Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime Chinese-Linked Malware Campaign Targets Critical Environments With Weak Monitoring Chris Riotta (@chrisriotta) • December 4, 2025 Image: Shutterstock The U.S. federal government has issued a warning regarding a sophisticated malware campaign linked to Chinese state-sponsored actors, known as Brickstorm. This malicious software…
Understanding the Escalating Cybersecurity Threats for SMBs In an era where cybersecurity breaches dominate headlines, the visibility of these risks extends beyond large enterprises to encompass small and medium-sized businesses (SMBs) and the public at large. This growing awareness among SMBs highlights the pressing need to bolster their security measures.…
Recent cybersecurity research has uncovered intriguing potential connections between the notorious SolarWinds hack and a previously identified malware strain called Kazuar. Kaspersky’s latest analysis highlights overlapping features that suggest a link between the two malicious software architectures. The SolarWinds incident, disclosed in December 2020, was characterized by its unprecedented scale…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently highlighted a significant security vulnerability affecting JetBrains TeamCity On-Premises software, categorizing it as a known exploited vulnerability in its catalog. This classification is based on concrete evidence of active exploitation in the wild. The identified flaw, designated CVE-2024-27198, has a…
Data Privacy, Data Security, Endpoint Security Cyber Advisory Highlights Exploitation of Linked Devices in Monitoring Sensitive Communications Chris Riotta (@chrisriotta) • November 25, 2025 Image: Shutterstock The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about cyber threat actors targeting current and former high-ranking government officials, military…
In a recent cybersecurity development, Microsoft addressed critical zero-day vulnerabilities within its on-premises Exchange Server software through a series of out-of-band patches. Following these updates, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent directive alerting organizations to the “active exploitation” of these vulnerabilities. This warning follows Microsoft’s…
On Friday, Microsoft issued a grave warning regarding the active exploitation of vulnerabilities in unpatched Microsoft Exchange Servers affecting numerous organizations globally. The cyberattack campaigns reportedly compromise tens of thousands of businesses and government bodies across the United States, Europe, and Asia. The company’s security team reported a significant escalation…
Red Hat Issues Urgent Security Alert Following Backdoor Discovery in XZ Utils On Friday, Red Hat issued an urgent security alert, revealing a critical security vulnerability involving two versions of the widely-used data compression library known as XZ Utils, previously LZMA Utils. This vulnerability allows malicious actors to gain unauthorized…
Government, Healthcare, Industry Specific Also: Akira Ransomware Targets Healthcare, AI’s Sycophancy Becomes a Security Risk Anna Delaney (annamadeline) • November 21, 2025 Clockwise, from top left: Anna Delaney, Tony Morbin, Chris Riotta, and Marianne Kolbasuk McGee This week’s ISMG Editors’ Panel convened a discussion among four seasoned editors, who addressed…
