AWS attributes a multi-year cyber espionage campaign targeting critical infrastructure to Russia-linked group Sandworm (APT44). The attackers exploit misconfigured customer devices to gain access, steal credentials, and maintain long-term persistence, emphasizing the importance of securing network edge devices. #Sandworm #APT44…
Tag: CRITICAL INFRASTRUCTURE
![Cybersecurity News | Daily Recap [15 Dec 2025]](https://www.hendryadrian.com/tweet/image/DailyRecap.png "Cybersecurity News | Daily Recap [15 Dec 2025]")
Daily Recap, A relaunch of CyberVolk’s RaaS VolkLocker targets Windows and Linux but carries a hard-coded master key and cryptographic flaws in AES256 that can enable free decryption, with operators distributing the toolkit via Telegram. Other highlights include SHADOW-VOID-042 impersonating Trend Micro in a spear-phishing campaign tied to Void Rabisu, PayPal subscription-billing abuse, Hamas-affiliated Ashen Lepus revealing the AshTag malware suite, and the Asahi Group ransomware incident prompting a shift to a zero-trust security model. #VolkLocker #SHADOWVOID042 #TrendMicro #VoidRabisu #PayPal #AshTag #AshenLepus #AsahiGroup #ZeroTrust #Telegram
Britain’s MI6 leader warns of escalating hybrid threats from Russia, including cyberattacks, propaganda, and sabotage, emphasizing the need for technological mastery and human wisdom. The agency plans to enhance its impact and outplay adversaries in every mission domain to protect national security. #MI6 #RussiaCyberattacks #HybridThreats #BritishIntelligence…
Soverli, a Swiss cybersecurity startup, has raised $2.6 million to develop a sovereign smartphone platform that enhances user security by allowing multiple isolated operating systems on standard mobile devices. This innovative OS can run alongside Android or iOS, providing increased security and continuity even if the main platform is compromised. #Soverli…
Japan is preparing for its first public-private sector cybersecurity tabletop exercise to enhance resilience against large-scale cyberattacks targeting critical infrastructure. The drill aims to simulate cascading disruptions in Tokyo, improving coordination and response strategies. #JapanCyberDefense #InfrastructureAttack…
The Pierce County Library System experienced a significant cyberattack in April 2025, exposing the personal data of over 340,000 individuals. The attack was claimed by the INC ransomware gang and highlights the increasing vulnerability of public institutions to cyber threats. #INC #PierceCountyLibrary…
A threat group impersonated Trend Micro to launch a targeted spear-phishing campaign against critical infrastructure, leveraging the vendor’s branding to deceive victims. This operation appears to be linked to the cybercriminal group Void Rabisu, showcasing a mix of old and new attack techniques. #SHADOWVOID042 #VoidRabisu…
The CyberProof 2025 Mid-Year Cyber Threat Landscape Report highlights escalating ransomware attacks powered by AI, increased targeting of critical infrastructure, and evolving supply chain infiltration strategies in H1 2025. Notable threat actors like Akira, DragonForce, and FunkSec demonstrate sophisticated tactics amid geopolitical cyber conflicts affecting sectors worldwide. #FunkSec #DragonForce #SaltTyphoon #Akira
The 2024 Global Cyber Threat Intelligence Report highlights ransomware as the top threat vector, with emerging groups like RansomHub dominating the scene using ransomware-as-a-service (RaaS) models. Nation-state actors such as APT29 continue advanced cyber-espionage activities, while social engineering and AI-enhanced phishing attacks increasingly threaten organizations worldwide. #RansomHub #APT29 #CyberVolk
Johnson Controls has identified critical vulnerabilities affecting several versions of their iSTAR Ultra series and edge door controllers, which could allow remote attackers to take full control of the devices via OS Command Injection. Organizations should prioritize firmware updates and implement network security measures to mitigate these risks. #JohnsonControls #OSCommandInjection…
This article details a vulnerability in Grassroots DICOM (GDCM) versions up to 3.0.24, which can cause application crashes and denial-of-service by exploiting out-of-bounds write issues when parsing malicious DICOM files. Mitigation involves updating affected software and following cybersecurity best practices. #CVE-2025-11266 #GrassrootsDICOM…
This alert highlights a critical DLL hijacking vulnerability in Varex Imaging’s Panoramic Dental Imaging Software, which could allow standard users to gain SYSTEM privileges. Mitigation includes deploying a software patch and implementing network security measures. #VarexImaging #CVE202422774…
This week’s cybersecurity roundup highlights emerging threats such as the PromptPwnd attack exploiting AI models and the US Pentagon’s push towards post-quantum cryptography. It also covers international efforts to combat GPU smuggling, industry investments, and malware targeting Android devices. #PromptPwnd #SaltTyphoon…
A cyberattack targeted Russia’s digital military draft system, compromising sensitive data and source code from a key developer, Micord. The breach raises concerns about the security of Russia’s modernization efforts for its wartime enlistment process. #Cyberattack #RussiaDraftSystem…
Daily Recap, authorities pursue a broad set of cybercrime actions—from Myanmar digital arrest-fraud charges and Accenture fraud to FedRAMP-related contractor concerns and indictments targeting Russian-linked hacktivists. The recap also flags data breaches and privacy risks at Pierce County Library, LastPass fines, Petco Vetco exposure, doorbell and camera privacy debates, and widespread vulnerabilities and malware activity including NANOREMOTE, BRICKSTORM, Mirai, CastleLoader, Spiderman Phishing, DroidLock, and large Docker Hub credential leaks.
#NANOREMOTE #BRICKSTORM #WarpPanda #LastPass #PierceLibrary #Petco #Vetco #DroidLock #CastleLoader #SpidermanPhishing #DockerHub #Mirai