Topic: forensic analysis
-
Hackers Stole Data From 200 Companies in Google-Linked Breach
A major supply chain attack compromised data from over 200 organizations, with Google confirming theft from Salesforce instances through Gainsight applications, highlighting risks in interconnected digital ecosystems. The hacking group Scattered Lapsus$ Hunters claimed responsibility, targeting c...
Read More » -
Dutch Police Seize 250 Servers in Bulletproof Hosting Crackdown
Dutch law enforcement dismantled a major bulletproof hosting service used exclusively by cybercriminals, seizing approximately 250 physical servers and taking thousands of virtual servers offline. The service facilitated serious criminal activities like ransomware, botnets, and phishing by ignori...
Read More » -
CPU Spike Exposed RansomHub Ransomware Attack
An employee inadvertently triggered a ransomware attack by downloading a malicious file disguised as a browser update, initiating automated reconnaissance and credential harvesting. Attackers established persistence and network access through a SOCKS proxy, exploiting Active Directory weaknesses ...
Read More » -
APT37 Hackers Use Google Find Hub to Wipe Android Data
North Korean hackers are using Google's Find Hub service to remotely wipe Android devices and track locations, primarily targeting South Koreans through KakaoTalk messages and linked to known threat groups like APT37 and Kimsuky. The attack begins with spear-phishing messages impersonating author...
Read More » -
Nozomi Networks' Arc Release Boosts OT Security
Nozomi Networks has upgraded its Arc platform to include automated threat prevention for operational technology, enabling active defense of critical infrastructure without downtime. The enhancement introduces flexible prevention modes, OT-focused threat intelligence, and seamless integration with...
Read More » -
Top Cybersecurity Jobs Hiring Now | October 2025
Cybersecurity careers are thriving with high demand across sectors like energy, finance, and healthcare, requiring technical skills and strategic thinking to protect infrastructure from evolving threats. Key roles include Threat Intelligence Analysts, Application Security Engineers, and Cloud Sec...
Read More » -
Nozomi Networks Automates Critical Infrastructure Cybersecurity
Nozomi Networks has launched automated threat prevention in its Nozomi Arc platform, providing the industry's first safe, automated response solution tailored for operational technology environments. The platform offers flexible prevention modes, integrates OT-specific threat intelligence, and se...
Read More » -
AI's New Jobs: Forensic Vibers and 10 Other Future Roles
AI integration is creating new professions that blend technical skills with ethical oversight, strategic thinking, and psychological insight to ensure systems are productive and aligned with goals. Over 85% of American workers expect prompt-writing skills to become essential, with younger generat...
Read More » -
China-Linked Hackers Exploit Cisco Firewall Zero-Days
Cisco has released emergency patches for two actively exploited zero-day vulnerabilities (CVE-2025-20333 and CVE-2025-20362) in its ASA and FTD firewall software, linked to the ArcaneDoor espionage campaign. The vulnerabilities allowed attackers, suspected to be a China-based group, to execute co...
Read More » -
Active Attacks Exploit Cisco ASA Zero-Day Flaws
A coordinated international cybersecurity alert warns of active attacks exploiting zero-day vulnerabilities in Cisco ASA and FTD software, attributed to a sophisticated, likely state-sponsored threat actor linked to previous ArcaneDoor campaigns. Two critical vulnerabilities (CVE-2025-20362 and C...
Read More » -
'BRICKSTORM' Backdoor: Chinese Hackers Target US Firms
A sophisticated cyber espionage campaign using the BRICKSTORM backdoor is targeting U.S. companies, particularly in legal, tech, and SaaS sectors, and is attributed to Chinese-aligned hackers with goals beyond intelligence gathering. The threat actors, known as UNC5221, employ a complex, multi-st...
Read More » -
CISA Mandates Urgent Patching for Actively Exploited Cisco Zero-Day Flaws
CISA has issued an emergency directive requiring U.S. federal agencies to immediately address two actively exploited critical vulnerabilities (CVE-2025-20333 and CVE-2025-20362) in Cisco ASA and FTD firewalls, which allow unauthenticated remote code execution. Agencies must inventory all affected...
Read More » -
Libraesva ESG Zero-Day Exploited in Active Attacks (CVE-2025-59689)
A critical zero-day vulnerability (CVE-2025-59689) in the Libraesva Email Security Gateway is being actively exploited by a suspected state-sponsored actor, allowing arbitrary command execution on affected systems. The flaw is a command injection vulnerability caused by improper input sanitizatio...
Read More » -
Google Uncovers Custom Backdoor on SonicWall Devices
Google researchers identified a cyberattack targeting outdated SonicWall Secure Mobile Access (SMA) appliances, using custom malware called Overstep to evade detection and erase evidence. The compromised devices lack security updates, making them vulnerable, and Google urges affected businesses t...
Read More »