SOC Goulash<p>Hello cyber practitioners! It's been a pretty active 24 hours with a significant legal development in ransomware, a nasty zero-day spyware campaign, and some cutting-edge research into AI privacy. Let's dive in:</p><p>Yanluowang Ransomware IAB Pleads Guilty ⚖️</p><p>- A Russian national, Aleksei Volkov ("chubaka.kor"), has pleaded guilty to multiple charges related to acting as an initial access broker for the Yanluowang ransomware group.<br>- Volkov facilitated attacks on seven US businesses between July 2021 and November 2022, with two victims paying a combined $1.5 million in ransoms. Victims faced data theft, encryption, DDoS attacks, and harassing phone calls.<br>- He exploited vulnerabilities to gain network access, selling this access for a flat fee or a percentage of the ransom. Volkov faces up to 53 years in prison and has been ordered to pay nearly $9.2 million in restitution.</p><p>🤫 CyberScoop | <a href="https://cyberscoop.com/russian-aleksei-volkov-yanluowang-ransomware/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cyberscoop.com/russian-aleksei</span><span class="invisible">-volkov-yanluowang-ransomware/</span></a></p><p>Landfall Spyware Exploits Samsung Zero-Day 📱</p><p>- A previously unknown Android spyware, "Landfall," actively exploited CVE-2025-21042, a critical zero-day in Samsung Galaxy devices (Android 13, 14, 15, and 16) for almost a year.<br>- The "zero-click" attacks involved sending maliciously crafted images via messaging applications, primarily targeting specific devices in the Middle East (Iraq, Iran, Turkey, Morocco).<br>- Landfall provides extensive surveillance capabilities, including call recording, contact and message collection, and access to photos and other files. Samsung patched the flaw in April, and while direct attribution is difficult, C2 infrastructure shows similarities to Stealth Falcon.</p><p>🕵🏼 The Register | <a href="https://go.theregister.com/feed/www.theregister.com/2025/11/07/landfall_spyware_samsung_0days/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">go.theregister.com/feed/www.th</span><span class="invisible">eregister.com/2025/11/07/landfall_spyware_samsung_0days/</span></a></p><p>Microsoft Uncovers 'Whisper Leak' in LLMs 💬</p><p>- Microsoft researchers have detailed "Whisper Leak," a novel side-channel attack capable of inferring sensitive conversation topics from encrypted Large Language Model (LLM) traffic.<br>- The attack analyses packet size and timing sequences in streaming LLM responses, even over HTTPS, allowing an adversary to classify the topic of a user's prompt with over 98% accuracy on several models (Mistral, xAI, DeepSeek, OpenAI).<br>- Mitigations include adding a random sequence of text of variable length to each response to mask token lengths, and users are advised to avoid sensitive topics on untrusted networks, use VPNs, or opt for non-streaming LLM models.</p><p>📰 The Hacker News | <a href="https://thehackernews.com/2025/11/microsoft-uncovers-whisper-leak-attack.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">thehackernews.com/2025/11/micr</span><span class="invisible">osoft-uncovers-whisper-leak-attack.html</span></a></p><p>Surveillance Watch Maps Global Spyware Trade 🌍</p><p>- Mozilla fellow Esra'a Al Shafei launched "Surveillance Watch," an interactive map documenting over 695 surveillanceware providers, their government customers, and financial backers globally.<br>- The project highlights the widespread use of commercial spyware like Pegasus, Predator, Graphite (Paragon), and Accurint (LexisNexis) by both authoritarian and democratic states, with the US reportedly leading in surveillance investment.<br>- Al Shafei's personal experience with FinFisher spyware underscores the normalisation of mass surveillance, its profound impact on individual privacy and digital behaviour, and the critical need for greater transparency.</p><p>🕵🏼 The Register | <a href="https://go.theregister.com/feed/www.theregister.com/2025/11/08/mozilla_fellow_al_shafei/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">go.theregister.com/feed/www.th</span><span class="invisible">eregister.com/2025/11/08/mozilla_fellow_al_shafei/</span></a></p><p><a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/ThreatIntelligence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ThreatIntelligence</span></a> <a href="https://infosec.exchange/tags/Ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ransomware</span></a> <a href="https://infosec.exchange/tags/Spyware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Spyware</span></a> <a href="https://infosec.exchange/tags/ZeroDay" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ZeroDay</span></a> <a href="https://infosec.exchange/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Vulnerability</span></a> <a href="https://infosec.exchange/tags/LLM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LLM</span></a> <a href="https://infosec.exchange/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AI</span></a> <a href="https://infosec.exchange/tags/DataPrivacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataPrivacy</span></a> <a href="https://infosec.exchange/tags/Surveillance" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Surveillance</span></a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> <a href="https://infosec.exchange/tags/CyberAttack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberAttack</span></a> <a href="https://infosec.exchange/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IncidentResponse</span></a></p>
mastodon.me.uk is one of the many independent Mastodon servers you can use to participate in the fediverse.
Open, user-supported, corporation-free social networking for the UK.
Administered by:
Server stats:
486active users
mastodon.me.uk: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.8
#cyberattack
6 posts · 5 participants · 0 posts today
Linux Magazine<p>From this week's Linux Update: Franciszek Pokryszko shows you Wazuh, a versatile security app that checks for vulnerabilities, watches logs, and acts as a single interface for other tools<br><a href="https://www.linux-magazine.com/Issues/2025/298/Wazuh?utm_source=mlm" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">linux-magazine.com/Issues/2025</span><span class="invisible">/298/Wazuh?utm_source=mlm</span></a><br><a href="https://fosstodon.org/tags/Wazuh" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Wazuh</span></a> <a href="https://fosstodon.org/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> <a href="https://fosstodon.org/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenSource</span></a> <a href="https://fosstodon.org/tags/tools" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tools</span></a> <a href="https://fosstodon.org/tags/cyberattack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cyberattack</span></a> <a href="https://fosstodon.org/tags/vulnerabilities" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerabilities</span></a> <a href="https://fosstodon.org/tags/sysadmin" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sysadmin</span></a> <a href="https://fosstodon.org/tags/monitoring" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>monitoring</span></a> <a href="https://fosstodon.org/tags/FOSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FOSS</span></a></p>
Bytes Europe<p>Madras court comes to aid of Indian crypto investors <a href="https://www.byteseu.com/1517167/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">byteseu.com/1517167/</span><span class="invisible"></span></a> <a href="https://pubeurope.com/tags/arbitration" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>arbitration</span></a> <a href="https://pubeurope.com/tags/BlockchainLaw" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BlockchainLaw</span></a> <a href="https://pubeurope.com/tags/Crypto" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Crypto</span></a> <a href="https://pubeurope.com/tags/CryptoExchange" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CryptoExchange</span></a> <a href="https://pubeurope.com/tags/CryptoInvestors" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CryptoInvestors</span></a> <a href="https://pubeurope.com/tags/CryptoCurrency" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CryptoCurrency</span></a> <a href="https://pubeurope.com/tags/Cyberattack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cyberattack</span></a> <a href="https://pubeurope.com/tags/DigitalAssets" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DigitalAssets</span></a> <a href="https://pubeurope.com/tags/FinancialLaw" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FinancialLaw</span></a> <a href="https://pubeurope.com/tags/FintechRegulation" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FintechRegulation</span></a> <a href="https://pubeurope.com/tags/GEPowerConversionIndia" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GEPowerConversionIndia</span></a> <a href="https://pubeurope.com/tags/india" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>india</span></a> <a href="https://pubeurope.com/tags/IndiaLegalNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IndiaLegalNews</span></a> <a href="https://pubeurope.com/tags/MadrasHighCourt" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MadrasHighCourt</span></a> <a href="https://pubeurope.com/tags/PASLWindSolutions" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PASLWindSolutions</span></a> <a href="https://pubeurope.com/tags/PropertyLaw" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PropertyLaw</span></a> <a href="https://pubeurope.com/tags/RuscoeVCryptodira" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RuscoeVCryptodira</span></a> <a href="https://pubeurope.com/tags/VirtualDigitalAsset" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VirtualDigitalAsset</span></a> <a href="https://pubeurope.com/tags/WazirX" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WazirX</span></a> <a href="https://pubeurope.com/tags/xrp" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>xrp</span></a> <a href="https://pubeurope.com/tags/ZanmaiLabs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ZanmaiLabs</span></a></p>
Europe Says<p><a href="https://www.europesays.com/2547460/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">europesays.com/2547460/</span><span class="invisible"></span></a> The race to defend satellites from cyberattacks <a href="https://pubeurope.com/tags/cyberattack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cyberattack</span></a> <a href="https://pubeurope.com/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> <a href="https://pubeurope.com/tags/deloitte" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>deloitte</span></a> <a href="https://pubeurope.com/tags/FEATURE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FEATURE</span></a> <a href="https://pubeurope.com/tags/FromTheMagazine" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FromTheMagazine</span></a> <a href="https://pubeurope.com/tags/SN" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SN</span></a> <a href="https://pubeurope.com/tags/space" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>space</span></a></p>
Europe Says<p><a href="https://www.europesays.com/2544652/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">europesays.com/2544652/</span><span class="invisible"></span></a> Did Iran obtain secret info on Israeli defense systems? Refael answers <a href="https://pubeurope.com/tags/Conflicts" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Conflicts</span></a> <a href="https://pubeurope.com/tags/cyberattack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cyberattack</span></a> <a href="https://pubeurope.com/tags/DefenseSystems" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DefenseSystems</span></a> <a href="https://pubeurope.com/tags/hackers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hackers</span></a> <a href="https://pubeurope.com/tags/Iran" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Iran</span></a> <a href="https://pubeurope.com/tags/MiddleEast" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MiddleEast</span></a> <a href="https://pubeurope.com/tags/MiddleEastCrisis" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MiddleEastCrisis</span></a> <a href="https://pubeurope.com/tags/Refael" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Refael</span></a> <a href="https://pubeurope.com/tags/RefaelAdvancedWeaponsSystemsCompanyLimited" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RefaelAdvancedWeaponsSystemsCompanyLimited</span></a> <a href="https://pubeurope.com/tags/Tehran" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tehran</span></a></p>
Europe Says<p><a href="https://www.europesays.com/2544032/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">europesays.com/2544032/</span><span class="invisible"></span></a> Beverly Hills Oncology Data Breach Exposes Personal <a href="https://pubeurope.com/tags/BeverlyHillsOncology" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BeverlyHillsOncology</span></a> <a href="https://pubeurope.com/tags/ClassAction" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ClassAction</span></a> <a href="https://pubeurope.com/tags/cyberattack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cyberattack</span></a> <a href="https://pubeurope.com/tags/Data" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Data</span></a> <a href="https://pubeurope.com/tags/DataBreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataBreach</span></a> <a href="https://pubeurope.com/tags/DataIncident" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataIncident</span></a> <a href="https://pubeurope.com/tags/hack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hack</span></a> <a href="https://pubeurope.com/tags/lawsuit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>lawsuit</span></a> <a href="https://pubeurope.com/tags/MurphyLawFirm" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MurphyLawFirm</span></a></p>
Winbuzzer<p>Chinese Hackers Exploit Unpatched Windows Zero-Day to Spy on European Diplomats</p><p><a href="https://mastodon.social/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> <a href="https://mastodon.social/tags/ZeroDay" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ZeroDay</span></a> <a href="https://mastodon.social/tags/Microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Microsoft</span></a> <a href="https://mastodon.social/tags/Windows" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Windows</span></a> <a href="https://mastodon.social/tags/China" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>China</span></a> <a href="https://mastodon.social/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Infosec</span></a> <a href="https://mastodon.social/tags/CyberAttack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberAttack</span></a> <a href="https://mastodon.social/tags/Malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Malware</span></a> <a href="https://mastodon.social/tags/Espionage" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Espionage</span></a> <a href="https://mastodon.social/tags/Hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Hacking</span></a> <a href="https://mastodon.social/tags/APT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>APT</span></a> <a href="https://mastodon.social/tags/NationalSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NationalSecurity</span></a> <a href="https://mastodon.social/tags/Privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Privacy</span></a> <a href="https://mastodon.social/tags/TechNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TechNews</span></a> <a href="https://mastodon.social/tags/EuropeanUnion" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EuropeanUnion</span></a></p><p><a href="https://winbuzzer.com/2025/11/01/chinese-hackers-exploit-unpatched-windows-zero-day-to-spy-on-european-diplomats-xcxwbn" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">winbuzzer.com/2025/11/01/chine</span><span class="invisible">se-hackers-exploit-unpatched-windows-zero-day-to-spy-on-european-diplomats-xcxwbn</span></a></p>
CyberNetsecIO<p>📰 DDoS Attack on Russian Food Agency Cripples National Supply Chains</p><p>🇷🇺 Russia's food safety agency Rosselkhoznadzor hit by massive DDoS attack, crippling food supply chain systems. Major delays for meat & milk shipments reported nationwide. <a href="https://mastodon.social/tags/DDoS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DDoS</span></a> <a href="https://mastodon.social/tags/Russia" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Russia</span></a> <a href="https://mastodon.social/tags/CyberAttack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberAttack</span></a> <a href="https://mastodon.social/tags/SupplyChain" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SupplyChain</span></a></p><p>🔗 <a href="https://cyber.netsecops.io/articles/ddos-attack-russian-food-safety-agency-disrupts-supply-chain/?utm_source=mastodon&utm_medium=social&utm_campaign=twitter_auto" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cyber.netsecops.io/articles/dd</span><span class="invisible">os-attack-russian-food-safety-agency-disrupts-supply-chain/?utm_source=mastodon&utm_medium=social&utm_campaign=twitter_auto</span></a></p>
gtbarry<p>Shutdown Sparks 85% Increase in US Government Cyberattacks</p><p>Cyberattacks against federal employees have nearly doubled since the US government shut down on Oct. 1.</p><p>With vital agencies on pause, employees furloughed, and threat activity only ever rising, the federal government and its personnel have possibly never been weaker than they are right now, from a cybersecurity perspective. </p><p><a href="https://mastodon.social/tags/cyberattack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cyberattack</span></a> <a href="https://mastodon.social/tags/shutdown" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>shutdown</span></a> <a href="https://mastodon.social/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> <a href="https://mastodon.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://mastodon.social/tags/hackers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hackers</span></a> <a href="https://mastodon.social/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hacking</span></a></p><p><a href="https://www.darkreading.com/cybersecurity-operations/shutdown-increase-us-government-cyberattacks" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">darkreading.com/cybersecurity-</span><span class="invisible">operations/shutdown-increase-us-government-cyberattacks</span></a></p>
The New Oil<p><a href="https://mastodon.thenewoil.org/tags/Jaguar" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Jaguar</span></a> <a href="https://mastodon.thenewoil.org/tags/LandRover" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LandRover</span></a> looking at $2.5 billion price tag from crippling <a href="https://mastodon.thenewoil.org/tags/cyberattack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cyberattack</span></a></p><p><a href="https://arstechnica.com/security/2025/10/jaguar-land-rover-struggling-8-weeks-after-most-expensive-uk-cyberattack/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">arstechnica.com/security/2025/</span><span class="invisible">10/jaguar-land-rover-struggling-8-weeks-after-most-expensive-uk-cyberattack/</span></a></p><p><a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://mastodon.thenewoil.org/tags/cars" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cars</span></a></p>
Hydrian<p><span class="h-card" translate="no"><a href="https://infosec.exchange/@masek" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>masek</span></a></span> We need a national holiday for <a href="https://twit.social/tags/CyberAttackAwareDay" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberAttackAwareDay</span></a> and have all national cloud providers go down for (X<24) hours. This way organization/families can test what really will/won't work in a major <a href="https://twit.social/tags/cyberattack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cyberattack</span></a>. This will also shame poorly made products that rely on <a href="https://twit.social/tags/alwaysoninternet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>alwaysoninternet</span></a>.</p>
Europe Says<p><a href="https://www.europesays.com/2515854/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">europesays.com/2515854/</span><span class="invisible"></span></a> Israel Accuses Iran of Orchestrating New Wave of Cyberattacks – <a href="https://pubeurope.com/tags/Conflicts" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Conflicts</span></a> <a href="https://pubeurope.com/tags/CyberAttack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberAttack</span></a> <a href="https://pubeurope.com/tags/Iran" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Iran</span></a> <a href="https://pubeurope.com/tags/Israel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Israel</span></a> <a href="https://pubeurope.com/tags/MiddleEast" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MiddleEast</span></a> <a href="https://pubeurope.com/tags/MiddleEastCrisis" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MiddleEastCrisis</span></a></p>
The New Oil<p><a href="https://mastodon.thenewoil.org/tags/China" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>China</span></a> accuses <a href="https://mastodon.thenewoil.org/tags/US" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>US</span></a> of <a href="https://mastodon.thenewoil.org/tags/cyberattack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cyberattack</span></a> on national <a href="https://mastodon.thenewoil.org/tags/time" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>time</span></a> center</p><p><a href="https://apnews.com/article/china-us-cyberattacks-allegations-time-b3408ed2352c113904350f80e505ab9f" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">apnews.com/article/china-us-cy</span><span class="invisible">berattacks-allegations-time-b3408ed2352c113904350f80e505ab9f</span></a></p><p><a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://mastodon.thenewoil.org/tags/politics" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>politics</span></a></p>
SOC Goulash<p>Alright team, it's been a pretty packed 24 hours in the cyber world! We've got updates on some seriously costly breaches, a couple of actively exploited vulnerabilities, new malware capabilities, and a look at the evolving threat landscape. Let's dive in:</p><p>Major Cyber Attacks and Breaches 💸</p><p>- The Jaguar Land Rover (JLR) cyberattack, which began in late August 2025, is now estimated to be the UK's costliest cyber incident, with an economic impact of up to £1.9 billion ($2.5 billion) affecting over 5,000 organisations.<br>- Chinese threat actors are actively exploiting the ToolShell (CVE-2025-53770) zero-day in Microsoft SharePoint, targeting government agencies, universities, and telecoms across four continents, deploying webshells, backdoors like Zingdoor and ShadowPad, and even Warlock ransomware.<br>- A spearphishing campaign, dubbed "PhantomCaptcha," impersonated the Ukrainian President's Office to target war relief organisations (Red Cross, UNICEF) and regional governments, using a sophisticated "ClickFix" technique to trick victims into executing PowerShell scripts for RAT deployment.<br>- SpaceX has taken action against cybercrime, disabling over 2,500 Starlink devices identified in Myanmar scam compounds following calls from politicians and human trafficking advocates.<br>- Oregon-based fence manufacturer Jewett-Cameron Trading disclosed a ransomware attack that exfiltrated video meeting images and non-public financial documents, with attackers threatening public release if a ransom isn't paid.</p><p>🕵🏼 The Register | <a href="https://go.theregister.com/feed/www.theregister.com/2025/10/22/jaguar_lander_rover_cost/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">go.theregister.com/feed/www.th</span><span class="invisible">eregister.com/2025/10/22/jaguar_lander_rover_cost/</span></a><br>🗞️ The Record | <a href="https://therecord.media/jaguar-land-rover-cyberattack-economic-impact" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">therecord.media/jaguar-land-ro</span><span class="invisible">ver-cyberattack-economic-impact</span></a><br>🤖 Bleeping Computer | <a href="https://www.bleepingcomputer.com/news/security/sharepoint-toolshell-attacks-targeted-orgs-across-four-continents/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/sharepoint-toolshell-attacks-targeted-orgs-across-four-continents/</span></a><br>🗞️ The Record | <a href="https://therecord.media/sharepoint-toolshell-bug-breaches-governments-africa-south-america" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">therecord.media/sharepoint-too</span><span class="invisible">lshell-bug-breaches-governments-africa-south-america</span></a><br>🗞️ The Record | <a href="https://therecord.media/phantomcaptcha-spearphishing-campaign-ukraine-war-relief-groups" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">therecord.media/phantomcaptcha</span><span class="invisible">-spearphishing-campaign-ukraine-war-relief-groups</span></a><br>🤖 Bleeping Computer | <a href="https://www.bleepingcomputer.com/news/security/phantomcaptcha-clickfix-attack-targets-ukraine-war-relief-orgs/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/phantomcaptcha-clickfix-attack-targets-ukraine-war-relief-orgs/</span></a><br>🗞️ The Record | <a href="https://therecord.media/spacex-disables-starlink-kits-in-myanmar-scam-compounds" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">therecord.media/spacex-disable</span><span class="invisible">s-starlink-kits-in-myanmar-scam-compounds</span></a><br>🗞️ The Record | <a href="https://therecord.media/ransomware-gang-steals-meeting-video-fence-manufacturer" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">therecord.media/ransomware-gan</span><span class="invisible">g-steals-meeting-video-fence-manufacturer</span></a></p><p>New Threat Research 🔬</p><p>- Vidar Stealer 2.0 has been released, rewritten in C with multi-threading, improved anti-analysis checks, and a bypass for Chrome's App-Bound encryption via memory injection, likely increasing its prevalence as Lumma Stealer declines.<br>- Kaspersky researchers have identified a new, highly sophisticated APT campaign, PassiveNeuron, targeting government, financial, and industrial organisations in Asia, Africa, and Latin America with custom malware families Neursite (modular backdoor) and NeuralExecutor (.NET implant), often leveraging compromised internal servers as C2.</p><p>🤖 Bleeping Computer | <a href="https://www.bleepingcomputer.com/news/security/vidar-stealer-20-adds-multi-threaded-data-theft-better-evasion/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/vidar-stealer-20-adds-multi-threaded-data-theft-better-evasion/</span></a><br>📰 The Hacker News | <a href="https://thehackernews.com/2025/10/researchers-identify-passiveneuron-apt.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">thehackernews.com/2025/10/rese</span><span class="invisible">archers-identify-passiveneuron-apt.html</span></a></p><p>Vulnerabilities and Zero-Days 🛡️</p><p>- TP-Link has patched four command injection flaws in Omada gateway devices, including two critical RCE vulnerabilities (CVE-2025-6542, CVE-2025-7850) with CVSS scores of 9.3, one of which allows unauthenticated remote exploitation.<br>- Adobe Commerce (formerly Magento) is seeing active exploitation of the critical SessionReaper vulnerability (CVE-2025-54236), an improper input validation flaw that allows attackers to take over customer accounts without interaction; 62% of stores remain unpatched.<br>- A high-severity "TARmageddon" flaw (CVE-2025-62518) in the abandoned async-tar Rust library and its forks, including the popular tokio-tar, allows unauthenticated RCE via hidden files in tar archives, posing a significant supply chain risk, with the most downloaded version still unfixed.<br>- Pwn2Own Ireland Day 2 saw hackers exploit 56 unique zero-day vulnerabilities, earning $792,750, including a chain of five flaws to hack the Samsung Galaxy S25 and exploits against QNAP, Synology, and Phillips Hue Bridge devices.</p><p>🤖 Bleeping Computer | <a href="https://www.bleepingcomputer.com/news/security/tp-link-warns-of-critical-command-injection-flaw-in-omada-gateways/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/tp-link-warns-of-critical-command-injection-flaw-in-omada-gateways/</span></a><br>📰 The Hacker News | <a href="https://thehackernews.com/2025/10/tp-link-patches-four-omada-gateway.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">thehackernews.com/2025/10/tp-l</span><span class="invisible">ink-patches-four-omada-gateway.html</span></a><br>🤖 Bleeping Computer | <a href="https://www.bleepingcomputer.com/news/security/hackers-exploiting-critical-sessionreaper-flaw-in-adobe-magento/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/hackers-exploiting-critical-sessionreaper-flaw-in-adobe-magento/</span></a><br>🕵🏼 The Register | <a href="https://go.theregister.com/feed/www.theregister.com/2025/10/22/vulnerable_rust_crate/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">go.theregister.com/feed/www.th</span><span class="invisible">eregister.com/2025/10/22/vulnerable_rust_crate/</span></a><br>🤖 Bleeping Computer | <a href="https://www.bleepingcomputer.com/news/security/tarmageddon-flaw-in-abandoned-rust-library-enables-rce-attacks/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/tarmageddon-flaw-in-abandoned-rust-library-enables-rce-attacks/</span></a><br>🤖 Bleeping Computer | <a href="https://www.bleepingcomputer.com/news/security/samsung-galaxy-s25-hacked-on-day-two-of-pwn2own-ireland-2025/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/samsung-galaxy-s25-hacked-on-day-two-of-pwn2own-ireland-2025/</span></a></p><p>Threat Landscape Commentary 🌍</p><p>- GCHQ Director Anne Keast-Butler warned that the UK faces its "most contested and complex" threat environment in decades, with a quadrupling of significant cyberattacks over the past year (four incidents per week), driven by nation-state cooperation, AI advancements, and lower barriers for financially motivated cybercriminals.</p><p>🗞️ The Record | <a href="https://therecord.media/facing-anne-keast-decades-gchq" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">therecord.media/facing-anne-ke</span><span class="invisible">ast-decades-gchq</span></a></p><p>Data Privacy and Regulatory Issues ⚖️</p><p>- The UK's Information Commissioner's Office (ICO) defended its decision not to investigate a February 2022 Ministry of Defence data leak that exposed details of 33,345 Afghans, citing classified information handling difficulties and not wanting to hinder the MoD's immediate response.<br>- A new report from the Electronic Privacy Information Center (EPIC) highlights that state attorneys general in the US are increasingly active in privacy enforcement, bringing or settling over 1,200 consumer privacy cases in the last five years, filling a gap due to the absence of a comprehensive federal data privacy law.<br>- The annual Cyberspace Solarium Commission report concludes that the US is "slipping" on cybersecurity, with federal efforts failing to keep pace with technology, and recommends reversing budget/personnel cuts, strengthening the National Cyber Director's office, and expanding workforce initiatives.</p><p>🕵🏼 The Register | <a href="https://go.theregister.com/feed/www.theregister.com/2025/10/22/ico_afghan_leak_probe/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">go.theregister.com/feed/www.th</span><span class="invisible">eregister.com/2025/10/22/ico_afghan_leak_probe/</span></a><br>🗞️ The Record | <a href="https://therecord.media/state-ags-enforcement-privacy-law" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">therecord.media/state-ags-enfo</span><span class="invisible">rcement-privacy-law</span></a><br>🤫 CyberScoop | <a href="https://cyberscoop.com/cyberspace-solarium-commission-report-budget-workforce-cuts/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cyberscoop.com/cyberspace-sola</span><span class="invisible">rium-commission-report-budget-workforce-cuts/</span></a></p><p>Other Noteworthy Updates 🤖</p><p>- Meta is rolling out new anti-scam tools for WhatsApp and Messenger, including advanced AI-powered scam detection for suspicious chats on Messenger and warnings for screen sharing during video calls with unknown contacts on WhatsApp.<br>- An open letter, signed by over 700 individuals including Nobel laureates and tech leaders, calls for a prohibition on the development of "superintelligent" AI until there's broad scientific consensus on safe and controllable development, reflecting growing mainstream concern over potential societal and existential risks.</p><p>🤖 Bleeping Computer | <a href="https://www.bleepingcomputer.com/news/security/meta-launches-new-anti-scam-tools-for-whatsapp-and-messenger/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/meta-launches-new-anti-scam-tools-for-whatsapp-and-messenger/</span></a><br>🤫 CyberScoop | <a href="https://cyberscoop.com/ai-superintelligence-ban-open-letter-future-of-life-harry-meghan-tech-leaders/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cyberscoop.com/ai-superintelli</span><span class="invisible">gence-ban-open-letter-future-of-life-harry-meghan-tech-leaders/</span></a></p><p><a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/ThreatIntelligence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ThreatIntelligence</span></a> <a href="https://infosec.exchange/tags/Ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ransomware</span></a> <a href="https://infosec.exchange/tags/Vulnerabilities" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Vulnerabilities</span></a> <a href="https://infosec.exchange/tags/ZeroDay" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ZeroDay</span></a> <a href="https://infosec.exchange/tags/APT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>APT</span></a> <a href="https://infosec.exchange/tags/Malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Malware</span></a> <a href="https://infosec.exchange/tags/DataBreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataBreach</span></a> <a href="https://infosec.exchange/tags/Privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Privacy</span></a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> <a href="https://infosec.exchange/tags/CyberAttack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberAttack</span></a> <a href="https://infosec.exchange/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IncidentResponse</span></a> <a href="https://infosec.exchange/tags/GCHQ" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GCHQ</span></a> <a href="https://infosec.exchange/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AI</span></a> <a href="https://infosec.exchange/tags/RustLang" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RustLang</span></a> <a href="https://infosec.exchange/tags/SharePoint" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SharePoint</span></a> <a href="https://infosec.exchange/tags/TPLink" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TPLink</span></a> <a href="https://infosec.exchange/tags/Magento" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Magento</span></a> <a href="https://infosec.exchange/tags/WhatsApp" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WhatsApp</span></a> <a href="https://infosec.exchange/tags/Messenger" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Messenger</span></a></p>
Europe Says<p><a href="https://www.europesays.com/?p=2513819" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">europesays.com/?p=2513819</span><span class="invisible"></span></a> Israel finds Iran behind recent cyberattack on hospital <a href="https://pubeurope.com/tags/AssafHarofehMedicalCenter" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AssafHarofehMedicalCenter</span></a> <a href="https://pubeurope.com/tags/Conflicts" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Conflicts</span></a> <a href="https://pubeurope.com/tags/cyberattack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cyberattack</span></a> <a href="https://pubeurope.com/tags/Hacker" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Hacker</span></a> <a href="https://pubeurope.com/tags/Iran" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Iran</span></a> <a href="https://pubeurope.com/tags/Israel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Israel</span></a> <a href="https://pubeurope.com/tags/MiddleEast" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MiddleEast</span></a> <a href="https://pubeurope.com/tags/MiddleEastCrisis" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MiddleEastCrisis</span></a> <a href="https://pubeurope.com/tags/PreventingCyberAttacks" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PreventingCyberAttacks</span></a></p>
Extortion and #ransomware drive over half of cyberattacks
https://blogs.microsoft.com/on-the-issues/2025/10/16/mddr-2025/
Microsoft On the Issues · Extortion and ransomware drive over half of cyberattacksMicrosoft launches its sixth annual Digital Defense Report, highlighting trends from July 2024 to June 2025, including that over half of cyberattacks with known motives were driven by extortion or ransomware. The report stresses that legacy security is insufficient—modern AI-driven defenses and cross-industry collaboration are essential. For individuals, strong tools like phishing-resistant MFA can block over 99% of identity-based attacks.
️
The cyber attack on Jaguar Land Rover is believed to have been the "most financially damaging" in UK history at an estimated cost of £1.9bn, a security body has said.
#CyberAttack
#CyberSecurity https://news.sky.com/story/cyber-attack-on-jaguar-land-rover-the-most-financially-damaging-in-uk-history-13455008
Sky · Cyber attack on Jaguar Land Rover 'most financially damaging' in UK history, experts sayThe Cyber Monitoring Centre says the incident serves as a wake-up call that companies should treat seriously.
IT'S CYBERWAR!
China suspected of cyber warfare against the United States as more than 12 hours of Internet disruptions attack everything from Amazon to cyber clouds....
Is this a Chinese revenge attack on Trump's tariffs or the first blow in a long, nasty war with the orangutan in the White House?
#AureFreePress #News #press #headline #GOP #Politics #uspolitics #uspol #Trump #China #CyberAttack #cyberwarfare #Breaking #BreakingNews
https://www.europesays.com/2508207/ Japan’s brewing giants halt gift beer sales after Asahi cyber-attack #Asahi #Asia #beer #CyberAttack #cyberattack #japan #JapaneseBeer #Sapporo #suntory
Russian cyberattacks against NATO members up 25% in a year, analysis shows https://www.byteseu.com/1463779/ #CyberAttack #CyberSecurity #Europe #NATO #Russia
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload