Latest CyberSec News by @thecyberpicker

Cisco Talos discovered UAT-7237, a Chinese-speaking advanced persistent threat (APT) group active since at least 2022, which has significant overlaps with UAT-5918.

Agentic AI shifts privacy from control to trust, challenging laws like GDPR and risking legal exposure.

U.S. sanctions Garantex, successor Grinex, after $100M illicit crypto flow fuels ransomware and sanctions evasion.

Plex has notified some of its users on Thursday to urgently update their media servers due to a recently patched security vulnerability.

Porn sites are hiding code in .svg files: Unpacking the attack took work because much of the JavaScript in the .svg images was heavily obscured using a custom version of “JSFuck,” a technique that uses only a handful of character types to encode JavaScript into a camouflaged wall of text. Once decoded, the script causes the browser to download a chain of additional obfuscated JavaScript. The final payload, a known malicious script called Trojan.JS.Likejack, induces the browser to like a specified Facebook post as long as a user has their account open...

Cisco has issued a software update to address the vulnerability, which can allow an unauthenticated, remote attacker to inject arbitrary shell commands

A new Checkmarx study reveals that AI-generated code now accounts for over 60% of codebases in some companies, much of which contains known vulnerabilities

Blue Locker ransomware hits Pakistan’s oil & gas sector, severely impacting Pakistan Petroleum; NCERT warns ministries of severe ongoing risk

Cisco patches critical Secure Firewall Management Center flaw allowing remote code execution on vulnerable systems.

A RUSI report warned that money mules are exploiting inadequate security controls in smaller payment service providers to move fraudulent transactions about

C'est une rengaine, devenue presque un passage obligatoire dans de nombreux magasins en France. Au moment de payer, pour profiter d'une remise ou pour créer une carte de fidélité, le client est prié de donner tout un tas de données personnelles. Pourquoi ? Quelles sont les obligations des commerçants ? Et les droits

The U.S. Department of the Treasury has announced sanctions against Grinex, the successor to Russian cryptocurrency exchange Garantex, which was previously sanctioned for helping ransomware gangs launder their money.

Cisco patches CVSS 10.0 FMC RADIUS flaw allowing remote code execution, urging immediate updates.

Learn how the CIS IT team successfully implemented CIS Benchmarks in a Virtual Desktop Infrastructure (VDI) environment—specifically focusing on Windows 11.

Cyber threat actors continue to target law enforcement agencies. Here are five cyber questions LE executives can ask to evaluate their defenses.

Cyber threat actors frequently use a botnet in their efforts to target U.S. critical infrastructure. Read on for how to defend your networks.

Hackers breached Canada ’s House of Commons, exploiting a recent Microsoft flaw, compromising data, according to CBC News.

The State Department also announced financial rewards totaling up to $6 million for information leading to the arrest or conviction of Garantex’s leaders.

More than $300 million worth of cryptocurrency linked to cybercrime and fraud schemes has been frozen due to two separate initiatives involving law enforcement and private companies.

Defend against PhantomCard, SpyBanker, and KernelSU exploits—secure banking, block NFC fraud, and stop Android malware today.

Hazel braves Vegas, overpriced water and the Black Hat maze to bring you Talos’ latest research — including a deep dive into the PS1Bot malware campaign.

Norway’s security service PST says pro-Russian hackers took over a dam in April, opening outflow valves.....

The Treasury Department added the cryptocurrency exchange Grinex and other entities to existing sanctions against Garantex, a Russian platform seized earlier this year.

The Crypto24 ransomware group has been using custom utilities to evade security solutions on breached networks, exfiltrate data, and encrypt files.

Most of the stolen funds were siphoned in Ethereum, with more than $38.6 million taken out of the platform. The other $10 million was spread across multiple cryptocurrencies, according to security firm PeckShield.

Microsoft has resolved a known issue that triggers Cluster service and VM restart issues after installing July's Windows Server 2019 security updates.

The Norwegian Police Security Service (PST) says that pro-Russian hackers took control of critical operation systems at a dam and opened outflow valves.

MadeYouReset exploit bypasses HTTP/2 Rapid Reset mitigations, affecting major servers and enabling large-scale DoS attacks.

As threats to critical infrastructure grow and government funding stagnates, operators are turning to civic-minded volunteers from the cybersecurity industry.