Author: Staff Writer

Top Highlights Website Shutdown: Victoria’s Secret has temporarily closed its website and paused in-store services due to a security incident, working to restore operations. Return Policy Extension: The company has extended the U.S. return window by 30 days and plans to reinstate in-store returns as soon as the website is back up. Customer Communication Issues: Customers are expressing frustration over a lack of updates and communication regarding their orders during the outage, which began amid a promotional sale. Leadership Changes: The retailer recently appointed Hillary Super as CEO and has seen changes in leadership roles, while also implementing measures to…

Summary Points Partnership Announcement: Microsoft and CrowdStrike have collaborated to link aliases of threat groups without establishing a single naming standard, aiming to streamline threat intelligence. Updated Reference Guide: Microsoft has enhanced its threat actor reference guide, integrating common hacking group names from both firms for improved alignment in diverse security environments. Community Initiative: This effort is just the first step; major cybersecurity firms like Google/Mandiant and Palo Alto Networks are set to join, enhancing clarity in threat attribution and collaboration. Analyst Collaboration: The partnership has already reconciled over 80 sophisticated threat actors through direct analysis, emphasizing the need for…

Top Highlights Significant Cuts Proposed: President Trump aims to reduce CISA’s budget by $425 million and eliminate nearly 30% of its positions, focusing the agency on its core mission. Division-Specific Reductions: Major reductions include an 18% cut to the Cybersecurity Division, a 62% cut to the Stakeholder Engagement Division, and a 73% cut to the National Risk Management Center. Impact on Programs: Key programs face substantial funding cuts, including $67.3 million from critical infrastructure security planning and $45.4 million from Cyber Defense Education and Training. Position Eliminations: The budget proposal would cut 1,083 jobs across various divisions, significantly weakening CISA’s…

Essential Insights Rise of Russian Market: The "Russian Market" has gained immense popularity for trading credentials stolen by malware, particularly following the takedown of the Genesis Market, with a wide array of items available at low prices ($2). Credential Composition: Approximately 85% of the credentials sold are recycled from earlier breaches, with logs often containing thousands of usernames and passwords, including sensitive information from SaaS platforms like Google Workspace and Salesforce. Shifts in Malware Dominance: Lumma has historically dominated, providing 92% of logs sold; however, recent law enforcement actions threaten its operations, leading to a rise in the new infostealer,…

Identity Is the New Perimeter—And It’s Fractured In 2025, identity isn’t just a security issue—it’s the battleground. And too many organizations are getting caught flat-footed. Organizations today must reckon with complex hybrid environments that contain interconnected endpoints, servers, cloud services, DevOps systems, identity infrastructure, and much more. And with enterprise systems no longer fitting neatly into a single network perimeter, the identities used to interact with these systems have become the new perimeter. A strong cybersecurity foundation starts with clear visibility that puts risk in content. Identity security is no different. However, in practice, identity management systems are anything but…

Top Highlights NIST Framework Applicability: Implementing the NIST Cybersecurity Framework is a strategic, risk-aware approach tailored for operational technology (OT) environments, emphasizing the importance of understanding and addressing real cybersecurity threats. Core Functions: The framework is built on six interrelated functions—Identify, Protect, Detect, Respond, Recover, and Govern—which collectively strengthen an organization’s cybersecurity posture against evolving threats. Proactive Security Measures: Organizations must prioritize audits, access controls, continuous monitoring, and incident response planning to swiftly identify vulnerabilities and mitigate potential cyber incidents effectively. Long-Term Resilience: Integrating the NIST principles into daily operations not only safeguards equipment and data but also fosters a…

Summary Points Evolving Cyber Threats: Organizations must adapt security strategies as attackers utilize advanced techniques like encryption and lateral movement, making traditional defenses ineffective. Importance of Network Detection and Response (NDR): NDR is essential across industries—particularly in financial services, energy, transportation, and government—for detecting unauthorized access, ensuring regulatory compliance, and mitigating threats in real-time. Critical Infrastructure Vulnerabilities: Sectors such as energy and transportation face unique risks due to aging systems and the inability to deploy traditional endpoint security, necessitating robust monitoring of IT/OT convergence. Zero Trust and Attribution: NDR supports Zero Trust frameworks vital for government compliance and provides forensic…

Jun 02, 2025Ravie LakshmananCybersecurity / Hacking News If this had been a security drill, someone would’ve said it went too far. But it wasn’t a drill—it was real. The access? Everything looked normal. The tools? Easy to find. The detection? Came too late. This is how attacks happen now—quiet, convincing, and fast. Defenders aren’t just chasing hackers anymore—they’re struggling to trust what their systems are telling them. The problem isn’t too few alerts. It’s too many, with no clear meaning. One thing is clear: if your defense still waits for obvious signs, you’re not protecting anything. You’re just watching it…

Summary Points Kovalev Identified: German authorities have named Russian national Vitaly Nikolaevich Kovalev as the founder and leader of the TrickBot cybercrime gang, which has infected millions globally since 2016. Cybercrime Operations: TrickBot exfiltrates sensitive information and facilitates malware deployment, targeting critical infrastructure, hospitals, and individuals, amassing hundreds of millions in ransom payments. Law Enforcement Actions: Following previous takedown attempts in 2020 and 2024, the BKA announced charges against Kovalev and other members in 2023, citing his dual involvement with the associated Conti group. Financial Impact: Noted by the whistleblower ‘GangExposed,’ Kovalev has earned tens of millions from cybercriminal activities…

Fast Facts Takedown of AVCheck: Dutch authorities dismantled AVCheck, a major counter antivirus (CAV) service for cybercriminals, by seizing four domains and a server on May 27. Role of CAV Services: CAV services like AVCheck enable cybercriminals to test malware against antivirus systems, ensuring their malware remains undetected during real-world attacks. Link to Ransomware: The seizure included AVCheck’s database, providing law enforcement with connections to known ransomware groups, highlighting the service’s impact on cybercrime networks. Operation Endgame: This operation was a collaborative effort involving multiple countries, including the US and Denmark, aimed at targeting cybercriminal infrastructures and enhancing global cybersecurity…