GOLD BLADE Remote DLL Sideloading Attack Deploys RedLoader
Attacks surged in July 2025 after the threat group updated its process to combine malicious LNK files and a recycled WebDAV technique
Similar Posts
Former U.S. Army Intelligence Analyst Sentenced for Selling Sensitive Military Information to Individual Tied to Chinese Government
Bys sA press release from the DOJ: A former U.S. Army intelligence analyst was sentenced today to 84 months in prison for conspiring to collect and transmit national defense information, including sensitive, non-public U.S. military information, to an individual he believed was affiliated with the Chinese government. Korbein Schultz, 25, of Wills Point, Texas, pleaded guilty in August…
The Intersection of AI and OSINT: Advanced Threats On The Horizon
Artificial Intelligence (A) is revolutionizing intelligence gathering, empowering cybersecurity defenders, and amplifying threat actor capabilities. The post The Intersection of AI and OSINT: Advanced Threats On The Horizon appeared first on SecurityWeek.
Security Theater: Vanity Metrics Keep You Busy – and Exposed
Bys sAfter more than 25 years of mitigating risks, ensuring compliance, and building robust security programs for Fortune 500 companies, I’ve learned that looking busy isn’t the same as being secure. It’s an easy trap for busy cybersecurity leaders to fall into. We rely on metrics that tell a story of the tremendous efforts we’re expending…
Order of Psychologists of Lombardy fined 30,000 € for inadequate data security protection and detection following ransomware attack
Bys sThe Privacy Guarantor has fined the Order of Psychologists of the Lombardy Region [Ordine degli psicologi della Lombardia] for 30 thousand euros for not having adopted adequate technical and organizational measures to guarantee data security. The Guarantor intervened following some complaints and the notification of data breach made by the Order, which declared to have…
Pre-Auth Exploit Chains Found in Commvault Could Enable Remote Code Execution Attacks
Bys sCommvault has released updates to address four security gaps that could be exploited to achieve remote code execution on susceptible instances. The list of vulnerabilities, identified in Commvault versions before 11.36.60, is as follows – CVE-2025-57788 (CVSS score: 6.9) – A vulnerability in a known login mechanism allows unauthenticated attackers to execute API calls without…
Identity Security Has an Automation Problem—And It’s Bigger Than You Think
Bys sFor many organizations, identity security appears to be under control. On paper, everything checks out. But new research from Cerby, based on insights from over 500 IT and security leaders, reveals a different reality: too much still depends on people—not systems—to function. In fact, fewer than 4% of security teams have fully automated their core…