Volt Typhoon Accessed US OT Network for Nearly a Year
Volt Typhoon's ten-month intrusion of Littleton Electric Light and Water Departments exposes vulnerabilities in the US electric grid
Latest CyberSec News by @thecyberpicker
How MSRC coordinates vulnerability research and disclosure while building community
Learn about the Microsoft Security Response Center, which investigates vulnerabilities and releases security updates to help protect customers from cyberthreats.
CISA, FBI Warn of Medusa Ransomware Impacting Critical Infrastructure
CISA and FBI warn of Medusa ransomware impacting over 300 victims across critical infrastructure sectors with double extortion tactics
North Korea-linked APT group ScarCruft spotted using new Android spyware KoSpy
North Korea-linked APT group ScarCruft used a new Android spyware dubbed KoSpy to target Korean and English-speaking users.
Juniper patches bug that let Chinese cyberspies backdoor routers
Juniper Networks has released emergency security updates to patch a Junos OS vulnerability exploited by Chinese hackers to backdoor routers for stealthy access.
FCC launches national security unit to counter state-linked threats to US telecoms
The new council is part of an effort to thwart Salt Typhoon and other cyber espionage groups.
GitLab patches critical authentication bypass vulnerabilities
GitLab released security updates for Community Edition (CE) and Enterprise Edition (EE), fixing nine vulnerabilities, among which two critical severity ruby-saml library authentication bypass flaws.
RIP Mark Klein - Schneier on Security
2006 AT&T whistleblower Mark Klein has died.
Phishing campaign impersonates Booking .com, delivers a suite of credential-stealing malware
Starting in December 2024, leading up to some of the busiest travel days, Microsoft Threat Intelligence identified a phishing campaign that impersonates online travel agency Booking.com and targets organizations in the hospitality industry. The campaign uses a social engineering technique called ClickFix to deliver multiple credential-stealing malware in order to conduct financial fraud and theft. […]
![Microsoft Warns of ClickFix Phishing Campaign Targeting Hospitality Sector via Fake Booking[.]com Emails](https://rdl.ink/render/https%3A%2F%2Fblogger.googleusercontent.com%2Fimg%2Fb%2FR29vZ2xl%2FAVvXsEhM5jI8FVP1tzJaKIu8nlTdOmjGyA2IQAKVRihrTXOM7K3WCMjugET571ivv6PB_-jdsJPrBN7f34R9uF-8JohBpF8ZSey7ZTRmgdpQ8OZ9JwvpBAJujhuOH6zCidExabNOyw2uD7cCscTHAJtzEGLI4KHjHcUbvAunnpfIlm8HjBZVkXPBCCIguGoOfKCB%2Fs728-rw-e365%2Fstorm.png?width=350&height=&ar=16:9&mode=crop&format=avif&dpr=2)
Microsoft Warns of ClickFix Phishing Campaign Targeting Hospitality Sector via Fake Booking[.]com Emails
Microsoft warns of a phishing campaign using ClickFix to spread malware via fake Booking.com emails. Attackers exploit fake CAPTCHA pages to steal cre
‘ClickFix’ Phishing Scam Impersonates Booking.com to Target Hospitality
Microsoft said the ongoing phishing campaign is designed to infect hospitality firms with multiple credential-stealing malware
Don’t let your kids on Roblox if you’re worried, says Roblox CEO
To parents worried about their children's presence on Roblox, the CEO said don't let your kids be on Roblox.
https://www.bleepingcomputer.com/news/security/clickfix-attack-delivers-infostealers-rats-in-fake-bookingcom-emails/
"Nous sommes les seuls à offrir une solution d'IA générative souveraine de bout en bout" (Outscale)
En juillet 2024, Dassault Systèmes annonçait un partenariat avec la pépite Mistral AI, donnant naissance à une nouvelle offre "LMaaS"...-Souveraineté
Cybersécurité : L'italien Cyber Guru s'empare de la plateforme française de sensibilisation Mantra
Cyber Guru, qui développe un outil de sensibilisation en cybersécurité basé sur des modèles de machine learning, met la main sur Mantra,...-Cybersécurité
Medusa ransomware slams critical infrastructure organizations
The ransomware-as-service gang tallied more than 300 victims in industries such as healthcare, manufacturing and technology.
Experts warn of a coordinated surge" in the exploitation attempts of SSRF vulnerabities
Researchers warn of a "coordinated surge" in the exploitation attempts of SSRF vulnerabilities in multiple platforms.
Le gouvernement se prend un retour de manivelle sur les backdoors et le chiffrement
Des sénateurs ont pris position contre l'avis du gouvernement en faisant voter un amendement anti-backdoor (porte dérobée) pour protéger le chiffrement. La mesure a été prise alors qu'un débat a eu lieu à l'Assemblée nationale. Il a concerné une proposition de loi, dont les contours ont fait craindre à un
North Korea’s ScarCruft Deploys KoSpy Malware, Spying on Android Users via Fake Utility Apps
KoSpy spyware targets Android users via fake apps, collecting data while evading detection with Firestore.
![[tl;dr sec] #270 - APT Attack Simulation, AWS Phishing, 7 Security Flywheels](https://rdl.ink/render/https%3A%2F%2Fbeehiiv-images-production.s3.amazonaws.com%2Fuploads%2Fpublication%2Fthumbnail%2F080a561f-2435-4477-a549-ab9f115e047c%2Flandscape_Screenshot_2024-11-21_at_10.48.21_AM.png?width=350&height=&ar=16:9&mode=crop&format=avif&dpr=2)
[tl;dr sec] #270 - APT Attack Simulation, AWS Phishing, 7 Security Flywheels
Repo for simulating Russia, China, DPRK APTs, getting phished by CloudFormation or SSM, 7 flywheels for amplifying your security program
Red Report 2025: Unmasking a 3X Spike in Credential Theft and Debunking the AI Hype
Credential theft surged 3× in a year—but AI-powered malware? More hype than reality. The Red Report 2025 by Picus Labs reveals attackers still rely on proven tactics like stealth & automation to execute the "perfect heist."
The $10 Trillion Question: Can America's Cyber Czar Shrink The Skills Gap?
This week in cybersecurity from the editors at Cybercrime Magazine
How Can Automation Transform GRC and Compliance? | CSA
Automation in GRC streamlines compliance, reduces manual effort, and enhances security. Learn how Continuous Controls Monitoring and AI improve efficiency.
GitHub Uncovers New ruby-saml Vulnerabilities Allowing Account Takeover Attacks
ruby-saml vulnerabilities (CVE-2025-25291, CVE-2025-25292) allow SAML authentication bypass (CVSS 8.8). Update to versions 1.12.4 or 1.18.0 now.
Abusing with style: Leveraging cascading style sheets for evasion and tracking
Cascading Style Sheets (CSS) are ever present in modern day web browsing, however its far from their own use. This blog will detail the ways adversaries use CSS in email campaigns for evasion and tracking.
Tech Complexity Puts UK Cybersecurity at Risk
Palo Alto Networks found that nearly two-thirds of UK organizations cited technology complexity as the most significant challenge towards building a sophisticated security posture
Future-Proofing Business Continuity: BCDR Trends and Challenges for 2025
This article shares the latest trends and challenges in backup and disaster recovery by gathering data from over 3,000 IT pros worldwide. Learn more.
AI Agents: Human or Non-Human? | CSA
AI agents seem like digital employees - they assist with IT support, customer service, and even decision-making - but they differ from humans in critical ways.
Meta warns of actively exploited flaw in FreeType library
Meta warned that a vulnerability, tracked as CVE-2025-27363, impacting the FreeType library may have been exploited in the wild.
INE Security Alert: Using AI-Driven Cybersecurity Training to Counter Emerging Threats
Cary, North Carolina, 13th March 2025, CyberNewsWire