FBI Director Reports ‘Highly Qualified’ Replacements for Cyber Leadership Amid Departures Chris Riotta (@chrisriotta) • September 19, 2025 J. Edgar Hoover Building, FBI headquarters, Washington, D.C. (Image: Shutterstock) FBI Director Kash Patel defended the bureau’s capacity to tackle cybercrime despite a wave of departures among senior cyber officials. During a…
Cyberattack Targets Ascension: A Deep Dive into Security Missteps In a troubling incident within the healthcare sector, Ascension, a significant player in medical services, has faced a severe network breach. Despite Ascension’s choice to remain silent regarding the details of this attack, a preliminary analysis reveals critical deficiencies in their…
Cybersecurity experts have recently unveiled a previously identified vulnerability within the Microsoft SharePoint connector on the Power Platform. This flaw, now patched, presented a critical risk by potentially enabling malicious actors to exploit user credentials, paving the way for subsequent attacks aimed at sensitive data repositories. The exploitation of this…
Recent investigations have revealed a sophisticated malware campaign deploying a remote access trojan (RAT) called AsyncRAT, utilizing Python payloads and TryCloudflare tunnels for distribution. Forcepoint X-Labs researcher Jyotika Singh indicated that AsyncRAT capitalizes on the async/await programming model, allowing attackers to covertly access and manipulate infected systems, exfiltrate data, and…
On Tuesday, Microsoft rolled out security updates addressing a total of 57 vulnerabilities, including six that have been actively exploited in the wild. These updates are particularly crucial for organizations concerned about potential security breaches, as they rectify flaws that could be leveraged by malicious actors. Among the 57 identified…
Major Security Flaw Discovered in Microsoft Azure’s Identity Management System Over the past decade, a significant transition has occurred in how businesses manage their digital infrastructures, shifting from self-hosted servers to cloud services. This change has allowed many organizations to benefit from the advanced security features offered by key cloud…
In a recent advisory, the Ukrainian government alerted that “massive cyberattacks” are imminent, targeting the critical infrastructure of Ukraine and its allies. The Ministry of Defense’s Main Directorate of Intelligence (GUR) has identified the energy sector as a primary target. The agency indicated that these cyberattacks would likely be designed…
Cybercrime, Fraud Management & Cybercrime Colt Services Faces Ongoing Outages; Finland Charges U.S. National in Vastaamo Hack Anviksha More (AnvikshaMore) • September 18, 2025 Image: Shutterstock/ISMG Each week, Information Security Media Group compiles cybersecurity incidents worldwide. Recently, Microsoft dealt a significant blow to RaccoonO365, outages at Colt Technology Services continue,…
High-Severity Vulnerabilities Discovered in Ruby-SAML Library, Posing Authentication Risks Two significant security vulnerabilities have been identified in the open-source ruby-saml library, which poses a risk of allowing malicious actors to bypass Security Assertion Markup Language (SAML) authentication protections. The discovered vulnerabilities are classified as CVE-2025-25291 and CVE-2025-25292, carrying a high…
