Large Retailers Land in Scattered Spider’s Ransomware Web – Dark Reading
The threat group games IT help desks to gain entry into retailer networks, and signs show it has shifted its attention from the UK to US targets. – Read More
May 2025
100+ Fake Chrome Extensions Found Hijacking Sessions, Stealing Credentials, Injecting Ads – The Hacker News
An unknown threat actor has been attributed to creating several malicious Chrome Browser extensions since February 2024 that masquerade as seemingly benign utilities but incorporate covert functionality to exfiltrate data,…
‘Hazy Hawk’ Cybercrime Gang Swoops In for Cloud Resources – Dark Reading
Since December 2023, the threat group has preyed on domains belonging to the US Centers for Disease Control and Prevention (CDC) and numerous other reputable organizations worldwide to redirect users…
8 KI-Sicherheitsrisiken, die Unternehmen übersehen – CSO Online
In ihrem Wettlauf um Produktivitätssteigerungen durch generative KI übersehen die meisten Unternehmen die damit verbundenen Sicherheitsrisiken. Summit Art Creations – Shutterstock.com Laut einer Studie des Weltwirtschaftsforums, die in Zusammenarbeit mit…
Why Rigid Security Programs Keep Failing – Dark Reading
Organizations that stay ahead of attacks won’t be the most compliant ones — they’ll be the ones most honest about what actually works. – Read More
Novel Phishing Attack Combines AES With Poisoned npm Packages – Dark Reading
Researchers discovered a phishing attack in the wild that takes multiple well-tread technologies like open source packages and AES encryption and combines them. – Read More
South Asian Ministries Hit by SideWinder APT Using Old Office Flaws and Custom Malware – The Hacker News
High-level government institutions in Sri Lanka, Bangladesh, and Pakistan have emerged as the target of a new campaign orchestrated by a threat actor known as SideWinder. “The attackers used spear…
You’ve already been targeted: Why patch management is mission-critical – CSO Online
Security is evolving because attackers already have. The rise in threats facing IT teams today is not random. It reflects how profitable cybercrime has become. According to Cybersecurity Ventures, while…
Your step-by-step guide to small law firm growth – Legal Futures
Running a small law firm has never been easy—but in today’s environment, it can feel like you’re constantly trying to do more with less. Yet for solicitors who are strategic…
AWS Default IAM Roles Found to Enable Lateral Movement and Cross-Service Exploitation – The Hacker News
Cybersecurity researchers have discovered risky default identity and access management (IAM) roles impacting Amazon Web Services that could open the door for attackers to escalate privileges, manipulate other AWS services,…
Empowering Law Firm Leaders: Podcast highlights how law firms can activate their business development effectively – Legal Futures
This latest episode features a conversation with Matt Dixon, founding partner of training and consultancy firm DCM Insights, who is recognised as being one of the world’s leading authorities on…
HYCU R-Cloud for iManage Cloud now available via early access program – Legal Futures
iManage has announced the early access availability of HYCU® R-Cloud™ for iManage Cloud – an enterprise-grade backup and recovery solution purpose-built for iManage Cloud customers and powered by HYCU, The…
Skitnet malware: The new ransomware favorite – CSO Online
Ransomware operators are now actively using a modular malware, Skitnet, sold on underground forums including RAMP since April 2024. According to cybersecurity firm Prodaft, the multi-stage malware is being used…
The Crowded Battle: Key Insights from the 2025 State of Pentesting Report – The Hacker News
In the newly released 2025 State of Pentesting Report, Pentera surveyed 500 CISOs from global enterprises (200 from within the USA) to understand the strategies, tactics, and tools they use…
Chinese Hackers Deploy MarsSnake Backdoor in Multi-Year Attack on Saudi Organization – The Hacker News
Threat hunters have exposed the tactics of a China-aligned threat actor called UnsolicitedBooker that targeted an unnamed international organization in Saudi Arabia with a previously undocumented backdoor dubbed MarsSnake. ESET,…