The Gen Threat Report Q2/2025 highlights emerging cyber threats including PharmaFraud’s fake pharmacies, AI-powered ransomware by FunkSec, and rising scams on Facebook targeting everyday users. Key statistics reveal surges in financial fraud, malicious push notifications, and AI-assisted malware attacks. #PharmaFraud #FunkSec #FacebookScams
Category: Interesting Stuff
The CalypsoAI Insider AI Threat Report 2025 reveals that AI is transforming workplace trust, with many employees preferring AI over human colleagues despite significant risks related to internal AI misuse. The report emphasizes critical gaps in AI understanding among C-suite leaders and highlights the urgent need for robust AI security measures in regulated industries like financial services, healthcare, and security. #CalypsoAI #InsiderAIThreat #AICyberRisk
The Q2 2025 Email Threat Trends Report highlights the rise of human-centered email attacks, with manufacturing and retail sectors remaining primary targets. Key findings include the decline of phishing kits in favor of customized attacks, the emergence of callback phishing, the regional targeting of Scandinavian executives by BEC scams, and the dominance of Lumma Stealer malware campaigns. #LummaStealer #CallbackPhishing #BEC #Manufacturing #Retail
GraphQL introspection can expose detailed schema information that attackers may exploit for various attacks. Proper configuration can significantly reduce security risks by disabling or limiting introspection features. #GraphQLIntrospection #SchemaDisclosure
JWTs are vital for authentication but can become security risks if misconfigured. This article explains common JWT vulnerabilities and how pentesters exploit them, emphasizing the importance of proper configuration and validation. #JWT #TokenForgery
This article provides a comprehensive guide on identifying, analyzing, and testing for Cross-Site Request Forgery (CSRF) vulnerabilities in web applications. It emphasizes the importance of understanding application functionality, analyzing HTTP requests, and …
NTP abuse can lead to critical information leaks, providing attackers with insights into network topology, host details, and active clients. Proper configuration and security measures are essential to prevent stealthy reconnaissance activities leveraging legacy NTP servers. #NTPMonlist #CyberRecon
The 2025 SANS Threat Hunting Survey reveals a growing trend toward in-house threat hunting capabilities, with organizations prioritizing agility and integration despite challenges like cloud visibility and skilled staffing shortages. Key findings include the prevalence of business email compromise, rising nation-state threats, and the increasing use of living off the land techniques among threat actors. #SANS2025 #ThreatHunting #BusinessEmailCompromise #LivingOffTheLand
This article explains how misconfigured AWS SNS topics can lead to security vulnerabilities, including privilege escalation and data leaks. It demonstrates a real-world scenario of exploiting SNS to access sensitive secrets in AWS, highlighting the importance of proper configuration. #AWS SNS #Pacu #CloudGoat
This article discusses the capabilities of NetExec (nxc), a comprehensive post-exploitation framework designed to automate credential dumping in Windows and Active Directory environments. It highlights various methods attackers can use to gather sensitive credentials and offers insights for both red and blue teams to improve detection and mitigation strategies. #NetExec #CredentialDumping
IR Sim 101 offers a realistic simulation for SOC analysts and cybersecurity students to practice incident response workflows through story-driven breach investigations. It emphasizes the importance of organized documentation, log analysis, and cross-correlation for effective incident management. #IncidentResponse #SOCTraining
Threat intelligence for May 2025 highlights 77 new vulnerabilities, five active exploits, and increased ransomware activity, with critical issues like CVE-2025-29813 (Azure DevOps Server) and CVE-2025-30386 (Microsoft Office) needing urgent remediation. Ransomware groups such as Safepay and Devman, active exploitation of CISA-listed CVEs, and frequent malware submissions (e.g., Berbew) underscore the need for prioritized patching, asset discovery, and threat-informed defenses. #CVE-2025-29813 #CVE-2025-30386 #Safepay #Devman #Berbew
Google’s AppSheet platform had a critical deserialization vulnerability that allowed remote code execution, risking data theft and server compromise. Thanks to responsible disclosure, the flaw was patched, protecting millions of users. #GoogleAppSheet #DeserializationVulnerability
The 2025 ransomware landscape is shaped by evolving threat actors adapting to law enforcement actions, increasing data exfiltration, and decreasing ransom payments, alongside emerging legal risks and rising budgets for defense and recovery. Organizations with better outcomes prioritize proactive ransomware playbooks, secure backup recovery, and strong people-centric response strategies to build cyber resilience. #LockBit #BlackCat #BlackBasta
The ThreatLabz 2025 AI Security Report by Zscaler analyzes over 536 billion AI/ML transactions, revealing explosive growth in AI adoption and highlighting major security concerns such as the weaponization of AI by threat actors. The report emphasizes the necessity of strong security controls, zero trust architecture, and AI-powered defenses to counter evolving AI-driven cyber threats. #ThreatLabz #Zscaler #ChatGPT