Zscaler’s Buyout of Red Canary Shows Telemetry’s Value – Dark Reading
Red Canary’s MDR portfolio complements Zscaler’s purchase last year of Israeli startup Avalor, which automates collection, curation, and enrichment of security data. – Read More
2025
APT41 Uses Google Calendar Events for C2 – Dark Reading
APT41, a Chinese state-sponsored threat actor also known as “Double Dragon,” used Google Calendar as command-and-control infrastructure during a campaign last fall. – Read More
PumaBot Targets Linux Devices in Latest Botnet Campaign – Dark Reading
While the botnet may not be completely automated, it uses certain tactics when targeting devices that indicate that it may, at the very least, be semiautomated. – Read More
LexisNexis Informs 360K+ Customers of Third-Party Data Leak – Dark Reading
While the leak affected customer data, LexisNexis said in a notification letter that its products and systems were not compromised. – Read More
Cybercriminals Target AI Users with Malware-Loaded Installers Posing as Popular Tools – The Hacker News
Fake installers for popular artificial intelligence (AI) tools like OpenAI ChatGPT and InVideo AI are being used as lures to propagate various threats, such as the CyberLock and Lucky_Gh0$t ransomware…
LSB lays out actions for SRA to avoid another Axiom Ince – Legal Futures
The Solicitors Regulation Authority has been given statutory directions to address the multiple failures in its oversight of Axiom Ince. The post LSB lays out actions for SRA to avoid…
Landmark commercial trends report Q1 2025 – April 2025 – Legal Futures
Landmark’s Commercial Property Trends Report provides insights into the commercial property transaction pipeline across England, Wales and Scotland. The post Landmark commercial trends report Q1 2025 – April 2025 appeared…
A Defense-in-Depth Approach for the Modern Era – Dark Reading
By integrating intelligent network policies, zero-trust principles, and AI-driven insights, enterprises can create a robust defense against the next generation of cyber threats. – Read More
New Windows RAT Evades Detection for Weeks Using Corrupted DOS and PE Headers – The Hacker News
Cybersecurity researchers have taken the wraps off an unusual cyber attack that leveraged malware with corrupted DOS and PE headers, according to new findings from Fortinet. The DOS (Disk Operating…
Even $5M a year can’t keep top CISOs happy – CSO Online
At least one lucky US CISO earned around $5 million last year, according to a new survey, but the reality is that the average compensation for CISOs at the largest…
Microsoft Entra’s billing roles pose privilege escalation risks in Azure – CSO Online
Threat actors can abuse one of Microsoft Entra’s by-design features, the software giant’s cloud-based identity and access management service, to gain persistence and escalate privilege inside a target Azure account.…
DragonForce Exploits SimpleHelp Flaws to Deploy Ransomware Across Customer Endpoints – The Hacker News
The threat actors behind the DragonForce ransomware gained access to an unnamed Managed Service Provider’s (MSP) SimpleHelp remote monitoring and management (RMM) tool, and then leveraged it to exfiltrate data…
‘Haozi’ Gang Sells Turnkey Phishing Tools to Amateurs – Dark Reading
The phishing operation is using Telegram groups to sell a phishing-as-a-service kit with customer service, a mascot, and infrastructure that requires little technical knowledge to install. – Read More
Super-regulator hits SRA with ‘binding directions’ over Axiom Ince handling – Legal Cheek
Avoid repeat regulatory failures, says LSB The legal super-regulator has issued the Solicitors Regulation Authority (SRA) with binding directions over its handling of the Axiom Ince scandal, which saw a…
How Gen Z lawyers are transforming the legal profession from within – Legal Cheek
S.K. Amir, University of London LLM graduate, examines how Gen Z is influencing change within law For years, the legal profession has been an industry defined by tradition: with billable…