Mar 14, 2025Ravie LakshmananCybercrime / Ransomware A 51-year-old dual Russian and Israeli national who is alleged to be a developer of the LockBit ransomware group has been extradited to the United States, nearly three months after he was formally charged in connection with the e-crime scheme. Rostislav Panev was previously arrested in Israel in August 2024. He is said to … [Read more...] about Alleged Israeli LockBit Developer Rostislav Panev Extradited to U.S. for Cybercrime Charges
Security
NHS Matures Healthcare Cybersecurity with NCSC’s CAF Assurance Model
The UK’s National Health Service (NHS) has transformed its approach to validating its level of cybersecurity maturity across healthcare by adopting the National Cyber Security Centre (NCSC) Cyber Assessment Framework (CAF). This shift is key to achieving the NHS’s broader goals: protecting patient data, ensuring uninterrupted healthcare delivery, and building the … [Read more...] about NHS Matures Healthcare Cybersecurity with NCSC’s CAF Assurance Model
4 Key Steps to Prevent Subdomain Takeovers
Adversaries don’t need to force their way in when they can slip through an organization’s overlooked assets. Subdomain takeovers are a prime example of how attackers exploit misconfigured or abandoned DNS records to gain access, launch phishing campaigns, distribute malware, or take other malicious actions — all while operating under the guise of a legitimate corporate … [Read more...] about 4 Key Steps to Prevent Subdomain Takeovers
Update your VMware ESXi products now
On March 4, Broadcom released emergency updates to address three vulnerabilities — CVE-2025-22224, CVE-2025-22225 and CVE-2025-22226 — that affect several VMware products, including ESXi, Workstation, and Fusion. A note in the Broadcom advisory stated that at least one of these — CVE-2025-22224 — has been exploited in real-world attacks. The vulnerabilities allow for virtual … [Read more...] about Update your VMware ESXi products now
Redefining Incident Response in the Modern Era
CrowdStrike Incident Response (IR) services sees firsthand why organizations facing today’s evolving threat landscape require advanced capabilities to detect, respond, and remediate cyberattacks in near real time. These observations continue to shape our approach to delivering unparalleled incident response. In this blog, we detail how CrowdStrike IR has evolved to … [Read more...] about Redefining Incident Response in the Modern Era
Microsoft Warns of ClickFix Phishing Campaign Targeting Hospitality Sector via Fake Booking[.]com Emails
Microsoft has shed light on an ongoing phishing campaign that targeted the hospitality sector by impersonating online travel agency Booking.com using an increasingly popular social engineering technique called ClickFix to deliver credential-stealing malware. The activity, the tech giant said, started in December 2024 and operates with the end goal of conducting financial fraud … [Read more...] about Microsoft Warns of ClickFix Phishing Campaign Targeting Hospitality Sector via Fake Booking[.]com Emails
Build Smarter Threat Detection with Next-Gen SIEM
SOC teams across businesses, industries, and geographies share the same goal: Stop cyberattacks before damage is done. But for those with legacy SIEMs, this goal is nearly impossible to achieve. While powerful, legacy SIEMs demand an overwhelming investment of time, resources, and expertise to set up and maintain. Legacy SIEMs force SOC teams to manually define every … [Read more...] about Build Smarter Threat Detection with Next-Gen SIEM
Understanding the Quantum Threat to Network Security
Confidentiality is a fundamental pillar of information security. In sensitive deployments, such as those involving federal governments, military and defense agencies, and large financial institutions, the demand for confidentiality extends well beyond the typical 5 to 10 years, often reaching 20 years or more. The same also applies to telecom operators and … [Read more...] about Understanding the Quantum Threat to Network Security
Chinese Hackers Breach Juniper Networks Routers With Custom Backdoors and Rootkits
Mar 12, 2025Ravie LakshmananCyber Espionage / Vulnerability The China-nexus cyber espionage group tracked as UNC3886 has been observed targeting end-of-life MX routers from Juniper Networks as part of a campaign designed to deploy custom backdoors, highlighting their ability to focus on internal networking infrastructure. "The backdoors had varying custom capabilities, … [Read more...] about Chinese Hackers Breach Juniper Networks Routers With Custom Backdoors and Rootkits
March 2025 Patch Tuesday: Updates and Analysis
Actively Exploited Zero-Day Vulnerability in Microsoft Management Console Microsoft Management Console received a patch for CVE-2025-26633, which has a severity of Important and a CVSS score of 7.0. This RCE vulnerability could allow a remote attacker to run arbitrary code on a victim machine after tricking a victim into either opening a malicious file from an email or … [Read more...] about March 2025 Patch Tuesday: Updates and Analysis