Latest CyberSec News by @thecyberpicker

Learn how the CIS IT team successfully implemented CIS Benchmarks in a Virtual Desktop Infrastructure (VDI) environment—specifically focusing on Windows 11.

Cyber threat actors continue to target law enforcement agencies. Here are five cyber questions LE executives can ask to evaluate their defenses.

Cyber threat actors frequently use a botnet in their efforts to target U.S. critical infrastructure. Read on for how to defend your networks.

Hackers breached Canada ’s House of Commons, exploiting a recent Microsoft flaw, compromising data, according to CBC News.

The State Department also announced financial rewards totaling up to $6 million for information leading to the arrest or conviction of Garantex’s leaders.

More than $300 million worth of cryptocurrency linked to cybercrime and fraud schemes has been frozen due to two separate initiatives involving law enforcement and private companies.

Defend against PhantomCard, SpyBanker, and KernelSU exploits—secure banking, block NFC fraud, and stop Android malware today.

Hazel braves Vegas, overpriced water and the Black Hat maze to bring you Talos’ latest research — including a deep dive into the PS1Bot malware campaign.

Norway’s security service PST says pro-Russian hackers took over a dam in April, opening outflow valves.....

The Treasury Department added the cryptocurrency exchange Grinex and other entities to existing sanctions against Garantex, a Russian platform seized earlier this year.

The Crypto24 ransomware group has been using custom utilities to evade security solutions on breached networks, exfiltrate data, and encrypt files.

Most of the stolen funds were siphoned in Ethereum, with more than $38.6 million taken out of the platform. The other $10 million was spread across multiple cryptocurrencies, according to security firm PeckShield.

Microsoft has resolved a known issue that triggers Cluster service and VM restart issues after installing July's Windows Server 2019 security updates.

The Norwegian Police Security Service (PST) says that pro-Russian hackers took control of critical operation systems at a dam and opened outflow valves.

MadeYouReset exploit bypasses HTTP/2 Rapid Reset mitigations, affecting major servers and enabling large-scale DoS attacks.

As threats to critical infrastructure grow and government funding stagnates, operators are turning to civic-minded volunteers from the cybersecurity industry.

Four men from Ghana were extradited for their alleged role in stealing more than $100 million through romance scams and BEC.

James Kettle argues HTTP/1.1 can never be fully secured, augmenting static analysis with LLMs, Google's talk + OSS tool for detecting malicious insiders

A flaw in KernelSU 0.5.7 allows attackers to impersonate its manager app and gain root access to Android devices

A report by Swimlane shows companies are reducing cybersecurity spending and security teams are experiencing increasing pressure.

A leading trade group said the Trump administration should rein in a major pending cybersecurity rule as well as embrace AI-based cyber defenses.

An ongoing malware campaign has been observed using malvertising to deliver PS1Bot, a PowerShell-based framework

Email attacks on financial services rose 25% year-over-year. Learn why FinServ is a top target and how threat actors exploit trust to deceive employees.

CrossC2-enabled attacks from Sept–Dec 2024 target Linux, overlap with ransomware, bypass EDR for stealth.

Staff were alerted to the data breach on Monday, as CBC News reported based on an internal email that explained the threat actor had accessed a database “containing information used to manage computers and mobile devices.”

Ransomware and infostealers are winning on stealth, not encryption. Picus Blue Report 2025 reveals just 3% of data exfiltration attempts are stopped. Find and fix your biggest exposure gaps before they're exploited.

Threat actors are leveraging a Unicode character to make phishing links appear like legitimate Booking.com links in a new campaign distributing malware. The attack makes use of the Japanese hiragana character, ん, which can, on some systems, appear as a forward slash and make a phishing URL appear realistic to a person at first.

“Telegram and WhatsApp have become the main voice services used for deceit and extortion and for involving Russian citizens in sabotage and terrorist activities,” the country's telecom regulator said in announcing new restrictions.

The Bureau’s Internet Crime Complaint Center has provided a list of indicators for potential cryptocurrency scam victims to avoid a double whammy