Latest CyberSec News by @thecyberpicker

Latest CyberSec News by @thecyberpicker

30531 bookmarks
Custom sorting
Scattered Spider strikes again? Aviation industry appears to be next target for criminal group | CyberScoop
Scattered Spider strikes again? Aviation industry appears to be next target for criminal group | CyberScoop
The aviation industry has seemingly become the latest target of Scattered Spider, a sophisticated cybercriminal group that has shifted its focus from retail and insurance companies to airlines in what cybersecurity experts describe as a coordinated campaign against the sector.
·cyberscoop.com·
Scattered Spider strikes again? Aviation industry appears to be next target for criminal group | CyberScoop
STRATEGIC REEL: APIs are the new perimeter — and business logic attacks are slipping through
STRATEGIC REEL: APIs are the new perimeter — and business logic attacks are slipping through
APIs have become the digital glue of the enterprise — and attackers know it. Related: API security - the big picture In this debut edition of the Last Watchdog Strategic Reel (LWSR), A10 Networks’ Field CISO Jamison Utter cuts through the noise from RSAC 2025 with a sharp breakdown of today’s API threatscape. From 15,000
·lastwatchdog.com·
STRATEGIC REEL: APIs are the new perimeter — and business logic attacks are slipping through
Scattered Spider hackers shift focus to aviation, transportation firms
Scattered Spider hackers shift focus to aviation, transportation firms
Hackers associated with Scattered Spider tactics have expanded their targeting to the aviation and transportation industries after previously attacking insurance and retail sectors
·bleepingcomputer.com·
Scattered Spider hackers shift focus to aviation, transportation firms
Frappes en Iran : Donald Trump n’apprécie pas les doutes d’une agence de renseignement
Frappes en Iran : Donald Trump n’apprécie pas les doutes d’une agence de renseignement
À la suite des frappes américaines contre trois sites nucléaires iraniens le 22 juin 2025, Donald Trump n’a pas tardé à qualifier l’opération de « succès spectaculaire ». Pourtant, la diffusion d’un rapport confidentiel du renseignement militaire est rapidement venue jeter le doute sur l’ampleur réelle des dégâts
·numerama.com·
Frappes en Iran : Donald Trump n’apprécie pas les doutes d’une agence de renseignement
Russia’s throttling of Cloudflare makes sites inaccessible
Russia’s throttling of Cloudflare makes sites inaccessible
Starting June 9, 2025, Russian internet service providers (ISPs) have begun throttling access to websites and services protected by Cloudflare, an American internet giant.
·bleepingcomputer.com·
Russia’s throttling of Cloudflare makes sites inaccessible
United Natural Foods says cyberattack will reduce quarterly earnings
United Natural Foods says cyberattack will reduce quarterly earnings
The company, which supplies Whole Foods and other grocery stores nationwide, had to disable electronic ordering systems while responding to the attack earlier this month.
·cybersecuritydive.com·
United Natural Foods says cyberattack will reduce quarterly earnings
Critical Citrix Bleed 2 flaw now likely exploited in attacks
Critical Citrix Bleed 2 flaw now likely exploited in attacks
A critical NetScaler ADC and Gateway vulnerability dubbed "Citrix Bleed 2" (CVE-2025-5777) is now likely exploited in attacks, according to cybersecurity firm ReliaQuest, seeing an increase in suspicious sessions on Citrix devices.
·bleepingcomputer.com·
Critical Citrix Bleed 2 flaw now likely exploited in attacks
Citrix Bleed 2 flaw now believed to be exploited in attacks
Citrix Bleed 2 flaw now believed to be exploited in attacks
A critical NetScaler ADC and Gateway vulnerability dubbed "Citrix Bleed 2" (CVE-2025-5777) is now likely exploited in attacks, according to cybersecurity firm ReliaQuest, seeing an increase in suspicious sessions on Citrix devices.
·bleepingcomputer.com·
Citrix Bleed 2 flaw now believed to be exploited in attacks
Implementing CCM: Infrastructure Security Controls | CSA
Implementing CCM: Infrastructure Security Controls | CSA
The CCM includes Virtualization & Infrastructure Security controls about network security, virtualization technology, and the protection of other IT facilities.
·cloudsecurityalliance.org·
Implementing CCM: Infrastructure Security Controls | CSA
Hawaiian Airlines Hit by Cybersecurity Incident
Hawaiian Airlines Hit by Cybersecurity Incident
The US airline said that incident was affecting some of its IT systems, but flights are continuing to operate safely and as scheduled
·infosecurity-magazine.com·
Hawaiian Airlines Hit by Cybersecurity Incident
Navigating Cybersecurity in Indian Manufacturing | CSA
Navigating Cybersecurity in Indian Manufacturing | CSA
As India becomes a global manufacturing anchor, cybersecurity is becoming the frontline of industrial continuity. Is India ready to protect what it builds?
·cloudsecurityalliance.org·
Navigating Cybersecurity in Indian Manufacturing | CSA
Comment une cyberattaque russe a coûté la vie à un patient anglais
Comment une cyberattaque russe a coûté la vie à un patient anglais
Le National Health Service (NHS) britannique a confirmé, le lundi 26 juin 2025, un fait tragique et inédit : la mort d’un patient, officiellement liée à une cyberattaque. Retour sur une affaire qui illustre la réalité des cybermenaces sur les infrastructures critiques. Nous sommes en juin 2024 et le groupe de
·numerama.com·
Comment une cyberattaque russe a coûté la vie à un patient anglais
The Age of Integrity - Schneier on Security
The Age of Integrity - Schneier on Security
We need to talk about data integrity. Narrowly, the term refers to ensuring that data isn’t tampered with, either in transit or in storage. Manipulating account balances in bank databases, removing entries from criminal records, and murder by removing notations about allergies from medical records are all integrity attacks. More broadly, integrity refers to ensuring that data is correct and accurate from the point it is collected, through all the ways it is used, modified, transformed, and eventually deleted. Integrity-related incidents include malicious actions, but also inadvertent mistakes...
·schneier.com·
The Age of Integrity - Schneier on Security
Business Case for Agentic AI SOC Analysts
Business Case for Agentic AI SOC Analysts
AI SOC Analysts reduce false positives by 90%, boost SOC productivity, and tackle the global analyst shortage.
·thehackernews.com·
Business Case for Agentic AI SOC Analysts
Retail giant Ahold Delhaize says data breach affects 2.2 million people
Retail giant Ahold Delhaize says data breach affects 2.2 million people
Ahold Delhaize, one of the world's largest food retail chains, is notifying over 2.2 million individuals that their personal, financial, and health information was stolen in a November ransomware attack that impacted its U.S. systems.
·bleepingcomputer.com·
Retail giant Ahold Delhaize says data breach affects 2.2 million people