A legitimate open-source server monitoring tool has been repurposed by attackers to gain full remote control of compromised systems. According to new findings from Ontinue’s Cyber Defense Center, the activity involves Nezha, a widely used monitoring platform that provides administrators… Read More "Monitoring Tool Nezha Abused For Stealthy Post-Exploitation Access"
Dec 22, 2025Ravie LakshmananHacking News / Cybersecurity Cyber threats last week showed how attackers no longer need big hacks to cause big damage. They’re going after the everyday tools we trust most — firewalls, browser add-ons, and even smart TVs… Read More "Firewall Exploits, AI Data Theft, Android Hacks, APT Attacks, Insider Leaks & More"
“The upgrade in encryption used by RansomHouse RaaS, going from a simple linear model to a more complex multi-layered approach, signals a concerning trajectory in ransomware development,” Unit42 researchers said in a blog post. “This demonstrates how threat actors are… Read More "Think you can beat ransomware? RansomHouse just made it a lot harder"
A Ukrainian national has pleaded guilty to using Nefilim ransomware against a number of corporate victims in the US and elsewhere. Artem Aleksandrovych Stryzhak, 35, was extradited from the Spanish city of Barcelona earlier this year after being arrested in… Read More "Nefilim Ransomware Affiliate Pleads Guilty"
The tactic represents an evolution of techniques that financially motivated groups used earlier this year to breach Salesforce environments at Google, Qantas, and luxury brands through similar OAuth abuse, affecting hundreds of organizations. Those Salesforce attacks, which began in June… Read More "Hackers exploit Microsoft OAuth device codes to hijack enterprise accounts"
DXS International, a UK-based tech supplier of England’s National Health Service (NHS) has confirmed it was hit by a cyber-attack. In a filing to the London Stock Exchange on December 18, DXS International said the incident was discovered on December… Read More "UK: NHS Supplier Confirms Cyber-Attack, Operations Unaffected"
However, since the lawsuits against Sullivan and Brown first emerged, CEOs and other high-ranking decision-makers have increasingly come under more pressure to accept some of the cyber incident legal liabilities that have often been the sole province of CISOs. “In… Read More "What CISOs should know about the SolarWinds lawsuit dismissal"
Threat actors have been observed leveraging malicious dropper apps masquerading as legitimate applications to deliver an Android SMS stealer dubbed Wonderland in mobile attacks targeting users in Uzbekistan. “Previously, users received ‘pure’ Trojan APKs that acted as malware immediately upon… Read More "Android Malware Operations Merge Droppers, SMS Theft, and RAT Capabilities at Scale"
Einer der wichtigsten Schritte ist die Ernennung eines Kommunikationsleiters , merkt Business-Continuity-Berater Kate an. „Wenn Technologiesysteme nicht verfügbar sind, müssen viele innerhalb der Organisation Workarounds implementieren, um wesentliche Prozesse am Laufen zu halten.“ Dem Experten zufolge basieren viele Entscheidungen auf… Read More "6 wichtige Punkte für Ihren Incident Response Plan"
Die Redaktion von Computerwoche, CIO und CSO sieht das IT-Jahr 2025 mit gemischten Gefühlen zu Ende gehen. abdullah Ghashqeen – Shutterstock Ein turbulentes Jahr 2025 neigt sich dem Ende zu. Es war geprägt von wirtschaftlicher Unsicherheit, geopolitischen Spannungen und dem… Read More "Podcast: Die IT-Tops und -Flops 2025"
