brangberg – Page 342

Confucius Hackers Hit Pakistan With New WooperStealer and Anondoor Malware

The threat actor known as Confucius has been attributed to a new phishing campaign that has targeted Pakistan with malware families like WooperStealer and Anondoor.
“Over the past decade, Confucius has repeatedly targeted government agencies, military organizations, defense contractors, and critical industries — especially in Pakistan – using spear-phishing and malicious documents as initial

Microsoft Defender bug triggers erroneous BIOS update alerts

Microsoft is working to resolve a bug that causes Defender for Endpoint to incorrectly tag some devices’ BIOS (Basic Input/Output System) firmware as outdated, prompting users to update it. […]

18% of Attacks Aimed at EU Targeted OT, Says Cybersecurity Agency

ENISA has published its 2025 Threat Landscape report, highlighting some of the attacks aimed at OT systems.

The post 18% of Attacks Aimed at EU Targeted OT, Says Cybersecurity Agency appeared first on SecurityWeek.

Many Attacks Aimed at EU Targeted OT, Says Cybersecurity Agency

ENISA has published its 2025 Threat Landscape report, highlighting some of the attacks aimed at OT systems.

The post Many Attacks Aimed at EU Targeted OT, Says Cybersecurity Agency appeared first on SecurityWeek.

Your Service Desk is the New Attack Vector—Here’s How to Defend It.

Service desks are prime targets. A practical, NIST-aligned workflow for help desk user verification that stops social engineering without slowing support. Learn how role- & points-based verification workflows stop attackers cold. […]

Alert: Malicious PyPI Package soopsocks Infects 2,653 Systems Before Takedown

Cybersecurity researchers have flagged a malicious package on the Python Package Index (PyPI) repository that claims to offer the ability to create a SOCKS5 proxy service, while also providing a stealthy backdoor-like functionality to drop additional payloads on Windows systems.
The deceptive package, named soopsocks, attracted a total of 2,653 downloads before it was taken down. It was first

1.2 Million Impacted by WestJet Data Breach

The Canadian airline fell victim to a cyberattack in June and has completed the analysis of stolen information.

The post 1.2 Million Impacted by WestJet Data Breach appeared first on SecurityWeek.

Automating Pentest Delivery: 7 Key Workflows for Maximum Impact

Penetration testing is critical to uncovering real-world security weaknesses. With the shift into continuous testing and validation, it is time we automate the delivery of these results.
The way results are delivered hasn’t kept up with today’s fast-moving threat landscape. Too often, findings are packaged into static reports, buried in PDFs or spreadsheets, and handed off manually to

766,000 Impacted by Data Breach at Dealership Software Provider Motility

The hackers stole names, contact details, Social Security numbers, and driver’s license numbers in an August 19 ransomware attack.

The post 766,000 Impacted by Data Breach at Dealership Software Provider Motility appeared first on SecurityWeek.

ThreatsDay Bulletin: CarPlay Exploit, BYOVD Tactics, SQL C2 Attacks, iCloud Backdoor Demand & More

From unpatched cars to hijacked clouds, this week’s Threatsday headlines remind us of one thing — no corner of technology is safe. Attackers are scanning firewalls for critical flaws, bending vulnerable SQL servers into powerful command centers, and even finding ways to poison Chrome’s settings to sneak in malicious extensions.
On the defense side, AI is stepping up to block ransomware in real

Author: brangberg