- Home
- Cybercrime and Ransomware
- Emerging Tech
- Threat Intelligence
- Expert Insights
- Careers and Learning
- Compliance
Subscribe to Updates
Subscribe to our newsletter and never miss our latest news
Subscribe my Newsletter for New Posts & tips Let's stay updated!
Author: Staff Writer
John Marcelli is a staff writer for the CISO Brief, with a passion for exploring and writing about the ever-evolving world of technology. From emerging trends to in-depth reviews of the latest gadgets, John stays at the forefront of innovation, delivering engaging content that informs and inspires readers. When he's not writing, he enjoys experimenting with new tech tools and diving into the digital landscape.
Top Highlights Kaspersky linked a malware campaign, Operation ForumTroll, targeting Russian organizations to Memento Labs, the successor of the notorious Italian surveillance firm Hacking Team. The campaign used personalized phishing links exploiting a zero-day Chrome vulnerability, infecting victims with minimal interaction required. Researchers also discovered a new commercial spyware called "Dante," linked to Memento Labs, used in other attacks related to Operation ForumTroll. The findings highlight ongoing Russian-linked espionage activity involving both state and commercial spyware, with similarities found between Dante and other malware components. Key Challenge Kaspersky researchers announced the discovery of a sophisticated malware campaign called Operation ForumTroll,…
Quick Takeaways €530 Million Fine: The EU’s Data Protection Commission fined TikTok €530 million for violating data privacy rules, as its data transfers to China expose users to potential spying risks. Lack of Transparency: TikTok was sanctioned for not adequately informing users about where their personal data was sent, breaching EU standards and raising concerns about access by Chinese authorities to European data. Ongoing Scrutiny: Despite TikTok’s claim of improving data protections through Project Clover, the Irish regulator remains concerned about the company’s transparency and accuracy during the investigation. Potential Appeal: TikTok plan to contest the ruling, asserting that it…
Fast Facts Ransomware payments decreased to a historic low of 23% in Q3 2025, reflecting declining success rates for cyber extortion efforts, thanks to enhanced law enforcement and cybersecurity measures. The average ransom payment fell by 66% to approximately $377,000, with median ransom dropping 65% to $140,000, primarily due to large enterprises increasingly refusing to pay and smaller organizations opting for smaller ransoms. Major ransomware groups like Akira and Qilin remain active, targeting mainly professional services, as attackers exploit high-volume, low-demand tactics against smaller organizations. The number of data leak sites hit a record of 81, while ransomware and extortion…
Quick Takeaways Hive Solutions recommends using passphrases like “carpet-static-pretzel-invoke” for stronger security, while emphasizing the ongoing need for MFA. The Jingle Thief hackers target retail cloud environments with phishing and smishing, maintaining persistent footholds for extended reconnaissance and lateral movement. AI is seen by Jen Easterly as a potential game-changer that could eradicate cybersecurity threats if deployed securely, highlighting the root issue of vulnerable, hastily developed software. The adoption of a 72-hour workweek culture in tech sectors, inspired by China’s 996 model, raises concerns over employee well-being amid rapid growth and relentless development demands. Problem Explained This week’s cyber security…
Summary Points CIO Responsibility: CIOs must navigate AI-driven change, addressing challenges like rising costs and inaccuracies, with significant implications for organizational success. AI Oversight Transition: As reliance on human-in-the-loop oversight becomes unsustainable, formal metrics and cross-checking systems are essential to ensure AI accuracy and manage content volume. Cost Awareness: AI implementation can lead to unexpected costs, with estimates suggesting initial expenses may approach $2 million, necessitating a comprehensive understanding of all related expenditures. Workforce Readiness: Over 70% of CIOs report their workforce lacks AI readiness, highlighting the urgent need for training to mitigate skills atrophy and prepare for evolving technological…
Fast Facts Dozens of nations, including 72 UN member states, signed the UN Convention against Cybercrime to facilitate international cooperation in investigating cyberattacks and criminalizing cyber offenses globally. The agreement aims to address challenges in evidence exchange across borders, creating a legal framework for cross-country collaboration in cybercrime cases, with the convention becoming effective after 40 countries ratify it. It faces criticism from human rights groups and tech companies, who argue it could be weaponized by authoritarian regimes to suppress dissent and may hinder good-faith cybersecurity research. Countries must ratify the treaty domestically to be bound by its provisions, and…
Quick Takeaways Die Wiederherstellungsrate von 60 % bei Ransomware-Angriffen entsteht durch technische Mängel, unzuverlässige Entschlüsselungsprogramme und variable Täter-Fähigkeiten. Etablierte Ransomware-Gruppen wie LockBit liefern meist funktionierende Entschlüsselungstools, während kleinere Anbieter oft fehlerhafte Verschlüsselung einsetzen oder nach Zahlung verschwinden. Entschlüsselungsprozesse sind häufig langsam, riskant und können Daten beschädigen, manchmal sogar zusätzlicher Schaden bei komplexen Datenstrukturen verursachen. Unternehmen haben oft Schwierigkeiten bei Datenwiederherstellung aufgrund unzureichender Backups und kompromittierter Systeme, was die Erfolgschancen verringert. The Core Issue The story highlights the challenging reality faced in the aftermath of ransomware attacks, where the recovery rate hovers around 60 percent. According to James John, Incident Response…
Top Highlights Cybercriminals exploit system vulnerabilities like the critical CVE-2025-59287 in Microsoft WSUS and actively attack patched flaws, emphasizing the importance of immediate patching and vigilance. Threat actors leverage social engineering, fake job postings, and cloaked evasion tactics—like phishing with PDF QR codes and CAPTCHA-protected web pages—to bypass defenses and achieve malicious goals. Nation-state groups such as North Korea, Iran, and China are conducting targeted espionage campaigns, deploying malware, backdoors, and disinformation to infiltrate government, defense, and strategic industries worldwide. New vulnerabilities and attack methods, including abuse of cloud storage, malicious browser clones, and supply chain compromise, highlight the ongoing…
Essential Insights Identity security is complex due to ecosystems spanning cloud, on-premises, and hybrid setups, with privilege creep and lack of systematic reviews increasing vulnerabilities. BloodHound Enterprise visualizes and proactively removes attack paths, helping organizations prevent lateral movement and escalation before an attacker exploits them. The tool complements existing identity governance (like SailPoint) and privileged access management solutions (like CyberArk) by revealing full attack paths, focusing on malicious chaining of permissions. Continuous attack path mapping adapts to dynamic environments and evolving threats, including non-human and machine identities, with a focus on critical asset protection and emerging risks like AI-driven identity…
Fast Facts The Mem3nt0 mori hacker group exploited Chrome vulnerability CVE-2025-2783 to bypass sandbox protections, enabling sophisticated spyware deployment via targeted phishing campaigns in Russia and Belarus. The zero-day flaw stemmed from improper handle validation in Chrome’s Mojo IPC system, allowing sandbox escape and remote code execution that led to persistent malware infections in high-profile entities. The attack chain involved staged phishing, DNS/HTTPS encrypted payloads, and a loader using COM hijacking to inject the LeetAgent spyware, which was linked to the commercial spyware Dante from Memento Labs. Google patched the vulnerability swiftly, but experts warn of ongoing pseudo-handle risks and…