ShinyHunters May Have Teamed Up With Scattered Spider in Salesforce Attack Campaigns

Por
ShinyHunters May Have Teamed Up With Scattered Spider in Salesforce Attack Campaigns

The financially motivated threat group ShinyHunters has returned with a sophisticated series of attacks targeting Salesforce instances across high-profile enterprises in industries like retail, aviation, and insurance, after a year of relative quiet following member arrests in June 2024. ReliaQuest’s analysis reveals a coordinated infrastructure of ticket-themed phishing domains and credential-harvesting pages, such as ticket-lvmh[.]com … Ler mais

Microsoft removes PowerShell 2.0 from Windows 11, Windows Server

Por
Picus Blue Report 2025

Microsoft will remove PowerShell 2.0 from Windows starting in August, eight years after announcing its deprecation and keeping it around as an optional feature. The 14-year-old command processor introduced with Windows 7 was already removed for Windows Insiders as of July 2025, with the release of Windows 11 Insider Preview Build 27891 to the Canary … Ler mais

Web DDoS and App Exploitation Attacks Surge in First Half of 2025

Por
Web DDoS and App Exploitation Attacks Surge in First Half of 2025

Radware’s monitoring showed a 39% increase in Web DDoS attacks compared to the second half of 2024, culminating in a record 54% quarter-over-quarter increase in Q2, indicating a dramatic escalation of cyber threats during the first half of 2025. This escalation reflects a strategic pivot by threat actors toward smaller, sustained assaults below 100,000 requests … Ler mais

Microsoft asks users to ignore certificate enrollment errors

Por
Sophisticated DevilsTongue Spyware Tracks Windows Users Worldwide

Microsoft has asked customers this week to disregard incorrect CertificateServicesClient (CertEnroll) errors that appear after installing the July 2025 preview update and subsequent Windows 11 24H2 updates. In recent months, Microsoft has addressed multiple similar issues affecting various Windows features that triggered erroneous warnings with no actual impact. For instance, last month, Redmond advised users … Ler mais

St. Paul’s Mayor Confirms Interlock Data Leak

Por
St. Paul’s Mayor Confirms Interlock Data Leak

Officials from the City of St. Paul, Minnesota, have confirmed that the Interlock ransomware group has published employee data online after refusing the attackers’ payment demands. Mayor Melvin Carter said that the gang appeared to have published approximately 43GB of data stolen from St. Paul City Council systems. “The files they posted appear to come … Ler mais

VexTrio Hackers Use Fake CAPTCHAs and Malicious Apps on Google Play & App Store to Target Users

Por
VexTrio Hackers Use Fake CAPTCHAs and Malicious Apps on Google Play & App Store to Target Users

Security researchers at Infoblox Threat Intel have revealed the complex workings of VexTrio, a highly skilled cybercriminal network that has been active since at least 2017. This discovery highlights the ongoing dangers in the digital economy. Formerly known simply as VexTrio, this group now dubbed VexTrio Viper leverages advanced traffic distribution systems (TDSs), lookalike domains, … Ler mais

Multiple GitLab Vulnerabilities Allow Account Takeover and Stored XSS Attacks

Por
Multiple GitLab Vulnerabilities Allow Account Takeover and Stored XSS Attacks

GitLab has released critical security patches addressing multiple high-severity vulnerabilities that could enable attackers to execute account takeovers and stored cross-site scripting (XSS) attacks across both Community Edition (CE) and Enterprise Edition (EE) platforms. The vulnerabilities, disclosed in patch releases 18.2.2, 18.1.4, and 18.0.6, represent serious security risks that require immediate attention from administrators. Critical … Ler mais

Microsoft Office Vulnerabilities Allow Attackers to Execute Remote Code

Por
Microsoft Office Vulnerabilities Allow Attackers to Execute Remote Code

Microsoft has disclosed three critical security vulnerabilities in its Office suite that could enable attackers to execute malicious code remotely on affected systems. The vulnerabilities, identified as CVE-2025-53731, CVE-2025-53740, and CVE-2025-53730, were released on August 12, 2025, and pose significant security risks to organizations and individual users worldwide. All three vulnerabilities stem fromuse-after-freememory corruption issues … Ler mais

OpenAI adds new GPT-5 models, restores o3, o4-mini and it's a mess all over again

Por
GPT

One of the few things many disliked about ChatGPT was the confusing number of models. OpenAI claimed GPT-5 would fix this, but it seems to have made it worse. A new update is rolling out to ChatGPT. It doesn’t upgrade GPT-5, but instead adds more options that some of you would love. Previously, GPT-5 had … Ler mais

SIGINT During World War II – Schneier on Security

Por

About Bruce Schneier I am a public-interest technologist, working at the intersection of security, technology, and people. I’ve been writing about security issues on my blog since 2004, and in my monthly newsletter since 1998. I’m a fellow and lecturer at Harvard’s Kennedy School, a board member of EFF, and the Chief of Security Architecture … Ler mais