Author: Staff Writer

Top Highlights Ransomware Attack Impact: The Swiss federal offices were affected by a ransomware attack on Radix, a Zurich-based non-profit, leading to the theft of sensitive data which has been leaked on the dark web. Data Analysis Underway: The Swiss National Cyber Security Centre is analyzing the exposed data to assess the extent of the breach and which government agencies are impacted. Sarcoma Ransomware Group: The attack was attributed to Sarcoma, a rapidly emerging ransomware group known for using phishing and supply-chain attacks to gain access and steal data. Risk Mitigation Advice: Radix has advised potentially affected individuals to be…

Summary Points New Email Bombing Detection: Microsoft Defender for Office 365 has introduced automated detection and blocking of email bombing attacks, aimed at protecting organizations from being overwhelmed by a high volume of malicious emails. Default Feature Rollout: The ‘Mail Bombing’ detection feature started rolling out in late June 2025, will be on by default, requires no manual setup, and will send identified emails to the Junk folder. Attack Methodology: Email bombing attacks flood inboxes to obscure important messages and overload email security systems, often leading to further attacks like malware or ransomware, as seen with groups like BlackBasta and…

Quick Takeaways Increased Cyber Threats: U.S. officials warn critical infrastructure operators to be vigilant for Iranian cyberattacks linked to the geopolitical tensions exacerbated by U.S. support for Israel against Iran. Targeted Sectors: Defense contractors and firms with ties to Israeli companies face heightened risks of retaliation from Iranian hackers known for disruptive operations against Western infrastructure. Historical Context: Iran-affiliated hackers have previously targeted U.S. operational technology and have executed hack-and-leak tactics leading to financial and reputational harm. Proactive Measures Recommended: Organizations should enhance security protocols, including disconnecting vulnerable systems from the internet, enforcing strong passwords, and implementing incident response plans…

Essential Insights Massive Fraud Network Dismantled: Europol, along with international law enforcement, dismantled a cryptocurrency fraud ring responsible for laundering €460 million ($540 million) from over 5,000 victims globally, with five suspects arrested in Spain. Complex Scamming Techniques: The operation utilized elaborate methods like "pig butchering," where scammers build trust over time through social engineering and fake platforms, making it challenging for authorities to trace the funds. Cybercrime Surge: The increase in cybercrime, fueled by AI technologies, is projected to exceed traditional organized crime, with INTERPOL reporting over 30% of crimes in Africa now tied to cyber-related issues, underscoring legal…

Top Highlights Cybersecurity Investment Growth: Global cybersecurity budgets are projected to rise to $212 billion in 2024, yet 51% of professionals feel underfunded and 47% anticipate a cyberattack this year. Relying on External Support: Organizations are turning to managed service providers and consultants to mitigate internal staff shortages, but this adds complexity with more remote users and endpoints. Access Data as a Strategic Asset: Leveraging access log analytics provides real-time insights, uncovering risks and inefficiencies, enhancing decision-making, and addressing the fact that 95% of breaches stem from human error. Operational Intelligence for Security: Using access analytics enables teams to manage…

Quick Takeaways Critical Vulnerability: Over 1,200 Citrix NetScaler ADC and Gateway appliances are unpatched and vulnerable to CVE-2025-5777, a critical flaw allowing attackers to hijack user sessions and bypass multi-factor authentication. Exploitation Potential: The vulnerability, named Citrix Bleed 2, enables unauthenticated access to sensitive data and is similar to a previous flaw exploited in ransomware attacks against government networks in 2023. Risk Assessment: Security firms are reporting with medium confidence that CVE-2025-5777 is being actively exploited, with indicators of compromised Citrix sessions and unauthorized access. Urgent Mitigation Required: Citrix advises immediate patching of all affected appliances and monitoring for suspicious…

Fast Facts Definition and Impact: Social engineering is the art of persuasion that can be beneficial but is often misused, leading to significant cybersecurity threats and adversarial attacks. Mechanisms of Manipulation: Rachel Tobac, a cyber social engineer, employs psychological principles (Cialdini’s) like authority and urgency to manipulate individuals into complying, illustrating the effectiveness of emotional triggers such as "amygdala hijacking." Historical Context and Evolution: Deceptive social engineering is a longstanding practice, illustrated by biblical examples, yet has evolved significantly in the digital age, making it a sophisticated form of manipulation that exploits human psychology. Preventive Measures and Challenges: While social…

Top Highlights Dark Web Research: Sophos CTU employs a team of dark web researchers, leveraging AI to automate the identification of key actors in online criminal forums, streamlining a traditionally time-intensive process. Data Analysis Methodology: The research utilized a modified framework combining criminology and social-network analysis, analyzing 11,558 posts from 4,441 individuals, ultimately narrowing it down to 2,321 actors and 263 attack patterns classified by common vulnerabilities. Key Actor Identification: Actors were evaluated based on skill, commitment, and activity rates, leading to the identification of a small cluster of ‘Professionals’—only 14 out of 359 actors—who exhibit high expertise and focused…

Jun 30, 2025Ravie LakshmananCybersecurity / Hacking News Ever wonder what happens when attackers don’t break the rules—they just follow them better than we do? When systems work exactly as they’re built to, but that “by design” behavior quietly opens the door to risk? This week brings stories that make you stop and rethink what’s truly under control. It’s not always about a broken firewall or missed patch—it’s about the small choices, default settings, and shortcuts that feel harmless until they’re not. The real surprise? Sometimes the threat doesn’t come from outside—it’s baked right into how things are set up. Dive…

Essential Insights Cybersecurity Incident Alert: Hawaiian Airlines reported a cybersecurity incident affecting certain IT systems, coinciding with warnings from the FBI, Mandiant, and Palo Alto Networks about Scattered Spider targeting the aviation sector. Tactics of Scattered Spider: The cybercrime group uses social engineering techniques to infiltrate airline systems, often targeting trusted vendors and contractors, leading to industry-wide calls for enhanced security protocols. Proactive Measures Recommended: Experts advise immediate hardening of systems by training staff on identity verification and implementing phishing-resistant multi-factor authentication to thwart attacks like those attributed to Scattered Spider. Recent Attacks Linked: While it’s unclear if Scattered Spider…