Radical empowerment in cybersecurity leadership involves giving front-line teams maximum authority, trust, and resources to foster innovation and quick problem-solving. However, misdefinitions and top-down approaches can lead to disempowerment, fear, and stagnation, emphasizing the importance of genuine trust and organizational safety. #CyberPsychology #CyberLeadership…
Tag: CRITICAL INFRASTRUCTURE
A sophisticated cyberattack by the group Cavalry Werewolf targeted a Russian government organization, using phishing emails and multiple malware variants to steal data and perform network reconnaissance. The campaign highlights the threat posed by advanced persistent threat actors employing open-source tools and covert tactics. #CavalryWerewolf #BackDoorShellNET #TrojanFileSpyNET #ReverseSocks5…
Russia-aligned threat actor Sandworm has intensified its destructive cyber operations targeting Ukrainian infrastructure using sophisticated data wipers like ZEROLOT and Sting. These attacks aim to cause maximum disruption to Ukraine’s economy and critical sectors, including government, energy, and agriculture. #Sandworm #ZEROLOT #Sting #UkrainianInfrastructure…
![Cybersecurity News | Daily Recap [05 Nov 2025]](https://www.hendryadrian.com/tweet/image/DailyRecap.png "Cybersecurity News | Daily Recap [05 Nov 2025]")
Write 2 sentences summarizing the content (Cybersecurity News ‘Daily’ Recap). At the end, add hashtags for specific keywords mentioned in the article—such as names of malware, threat actors, or affected organizations/systems. Avoid general terms like #malware, #ransomware, or #cybersecurity. Use this format: #Keyword1 #Keyword2. Start with ‘Daily Recap, ‘
This article discusses a critical vulnerability in Survision’s License Plate Recognition (LPR) cameras where missing authentication allows unauthorized remote access, with a high CVSS score. Organizations should update firmware and enhance security measures to mitigate potential exploitation risks. #Survision #LicensePlateRecognition #CVE-2025-12108…
Radiometrics VizAir devices are vulnerable to multiple critical security flaws that could allow remote attackers to manipulate weather data and disrupt airport operations. Cybercriminals could exploit these vulnerabilities to mislead air traffic control, cause hazardous flight conditions, and extract sensitive meteorological information. #VizAir #CVE-2025-61945 #CVE-2025-54863 #CycloneThreat…
Polish authorities are Investigating a series of cyberattacks affecting major companies, including data breaches and disruption of payment services, highlighting the increasing frequency of cyber threats. The attacks, potentially linked to Russia, underscore the growing cyber warfare and espionage risks faced by Poland and European nations. #SuperGrosz #Blik #RussiaCyberattacks…
Ransomware attacks are sophisticated threats that encrypt data and demand payment, often employing advanced tactics like double extortion. Wazuh provides an integrated solution for detecting, preventing, and responding to such ransomware threats through comprehensive monitoring and automation. #DOGEBigBalls #GunraRansomware…
Daily Recap, Ransomware actors are exploiting the Linux kernel CVE-2024-1086 to deploy malware and escalate incidents while a new BOF tool bypasses Microsoft Teams cookie encryption to steal user chats. Chrome vulnerability rewards and a Windows Task Manager bug are also noted in the week’s security updates.
#CVE-2024-1086 #LinuxKernel #TeamsBOF #ChromeRewards #KB5067036
Hacktivist attacks on critical infrastructure, especially industrial control systems (ICS), doubled in the third quarter, with Russia-linked groups leading the strikes. These threats are increasingly targeting energy, utilities, manufacturing, and agriculture sectors across Europe and North America, driven by geopolitical conflicts. #INTEID #Z-Pentest…
Silent Lynx conducted spear-phishing campaigns using malicious RAR archives and LNK shortcuts to deploy multiple implants (PowerShell reverse shells, C++ Laplas, C++/TLS variants, .NET SilentSweeper) targeting diplomatic and infrastructure-related entities in Central Asia, Russia, Azerbaijan, and China. Infrastructure includes GitHub-hosted Base64 blobs, C2s at 206.189.11.142 and Russian hosts, and use of tunneling tools like Ligolo-ng. #SilentLynx #SilentSweeper
British water suppliers in Britain have experienced five cyberattacks targeting their organizations since last year, underscoring increasing threats to critical infrastructure. While these attacks did not affect the water supply directly, they highlight the importance of improved cybersecurity measures amid evolving threats. #VoltTyphoon #BritishWater #CriticalInfrastructure…
Midnight is a new ransomware strain derived from Babuk that uses ChaCha20 for file encryption and RSA to protect the ChaCha20 key, while employing intermittent encryption and file-extension/appended-content behaviors. Weaknesses in Midnight’s cryptographic implementation enabled researchers to produce a working decryptor and provide recovery guidance. #Midnight #Babuk
In October 2025, CRIL discovered a multi-stage backdoor campaign using a weaponized ZIP masquerading as a Belarusian military PDF that used nested archives, LNK-triggered PowerShell, scheduled tasks, and a Tor hidden-service with obfs4 to provide anonymous SSH/RDP/SFTP/SMB access. The TTPs and infrastructure show similarities to the December 2024 Army+ campaign attributed to Sandworm (UAC-0125/APT44), including pre-generated RSA keys and OpenSSH for Windows deployment. #Sandworm #obfs4
The FCC plans to revoke cybersecurity regulations previously imposed on telecom companies following Chinese hacking attacks linked to Salt Typhoon. The agency argues that telecoms have already taken voluntary security measures and that the earlier regulations were overly rigid and unnecessary. #SaltTyphoon #ChineseHackers…