Author: Staff Writer

Top Highlights Password Breaches Cost Millions: Weak passwords lead to significant financial losses annually, with many breaches preventable through stronger security measures. Webinar Alert: The Hacker News and Specops Software are hosting a live webinar titled "Cybersecurity Nightmares: Tales from the Password Graveyard," focusing on real-world breaches and modern security solutions. Key Insights Offered: Attendees will learn about failed traditional password policies, real-time breach password blocking, and actionable strategies for eliminating password risks. Boost Productivity and Security: Specops aims to enhance IT security while simplifying password management, thus reducing helpdesk workloads and improving compliance. Step Into the Password Graveyard This…

Top Highlights Chinese-linked threat actors exploited an open-source tool, Nezha, turning it into a weapon to deploy Gh0st RAT malware through sophisticated web shell and log poisoning techniques. The attack compromised over 100 machines across Asia, with initial access gained via vulnerable phpMyAdmin panels and SQL injection, utilizing log files with executable PHP extensions. Attackers operated a Nezha dashboard in Russian, controlling infected hosts globally, and used the malware to create antivirus exclusions and deploy additional malware such as Gh0st RAT. The incident highlights how malicious actors exploit publicly available tools and emerging exploits, emphasizing cybersecurity risks associated with legitimate…

Fast Facts The cybercriminal group Scattered Lapsus$ Hunters has launched a leak site on the Tor Onion network, threatening organizations with exposure of stolen Salesforce data in an extortion campaign with a deadline of October 10, 2025. Comprising known threat actors like ShinyHunters, Scattered Spider, and Lapsus$, the group demonstrates a sophisticated, organized approach targeting high-value platforms for substantial ransom payouts. The attack involved social engineering, impersonation, and exploitation of OAuth tokens, including compromising GitHub repositories to gain persistent, hard-to-detect access across Salesforce and related cloud infrastructure. Their methods highlight the growing use of valid API credentials for data theft…

Top Highlights The DataTribe Challenge identifies and promotes promising early-stage cybersecurity startups, with finalists pitching at the Cyber Innovation Day to attract investment from top VC firms and security experts. The competition emphasizes AI-driven security solutions, with four of the five finalists incorporating AI to address areas like agent security, autonomous red teaming, and AI model safety. Finalists include Ackuity (AI agent security), Cytadel (AI-driven red teaming), Evercoast (AI training data for robotics), Starseer (AI model security), and Tensor Machines (hardware authenticity certifier). DataTribe’s unique “foundry” model involves actively co-building and mentoring startups to de-risk growth, making the challenge a…

Fast Facts Exploited vulnerabilities, rather than credential breaches, are now the primary technical cause of healthcare ransomware attacks (33%), reflecting a shift in attack tactics. Ransomware in healthcare is increasingly characterized by extortion-only attacks (12%), with a significant rise in demand for ransom without data encryption, targeting sensitive medical information. Ransom demands and payments have dramatically declined in 2025, with demands down 91% and payments down over 90%, while attack recovery costs have also decreased sharply. Healthcare IT and cybersecurity teams face heightened stress and pressure from leadership following ransomware incidents, impacting team focus, morale, and perceived attack preparedness. The…

Top Highlights Microsoft is implementing default threshold-based auto-archiving in Exchange Online to prevent mailbox overflows and ensure continuous email flow. Auto-archiving activates when mailbox usage hits 90%, automatically moving oldest items to the archive, unlike traditional time-based policies that may be ineffective with high email volumes. This proactive approach ensures mailbox health and prevents disruptions such as inability to send or receive emails. Users can override auto-archiving for important emails using the "Never Move to Archive" flag, maintaining control over critical message retention. The Core Issue Microsoft is implementing a new default feature in Exchange Online called threshold-based auto-archiving to…

Quick Takeaways Telecom networks face escalating cyber threats, including record-breaking DDoS attacks, long-term stealth intrusions, and targeted malware, with recovery times often exceeding a week due to unpatched vulnerabilities. Attackers exploit trusted tools and unpatched devices, targeting sensitive systems like lawful interception and subscriber data, utilizing advanced malware such as GhostSpider and Demodex rootkit to evade detection. Regulatory pressures are intensifying with stricter incident reporting, supply chain security, and threat intelligence sharing, while network security shifts—like shrinking TLS certificate lifespans and rising DNSSEC adoption—necessitate automation to prevent outages. Quantum computing poses a systemic cryptographic threat, prompting telecoms to adopt layered,…

Summary Points Salesforce Rebuffs Extortion: Salesforce announced it will not pay any extortion demands from a cybercrime group claiming to have data from multiple major companies. Data Claims and Investigations: The group alleges possession of over 1 billion records, including personally identifiable information, linked to attacks on 39 companies, with Salesforce confirming no vulnerabilities in its technology. Sophisticated Attack Methods: Hackers employed tactics like voice phishing and stolen OAuth tokens to compromise Salesforce clients; the FBI has issued a warning regarding these threats. Crowdsourced Pressure Tactics: The threat group is using psychological tactics, offering incentives for individuals to pressure companies…

Essential Insights Germany opposes EU plans for mass scanning of private messages for child abuse evidence before encryption, viewing it as a violation of constitutional rights. Key German officials, including Justice Minister Stefanie Hubig and Jens Spahn, publicly reject the idea, equating it to invasive monitoring like opening all letters. Privacy advocates warn that such surveillance would undermine encryption’s purpose and threaten user privacy, with some threatening to withdraw from European markets. Despite opposition, Western governments continue efforts to regulate encryption, citing law enforcement needs, while strong encryption also protects ordinary citizens from government overreach. Key Challenge In Europe, a…

Top Highlights Three major ransomware groups—DragonForce, LockBit, and Qilin—have formed a strategic alliance to enhance attack efficacy through sharing techniques, resources, and infrastructure, indicating a significant shift in the cyber threat landscape. LockBit, after a law enforcement takedown in early 2024, aims to rebuild its reputation and potentially reemerge as a dominant threat, especially with the release of LockBit 5.0 targeting multiple operating systems. The emergence of LockBit 5.0 and the development of new ransomware-as-a-service (RaaS) like ShinySp1d3r by groups such as Scattered Spider signal growing sophistication and expansion of threat actors across sectors and regions. Q3 2025 saw a…