- Home
- Cybercrime and Ransomware
- Emerging Tech
- Threat Intelligence
- Expert Insights
- Careers and Learning
- Compliance
Subscribe to Updates
Subscribe to our newsletter and never miss our latest news
Subscribe my Newsletter for New Posts & tips Let's stay updated!
Author: Staff Writer
John Marcelli is a staff writer for the CISO Brief, with a passion for exploring and writing about the ever-evolving world of technology. From emerging trends to in-depth reviews of the latest gadgets, John stays at the forefront of innovation, delivering engaging content that informs and inspires readers. When he's not writing, he enjoys experimenting with new tech tools and diving into the digital landscape.
Fast Facts Inotiv, a pharmaceutical firm, suffered a data breach via a ransomware attack on August 8, affecting over 9,500 individuals’ personal, financial, and health data. The breach caused operational disruptions, restricted access to systems, but the company has now restored access and concluded its investigation. The compromised information includes sensitive details such as Social Security numbers, driver’s licenses, and medical data, impacting employees, former staff, their families, and acquired companies. Inotiv is offering affected individuals 24 months of free credit monitoring, while the full impact of the breach remains under assessment; the threat actor behind the attack is unidentified.…
Essential Insights Acquisition Announcement: ServiceNow plans to acquire Non-Human Identity (NHI) management provider Veza for approximately $1 billion to enhance its security and governance offerings. Integration of Technologies: ServiceNow will integrate Veza’s Access Graph into its IT service management, HR, and customer service workflows, improving permission management for machine identities. Strategic Market Fit: With a growing demand for identity security from CIOs and CISOs, the acquisition aligns with ServiceNow’s strategy to incorporate machine identity governance into its platform. Unified Architecture Vision: Veza’s CEO emphasized that integrating their identity security capabilities will provide comprehensive visibility and control across the ServiceNow platform,…
Top Highlights A $9 million DeFi exploit on Yearn Finance highlights vulnerabilities in internal accounting and gas fee caching mechanisms. Malware variants like BPFDoor and Symbiote are evolving with IPv6 support and port hopping, increasing their stealth capabilities. Ongoing phishing campaigns, including high-volume attacks and sophisticated social engineering, continue to target users’ credentials and deploy malware like XWorm and Stealerium. Emerging threats include AI abuse for ransomware, GPS spoofing at airports, and widespread secrets leaks from code repositories, emphasizing the relentless and diverse nature of cyber risks. What’s the Problem? Recently, the cybersecurity landscape experienced a series of alarming incidents.…
Summary Points The UK government, through DSIT and Plexal, launched the Cyber Runway CNI programme to bolster critical national infrastructure against cyber threats by fostering collaboration between SMEs and CNI sector representatives. The initiative aims to bridge the gap between innovative UK cyber solutions and urgent security needs across sectors like energy, water, telecoms, transportation, and data centers, enhancing resilience and regulatory readiness. Six SMEs have been onboarded to provide advanced cybersecurity capabilities, with CISOs involved to offer insights, ensuring solutions are tailored to real-world challenges faced by critical infrastructure operators. The programme promotes cross-sector collaboration, connecting SMEs with CNI…
Quick Takeaways Freedom Mobile disclosed a data breach impacting a limited number of customers due to credential compromise via a subcontractor account on October 23. Personal information such as names, addresses, phone numbers, birth dates, and account numbers was compromised; the company believes it has not been misused. The company responded swiftly by blocking suspicious accounts and enhancing security measures but did not specify the number of affected individuals or the attackers’ details. This is not the first breach; in 2019, a previous incident involved exposure of customer data through a third-party database, initially claimed to affect over 1.5 million…
Summary Points Hackers compromised Marquis, a fintech firm, stealing personal and financial data of over 780,000 individuals through a SonicWall firewall vulnerability, with investigation concluding in October. The breach exposed sensitive information such as names, addresses, Social Security numbers, account numbers, and credit/debit card details, though no misuse has been confirmed yet. Marquis began notifying affected individuals in recent weeks and is offering free credit monitoring and identity protection for one or two years. Security researchers link the attack to the Akira ransomware group, which targeted SonicWall appliances, but no specific threat actor has been officially identified. The Core Issue…
Summary Points GoldFactory, a Chinese-speaking cybercrime group, has been conducting targeted attacks since June 2023, focusing on impersonating government and trusted brands in Indonesia, Thailand, and Vietnam to distribute Android malware through modified banking apps. The group exploits social engineering via phone calls and messaging apps to lure victims into installing malware, which then grants remote access, steals credentials, and bypasses security features using sophisticated hooking frameworks like FriHook, SkyHook, and PineHook. Over 300 unique malicious app samples caused around 2,200 infections in Indonesia alone, with the malware capable of activating keylogging, screen streaming, fake system alerts, and extracting personal…
Top Highlights Sophisticated attackers are exploiting legitimate administrative tools like Velociraptor to establish stealthy Command and Control channels, making detection more difficult as these tools often appear to signal remediation rather than malicious activity. Recent campaigns, utilizing vulnerabilities in Microsoft SharePoint (CVE-2025-49706 and CVE-2025-49704), allow attackers to bypass authentication, deploy malicious web shells, and install Velociraptor for lateral movement and persistence. The attackers use advanced techniques such as Cloudflare tunnels, digitally signed binaries, and signed PowerShell scripts within Visual Studio Code to evade defenses and mask malicious network activities. These operations, linked to the threat group Storm-2603, prominently feature malware…
Quick Takeaways CISOs’ primary concerns revolve around longstanding security fundamentals, such as weak MFA adoption and poor security hygiene, which, if neglected, expose organizations to significant risks. Despite ever-changing threats and headlines, focusing resources on well-understood vulnerabilities is crucial to avoid blind spots and ensure effective defense, emphasizing the importance of measurable controls like KRIs. The interconnected modern software ecosystem, heavily dependent on open-source code and AI-generated libraries, presents an existential risk due to vulnerabilities in dependencies and lack of oversight, potentially causing widespread failures. Proactive management of software supply chain risks through enhanced visibility, rigorous vetting, and ongoing vulnerability…
Summary Points Shift to Continuous Testing: Traditional annual penetration testing fails to match the fast-paced evolution of modern infrastructures, resulting in outdated security assessments. Continuous Penetration Testing (CPT) provides ongoing visibility and aligns with today’s dynamic environments. Timely Insights and Remediation: CPT enables real-time vulnerability discovery and shorter remediation cycles, enhancing organizational resilience and yielding measurable ROI as it transitions security from a compliance task to continuous, actionable improvement. Integration with DevOps: Unlike static models, CPT integrates seamlessly with cloud-native architectures and DevOps workflows, allowing for constant validation and enabling teams to address emerging vulnerabilities proactively. Evidence of Improvement: CPT…