The phishing-as-a-service (PhaaS) offering known as Lighthouse and Lucid has been linked to more than 17,500 phishing domains targeting 316 brands from 74 countries. “Phishing-as-a-Service (PhaaS) deployments have risen significantly recently,” Netcraft said in a new report. “The PhaaS operators charge a monthly fee for phishing software with pre-installed templates impersonating, in some cases, Go […]
Category Archives: Uncategorized
Frameworks may seem daunting to implement — especially for government IT teams that may not have an abundance of resources and expertise. But beginning implementation is better than never starting. Go to Source Author: Mick Baccio
A Charming Kitten subgroup is performing some of the most bespoke cyberattacks ever witnessed in the wild, to down select high-value targets. Go to Source Author: Nate Nelson, Contributing Writer
Jennifer Ewbank, former CIA deputy director of digital innovation, on resilience, cultural shifts, and cyber fundamentals in the AI era. Go to Source Author: Ericka Chickowski, Contributing Writer
Run by the team at workflow orchestration and AI platform Tines, the Tines library features over 1,000 pre-built workflows shared by security practitioners from across the community – all free to import and deploy through the platform’s Community Edition. The workflow we are highlighting streamlines security alert handling by automatically identifying and executing the appropriate […]
Cybersecurity researchers have discerned evidence of two Russian hacking groups Gamaredon and Turla collaborating together to target and co-comprise Ukrainian entities. Slovak cybersecurity company ESET said it observed the Gamaredon tools PteroGraphin and PteroOdd being used to execute Turla group’s Kazuar backdoor on an endpoint in Ukraine in February 2025, indicating that Turla is very […]
Law enforcement authorities in the U.K. have arrested two teen members of the Scattered Spider hacking group in connection with their alleged participation in an August 2024 cyber attack targeting Transport for London (TfL), the city’s public transportation agency. Thalha Jubair (aka EarthtoStar, Brad, Austin, and @autistic), 19, from East London and Owen Flowers, 18, […]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday released details of two sets of malware that were discovered in an unnamed organization’s network following the exploitation of security flaws in Ivanti Endpoint Manager Mobile (EPMM). “Each set contains loaders for malicious listeners that enable cyber threat actors to run arbitrary code on the […]
The proposed restructuring plan would address many concerns related to the social media platform, but risks remain for security teams. Go to Source Author: Jai Vijayan, Contributing Writer
Threat actors breached the MySonicWall service and accessed backup firewall configuration files belonging to “fewer than 5%” of its install base, according to the company. Go to Source Author: Alexander Culafi