Interpol has announced a crackdown on infostealer malware in Asia as part of an effort called Operation Secure. The post Interpol Targets Infostealers: 20,000 IPs Taken Down, 32 Arrested, 216,000 Victims Notified appeared first on SecurityWeek.
ConnectWise has disclosed that it’s planning to rotate the digital code signing certificates used to sign ScreenConnect, ConnectWise Automate, and ConnectWise remote monitoring and management (RMM) executables due to security concerns. The company said it’s doing so “due to concerns raised by a third-party researcher about how ScreenConnect handled certainRead More »ConnectWise to Rotate ScreenConnect Code Signing Certificates Due to Security Risks
Cybersecurity researchers have uncovered a new account takeover (ATO) campaign that leverages an open-source penetration testing framework called TeamFiltration to breach Microsoft Entra ID (formerly Azure Active Directory) user accounts. The activity, codenamed UNK_SneakyStrike by Proofpoint, has targeted over 80,000 user accounts across hundreds of organizations’ cloud tenants since aRead More »Over 80,000 Microsoft Entra ID Accounts Targeted Using Open-Source TeamFiltration Tool
Beyond potentially halting sales of physical goods, breaches can expose customers’ personal data to future phishing or fraud attempts. The post With Retail Cyberattacks on the Rise, Customers Find Orders Blocked and Shelves Empty appeared first on SecurityWeek.
Former members tied to the Black Basta ransomware operation have been observed sticking to their tried-and-tested approach of email bombing and Microsoft Teams phishing to establish persistent access to target networks. “Recently, attackers have introduced Python script execution alongside these techniques, using cURL requests to fetch and deploy malicious payloads,”Read More »Former Black Basta Members Use Microsoft Teams and Python Scripts in 2025 Attacks
Cybersecurity heavyweight Securonix acquires ThreatQuotient to boost plans to build an all-in-one security operations stack. The post Securonix Acquires Threat Intelligence Firm ThreatQuotient appeared first on SecurityWeek.
Maze and its investors are betting on finding profits in software that uses AI-powered agents to automate critical parts of the process. The post Maze Banks $25M to Tackle Cloud Security with AI Agents appeared first on SecurityWeek.
Vulnerable DTResearch UEFI firmware applications can be used in BYOVD attacks to bypass Secure Boot. The post Flaw in Industrial Computer Maker’s UEFI Apps Enables Secure Boot Bypass on Many Devices appeared first on SecurityWeek.
Threat intelligence firm GreyNoise has warned of a “coordinated brute-force activity” targeting Apache Tomcat Manager interfaces. The company said it observed a surge in brute-force and login attempts on June 5, 2025, an indication that they could be deliberate efforts to “identify and access exposed Tomcat services at scale.” ToRead More »295 Malicious IPs Launch Coordinated Brute-Force Attacks on Apache Tomcat Manager
Learn how attackers hide in plain sight—and what you can do to stop them without slowing down your business. The post Webinar Today: Rethinking Endpoint Hardening for Today’s Attack Landscape appeared first on SecurityWeek.
