Cybersecurity
Gamaredon in 2024: Cranking out spearphishing campaigns against Ukraine with an evolved toolset
ESET Research analyzes Gamaredon’s updated cyberespionage toolset, new stealth-focused techniques, and aggressive spearphishing operations observed throughout 2024 02 Jul 2025 • , 6 min. read Since Russia’s full-scale invasion of Ukraine in February 2022, cyberespionage has played a crucial role in the broader threatscape. Russia-aligned advanced persistent threat (APT) groups have relentlessly targeted Ukrainian entities,…
ServiceNow Flaw CVE-2025-3648 Could Lead to Data Exposure via Misconfigured ACLs
A high-severity security flaw has been disclosed in ServiceNow’s platform that, if successfully exploited, could result in data exposure and exfiltration. The vulnerability, tracked as CVE-2025-3648 (CVSS score: 8.2), has been described as a case of data inference in Now Platform through conditional access control list (ACL) rules. It has been codenamed Count(er) Strike. “A…
Senator Chides FBI for Weak Advice on Mobile Security – Krebs on Security
Agents with the Federal Bureau of Investigation (FBI) briefed Capitol Hill staff recently on hardening the security of their mobile devices, after a contacts list stolen from the personal phone of the White House Chief of Staff Susie Wiles was reportedly used to fuel a series of text messages and phone calls impersonating her to…
What is the Domain Name System (DNS)? | Definition from TechTarget
The domain name system (DNS) is a naming database in which internet domain names are located and translated into Internet Protocol (IP) addresses. The DNS maps the name people use to locate a website to the IP address that a computer uses to locate that website. For example, if someone types example.com into a web…
Protecting Your Business Communications: The Critical Role of Secure Email Gateways
Email is still the backbone of how businesses communicate, with more than 300 billion messages sent every day. But this huge volume also makes it one of the easiest ways for cybercriminals to get in. As companies depend more and more on digital communication, strong email security becomes essential. Understanding Email Security Threats Modern email…
Week in review: Sudo local privilege escalation flaws fixed, Google patches actively exploited Chrome – Help Net Security
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462, CVE-2025-32463)If you haven’t recently updated the Sudo utility on your Linux box(es), you should do so now, to patch two local privilege escalation vulnerabilities (CVE-2025-32462, CVE-2025-32463) that have been disclosed on Monday. Google…
Threat Intelligence Executive Report – Volume 2025, Number 3
Executive summary The Counter Threat Unit™ (CTU) research team analyzes security threats to help organizations protect their systems. Based on observations in March and April, CTU™ researchers identified the following noteworthy issues and changes in the global threat landscape: Cybersecurity lessons for HR Black Basta leaks provided strategic takeaways To future-proof cybersecurity, start now Cybersecurity…
How government cyber cuts will affect you and your business
Deep cuts in cybersecurity spending risk creating ripple effects that will put many organizations at a higher risk of falling victim to cyberattacks 03 Jul 2025 • , 4 min. read We often hear about cybersecurity fatigue, the mental and emotional strain that weighs on individuals and teams on the frontlines and leads to decreased…
Alert: Exposed JDWP Interfaces Lead to Crypto Mining, Hpingbot Targets SSH for DDoS
Threat actors are weaponizing exposed Java Debug Wire Protocol (JDWP) interfaces to obtain code execution capabilities and deploy cryptocurrency miners on compromised hosts. “The attacker used a modified version of XMRig with a hard-“coded configuration, allowing them to avoid suspicious command-line arguments that are often flagged by defenders,” Wiz researchers Yaara Shriki and Gili Tikochinski…
Big Tech’s Mixed Response to U.S. Treasury Sanctions – Krebs on Security
In May 2025, the U.S. government sanctioned a Chinese national for operating a cloud provider linked to the majority of virtual currency investment scam websites reported to the FBI. But a new report finds the accused continues to operate a slew of established accounts at American tech companies — including Facebook, Github, PayPal and Twitter/X….