edr, exploit, framework, india, infrastructure, rce, remote-code-execution, waf
INCYBER Forum Canada 2025: Collaboration Wins Over Compliance

Oct 21, 2025 8:26 PM

Tags: ai, compliance, defense, resilience, risk, supply-chain

At INCYBER Forum Canada 2025, leaders from across sectors explored AI, supply-chain risk, and culture-driven defense, stressing that true resilience is built together. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/incyber-forum-canada-2025-collaboration-wins-over-compliance/
Security patch or self-inflicted DDoS? Microsoft update knocks out key enterprise functions

Oct 21, 2025 3:26 PM

Tags: api, authentication, banking, control, cryptography, ddos, defense, flaw, government, microsoft, network, tool, update, windows

Malfunctioning devices, failed connections, and installation errors: Update KB5066835 can also cause USB devices, including keyboards and mice, to malfunction in WinRE, preventing navigation in recovery mode. However, the keyboard and mouse do continue to work normally within the Windows OS. Microsoft has now released an out-of-band update, KB5070773, to address the issue.Additionally, the security…
Dataminr’s $290 million ThreatConnect deal expands AI for real-time cyber defense

Oct 21, 2025 3:26 PM

Tags: ai, cyber, data, defense

Dataminr has announced its intent to acquire ThreatConnect in a transaction valuing the company at $290 million. The fusion of Dataminr’s AI platform for public data signals … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/21/dataminr-threatconnect-acquisition/
US NSA alleged to have launched a cyber attack on a Chinese agency

Oct 21, 2025 1:26 PM

Tags: access, attack, authentication, breach, china, ciso, cloud, communications, control, country, cyber, cybersecurity, defense, finance, hacker, infrastructure, international, login, malicious, mfa, monitoring, network, RedTeam, resilience, sans, service, spy, supply-chain, technology

“NSA does not confirm nor deny allegations in the media regarding its operations. Our core focus is countering foreign malign activities persistently targeting American interests, and we will continue to defend against adversaries wishing to threaten us.”The Chinese post says the country “shattered the US cyber attack plot of stealing secrets and infiltration and sabotage,…
US NSA alleged to have launched a cyber attack on a Chinese agency

Oct 21, 2025 1:26 PM

Tags: access, attack, authentication, breach, china, ciso, cloud, communications, control, country, cyber, cybersecurity, defense, finance, hacker, infrastructure, international, login, malicious, mfa, monitoring, network, RedTeam, resilience, sans, service, spy, supply-chain, technology

“NSA does not confirm nor deny allegations in the media regarding its operations. Our core focus is countering foreign malign activities persistently targeting American interests, and we will continue to defend against adversaries wishing to threaten us.”The Chinese post says the country “shattered the US cyber attack plot of stealing secrets and infiltration and sabotage,…
Securing AI to Benefit from AI

Oct 21, 2025 1:26 PM

Tags: ai, cyber, defense, intelligence

Artificial intelligence (AI) holds tremendous promise for improving cyber defense and making the lives of security practitioners easier. It can help teams cut through alert fatigue, spot patterns faster, and bring a level of scale that human analysts alone can’t match. But realizing that potential depends on securing the systems that make it possible.Every organization…
UK Ministry of Defense Probes Military Contractor Data Leak

Oct 20, 2025 10:40 PM

Tags: breach, data, data-breach, defense, group, hacker, leak, military, ransomware, russia

Ransomware Group Lynx Reportedly Stole 4TB of Data. The U.K. Ministry of Defense is investigating an apparent data breach by Russian-speaking ransomware hackers of a building facilities contractor with ties to the military. The Lynx ransomware group posted on its darkweb site samples of what it says is 4 terabytes of data stolen from the…
âš¡ Weekly Recap: F5 Breached, Linux Rootkits, Pixnapping Attack, EtherHiding & More

Oct 20, 2025 3:40 PM

Tags: attack, breach, defense, linux, tactics, threat, update

It’s easy to think your defenses are solid, until you realize attackers have been inside them the whole time. The latest incidents show that long-term, silent breaches are becoming the norm. The best defense now isn’t just patching fast, but watching smarter and staying alert for what you don’t expect.Here’s a quick look at this…
Beyond Bot Management: Why Reverse Proxy Phishing Demands a New Defense Strategy

Oct 20, 2025 1:40 PM

Tags: credentials, defense, government, phishing, strategy, theft

The scale of credential theft through phishing has reached alarming proportions. Recent analysis of the LabHost phishing operation reveals that nearly 990,000 Canadians were directly victimized, with attackers primarily targeting private sector enterprises (76%) over government agencies (24%). The operation generated over 1.2 million total incidents across Canada, resulting in hundreds of millions of dollars……
Foreign hackers breached a US nuclear weapons plant via SharePoint flaws

Oct 20, 2025 9:40 AM

Tags: access, attack, authentication, breach, china, control, corporate, cve, cyber, cybercrime, cybersecurity, data, defense, exploit, flaw, framework, government, group, hacker, identity, infrastructure, intelligence, Intruder, korea, microsoft, monitoring, network, ransomware, reverse-engineering, risk, russia, supply-chain, tactics, technology, theft, threat, vulnerability, zero-day, zero-trust

China or Russia? Conflicting attribution: Microsoft attributed the broader wave of SharePoint exploitations to three Chinese-linked groups: Linen Typhoon, Violet Typhoon, and a third actor it tracks as Storm-2603. The company said the attackers were preparing to deploy Warlock ransomware across affected systems.However, the source familiar with the Kansas City incident tells CSO that a…
Cybersecurity Snapshot: F5 Breach Prompts Urgent U.S. Gov’t Warning, as OpenAI Details Disrupted ChatGPT Abuses

Oct 17, 2025 11:07 PM

Tags: ai, attack, awareness, backdoor, breach, business, chatgpt, china, cisa, cloud, control, corporate, cve, cyber, cybersecurity, data, data-breach, defense, detection, exploit, framework, fraud, governance, government, group, hacker, incident, infrastructure, Internet, iran, law, LLM, malicious, malware, mitigation, monitoring, network, openai, organized, phishing, privacy, resilience, risk, russia, scam, security-incident, service, software, strategy, supply-chain, technology, threat, training, update, vulnerability

F5’s breach triggers a CISA emergency directive, as Tenable calls it “a five-alarm fire” that requires urgent action. Meanwhile, OpenAI details how attackers try to misuse ChatGPT. Plus, boards are increasing AI and cyber disclosures. And much more! Key takeaways A critical breach at cybersecurity firm F5, attributed to a nation-state, has triggered an urgent…
TDL 007 – Cyber Warriors Digital Shadows: Insights from Canada’s Cybersecurity Leader

Oct 17, 2025 9:07 PM

Tags: ai, awareness, backup, breach, browser, business, cio, ciso, communications, conference, control, corporate, country, cryptography, cyber, cybersecurity, dark-web, data, data-breach, defense, dns, email, encryption, finance, government, healthcare, identity, incident, infrastructure, intelligence, Internet, jobs, law, leak, linux, malicious, mfa, mitigation, network, organized, phone, privacy, ransom, ransomware, RedTeam, resilience, risk, risk-management, router, service, startup, strategy, supply-chain, switch, tactics, technology, theft, threat, tool, training, windows

Summary In this episode of The Defender’s Log, host David Redekop interviews Sami Khoury, the Senior Official for Cybersecurity for the Government of Canada. With a career spanning 33 years at the Communication Security Establishment (CSE), Khoury shares how a coincidental job application blossomed into a lifelong passion for national security. Khoury emphasizes that modern…
Critical ASP.NET core vulnerability earns Microsoft’s highest-ever severity score

Oct 17, 2025 3:07 PM

Tags: access, advisory, api, attack, authentication, cvss, defense, exploit, flaw, framework, github, guide, Internet, microsoft, risk, update, vulnerability

The CVSS confusion: Despite Dorrans’ cautious assessment of the actual risk, the 9.9 CVSS rating has caused considerable confusion among developers, with many questioning whether the vulnerability truly warrants such an extreme severity score.Dorrans addressed this directly in the GitHub discussion, explaining that Microsoft’s scoring methodology accounts for worst-case scenarios.”On its own for ASP.NET Core,”…
Identity Security: Your First and Last Line of Defense

Oct 17, 2025 2:07 PM

Tags: access, ai, automation, defense, identity, office

The danger isn’t that AI agents have bad days, it’s that they never do. They execute faithfully, even when what they’re executing is a mistake. A single misstep in logic or access can turn flawless automation into a flawless catastrophe.This isn’t some dystopian fantasy”, it’s Tuesday at the office now. We’ve entered a new phase…
Identity Security: Your First and Last Line of Defense

Oct 17, 2025 2:07 PM

Tags: access, ai, automation, defense, identity, office

The danger isn’t that AI agents have bad days, it’s that they never do. They execute faithfully, even when what they’re executing is a mistake. A single misstep in logic or access can turn flawless automation into a flawless catastrophe.This isn’t some dystopian fantasy”, it’s Tuesday at the office now. We’ve entered a new phase…
New Tech Support Scam Exploits Microsoft Logo to Steal User Credentials

Oct 17, 2025 1:07 PM

Tags: computing, credentials, cyber, defense, exploit, microsoft, phishing, scam, social-engineering, tactics, threat

Microsoft’s name and branding have long been associated with trust in computing, security, and innovation. Yet a newly uncovered campaign by the Cofense Phishing Defense Center demonstrates that even the most recognized logos can be hijacked by threat actors to exploit user trust. By blending classic social engineering tactics with advanced deceptive overlays, this scam…
Microsoft Report Warns of AI-Powered Automation in Cyberattacks and Malware Creation

Oct 17, 2025 12:07 PM

Tags: ai, automation, cyber, cyberattack, cybercrime, data, defense, incident, intelligence, malware, microsoft, phishing, vulnerability

Cybercriminals are weaponizing artificial intelligence to accelerate malware development, discover vulnerabilities faster, and create more sophisticated phishing campaigns, according to Microsoft’s latest Digital Defense Report covering trends from July 2024 through June 2025. In 80% of the cyber incidents Microsoft investigated last year, attackers sought to steal data primarily for profit rather than intelligence gathering.…
Security Teams Must Deploy Anti-Infostealer Defenses Now

Oct 17, 2025 11:07 AM

Tags: cybersecurity, defense

At ISACA Europe 2025, cybersecurity consultant Tony Gee shared some technical measures security teams could implement to fight against the infostealer scourge First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/deploy-antiinfostealer-defenses/
F5 Security Incident Advisory

Oct 17, 2025 9:09 AM

Tags: access, advisory, application-security, attack, authentication, awareness, backdoor, best-practice, breach, china, cisa, compliance, control, corporate, cve, cvss, cybersecurity, data, data-breach, defense, detection, dos, endpoint, espionage, exploit, finance, flaw, government, group, guide, hacker, Hardware, identity, infrastructure, Internet, Intruder, malicious, malware, mitigation, monitoring, network, phishing, PurpleTeam, radius, rce, remote-code-execution, risk, risk-assessment, security-incident, service, software, strategy, technology, theft, threat, training, unauthorized, update, vulnerability, zero-day, zero-trust

Executive SummaryOn October 15, 2025, F5 Networks publicly disclosed a serious security breach involving a nation-state threat actor. The intruders maintained long-term, persistent access to F5’s internal systems”, specifically the BIG-IP product development environment and engineering knowledge management platforms. F5 first detected unauthorized activity on August 9, 2025, but delayed public disclosure until mid-October as directed by…
Deutschland größtes Hacker-Ziel in der EU

Oct 17, 2025 9:09 AM

Tags: authentication, china, cyberattack, defense, extortion, germany, hacker, iran, login, mail, mfa, microsoft, north-korea, password, phishing, ransomware, software, ukraine

Laut einer Studie von Microsoft richteten sich 3,3 Prozent aller Cyberangriffe weltweit im ersten Halbjahr 2025 gegen Ziele in Deutschland.Kein Land in der Europäischen Union steht so sehr im Fokus von kriminellen Hackern wie Deutschland. Das geht aus dem Microsoft Digital Defense Report 2025 hervor, den der Software-Konzern in Redmond veröffentlicht hat. Danach richteten sich…
SAP zero-day wake-up call: Why ERP systems need a unified defense

Oct 17, 2025 8:07 AM

Tags: business, defense, sap, zero-day

In this Help Net Security video, Paul Laudanski, Director of Research at Onapsis, discusses key lessons from the SAP zero-day vulnerability. He explains why business-critical … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/17/sap-zero-day-security-video/
SAP zero-day wake-up call: Why ERP systems need a unified defense

Oct 17, 2025 8:07 AM

Tags: business, defense, sap, zero-day

In this Help Net Security video, Paul Laudanski, Director of Research at Onapsis, discusses key lessons from the SAP zero-day vulnerability. He explains why business-critical … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/17/sap-zero-day-security-video/