CISO2CISO.COM & CYBER SECURITY GROUP

Pakistan Arrests 21 in ‘Heartsender’ Malware Service – Source: krebsonsecurity.com

CISO2CISO Editor 2 28/05/2025 0

Source: krebsonsecurity.com – Author: BrianKrebs Authorities in Pakistan have arrested 21 individuals accused of operating “Heartsender,” a once popular spam and malware dissemination service that operated...

Cyber Security News DARKReading Hundreds rss-feed-post-generator-echo

Hundreds of Web Apps Have Full Access to Microsoft OneDrive Files – Source: www.darkreading.com

CISO2CISO Editor 2 28/05/2025 0

Source: www.darkreading.com – Author: Jai Vijayan, Contributing Writer Please enable cookies. Sorry, you have been blocked You are unable to access darkreading.com Why have I been...

Cyber Security News DARKReading Implementing rss-feed-post-generator-echo

Implementing Secure by Design Principles for AI – Source: www.darkreading.com

CISO2CISO Editor 2 28/05/2025 0

Source: www.darkreading.com – Author: Diana Kelley Please enable cookies. Sorry, you have been blocked You are unable to access darkreading.com Why have I been blocked? This...

Cellcom Cyber Security News DARKReading rss-feed-post-generator-echo

Cellcom Restores Regional Mobile Services After Cyberattack – Source: www.darkreading.com

CISO2CISO Editor 2 28/05/2025 0

Source: www.darkreading.com – Author: Elizabeth Montalbano, Contributing Writer Please enable cookies. Sorry, you have been blocked You are unable to access darkreading.com Why have I been...

Cyber Security News DARKReading rss-feed-post-generator-echo Won't

Why Take9 Won’t Improve Cybersecurity – Source: www.darkreading.com

CISO2CISO Editor 2 28/05/2025 0

Source: www.darkreading.com – Author: Bruce Schneier, Arun Vishwanath Please enable cookies. Sorry, you have been blocked You are unable to access darkreading.com Why have I been...

Cyber Security News DARKReading Reading rss-feed-post-generator-echo

Have Your Say: Dark Reading Seeks Your Input – Source: www.darkreading.com

CISO2CISO Editor 2 28/05/2025 0

Source: www.darkreading.com – Author: Kelly Jackson Higgins, Editor-in-Chief, Dark Reading Please enable cookies. Sorry, you have been blocked You are unable to access darkreading.com Why have...

Cyber Security News DARKReading rss-feed-post-generator-echo Zscaler

Zscaler Announces Deal to Acquire Red Canary – Source: www.darkreading.com

CISO2CISO Editor 2 28/05/2025 0

Source: www.darkreading.com – Author: Dark Reading Staff Please enable cookies. Sorry, you have been blocked You are unable to access darkreading.com Why have I been blocked?...

1 - Cyber Security News Post Chatgpt ClickUp Cyber Security News Cyber Security News cybersecurity Hackread Microsoft OneDrive OneDrive File Picker privacy security Slack Trello Vulnerability

OneDrive File Picker Flaw Gives Apps Full Access to User Drives – Source:hackread.com

CISO2CISO Editor 2 28/05/2025 0

Source: hackread.com – Author: Waqas. A recent investigation by cybersecurity researchers at Oasis Security has revealed a data overreach in how Microsoft’s OneDrive File Picker handles...

1 - Cyber Security News Post Azure Cyber Security News Cyber Security News cybersecurity Hackread Microsoft Microsoft Entra security Vulnerability

Microsoft Entra Design Lets Guest Users Gain Azure Control, Researchers Say – Source:hackread.com

CISO2CISO Editor 2 28/05/2025 0

Source: hackread.com – Author: Waqas. Cybersecurity researchers at BeyondTrust are warning about a little-known but dangerous issue within Microsoft’s Entra identity platform. The issue isn’t some...

1 - Cyber Security News Post AI artificial intelligence Cyber Attack Cyber Crime Cyber Security News Cyber Security News cybersecurity facebook Hackread LinkedIn malware Mandiant Meta Scams and Fraud security UNC6032 Vietnam

Fake AI Video Tool Ads on Facebook, LinkedIn Spread Infostealers – Source:hackread.com

CISO2CISO Editor 2 28/05/2025 0

Source: hackread.com – Author: Deeba Ahmed. Mandiant Threat Defense uncovers a campaign where Vietnam-based group UNC6032 tricks users with malicious social media ads for fake AI...

1 - Cyber Security News Post AI artificial intelligence Cyber Attack Cyber Security News Cyber Security News cybersecurity Hackread Machine Learning malware ML PyPI security Supply Chain

Malware Hidden in AI Models on PyPI Targets Alibaba AI Labs Users – Source:hackread.com

CISO2CISO Editor 2 28/05/2025 0

Source: hackread.com – Author: Deeba Ahmed. ReversingLabs discovers new malware hidden inside AI/ML models on PyPI, targeting Alibaba AI Labs users. Learn how attackers exploit Pickle...

Cyber Security News geolocation rss-feed-post-generator-echo Russia SchneierOnSecurity smartphones tracking Uncategorized

Location Tracking App for Foreigners in Moscow – Source: www.schneier.com

CISO2CISO Editor 2 28/05/2025 0

Source: www.schneier.com – Author: Bruce Schneier Russia is proposing a rule that all foreigners in Moscow install a tracking app on their phones. Using a mobile...

Blog Carbon Black Cyber Security News DarkCrystal RAT rss-feed-post-generator-echo SOC Prime Platform socprime Uncoder AI

AI-Generated Carbon Black Detection Rule for DarkCrystal RAT Campaign – Source: socprime.com

CISO2CISO Editor 2 28/05/2025 0

Source: socprime.com – Author: Steven Edwards How It Works Uncoder AI processes threat reports like CERT-UA#14045 on DarkCrystal RAT and generates Carbon Black-compatible detection logic. This...

Cyber Security News Iranian rss-feed-post-generator-echo The Hacker News

Iranian Hacker Pleads Guilty in $19 Million Robbinhood Ransomware Attack on Baltimore – Source:thehackernews.com

CISO2CISO Editor 2 28/05/2025 0

Source: thehackernews.com – Author: . An Iranian national has pleaded guilty in the U.S. over his involvement in an international ransomware and extortion scheme involving the...

Cyber Security News Czech rss-feed-post-generator-echo The Hacker News

Czech Republic Blames China-Linked APT31 Hackers for 2022 Cyberattack – Source:thehackernews.com

CISO2CISO Editor 2 28/05/2025 0

Source: thehackernews.com – Author: . The Czech Republic on Wednesday formally accused a threat actor associated with the People’s Republic of China (PRC) of targeting its...

Cyber Security News Microsoft rss-feed-post-generator-echo The Hacker News

Microsoft OneDrive File Picker Flaw Grants Apps Full Cloud Access — Even When Uploading Just One File – Source:thehackernews.com

CISO2CISO Editor 2 28/05/2025 0

Source: thehackernews.com – Author: . Cybersecurity researchers have discovered a security flaw in Microsoft’s OneDrive File Picker that, if successfully exploited, could allow websites to access...

Cyber Security News PumaBot rss-feed-post-generator-echo The Hacker News

New PumaBot Botnet Targets Linux IoT Devices to Steal SSH Credentials and Mine Crypto – Source:thehackernews.com

CISO2CISO Editor 2 28/05/2025 0

Source: thehackernews.com – Author: . Embedded Linux-based Internet of Things (IoT) devices have become the target of a new botnet dubbed PumaBot. Written in Go, the...

Cyber Security News Infection rss-feed-post-generator-echo The Hacker News

From Infection to Access: A 24-Hour Timeline of a Modern Stealer Campaign – Source:thehackernews.com

CISO2CISO Editor 2 28/05/2025 0

Source: thehackernews.com – Author: . Stealer malware no longer just steals passwords. In 2025, it steals live sessions—and attackers are moving faster and more efficiently than...

Cyber Security News hackers rss-feed-post-generator-echo The Hacker News

Mimo Hackers Exploit CVE-2025-32432 in Craft CMS to Deploy Cryptominer and Proxyware – Source:thehackernews.com

CISO2CISO Editor 2 28/05/2025 0

Source: thehackernews.com – Author: . A financially motivated threat actor has been observed exploiting a recently disclosed remote code execution flaw affecting the Craft Content Management...

'Browser-in-the-Middle' Cyber Security News rss-feed-post-generator-echo The Hacker News

How ‘Browser-in-the-Middle’ Attacks Steal Sessions in Seconds – Source:thehackernews.com

CISO2CISO Editor 2 28/05/2025 0

Source: thehackernews.com – Author: . Would you expect an end user to log on to a cybercriminal’s computer, open their browser, and type in their usernames...

Amazon-Hosted Cyber Security News rss-feed-post-generator-echo The Hacker News

251 Amazon-Hosted IPs Used in Exploit Scan Targeting ColdFusion, Struts, and Elasticsearch – Source:thehackernews.com

CISO2CISO Editor 2 28/05/2025 0

Source: thehackernews.com – Author: . Cybersecurity researchers have disclosed details of a coordinated cloud-based scanning activity that targeted 75 distinct “exposure points” earlier this month. The...

CISA CISA KEV Cyber Security News Incident Response Ox Security rss-feed-post-generator-echo securityweek vulnerabilities zero-day

Vulnerabilities in CISA KEV Are Not Equally Critical: Report – Source: www.securityweek.com

CISO2CISO Editor 2 28/05/2025 0

Source: www.securityweek.com – Author: Ionut Arghire Security flaws in CISA’s Known Exploited Vulnerabilities (KEV) catalog should be treated with urgency based on environmental context assessments, according...

botnet Breaking News Cyber Crime Cyber Security News Cybercrime hacking hacking news information security news internet of things IoT IT Information Security Malware Pierluigi Paganini PumaBot rss-feed-post-generator-echo Security Affairs SecurityAffairs

New PumaBot targets Linux IoT surveillance devices – Source: securityaffairs.com

CISO2CISO Editor 2 28/05/2025 0

Source: securityaffairs.com – Author: Pierluigi Paganini PumaBot targets Linux IoT devices, using SSH brute-force attacks to steal credentials, spread malware, and mine crypto. Darktrace researchers discovered...

App Store Apple Breaking News Cyber Security News hacking hacking news information security news IT Information Security Mobile Pierluigi Paganini rss-feed-post-generator-echo Security Security Affairs Security News SecurityAffairs

App Store Security: Apple stops $2B in fraud in 2024 alone, $9B over 5 years – Source: securityaffairs.com

CISO2CISO Editor 2 28/05/2025 0

Source: securityaffairs.com – Author: Pierluigi Paganini Apple blocked over $9B in fraud in 5 years, including $2B in 2024, stopping scams from deceptive apps to fake...

Breaking News Cyber Crime Cyber Security News Cybercrime hacking hacking news information security news IT Information Security Malware Pierluigi Paganini rss-feed-post-generator-echo Security Security Affairs Security News SecurityAffairs Venom RAT

Crooks use a fake antivirus site to spread Venom RAT and a mix of malware – Source: securityaffairs.com

CISO2CISO Editor 2 28/05/2025 0

Source: securityaffairs.com – Author: Pierluigi Paganini Researchers found a fake Bitdefender site spreading the Venom RAT by tricking users into downloading it as antivirus software. DomainTools...

Breaking News Cyber Crime Cyber Security News Cybercrime hacking hacking news IT Information Security Malware Pierluigi Paganini RobbinHood ransomware rss-feed-post-generator-echo Security Security Affairs Security News SecurityAffairs

Iranian Man pleaded guilty to role in Robbinhood Ransomware attacks – Source: securityaffairs.com

CISO2CISO Editor 2 28/05/2025 0

Source: securityaffairs.com – Author: Pierluigi Paganini Iranian man pleads guilty to role in Baltimore ransomware attack tied to Robbinhood, admitting to computer and wire fraud conspiracy....

Breaking News Cyber Crime Cyber Security News DragonForce ransomware hacking hacking news information security news IT Information Security Malware Pierluigi Paganini rss-feed-post-generator-echo Security Affairs Security News SecurityAffairs SimpleHelp

DragonForce operator chained SimpleHelp flaws to target an MSP and its customers – Source: securityaffairs.com

CISO2CISO Editor 2 28/05/2025 0

Source: securityaffairs.com – Author: Pierluigi Paganini Sophos warns that a DragonForce ransomware operator chained three vulnerabilities in SimpleHelp to target a managed service provider. Sophos researchers...

CSOonline Cyber Security News rss-feed-post-generator-echo Security vulnerabilities

If you use OneDrive to upload files to ChatGPT or Zoom, don’t – Source: www.csoonline.com

CISO2CISO Editor 2 28/05/2025 0

Source: www.csoonline.com – Author: Users could potentially allow access to the entire drive because of the way Microsoft implements OAuth in OneDrive File Picker. Using Microsoft...

CSOonline Cyber Security News Data Breach rss-feed-post-generator-echo

Hacker stehlen Coca-Cola-Daten – Source: www.csoonline.com

CISO2CISO Editor 2 28/05/2025 0

Source: www.csoonline.com – Author: Der weltgrößte Coca-Cola-Abfüller Coca-Cola Europacific Partners wurde Ziel einer Cyberattacke. Dabei wurden Daten gestohlen. Der Coca-Cola-Abfüller Coca-Cola Europacific Partners ist von einem...

CSOonline Cyber Security News email security Encryption rss-feed-post-generator-echo

‘Secure email’: A losing battle CISOs must give up – Source: www.csoonline.com

CISO2CISO Editor 2 28/05/2025 0

Source: www.csoonline.com – Author: Opinion May 28, 20257 mins Email SecurityEncryption Security wise, email has long been an outdated mode of communication in our increasingly cyber-threatened...

Day: May 28, 2025

Hundreds of Web Apps Have Full Access to Microsoft OneDrive Files – Source: www.darkreading.com

Implementing Secure by Design Principles for AI – Source: www.darkreading.com

Cellcom Restores Regional Mobile Services After Cyberattack – Source: www.darkreading.com

Why Take9 Won’t Improve Cybersecurity – Source: www.darkreading.com

Have Your Say: Dark Reading Seeks Your Input – Source: www.darkreading.com

Zscaler Announces Deal to Acquire Red Canary – Source: www.darkreading.com

OneDrive File Picker Flaw Gives Apps Full Access to User Drives – Source:hackread.com

Microsoft Entra Design Lets Guest Users Gain Azure Control, Researchers Say – Source:hackread.com

Fake AI Video Tool Ads on Facebook, LinkedIn Spread Infostealers – Source:hackread.com

Malware Hidden in AI Models on PyPI Targets Alibaba AI Labs Users – Source:hackread.com

Location Tracking App for Foreigners in Moscow – Source: www.schneier.com

AI-Generated Carbon Black Detection Rule for DarkCrystal RAT Campaign – Source: socprime.com

Iranian Hacker Pleads Guilty in $19 Million Robbinhood Ransomware Attack on Baltimore – Source:thehackernews.com

Czech Republic Blames China-Linked APT31 Hackers for 2022 Cyberattack – Source:thehackernews.com

Microsoft OneDrive File Picker Flaw Grants Apps Full Cloud Access — Even When Uploading Just One File – Source:thehackernews.com

New PumaBot Botnet Targets Linux IoT Devices to Steal SSH Credentials and Mine Crypto – Source:thehackernews.com

From Infection to Access: A 24-Hour Timeline of a Modern Stealer Campaign – Source:thehackernews.com

Mimo Hackers Exploit CVE-2025-32432 in Craft CMS to Deploy Cryptominer and Proxyware – Source:thehackernews.com

How ‘Browser-in-the-Middle’ Attacks Steal Sessions in Seconds – Source:thehackernews.com

251 Amazon-Hosted IPs Used in Exploit Scan Targeting ColdFusion, Struts, and Elasticsearch – Source:thehackernews.com

Vulnerabilities in CISA KEV Are Not Equally Critical: Report – Source: www.securityweek.com

New PumaBot targets Linux IoT surveillance devices – Source: securityaffairs.com

App Store Security: Apple stops $2B in fraud in 2024 alone, $9B over 5 years – Source: securityaffairs.com

Crooks use a fake antivirus site to spread Venom RAT and a mix of malware – Source: securityaffairs.com

Iranian Man pleaded guilty to role in Robbinhood Ransomware attacks – Source: securityaffairs.com

DragonForce operator chained SimpleHelp flaws to target an MSP and its customers – Source: securityaffairs.com

If you use OneDrive to upload files to ChatGPT or Zoom, don’t – Source: www.csoonline.com

Hacker stehlen Coca-Cola-Daten – Source: www.csoonline.com

‘Secure email’: A losing battle CISOs must give up – Source: www.csoonline.com

CISO2CISO © 2025 - All righths reserved.