Jun 24, 2025Ravie LakshmananVulnerability / Malware Unidentified threat actors have been observed targeting publicly exposed Microsoft Exchange servers to inject malicious code into the login pages that harvest their credentials. Positive Technologies, in a new analysis published last week, said… Read More "Hackers Target Over 70 Microsoft Exchange Servers to Steal Credentials via Keyloggers"
Jun 24, 2025Ravie LakshmananMalware / Cryptocurrency Cybersecurity researchers have detailed two novel methods that can be used to disrupt cryptocurrency mining botnets. The methods take advantage of the design of various common mining topologies in order to shut down the… Read More "Researchers Find Way to Shut Down Cryptominer Campaigns Using Bad Shares and XMRogue"
Jun 24, 2025Ravie LakshmananThreat Exposure Management I had the honor of hosting the first episode of the Xposure Podcast live from Xposure Summit 2025. And I couldn’t have asked for a better kickoff panel: three cybersecurity leaders who don’t just… Read More "The CTEM Conversation We All Need"
Jun 24, 2025Ravie LakshmananCloud Security / Cryptojacking Misconfigured Docker instances are the target of a campaign that employs the Tor anonymity network to stealthily mine cryptocurrency in susceptible environments. “Attackers are exploiting misconfigured Docker APIs to gain access to containerized… Read More "Hackers Exploit Misconfigured Docker APIs to Mine Cryptocurrency via Tor Network"
Jun 24, 2025Ravie LakshmananCyber Espionage / Chinese Hackers The Canadian Centre for Cyber Security and the U.S. Federal Bureau of Investigation (FBI) have issued an advisory warning of cyber attacks mounted by the China-linked Salt Typhoon actors to breach major… Read More "China-linked Salt Typhoon Exploits Critical Cisco Vulnerability to Target Canadian Telecom"
Google has revealed the various safety measures that are being incorporated into its generative artificial intelligence (AI) systems to mitigate emerging attack vectors like indirect prompt injections and improve the overall security posture for agentic AI systems. “Unlike direct prompt… Read More "Google Adds Multi-Layered Defenses to Secure GenAI from Prompt Injection Attacks"
Jun 23, 2025Ravie LakshmananHacktivism / Cyber Warfare The United States government has warned of cyber attacks mounted by pro-Iranian groups after it launched airstrikes on Iranian nuclear sites as part of the Iran–Israel war that commenced on June 13, 2025.… Read More "DHS Warns Pro-Iranian Hackers Likely to Target U.S. Networks After Iranian Nuclear Strikes"
Jun 23, 2025Ravie LakshmananLLM Security / AI Security Cybersecurity researchers are calling attention to a new jailbreaking method called Echo Chamber that could be leveraged to trick popular large language models (LLMs) into generating undesirable responses, irrespective of the safeguards… Read More "Echo Chamber Jailbreak Tricks LLMs Like OpenAI and Google into Generating Harmful Content"
Jun 23, 2025Ravie LakshmananCyber Espionage / Vulnerability Cybersecurity researchers have uncovered a Go-based malware called XDigo that has been used in attacks targeting Eastern European governmental entities in March 2025. The attack chains are said to have leveraged a collection… Read More "XDigo Malware Exploits Windows LNK Flaw in Eastern European Government Attacks"
It sure is a hard time to be a SOC analyst. Every day, they are expected to solve high-consequence problems with half the data and twice the pressure. Analysts are overwhelmed—not just by threats, but by the systems and processes… Read More "How AI-Enabled Workflow Automation Can Help SOCs Reduce Burnout"
