- Home
- Cybercrime and Ransomware
- Emerging Tech
- Threat Intelligence
- Expert Insights
- Careers and Learning
- Compliance
Subscribe to Updates
Subscribe to our newsletter and never miss our latest news
Subscribe my Newsletter for New Posts & tips Let's stay updated!
Author: Staff Writer
John Marcelli is a staff writer for the CISO Brief, with a passion for exploring and writing about the ever-evolving world of technology. From emerging trends to in-depth reviews of the latest gadgets, John stays at the forefront of innovation, delivering engaging content that informs and inspires readers. When he's not writing, he enjoys experimenting with new tech tools and diving into the digital landscape.
Essential Insights Stelios Kouloglou, a former MEP investigating Pegasus spyware abuses, was repeatedly infected with Pegasus during his tenure, marking the first such case of a serving PEGA committee member. Forensic analysis revealed infections on October 21, 2022, and March 6–7, 2023, coinciding with critical PEGA committee activities, including report drafting and delegation visits. The initial infection used a zero-click exploit linked to a HomeKit email, and notifications from Apple about threats were reportedly missed by Kouloglou; the infections possibly compromised sensitive information. No direct evidence links Greece or any government to the hacking, but overlaps in email use suggest…
Top Highlights PamStealer infects macOS systems through a disguised AppleScript mimicking legitimate apps, using environment-aware checks to target specific configurations and evade detection. It employs a Rust-based payload that harvests browser data, passwords, and crypto wallet info, exfiltrating stolen data via HTTP to attacker servers. The malware captures system passwords by prompting users with fake macOS security messages, then uses the credentials to establish persistence and deepen access. Threat, Attack Techniques, and Targets Cybersecurity researchers have identified a new macOS malware called PamStealer. This threat uses fake websites that look like legitimate sites. One such site is “maccyapp[.]com,” which mimics…
Fast Facts A critical, unauthenticated SQL injection vulnerability in Front Gate Tickets’ API enabled full admin access, exposing sensitive data, staff credentials, and tokens, and allowing ticket and account manipulation. The vulnerability involved unsanitized ‘deviceUID’ parameters, which could be exploited with AI-powered blind SQL injection to bypass AWS WAF protections undetected. Using Claude AI, researchers crafted payloads to extract data from over 500 database tables, hijack admin accounts, and manipulate festival ticketing systems, including issuing free tickets. The incident highlights the growing threat of AI-assisted hacking, especially in legacy ticketing infrastructures handling vast personal and financial data, underscoring the need…
Fast Facts Most organizations struggle to maintain a unified, real-time view of their attack surface, leaving critical vulnerabilities unprioritized and exploitable. Despite widespread use of threat intelligence feeds, manual processes hinder effective risk validation, increasing the likelihood of overlooked or misjudged threats. Attackers often exploit known exposures that organizations fail to prioritize or validate promptly, prolonging threat exposure and increasing breach risk. The Threat, Attack Techniques, and Targets Organizations face challenges in understanding their cyber risks. They collect a lot of data from cloud services, on-premises systems, third-party providers, and various security tools. Despite this, many struggle to get a…
Fast Facts Anthropic has detailed cybersecurity safeguards for Claude Fable 5, categorizing requests into four safety zones that include prohibited, high-risk, low-risk, and benign uses, with specific activities blocked or permitted accordingly. The company distinguishes between known vulnerability discovery and novel high-uplift findings, aligning with NSA guidance to prioritize responsible disclosure that benefits defenders. The Cyber Jailbreak Severity (CJS) framework scores jailbreak risks from low to critical (CJS-0 to CJS-4) across four axes—capability gain, breadth, ease of weaponization, and discoverability—to help evaluate and escalate threats. Anthropic invites feedback and reports via dedicated channels and emphasizes their ongoing effort to establish…
Microsoft emphasizes rigorous vetting, enhanced security controls, and strict least-privilege access within its partner ecosystem to mitigate cyber threats targeting customer support and cloud services. The company relies on continuous monitoring, telemetry analysis, and swift incident response to detect and contain threats, including revoking partner access if necessary. Securing both Microsoft’s platforms and partner tenants is a shared responsibility, with ongoing efforts to evolve security standards and adapt to emerging cyberattack trends. Protecting the entire partner and customer ecosystem is a top priority, recognizing that vulnerabilities in partner platforms can threaten overall security, demanding high security standards across the board.…
Essential Insights Cybercrimes in Australia decreased in 2025, with fewer individuals engaging in personal cybersecurity measures, but overall protection shifted to platforms and service providers. Victim experiences showed reduced financial losses and harm, yet a significant portion still faced legal, health, or social consequences. Despite lower personal cybersecurity hygiene, cyber threats like fraud and ransomware saw slight increases, emphasizing the importance of institutional cybersecurity measures. SMB owners faced more severe impacts, including legal issues and staffing costs, with heightened regulatory scrutiny increasing pressure and burnout among cybersecurity teams. Aussies Face Less Personal Cybercrime in 2025 Many Australians experienced fewer cybercrimes…
Fast Facts Ransomware attacks now account for 44% of breaches, with median demands exceeding $1 million, highlighting the increasing speed and financial severity of cyber extortion. 29% of breaches stem from stolen credentials, with third-party compromises doubling in the past year, emphasizing vulnerabilities outside direct organizational control. Average breach detection time is 241 days, but threat intelligence can reduce this by 60-75%, enabling faster response to active threats and minimizing damage. Threats, Attack Techniques, and Targets Cyber threat intelligence shows that current threats are highly active and varied. Many organizations face attacks from ransomware groups, which now appear in 44…
Top Highlights Apple is shifting to more frequent, out-of-band security updates to combat AI-accelerated hacking threats, breaking from its traditional bundled update approach. Despite faster patching, vulnerabilities may still slip through, especially with AI tools rapidly discovering exploits before patches are released. User resistance to updates, due to UI changes and security being secondary to usability, hampers the effectiveness of prompt patch deployment. Apple’s security model, especially on iOS, lacks a comprehensive cybersecurity framework, leaving enterprises vulnerable and highlighting the need for more robust, independent defense mechanisms. Apple Changes Its Approach to Security Patching Apple is adjusting how it releases…
Top Highlights Google has significantly reduced the NetNut botnet, which exploits millions of home devices worldwide, including smart TVs and routers, for malicious traffic routing and attack infrastructure. NetNut’s network of compromised devices is used by cybercriminals for hiding their origin, launching password-guessing attacks, and integrating into large botnets like Mirai. The network is linked to a publicly traded company, complicating takedowns, and its reseller model allows multiple brands to rebrand and resell the same malicious infrastructure. Threat, Attack Techniques, and Targets Google disrupted the NetNut residential proxy network, which used about 2 million home devices worldwide. This network includes…