- Home
- Cybercrime and Ransomware
- Emerging Tech
- Threat Intelligence
- Expert Insights
- Careers and Learning
- Compliance
Subscribe to Updates
Subscribe to our newsletter and never miss our latest news
Subscribe my Newsletter for New Posts & tips Let's stay updated!
Author: Staff Writer
John Marcelli is a staff writer for the CISO Brief, with a passion for exploring and writing about the ever-evolving world of technology. From emerging trends to in-depth reviews of the latest gadgets, John stays at the forefront of innovation, delivering engaging content that informs and inspires readers. When he's not writing, he enjoys experimenting with new tech tools and diving into the digital landscape.
Top Highlights Cybercriminal group Cl0p, linked to FIN11, targeted nearly 30 organizations via a campaign exploiting Oracle EBS vulnerabilities, with some victims publicly confirmed, including Harvard and American Airlines’ Envoy Air. The attack involved extortion emails in late September, with Cl0p leaking data from 18 victims, potentially originating from Oracle environments, and may have exploited zero-day flaws (CVE-2025-61882/84). Most impacted organizations are yet to confirm breaches; many remain silent, likely due to ongoing investigations or strategic withholding of information. The campaign’s proximity to previous Cl0p attacks signifies a pattern of high-impact, targeted data breaches leveraging Oracle EBS vulnerabilities over recent…
Quick Takeaways QNAP patched 24 vulnerabilities across its products, including critical flaws demonstrated at Pwn2Own Ireland 2025, emphasizing the importance of timely updates. Two significant exploits chained multiple vulnerabilities in QNAP routers and NAS devices, earning hackers substantial rewards and highlighting the severity of these flaws. Key vulnerabilities addressed include critical code injection, hardcoded credentials, and multiple bugs in QNAP’s Malware Remover, Hyper Data Protector, and other applications. While no active exploitation has been reported, users are urged to update their systems promptly to mitigate risks, as QNAP vulnerabilities are high-value targets for attackers. The Core Issue Over the weekend,…
Quick Takeaways Cybercriminals are conducting a widespread phishing campaign targeting the hospitality industry, impersonating Booking.com to steal hotel managers’ credentials and deploy malware like PureRAT for remote access. The attack involves compromised email accounts sending spear-phishing messages directing victims to ClickFix pages that execute malicious PowerShell commands, leading to system control and data exfiltration. Threat actors also target hotel customers via fake booking sites, tricking them into revealing banking details, often sourcing administrator credentials from illicit marketplaces like LolzTeam. The campaign demonstrates a professionalized, “as-a-service” cybercrime model with sophisticated, evolving ClickFix pages designed to increase victim engagement and evade detection.…
Rising Cyber Threats: Surge in DDoS Attacks and Data Breaches Against EU Public Admin
Summary Points Public administrations in the EU face a rising tide of cyberattacks, with 69% targeting central government websites primarily through DDoS, data breaches, ransomware, and social engineering threats, significantly impacting public trust and service delivery. ENISA’s 2024 report highlights hacktivists as the most prevalent threat, responsible for nearly 63% of incidents, with geopolitical motives linked to groups like NoName057(16) and increased AI-driven social engineering poised to escalate these threats. The sector’s low cybersecurity maturity, compounded by emerging AI-enabled attacks and supply chain vulnerabilities, underscores the urgent need for strategic resilience measures, including advanced defenses like CDN/WAF, multi-factor authentication, and…
Quick Takeaways Rapid Adoption & Security Risks: 82% of companies use AI agents, with over half accessing sensitive data daily, leading to significant security vulnerabilities due to inadequate governance. Lifecycle Management: Clear ownership and formal lifecycle management for AI agents are essential to prevent orphaned agents, ensuring accountability and security throughout their usage in enterprises. Defined Security Parameters: Organizations must establish centralized governance with cross-functional collaboration to define operational boundaries and permissions for AI agents, mitigating risks associated with broad access. Identity Security’s Role: Integrating identity governance with AI oversight enhances security and operational efficiency, highlighting the necessity of a…
Essential Insights Critical vulnerabilities: Zero-day flaws in Android, Cisco, and Microsoft Teams expose millions to remote code execution and privilege escalation, urging prompt patching and updates. Weaponized AI risks: HackedGPT and PROMPTFLUX demonstrate how AI models can be weaponized for cybercrime, including phishing, malware development, and evasion tactics. Data leaks and supply chain threats: Extensive leaks from OpenAI’s Whisper API and malicious VS Code extensions underscore the privacy and security risks in AI and developer ecosystems. Advanced attack techniques: Threat actors leverage RMM tools, exploit legacy protocols, and utilize living-off-the-land methods like Windows COM objects and DLL sideloading to evade…
Essential Insights NAKIVO v11.1 now supports five new interface languages (French, Italian, German, Polish, Chinese), improving user accessibility worldwide. The update enhances Proxmox VE support with features like Flash VM Boot, VM replication, template backups, and direct tape recovery, boosting resilience without extra infrastructure costs. Real-Time Replication for VMware allows continuous VM synchronization with automated failover, ensuring zero data loss and uninterrupted service during outages. The version introduces granular backup options for physical machines, enabling selective recovery of folders or volumes across diverse storage options with encryption and immutability. Underlying Problem NAKIVO has released its Backup & Replication version 11.1,…
Summary Points Cybersecurity shift: The focus is moving from compliance-based defense to embedding cybersecurity into organizational design, operations, and culture, emphasizing resilience over mere prevention. Operational integration: Effective industrial cybersecurity requires seamless collaboration between safety, engineering, and security teams, with shared visibility and accountability to manage risks holistically. Legacy systems challenge: Organizations face critical decisions on retrofitting versus replacing outdated ICS, with a strategic approach needed to balance immediate risks and long-term resilience. Emerging technologies: AI-driven orchestration, quantum-safe encryption, and predictive resilience are transforming industrial cybersecurity, but success depends on adaptive management, proactive architecture, and integrated operational intelligence. What’s the…
Fast Facts Organizations must adopt a holistic, end-to-end approach to managing Non-Human Identities (NHIs), including continuous oversight of their lifecycle, to prevent security breaches and enhance cybersecurity stability. Effective NHI management reduces risks, improves compliance, increases operational efficiency, enhances visibility, and generates cost savings—especially crucial for industries handling sensitive data such as finance, healthcare, and travel. Robust governance, centralized management, and the integration of context-aware intelligence into NHI strategies are vital for preventing vulnerabilities, accelerating incident response, and aligning security with operational goals. Evolving digital landscapes demand organizations embed NHI management within cloud strategies and foster adaptive, predictive security cultures…
Summary Points Managing Non-Human Identities (NHIs) is critical for cybersecurity, reducing risks, ensuring compliance, and improving operational efficiency across cloud-based environments. A holistic lifecycle approach—from discovery and classification to decommissioning—strengthens security and prevents exposure of machine secrets. Automation and data-driven analytics are essential for real-time monitoring, threat detection, and reducing human error in NHI management. Cross-team collaboration, integration, and consistent governance are vital for adapting NHI practices across industries and enhancing organizational resilience. Underlying Problem The story reports on the critical importance of managing Non-Human Identities (NHIs) in today’s cloud-centric cybersecurity landscape, highlighting how these machine identities—comprising encrypted secrets like…