The FBI and Cisco have issued urgent warnings about Russian hackers exploiting a seven-year-old vulnerability in Cisco Smart Install, impacting outdated routers and switches globally. A significant number of legacy Cisco devices, which no longer receive security updates, are currently…
Moldovan Police Detain Suspect Linked to €4.5 Million Ransomware Attack on Dutch Research Institution
May 13, 2025
Cybercrime / Ransomware
Authorities in Moldova have arrested a 45-year-old foreign national suspected of orchestrating multiple ransomware attacks against Dutch businesses in 2021. “He is wanted internationally for various cybercrimes, including ransomware attacks, blackmail, and money laundering targeting firms in the Netherlands,” officials stated on Monday. As part of the operation, police confiscated over €84,000 ($93,000) in cash, an electronic wallet, two laptops, a mobile phone, a tablet, six bank cards, two data storage devices, and six memory cards. While the suspect’s identity remains undisclosed, he was apprehended during a search of his residence in Moldova. Notably, he is accused of launching a ransomware attack on the Netherlands Organization for Scientific Research (NWO) in February 2021, resulting in damages estimated at €4.5 million. This incident also led to the leak of internal documents.
Moldovan Authorities Apprehend Suspect Linked to €4.5 Million Ransomware Assault on Dutch Research Agency On May 13, 2025, Moldovan law enforcement announced the arrest of a 45-year-old foreign national believed to be intricately involved in a series of ransomware attacks…
Workday has confirmed it suffered a significant data breach stemming from a comprehensive social engineering campaign that compromised a third-party vendor’s information. This breach allowed unauthorized individuals to infiltrate systems and potentially access sensitive data. The attackers employed deceptive tactics,…
June 12, 2025
Artificial Intelligence / Vulnerability
A new attack method called EchoLeak has been identified as a “zero-click” AI vulnerability, enabling malicious actors to extract sensitive data from Microsoft 365 (M365) Copilot without any user involvement. This critical vulnerability has been assigned CVE identifier CVE-2025-32711, with a CVSS score of 9.3. It requires no action from users and has already been addressed by Microsoft, with no reported instances of exploitation. According to a recent advisory, “AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.” This vulnerability has been included in Microsoft’s June 2025 Patch Tuesday updates, bringing the total number of fixed vulnerabilities to 68. Aim Security, which discovered and reported the issue, noted that it exemplifies a large language model (LLM) Scope Violation that leads to indirect prompt injection risks.
Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction On June 12, 2025, cybersecurity experts disclosed a significant vulnerability known as EchoLeak, which has been classified as a “zero-click” artificial intelligence (AI) exploit. This flaw allows malicious actors…
July 11, 2023
Ransomware / Windows Security
A newly emerging ransomware known as Big Head is spreading via a malvertising campaign that masquerades as fake Microsoft Windows updates and Word installers. Initially identified by Fortinet FortiGuard Labs last month, multiple variants of this ransomware have been found, all designed to encrypt files on victims’ devices in exchange for cryptocurrency payments. According to Fortinet researchers, “One variant of the Big Head ransomware presents a fake Windows Update, suggesting it may also be distributed as counterfeit updates.” Another variant features a Microsoft Word icon, indicating its distribution as fraudulent software. The majority of Big Head samples reported so far are from the U.S., Spain, France, and Turkey. Recent analysis by Trend Micro has further explored this .NET-based ransomware, highlighting its capability to deploy three encrypted binaries: 1.exe for propagation…
Warning: Big Head Ransomware on the Rise via Fake Windows Updates July 11, 2023 – BreachSpot.com A new strain of ransomware known as Big Head is gaining traction, being distributed through a targeted malvertising campaign that masquerades as counterfeit Microsoft…
Cybercrime, Fraud Management & Cybercrime Oregon Man Charged for Operating DDoS Attack Service Mathew J. Schwartz (@euroinfosec) • August 20, 2025 Image: Shutterstock Federal authorities have charged a 22-year-old from Oregon for operating a sophisticated, on-demand distributed denial-of-service (DDoS) attack…
Customs and Border Protection (CBP) authorities in the United States possess broad authority to search electronic devices, including phones, belonging to individuals upon their entry into the country. This policy applies universally, encompassing US citizens as well. Recent statistics indicate…
Mastering Hacking Skills: The Value of Offensive Security Training for Your Entire Security Team
May 14, 2025
Cybersecurity / Ethical Hacking
Organizations across various sectors are witnessing a sharp rise in cyberattacks, with critical infrastructure and cloud-based enterprises being particularly vulnerable. According to Verizon’s 2025 Data Breach Investigations Report, confirmed breaches surged by 18% year-over-year, and the exploitation of vulnerabilities for initial access grew by 34%. As the frequency and severity of attacks increase, many organizations rely on security tools and compliance standards as their primary defenses. While these elements are vital for reducing cyber risk, they are not foolproof solutions. Effective security hinges on the combination of people, processes, and technology, with the emphasis placed on skilled practitioners. Therefore, investing in offensive security training for all roles within the security team becomes crucial. Too often, the potential of offensive operations is underutilized…
Mastering Offensive Security: The Essential Training for Cybersecurity Teams As cyberattacks surge across various sectors, organizations are increasingly vulnerable to threats, especially those targeting critical infrastructure and cloud-based services. The recently published 2025 Data Breach Investigations Report by Verizon highlights…
A significant data breach at Allianz Life has been exposed, with the credential notification site Have I Been Pwned reporting that approximately 1.1 million accounts have been compromised. This figure represents a substantial proportion of Allianz Life’s 1.4 million North…
June 13, 2025
Spyware / Vulnerability
Apple has revealed that a recently patched security flaw in its Messages app was actively exploited to carry out sophisticated cyber attacks on civil society members. Identified as CVE-2025-43200, the vulnerability was remedied on February 10, 2025, through updates to iOS 18.3.1, iPadOS 18.3.1, iPadOS 17.7.5, macOS Sequoia 15.3.1, macOS Sonoma 14.7.4, macOS Ventura 13.7.4, watchOS 11.3.1, and visionOS 2.3.1. According to the company, “A logic issue existed when processing a maliciously crafted photo or video shared via an iCloud Link,” which was resolved with improved security checks. Apple also acknowledged awareness that this vulnerability may have been exploited in “extremely sophisticated” attacks targeting specific individuals. Notably, the updates for iOS 18.3.1, iPadOS 18.3.1, and iPadOS 17.7.5 also fixed another actively exploited zero-day vulnerability, CVE-2025-24200.
Apple Addresses Exploited Zero-Click Flaw in Messages, Targeting Journalists with Spyware On June 13, 2025, Apple confirmed that a previously undisclosed security vulnerability in its Messages application had been actively exploited in targeted cyberattacks, particularly against members of civil society,…
