Latest CyberSec News by @thecyberpicker

Meta executives settled a shareholders' lawsuit alleging continuous disregard of privacy regulations for the price of $8 billion.

Microsoft will be at Black Hat USA 2025, August 5–7 in Las Vegas, and we’re bringing you a unified, practitioner-driven experience built around real-world insights, threat intelligence, incident response, and hands-on AI expertise.  We believe security teams are strongest when intelligence, tools, and deep expertise come together. At Microsoft, we’ve eliminated internal silos between threat intelligence, red teaming, incident response, and product engineering. That closed-loop system lets us move faster, translating threat signals into global protection every day.   This integration isn’t theoretical. It means when researchers detect a threat through our global network, that information flows directly to the red team stress-testing our defenses, the incident responders investigating real intrusions, and the engineering teams building new mitigations; all at once. It's a system designed to learn, adapt, and protect at scale. At Black Hat, we’re opening that loop so you can see how it works and inviting you to see how it can help you defend at AI speed. Want to meet the people behind our operations? Request an invite to our Black Hat VIP mixer.  Start your Black Hat journey early with the Microsoft Threat Intelligence Podcast  Before Black Hat kicks off, hear from Black Hat NOC lead Grifter and Lintile in our latest episode of the Microsoft Threat Intelligence Podcast. They explore what it takes to secure one of the world’s most high-profile cybersecurity conferences, what the Black Hat Network Operations Center (NOC) sees in real time, and how defenders can apply those lessons to their own environments. Whether you're attending in person or following along remotely, this episode offers a rare look into threat activity and security insights from inside the NOC.  Meet us at Booth 2246: Conversations, not presentations. Figure 1: Crowd at Booth 2246 Skip the crowded theater sessions and pull up a chair. Throughout the day, we’re hosting informal conversations at our mobile podcast studio and then shifting to expert meetups where your questions will be answered. At booth 2246, you’ll hear directly from Microsoft security experts on what they’re seeing, and how you can apply it. Topics include:  Addressing the ransomware threat landscape  Defending against BEC attacks  Shifts in social engineering and phishing  Securing non-human identities (agents)  And a few surprises  We’ll also be inviting our friends from the Microsoft Threat Intelligence Podcast, Microsoft BlueHat podcast (MSRC), GitHub, and a few special guests.  Each session is a chance to hear what our teams are seeing in the wild, how we’re responding, and how you can apply those insights in your own environment. Whether it's a live threat briefing, a deep dive into red teaming, or a behind-the-scenes look at real incident response, these are unscripted, interactive discussions designed for defenders and researchers.   Demos of Microsoft Defender, Microsoft Entra, Microsoft Purview, and Microsoft Security Copilot will run throughout the week. Stop by to talk shop, ask questions, or just get a clearer view of why our AI-first, end-to-end platform is designed to help you move faster, respond with precision, and adapt to new threats with confidence.  Connect with the experts at our VIP Mixer Figure 2: Microsoft Security VIP Mixer  You’re invited to connect with the people behind the defense at our VIP Mixer on Wednesday, Aug. 6. Join Microsoft Security for an evening of conversations, insights, and connections with our threat intelligence, incident response, and Security Copilot teams, alongside your peers from across the security community.   Whether you're exploring how to put AI agents to work, navigating advanced threats, or evolving your detection and response strategy, this is your chance to meet the experts and teams helping defenders stay ahead.   Security is a team sport, and we would like to thank Armor, Cyberproof, Forescout, Ontinue and Security Risk Advisors members of the Microsoft Intelligent Security Association (MISA) for sponsoring this event.  Drinks and appetizers will be provided. Request to attend today!     Session Spotlight: Gain practical strategies for unmasking cyber threats  Thursday, August 7 | 12:15–12:40 PM   In a threat landscape shaped by AI and threat actors, cybersecurity teams need more than tools; they need the right mindset, collaboration models, and playbooks to stay ahead. During our main stage session, we will bring together frontline experts from Microsoft Security—Sherrod DeGrippo, Director, Threat Intelligence Strategy, Aarti Borkar, Corporate Vice President, Customer Success and Incident Response, Andrew Rapp, Leader, Incident Response and Simeon Kakpovi, —to share how they approach high-impact intrusions and what defenders everywhere can take away from it.  This session will offer practical strategies grounded in real-world operations, including:  How to build tighter alignment across threat intel, IR, and detection teams  Approaches to reduce friction and accelerate signal-to-action response time  Lessons from tracking threat actors focused on social engineering and ransomware  Ways to adapt red teaming and detection in a rapidly evolving AI landscape  Whether you're refining your team’s structure or looking for sharper ways to think about advanced threats, this conversation will deliver actionable insight you can bring back to your own environment.  Inside Look: How Microsoft Red Teams Stay in Sync  Wednesday, August 6 | 11:25–11:45 AM  What happens when red teams operate not in isolation, but as a connected part of a broader defense ecosystem?  Microsoft security experts Ram Shankar Siva Kumar (founder of the AI Red Team) and Craig Nelson (Microsoft Red Team) will explore how traditional and AI red teams work side by side to proactively test Microsoft’s products, platforms, and AI systems.  You’ll hear how these teams:  Identify systemic risks across cloud and enterprise services  Probe generative AI systems for jailbreaks and indirect misuse  Collaborate with MSRC and threat researchers to close the loop from discovery to defense  Embed red teaming into engineering cycles, not just as a check, but as a design influence  Whether you’re red-teaming your own products or rethinking how to operationalize adversarial testing, this session will offer lessons in collaboration, tooling, and mindset from two of the most advanced offensive security teams in the industry.  Exchange ideas with other MISA members  The Microsoft booth will include a featured partner demo station where 7 partners from the Microsoft Intelligent Security Association (MISA) will showcase how their solutions together with Microsoft Security technology help defend our mutual customers from cybersecurity threats.   Connect with us at the Microsoft booth to find out more.   Figure 3: MISA Demo Station Connect with us at Black Hat US  Cybersecurity is a team sport and defending against threats takes a cohesive approach that brings multiple disciplines and experts across specialties together. We’re committed to eliminating internal silos to focus on threat hunting that supports a comprehensive defense.   You’ll hear more of this approach and how it can benefit your organization at Black Hat US.  Check out Microsoft Security executives at the AI Summit at Black Hat (separate pass required)  Request to attend our VIP Mixer to meet the experts behind Microsoft threat intelligence, incident response, and the Microsoft Security Response Center.  Discover how our end-to-end platform can help you strengthen resilience and elevate your security posture.  Get an exclusive $200 briefings and $100 business hall pass discount to share with your customers and prospects.   Sign up for a one-on-one meeting with Microsoft Security experts.  Listen to our Threat Intelligence Podcast.  Visit us in Booth #2246 for a live demo and learn how our AI-powered cybersecurity can protect your organization.     Hope to see you at Black Hat! 

Selon la société de cybersécurité Proofpoint, les campagnes de cyberespionnage contre l’industrie taïwanaise des semi-conducteurs ont nettement augmenté au printemps 2025. Au cœur des opérations : un malware nommé Voldemort, capable de recueillir des informations précieuses dans un secteur hautement stratégique. Au

The Japanese police have released a Phobos and 8-Base ransomware decryptor that lets victims recover their files for free, with BleepingComputer confirming that it successfully decrypts files.

Total malware notifications from MS-ISAC monitoring services decreased 18% from Q1 2025 to Q2 2025. Read our Top 10 Malware Q2 2025 for more.

The Senate Intelligence Committee chairman questioned the security of Microsoft’s “digital escort” arrangement with its Chinese employees.

"We've seen hype cycles before, but this one is a little different," Mark Ryland, director of security at Amazon, told CIO Dive.

The sanctions target 18 military intelligence officers and three divisions of the Russian military unit known as the GRU.

Researchers are seeing exploitation attempts for the CVE-2025-48927 vulnerability in the TeleMessage SGNL app, which allows retrieving usernames, passwords, and other sensitive data.

The US CISA has issued advisories for Industrial Control Systems vulnerabilities affecting multiple vendors including Johnson Controls, ABB, Hitachi Energy, and Schneider Electric

SOC 1 reports verify internal controls for financial data, which is essential for trust, sales, and SOX compliance. Here's when and why you need one.

This week in cybersecurity from the editors at Cybercrime Magazine

Russian military intelligence-linked hackers are using a new malware called “Authentic Antics” to secretly access Microsoft cloud email accounts, the UK's NCSC reports

APT28 targets Ukrainian government officials with a phishing campaign delivering LAMEHUG malware, utilizing Alibaba Cloud’s LLM for data harvesting.

La Federal Communications Commission (FCC) s’apprête, lors d'un vote prévu début août 2025, à instaurer des mesures drastiques pour bannir toute technologie ou tout équipement chinois des câbles sous-marins reliant l’Amérique au reste du monde.  Les États-Unis s’apprêtent à franchir un cap inédit dans la guerre

The Chinese have a new tool called Massistant. Massistant is the presumed successor to Chinese forensics tool, “MFSocket”, reported in 2019 and attributed to publicly traded cybersecurity company, Meiya Pico. The forensics tool works in tandem with a corresponding desktop software. Massistant gains access to device GPS location data, SMS messages, images, audio, contacts and phone services. Meiya Pico maintains partnerships with domestic and international law enforcement partners, both as a surveillance hardware and software provider, as well as through training programs for law enforcement personnel...

Ukraine’s CERT-UA has identified a new AI-powered malware, dubbed “LameHug,” which executes commands on compromised Windows systems in cyber-attacks, targeting the nation’s security and defense sector

This article discusses why IT leaders must think beyond backup and embrace cyber resilience to survive and thrive in the ransomware age.

Critical NVIDIA vulnerability CVE-2025-23266 impacts 37% of cloud services, allowing privilege escalation and data tampering.

Google sues 25 Chinese entities over BADBOX 2.0 botnet infecting 10M Android devices, fueling ad fraud.

OpenAI's next foundational and state-of-the-art model, GPT-5, is still on its way after a delay. OpenAI won't tell us the release date for now.

Comparitech found that healthcare ransomware attacks rose 4% in H1 2025, a significantly lower rate than the cross-sector average of 50%

A cryptomining botnet active since 2019 has incorporated likely AI-generated Lcryx ransomware into its operations

VMware patched flaws disclosed during the Pwn2Own Berlin 2025 hacking contest, where researchers earned $340,000 for exploiting them.

A modern AI-based SOC platform must adapt in real time to handle alert overloads and fast-moving threats, surpassing traditional SIEM tools.

Sur Instagram ou Facebook, Meta force désormais ses utilisateurs à faire un choix clair : payer pour naviguer sans publicité ou bien accepter le traitement de vos données personnelles pour continuer à utiliser les réseaux sociaux gratuitement. Depuis quelques jours, vous avez peut-être eu la surprise de voir une

Security researchers recently revealed that the personal information of millions of people who applied for jobs at McDonald's was exposed after they guessed the password ("123456") for the fast food chain's account at Paradox.ai, a company that makes artificial intelligence…

Palo Alto, Calif., July 17, 2025, CyberNewswire — SquareX announced the official launch of The Browser Security Field Manual at Black Hat USA 2025. In addition to a comprehensive practical guide to the latest TTPs attackers are using to target employees in the browser, this comprehensive manual features industry perspectives from leading CISOs from multiple

A critical Citrix NetScaler vulnerability, tracked as CVE-2025-5777 and dubbed "CitrixBleed 2," was actively exploited nearly two weeks before proof-of-concept (PoC) exploits were made public, despite Citrix stating that there was no evidence of attacks.

The Matanbuchus malware loader has been seen being distributed through social engineering over Microsoft Teams calls impersonating IT helpdesk.