When Theft Replaces Encryption: Blue Report 2025 on Ransomware & Infostealers

Por
Blue Book ransomware threats

Ransomware and infostealer threats are evolving faster than most organizations can adapt. While security teams have invested heavily in ransomware resilience, particularly through backup and recovery systems, Picus Security’s Blue Report 2025 shows that today’s most damaging attacks aren’t always about encryption. Instead, both ransomware operators and infostealer campaigns often focus on credential theft, data … Ler mais

FBI Shares Tips to Spot Fake Lawyer Schemes

Por
FBI Shares Tips to Spot Fake Lawyer Schemes

The FBI has updated its alert about fake lawyers defrauding victims of cryptocurrency scams, adding due diligence measures to help victims. The FBI’s Internet Crime Complaint Center (IC3) has previously warned that fraudsters were posing as lawyers from fictitious law firms and using social media and messaging services to defraud victims of cryptocurrency scams. In … Ler mais

Canada’s House of Commons investigating data breach after cyberattack

Por
Picus Blue Report 2025

The House of Commons of Canada is currently investigating a data breach after a threat actor reportedly stole employee information in a cyberattack on Friday. While the lower house of the Parliament of Canada has yet to issue a public statement regarding this incident, CBC News reports that House of Commons staff were notified of … Ler mais

Hacked Law Enforcement and Government Email Accounts Sold on Dark Web

Por
Hacked Law Enforcement and Government Email Accounts Sold on Dark Web

Cybercriminals are selling access to active law enforcement and government email accounts for as little as $40 on the dark web, according to an investigation by Abnormal AI. These compromised accounts belong to officials from the US, UK, India, Brazil and Germany, with agencies such as the FBI among those affected. The ability to impersonate … Ler mais

CISA Publishes Operational Technology Guide for Critical Infrastructure Stakeholders

Por
CISA Publishes Operational Technology Guide for Critical Infrastructure Stakeholders

The Cybersecurity and Infrastructure Security Agency (CISA), in partnership with eight other national cyber agencies, has released a comprehensive “Foundations for OT Cybersecurity: Asset Inventory Guidance for Owners and Operators.” Published on August 13, 2025, this new guide equips critical infrastructure stakeholders—spanning energy, water and wastewater, manufacturing, and beyond—with best practices for developing and maintaining … Ler mais

Microsoft IIS Web Deploy Vulnerability Allows Remote Code Execution

Por
Microsoft IIS Web Deploy Vulnerability Allows Remote Code Execution

Microsoft has disclosed a critical security vulnerability in its Internet Information Services (IIS) Web Deploy tool that could allow attackers to execute arbitrary code remotely on affected systems. The vulnerability, designated as CVE-2025-53772, was announced on August 12, 2025, and carries an “Important” severity rating with a CVSS score of 8.8 out of 10. Vulnerability … Ler mais

LLM Coding Integrity Breach – Schneier on Security

Por

Here’s an interesting story about a failure being introduced by LLM-written code. Specifically, the LLM was doing some code refactoring, and when it moved a chunk of code from one file to another it changed a “break” to a “continue.” That turned an error logging statement into an infinite loop, which crashed the system. This … Ler mais

Leak: OpenAI's browser will use ChatGPT Agent to control the browser

Por
GPT

OpenAI is building an agentic future with its upcoming Chromium-based browser and a new leak confirms GPT Agent integration. ChatGPT already comes with Agent mode, which uses a virtual machine to browse the web. The vrtual machine is powered by Linuxand it works in a cloud environment (Azure). While Agent mode can do everything for … Ler mais

Splunk Publishes Defender’s Guide to Spot ESXi Ransomware Early

Por
Splunk Publishes Defender’s Guide to Spot ESXi Ransomware Early

Splunk has released a comprehensive defender’s guide aimed at helping cybersecurity teams detect and prevent ransomware attacks targeting ESXi infrastructure before they can cause widespread damage. The guide comes as organizations continue to face mounting pressure from cybercriminals who increasingly target VMware’s ESXi hypervisor platform as a high-value attack vector. Growing Threat to Critical Infrastructure … Ler mais

CISA warns of N-able N-central flaws exploited in zero-day attacks

Por
Picus Red Report 2025

​CISA warned on Wednesday that attackers are actively exploiting two security vulnerabilities in N‑able’s N-central remote monitoring and management (RMM) platform. N-central is commonly used by managed services providers (MSPs) and IT departments to monitor, manage, and maintain client networks and devices from a centralized web-based console. According to CISA, the two flaws can allow … Ler mais