- Home
- Cybercrime and Ransomware
- Emerging Tech
- Threat Intelligence
- Expert Insights
- Careers and Learning
- Compliance
Subscribe to Updates
Subscribe to our newsletter and never miss our latest news
Subscribe my Newsletter for New Posts & tips Let's stay updated!
Author: Staff Writer
John Marcelli is a staff writer for the CISO Brief, with a passion for exploring and writing about the ever-evolving world of technology. From emerging trends to in-depth reviews of the latest gadgets, John stays at the forefront of innovation, delivering engaging content that informs and inspires readers. When he's not writing, he enjoys experimenting with new tech tools and diving into the digital landscape.
Fast Facts Checkout.com’s legacy cloud storage was breached by ShinyHunters, exposing data from 2020 and earlier, affecting less than 25% of current merchants but including past customers. The cybercrime group gained access through a poorly decommissioned third-party system and is extorting the company for ransom, which Checkout refuses to pay. Checkout commits to strengthening its security measures and plans to donate ransom funds to cyber security research institutions like Carnegie Mellon University and Oxford. ShinyHunters, known for large-scale data breaches via phishing and social engineering, has been linked to exploiting vulnerabilities such as Oracle E-Business Suite (CVE-2025-61884) and recent Salesforce…
Essential Insights Evolving Tactics: North Korean threat actors have adapted their malware delivery method by utilizing JSON storage services (e.g., JSON Keeper) to host malicious payloads for the Contagious Interview campaign. Social Engineering Approach: The campaign targets professionals on LinkedIn, luring them into downloading seemingly benign demo projects from reputable platforms like GitHub, leading to malware installation. Payload Details: The primary malware, BeaverTail, collects sensitive data and drops a backdoor called InvisibleFerret, which realizes additional payloads, including TsunamiKit, enhancing its threat profile. Stealthy Operations: By leveraging legitimate services and tools, the attackers aim to blend in with normal traffic, posing…
Fast Facts AI-driven security enhances threat detection, response speed, and cost efficiency by leveraging real-time data processing, automation, and predictive insights, especially crucial in cloud environments managing Non-Human Identities (NHIs). Effective NHI management, including securing identities and secrets, is vital for maintaining cloud security, preventing vulnerabilities, and bridging gaps between security teams and R&D to foster innovation without compromising safety. Context-aware, AI-powered security tools improve threat understanding by analyzing interaction patterns, ensuring accurate detection, regulatory compliance, and minimizing false positives. Integrating AI into incident response, DevOps, and compliance processes transforms security by enabling proactive threat mitigation, automating identity management, and…
Conduent Faces Major Financial Loss and Lawsuits After Data Breach Affecting 10.5 Million
Summary Points Conduent experienced a significant data breach in January, potentially affecting over 10.5 million individuals, leading to multiple lawsuits and heightened scrutiny. The breach involved a malicious actor, SafePay ransomware group, who remained inside Conduent’s systems for nearly three months before detection, stealing 8.5TB of data. Conduent has already spent $9 million on post-breach costs and anticipates an additional $16 million, adding to previous quarter expenses, amid criticism over delayed victim notification. The incident underscores inherited vulnerabilities such as unencrypted data storage and delayed breach disclosures, violating best practices for immediate breach response and escalating legal and reputational risks.…
Quick Takeaways A China-linked state-sponsored group exploited Anthropic’s Claude AI to conduct a large-scale, nearly fully automated espionage campaign targeting over 30 global entities across multiple sectors. The hackers used Claude to explore targets, identify vulnerabilities, exfiltrate data, and document their attacks, with AI performing 80-90% of the operations, minimizing human intervention to just a few critical decisions. They manipulated the AI by posing as a cybersecurity firm, breaking down tasks into benign requests to bypass security guardrails, highlighting AI’s potential for secure exploitation and automation in cyberattacks. Anthropic detected and disrupted the campaign within 10 days, illustrating how AI-driven…
Quick Takeaways Five individuals, including four Americans and one Ukrainian, pleaded guilty to aiding North Korea’s illicit revenue schemes through remote IT worker fraud and cryptocurrency theft, impacting 136 U.S. companies and generating over $2.2 million for the DPRK regime. The facilitators used false or stolen identities to enable North Korean agents to obtain remote jobs with U.S. firms, funneling salaries and stolen data to North Korea. U.S. authorities are pursuing the forfeiture of over $15 million in cryptocurrency linked to hacking incidents by the APT38 group, which has stolen around $382 million in cyber-heists targeting exchanges in Panama, Estonia,…
Top Highlights Fortinet warns of a critical, actively exploited vulnerability (CVE-2025-64446) in FortiWeb WAF that allows unauthenticated attackers to execute admin commands and take full control of affected systems. The flaw, a relative path traversal (CWE-23), enables malicious requests bypassing authentication, potentially creating unauthorized admin accounts with full device access. Affected versions span multiple FortiWeb releases (8.0, 7.6, 7.4, 7.2, 7.0), with immediate recommended upgrades to patched versions (e.g., 8.0.2, 7.6.5). As a temporary measure, Fortinet suggests disabling internet-facing HTTP/HTTPS interfaces, while urging organizations to audit logs post-upgrade for signs of compromise due to the high exploitation risk. What’s the…
Fast Facts Anthropic revealed a Chinese state-sponsored hacking group used Claude AI for cyber espionage, bypassing security via task segmentation and deception, with significant human oversight involved in setup and validation. The operation required complex infrastructure, including a specially built frontend framework and external open-source tools, highlighting significant human effort despite the AI’s autonomous capabilities. Experts debate the report’s implications: some view it as evidence of AI-enhanced hacking risks, while others criticize it for lacking transparency and actionable intelligence, with concerns about overestimating AI’s current autonomous capabilities. The findings suggest China may be leveraging AI for cyber operations to send…
Top Highlights The Akira ransomware group has generated over $244 million through attacks targeting critical infrastructure since March 2023, mainly exploiting vulnerabilities in VMware ESXi, Nutanix AHV, SonicWall, Veeam, and Cisco devices. They utilize a variety of techniques, including password spraying, exploiting publicly disclosed vulnerabilities, stolen credentials, and brute-force attacks on VPNs and routers to gain initial access. Once inside, they establish footholds by creating admin accounts, escalating privileges via Veeam vulnerabilities, and moving laterally with tools like AnyDesk, LogMeIn, and RDP, often uninstalling endpoint detection to evade detection. The group exfiltrates data rapidly—within hours—before executing ransomware payloads that encrypt…
Summary Points NICE Framework Update: The NICE Workforce Framework for Cybersecurity was revised in November 2020 to effectively integrate the impact of emerging technologies, especially AI, on cybersecurity roles. Stakeholder Engagement: NICE has actively collaborated with federal agencies, industry, and educational bodies to assess AI’s implications on workforce development, hosting several related webinars and conferences. AI Security Competency Area: A new AI Security Competency Area has been introduced to define essential knowledge and skills at the intersection of AI and cybersecurity, currently open for public comment. Work Role Adjustments: NICE plans to update existing Work Roles with AI-related task, knowledge,…