In a recent advisory, the Ukrainian government alerted that “massive cyberattacks” are imminent, targeting the critical infrastructure of Ukraine and its allies. The Ministry of Defense’s Main Directorate of Intelligence (GUR) has identified the energy sector as a primary target. The agency indicated that these cyberattacks would likely be designed…
Cybercrime, Fraud Management & Cybercrime Colt Services Faces Ongoing Outages; Finland Charges U.S. National in Vastaamo Hack Anviksha More (AnvikshaMore) • September 18, 2025 Image: Shutterstock/ISMG Each week, Information Security Media Group compiles cybersecurity incidents worldwide. Recently, Microsoft dealt a significant blow to RaccoonO365, outages at Colt Technology Services continue,…
High-Severity Vulnerabilities Discovered in Ruby-SAML Library, Posing Authentication Risks Two significant security vulnerabilities have been identified in the open-source ruby-saml library, which poses a risk of allowing malicious actors to bypass Security Assertion Markup Language (SAML) authentication protections. The discovered vulnerabilities are classified as CVE-2025-25291 and CVE-2025-25292, carrying a high…
The current landscape of cybersecurity reveals that even the smallest vulnerabilities can precipitate significant breaches. Exposing an encryption key, neglecting a minor software update, or leaving a cloud storage bucket unsecured may seem trivial, yet these factors can become major gateways for cyber attacks. This week, instances of cybercriminals exploiting…
A subgroup of the notorious Russian state-sponsored hacking entity known as Sandworm has been linked to a persistent global access operation, termed BadPilot, which has been under way for several years. The Microsoft Threat Intelligence team recently disclosed this in a report, emphasizing the group’s strategy of compromising internet-facing infrastructure…
Microsoft Disrupts ‘RaccoonO365’ Phishing Service In a significant development in the cybersecurity landscape, Microsoft has announced the dismantling of the ‘RaccoonO365’ phishing service, a notable player in the realm of cybercrime. This disruptive action targets a sophisticated network that has been implicated in various phishing attacks, with an emphasis on…
A notorious Russia-based cyber espionage group known as APT29 has reportedly exploited a less common Windows feature called Credential Roaming following a successful phishing operation targeting an unmentioned European diplomatic organization. The strategic focus on diplomatic targets aligns with APT29’s historical modus operandi, demonstrating their commitment to gathering intelligence that…
This week’s cybersecurity update delves into various evolving threats, including a sophisticated phishing technique used by Russian threat actors. Covering issues from device code phishing to cloud-based attacks, this summary transforms complex technicalities into comprehensible insights, tailored for tech-savvy professionals. ⚡ Threat of the Week The recent disclosure from Microsoft…
Cybercrime, Data Security, Finance & Banking Cybercrime Collective ShinyHunters Claims 160 Million Records Compromised Mathew J. Schwartz ( euroinfosec) • September 15, 2025 The State Bank of Vietnam in Hanoi, dating back to November 22, 2016. (Image: TK Kurikawa/Shutterstock) The central bank of Vietnam is investigating a cyberattack that targeted…
