VulnHub

Real-time Cybersecurity News

Over Two-Thirds of Security Pros Say Cyber Is Getting Harder

Infosecurity Magazine

Overview

A recent study by the Information Systems Security Association (ISSA) reveals that a significant majority of security professionals—over two-thirds—are finding it increasingly difficult to manage cybersecurity threats. One key challenge identified is the involvement of colleagues from other departments in cybersecurity efforts, which can complicate security practices. As more employees are engaged in cybersecurity, the potential for miscommunication and inadequate training grows. This situation raises concerns about the overall effectiveness of security measures within organizations. It emphasizes the need for better collaboration and education among all staff to enhance the organization's security posture.

Key Takeaways

  • Action Required: Companies should improve training and communication regarding cybersecurity practices among all employees.
  • Timeline: Newly disclosed

Original Article Summary

ISSA study finds most security professionals feel challenged by colleagues’ involvement in cyber

Impact

Not specified

Exploitation Status

No active exploitation has been reported at this time. However, organizations should still apply patches promptly as proof-of-concept code may exist.

Timeline

Newly disclosed

Remediation

Companies should improve training and communication regarding cybersecurity practices among all employees.

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Read Original Article

Related Coverage

Junior Hacker Used Tailscale and OpenSSH to Keep Access After His C2 Went Offline

The Hacker News

A French-speaking hacker targeted a small automotive company in France, where he successfully installed a keylogger to steal sensitive banking and email credentials. The attack took an interesting turn when the hacker installed OpenSSH and Tailscale on the compromised machine, creating a backdoor to maintain access even after his primary command-and-control server went offline. This method allowed him to bypass traditional C2 channels, making it harder for defenders to cut off his access. The incident serves as a reminder of the evolving tactics used by cybercriminals and the importance for businesses to secure their networks against such persistent threats. Companies should be vigilant about monitoring for unauthorized software installations and maintaining robust security measures.

Jun 17, 2026

North Korean Hiring Fraud Runs on AI and US Laptop Farms

Infosecurity Magazine

Nisos, a cybersecurity firm, has exposed a North Korean fraud operation that employs artificial intelligence for conducting fake job interviews. This operation was found to be using a network of laptops based in the United States to facilitate its activities. The fraud cell aimed to recruit IT workers under false pretenses, potentially to gather sensitive information or fund illicit activities. This situation raises concerns about the growing sophistication of cybercriminals, as they now use advanced technologies like AI to enhance their deception. The infiltration of US-based resources by foreign actors highlights vulnerabilities in cybersecurity defenses and the need for vigilance against such schemes.

Jun 17, 2026

Serverless Phishing Kit on GitHub Targets Mexican Banks

Infosecurity Magazine

A new phishing kit called GitBait has been discovered that specifically targets users of Mexican banks. This kit takes advantage of GitHub Pages and the SheetBest API to create fake login pages designed to capture sensitive banking credentials. Researchers have noted that this attack is particularly concerning because it leverages trusted platforms to appear legitimate, potentially tricking victims into providing their information. Users of Mexican banking services should be especially vigilant and ensure they are accessing official websites before entering any personal details. This incident serves as a reminder of the evolving tactics employed by cybercriminals to exploit unsuspecting individuals.

Jun 17, 2026

India's Telegram ban hit the UAE too. Here's how to get around it

BleepingComputer

India has imposed a ban on the messaging app Telegram until June 22 due to its use in leaking exam papers. This decision has not only affected users in India but also disrupted services in the UAE, where users reported issues connecting to the app. Telegram's CEO, Pavel Durov, claims that the telecom company Reliance engaged in BGP hijacking, which exacerbated the connectivity problems. Users seeking to bypass the ban can utilize MTProto proxies as a workaround. This incident raises concerns about the impact of government restrictions on digital communication and the broader implications for users in regions far removed from the original decision.

Jun 17, 2026

AI Threats and Alert Fatigue Challenge Cybersecurity Teams

Infosecurity Magazine

A recent survey conducted by Filigran at Infosecurity Europe 2026 indicates that AI-driven attacks are now the primary concern for cybersecurity teams. The report highlights that the rise of these sophisticated attacks is compounded by issues like false positives and alert fatigue, which are overwhelming security staff. As a result, many teams find themselves bogged down by manual processes that drain their resources and effectiveness. This situation poses significant risks, as it could lead to slower responses to actual threats, ultimately compromising the security of organizations. With AI technology becoming more accessible, the need for improved detection and response strategies is more urgent than ever to protect against these evolving threats.

Jun 17, 2026

Rockwell Automation Patches Vulnerabilities in ICS Controllers and Software

SecurityWeek

Rockwell Automation has addressed several security vulnerabilities in its products, specifically affecting the Logix, CompactLogix, Flex controllers, RSLinx, and FactoryTalk software. These vulnerabilities could potentially allow unauthorized access or manipulation of industrial control systems, which could have serious implications for manufacturing and automation processes. Users of these products are urged to apply the patches provided by Rockwell to secure their systems. The timely response from Rockwell is crucial in preventing potential exploitation of these weaknesses, especially given the critical role these systems play in various industries. Companies using these affected products should prioritize updating their systems to ensure safety and integrity.

Jun 17, 2026