News

Resource: NY DFS Issues New Cybersecurity Guidance to Address Risks Associated with the Use of Third-Party Service Providers

Bys s October 22, 2025

From NY DFS: New York State Department of Financial Services (DFS) Acting Superintendent Kaitlin Asrow today issued new cybersecurity guidance addressing the risks associated with entities becoming increasingly reliant on third-party service providers (TPSPs). The guidance builds on the Department’s ongoing work to protect New Yorkers and DFS-regulated entities from cybersecurity risks through its nation-leading…

Source

News

PureRAT Malware Spikes 4x in 2025, Deploying PureLogs to Target Russian Firms
Bys s May 21, 2025

Russian organizations have become the target of a phishing campaign that distributes malware called PureRAT, according to new findings from Kaspersky. “The campaign aimed at Russian business began back in March 2023, but in the first third of 2025 the number of attacks quadrupled compared to the same period in 2024,” the cybersecurity vendor said….

Read More PureRAT Malware Spikes 4x in 2025, Deploying PureLogs to Target Russian Firms
News

eSIM Vulnerability in Kigen’s eUICC Cards Exposes Billions of IoT Devices to Malicious Attacks
Bys s July 14, 2025

Cybersecurity researchers have discovered a new hacking technique that exploits weaknesses in the eSIM technology used in modern smartphones, exposing users to severe risks. The issues impact the Kigen eUICC card. According to the Irish company’s website, more than two billion SIMs in IoT devices have been enabled as of December 2020. The findings come…

Read More eSIM Vulnerability in Kigen’s eUICC Cards Exposes Billions of IoT Devices to Malicious Attacks
News

CISA Flags Actively Exploited Digiever NVR Vulnerability Allowing Remote Code Execution
Bys s December 25, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a security flaw impacting Digiever DS-2105 Pro network video recorders (NVRs) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2023-52163 (CVSS score: 8.8), relates to a case of command injection that allows post-authentication remote code

Read More CISA Flags Actively Exploited Digiever NVR Vulnerability Allowing Remote Code Execution
News

SaaS Breaches Start with Tokens – What Security Teams Must Watch
Bys s October 9, 2025

Token theft is a leading cause of SaaS breaches. Discover why OAuth and API tokens are often overlooked and how security teams can strengthen token hygiene to prevent attacks. Most companies in 2025 rely on a whole range of software-as-a-service (SaaS) applications to run their operations. However, the security of these applications depends on small…

Read More SaaS Breaches Start with Tokens – What Security Teams Must Watch
News

Oracle Releases January 2025 Patch to Address 318 Flaws Across Major Products
Bys s January 22, 2025

Oracle is urging customers to apply its January 2025 Critical Patch Update (CPU) to address 318 new security vulnerabilities spanning its products and services. The most severe of the flaws is a bug in the Oracle Agile Product Lifecycle Management (PLM) Framework (CVE-2025-21556, CVSS score: 9.9) that could allow an attacker to seize control of…

Read More Oracle Releases January 2025 Patch to Address 318 Flaws Across Major Products
News

CrazyHunter ransomware escalates with advanced intrusion tactics, six Taiwan healthcare victims confirmed
Bys s January 12, 2026

Industrial Cyber reports: New research from Trellix detailed that CrazyHunter ransomware has emerged as a serious and escalating threat, underscoring the growing sophistication of modern cybercriminal operations. Trellix has tracked the malware since its first appearance, observing rapid technical evolution and increasing activity. To date, the primary targets have been healthcare organizations in Taiwan, with……

Read More CrazyHunter ransomware escalates with advanced intrusion tactics, six Taiwan healthcare victims confirmed

Similar Posts