The recent surge in maritime security is a direct response to a troubling increase in hostile activity targeting Critical Undersea Infrastructure (CUI). As reports confirm, "Over the past 2–3 years, Europe has experienced increasing threats to its undersea cables and pipelines." The wake of incidents like the Nord Stream pipeline sabotage in September 2022 served as a stark wake-up call, exposing the immense vulnerability of these essential arteries. Countries from Europe and the US, Australi
All Articles (2788)
Sort by
A recent analysis reveals how Scattered Spider’s persistent help desk exploitation cost Clorox $400 million. The analysis reveals Clorox’s operational disruption, and critical steps organizations must take to protect against similar social engineering threats. The cleaning products giant Clorox has sued its IT services partner, Cognizant, alleging that a devastating August 2023 ransomware attack that crippled production and cost the company $380 million in lost revenue was due to the firm’s ne
The article below is an analysis and follow-up to the analysis titled ‘Intrusion into Middle East Critical National Infrastructure’ (full report here), conducted by the FortiGuard Incident Response Team (FGIR)[1], which investigated a long-term cyber intrusion targeting critical national infrastructure (CNI) in the Middle East.
The Fortinet report revealed that threat actors had installed numerous web shell servers on the compromised system. In this follow-up, analysts conducted a deep analysis
A new report from NATO’s Cooperative Cyber Defense Center of Excellence (CCDCOE) warns that global ports are vulnerable in the wake of escalating cyber threats. The policy brief highlights that ports, which handle approximately 80% of international trade, “face unprecedented cybersecurity threats from state-linked actors” from Russia, Iran, and China. These actors aim to disrupt operations and potentially inflict significant economic and military harm.
Ports serve as crucial nodes in NATO’s de
Currently, European Central Bank (ECB) supervisors are focusing on critical issues, ranging from tariffs to cyberattacks and a possible dollar shortage, as they assess potential risks to the region's banking industry, five senior central bank officials said recently. The ECB is examining these risks amid a global trade war and conflicts, including the war in Ukraine and the Middle East.
Chief ECB supervisor Claudia Buch said last week that the central bank would test banks' resilience to geopol
In a communication with Bleepingcomputer, Dell has recently acknowledged a breach to its Customer Solutions Centers platform, which encompasses a variety of programs for evaluating technology solutions. The Dell Customer Solutions Centers are partitioned from the rest of Dell’s customer-facing networks and internals systems, so the breach affecting this platform should not pose much risk to customer data or sensitive internal data.
Dell representatives state that the data used in this platform
US insurance giant Allianz Life announced on July 26 that hackers had stolen the personal information of many of its customers, financial professionals, and select Allianz Life employees in the United States. The insurance giant's filing with Maine's attorney general did not immediately provide the number of customers affected. According to the filing, the data breach, which the company described as a hack, occurred on July 16 and was discovered on July 17.
TechCrunch first reported the data
A cyber-espionage campaign linked to a sophisticated hacking group believed to be based in China is continuing to compromise virtualization and networking infrastructure used by enterprises globally, according to a new deep-dive report by cybersecurity company Sygnia. The hackers are targeting VMware ESXi hypervisors, a type of software that controls and hosts virtual machines for enterprise networks. They are using custom tools that grant persistent access while evading detection by standard
Yesterday, KrebsOnSecurity heard from one of its readers whose boss’s email account got phished and was used to trick one of the company’s customers into sending a large payment to scammers. An investigation into the attacker’s infrastructure points to a long-running Nigerian cybercrime ring that is actively targeting established companies in the transportation and aviation industries.
A reader who works in the transportation industry sent a tip about a recent successful phishing campaign that t
There has and will be debates on how governments can regulate the current cyber advancements, which are changing at lightning speed. As an example, water and wastewater entities in the State of New York, that will soon have access to a new $2.5 million grant program to help them mitigate the costs of forthcoming cybersecurity regulations.
This past week, NY state officials announced the new funding pool alongside the proposed regulations, which would require regulated water and wastewater syste
The FortiCNAPP team, part of FortiGuard Labs, recently investigated a cluster of virtual private servers (VPS) used for Monero mining. The identified samples are associated with prior H2miner campaigns that we documented in 2020 and have since been updated with new configurations. H2Miner is a Crypto mining botnet that has been active since late 2019.
Researchers also identified a new variant of the Lcryx ransomware, called Lcrypt0rx. Lcryx is a relatively new VBScript-based ransomware strain fi
Hackers believed to be affiliated with an Iranian intelligence agency are using a newly-discovered strain of the DCHSpy malware to snoop on adversaries. Researchers from the cybersecurity firm Lookout detected the latest version of DCHSpy one week after Israel’s June bombing campaign targeting Iran’s nuclear program began. DCHSpy was first detected in 2024, but has since evolved and can now exfiltrate data from WhatsApp and files stored on devices, Lookout said. The malware also collects cont
Cases of cyber-attacks are constantly being reported all over the world. Recently, a big Cyberespionage Operation has been disclosed. In this, Microsoft's SharePoint server was targeted. About 100 different organizations have fallen victim to this operation so far. This cyber-attack was so dangerous that Microsoft had to issue an alert in the past days. It was said that active attacks are going on their SharePoint server, and users will have to install safety updates immediately.
This attack
The education sector tops the list of industries with the most vulnerable cloud assets, APIs and web applications, according to a new study from CyCognito. The security vendor analyzed a random sample of two million internet-exposed assets between January and June, simulating real-world attacker behavior including:
- Black-box pen testing using over 90,000 exploit modules, credential stuffing simulations, data exposure detection and more
- Dynamic application security testing to spot runtime web a
The month of July could barely have started any worse for some financial institutions in Brazil. On 30 June 2025, C&M Software, a Brazilian company that provides a "bridge" helping the country's central bank connect to local banks, revealed that it had been hacked. 810,306,000 Brazilian reals (approximately US$140 million) were stolen from the reserve accounts of six financial institutions because of the security breach.
In the wake of the attack, which made news headlines in Brazil, the count
Chinese-linked hackers are targeting the Taiwanese semiconductor industry and investment analysts as part of a string of cyber espionage campaigns, researchers said on 17 July. While hacking to steal data and information about the industry is not new, there is an increase in sustained hacking campaigns from several China-aligned hacking groups, researchers with cybersecurity firm Proofpoint said in a new analysis. “We’ve seen entities that we hadn’t ever seen being targeted in the past being t
In April 2025, Huntabil.IT observed a targeted attack on a Web3 startup, attributing the incident to a DPRK threat actor group. Several reports on social media at the time described similar incidents at other Web3 and Crypto organizations. Analysis revealed an attack chain consisting of an eclectic mix of scripts and binaries written in AppleScript, C++, and Nim. Although the early stages of the attack follow a familiar DPRK pattern using social engineering, lure scripts, and fake updates, th
Cybersecurity researchers have observed a surge in identity-driven cyberattacks targeting employee login credentials. According to a new report by eSentire’s Threat Response Unit (TRU), between 2024 and the first quarter of 2025, 19,000 identity-related cyber investigations revealed a 156% increase in such threats compared to 2023. These incidents now account for 59% of all confirmed threats across eSentire’s customer base of over 2000 organizations.[1]
One of the biggest enablers of this tre
UK customers of luxury goods brand Louis Vuitton have been warned to be on their guard against opportunist fraud attempts after their data was compromised in a cyber-attack on the retailer.
In an email sent to customers, Louis Vuitton revealed that its IT systems were accessed on 2 July 2025 by an unauthorized third party, who was able to obtain data including names, contact details and purchasing histories, all data of use to cyber criminals. Louis Vuitton said that bank and credit card details
Just hours after the US President announced airstrikes on three key Iranian nuclear sites, a wave of cyberattacks linked to pro-Iranian groups began to surface. Iranian hackers are reported to have hit US banks, defense contractors, and oil industry companies after the US attacks on Iranian nuclear facilities. To date, they have not caused serious problems to critical infrastructure or the US economy. However, some analysts think that the US strikes could even prompt Iran, Russia, China, and N
