Latest Intelligence
In Other News: Prison for Disney Hacker, MITRE ATT&CK v17, Massive DDoS Botnet
A former Disney employee has been sentenced to prison for hacking the company, highlighting the ongoing issues of insider threats in cybersecurity. Additionally, MITRE has released ATT&CK v17, a significant update to its framework, and a massive DDoS botnet has been identified, comprising 1.3 million devices, raising concerns about the scale of such attacks.
South Korean Companies Targeted by Lazarus via Watering Hole Attacks, Zero-Days
South Korean companies have been targeted in a Lazarus campaign known as Operation SyncHole, utilizing watering hole attacks and zero-day vulnerabilities. This campaign highlights the ongoing threat posed by sophisticated cyber espionage groups.
RSA Conference 2025 – Pre-Event Announcements Summary (Part 2)
The RSA Conference 2025 in San Francisco will feature hundreds of companies presenting their latest cybersecurity products and services. This event is significant as it showcases advancements in the cybersecurity industry and highlights emerging threats and solutions.
SAP Confirms Critical NetWeaver Flaw Amid Suspected Zero-Day Exploitation by Hackers
A critical vulnerability in SAP NetWeaver is suspected to be exploited by threat actors to upload JSP web shells, enabling unauthorized file uploads and code execution. This issue may be linked to a previously disclosed vulnerability or an unreported remote file inclusion issue.
Why NHIs Are Security's Most Dangerous Blind Spot
The article highlights the rising threat posed by Non-Human Identities (NHIs) in cybersecurity, particularly focusing on the security risks associated with Service Accounts. As NHIs grow in prevalence, they represent a significant blind spot for security teams, necessitating urgent attention and action.
Triada strikes back
Kaspersky experts have identified a new version of the Triada Trojan, which includes custom modules targeting popular applications such as Telegram, WhatsApp, and TikTok. This development highlights the evolving tactics of malware developers and the persistent threat they pose to mobile users.
SAP Zero-Day Possibly Exploited by Initial Access Broker
A zero-day vulnerability in SAP NetWeaver has been identified, potentially impacting over 10,000 internet-facing applications. This vulnerability poses a significant security risk as it may be exploited by initial access brokers.
All Major Gen-AI Models Vulnerable to ‘Policy Puppetry’ Prompt Injection Attack
A new attack technique called Policy Puppetry has been identified, which can compromise major generative AI models, leading to the generation of harmful outputs. This vulnerability highlights significant security risks associated with AI systems.
Deepfake 'doctors' take to TikTok to peddle bogus cures
AI-generated deepfake 'doctors' on TikTok are misleading users by promoting dubious health supplements, taking advantage of public trust in medical professionals. This trend raises significant concerns about misinformation and potential health risks associated with unverified treatments.
Researchers Identify Rack::Static Vulnerability Enabling Data Breaches in Ruby Servers
Researchers have identified three vulnerabilities in the Rack Ruby web server interface that could allow attackers to access files, inject malicious data, and manipulate logs. This poses a significant risk to the security of Ruby-based applications and servers.
DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks
Cybersecurity researchers have identified a new malware, DslogdRAT, which was deployed through the exploitation of a zero-day vulnerability (CVE-2025-0282) in Ivanti Connect Secure. This malware was used in targeted attacks against organizations in Japan in late 2024, highlighting the ongoing threat posed by such vulnerabilities.
[Virtual Event] Anatomy of a Data Breach: And what to do if it happens to you
The event 'Anatomy of a Data Breach' focuses on the significant impact of data breaches on organizations and provides guidance on how to respond effectively if one occurs. Understanding the anatomy of a data breach is crucial for enhancing cybersecurity measures and mitigating potential damage.
'SessionShark' ToolKit Evades Microsoft Office 365 MFA
The 'SessionShark' toolkit claims to provide educational resources but effectively enables users to bypass Microsoft Office 365's multi-factor authentication (MFA), posing significant security risks. This tool highlights the ongoing challenges in securing cloud services against unauthorized access.
Digital Twins Bring Simulated Security to the Real World
Digital twins enable companies to simulate their business environments and assess the effects of software changes or disruptions using real-time data. This approach enhances security by allowing organizations to proactively identify vulnerabilities and implement effective measures before real-world impacts occur.
Max-Severity Commvault Bug Alarms Researchers
A high-severity vulnerability in Commvault software has been patched but poses significant risks due to the privileged access it grants to attackers, potentially compromising critical business systems and sensitive data. This issue highlights the importance of timely updates and security measures in enterprise environments.