Five fundamentals for a cyber-resilient future
How to stay adaptive and reduce risk in an evolving threat landscape.
Similar Posts
Microsoft Warns of Malvertising Campaign Infecting Over 1 Million Devices Worldwide
Bys sMicrosoft has disclosed details of a large-scale malvertising campaign that’s estimated to have impacted over one million devices globally as part of what it said is an opportunistic attack designed to steal sensitive information. The tech giant, which detected the activity in early December 2024, is tracking it under the broader umbrella Storm-0408, a moniker…
Developing: Salesforce data leak site being seized? Looks like it.
Bys sI am guessing that the breachforums[.]hn leak site for ScatteredLAPSUS$Hunters is in the process of being seized. A whois lookup now shows that the name servers have been changed to hans.ns.cloudflare.com and surina.ns.cloudflare.com, which I am guessing are government accounts. The onion site appears intact. This post will be updated as the situation evolves. Source
Oracle attempt to hide serious cybersecurity incident from customers in Oracle SaaS service
Bys sRemember, kids: tell the truth or someone will tell it for you. Kevin Beaumont picks up the story of how Oracle denies a breach when there has been so much confirmation of it, e..g.: Oracle told Bleeping Computer, and customers, “There has been no breach of Oracle Cloud. The published credentials are not for the Oracle Cloud….
Hackers Abuse Russian Bulletproof Host Proton66 for Global Attacks and Malware Delivery
Bys sCybersecurity researchers have disclosed a surge in “mass scanning, credential brute-forcing, and exploitation attempts” originating from IP addresses associated with a Russian bulletproof hosting service provider named Proton66. The activity, detected since January 8, 2025, targeted organizations worldwide, according to a two-part analysis published by Trustwave SpiderLabs last week. “Net
Coyote Malware Expands Reach: Now Targets 1,030 Sites and 73 Financial Institutions
Bys sBrazilian Windows users are the target of a campaign that delivers a banking malware known as Coyote. “Once deployed, the Coyote Banking Trojan can carry out various malicious activities, including keylogging, capturing screenshots, and displaying phishing overlays to steal sensitive credentials,” Fortinet FortiGuard Labs researcher Cara Lin said in an analysis published last week. The
Critical Exploit Lets Hackers Bypass Authentication in WordPress Service Finder Theme
Bys sThreat actors are actively exploiting a critical security flaw impacting the Service Finder WordPress theme that makes it possible to gain unauthorized access to any account, including administrators, and take control of susceptible sites. The authentication bypass vulnerability, tracked as CVE-2025-5947 (CVSS score: 9.8), affects the Service Finder Bookings, a WordPress plugin bundled with the