For providers

BleepingComputer reports that trojanized removable drives have been harnessed by the Russian state-sponsored threat operation Gamaredon, also known as Shuckworm, to distribute a new GammaSteel information-stealing malware variant in an attack campaign against a Western country's military mission in Ukraine between February and March.

Moroccan cybercrime operation Atlas Lion which sets its sights on major retailers, restaurants, and other gift card-giving organizations has been integrating their virtual machines into targeted entities' cloud domains via breached credentials to facilitate covert intrusions, according to The Record, a news site by cybersecurity firm Recorded Future.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

A 2025. 15. hetére vonatkozó hírválogatás, amely az NBSZ NKI által 2025.04.04. és 2025.04.10. között kezelt incidensek statisztikai adatait is tartalmazza.

At CyberArk IMPACT 25, former CISA director Jen Easterly warns that without intelligent identity systems, AI-fueled cyberattacks will outpace defenses.

Domain controllers were breached in more than 78% of human-operated cyberattacks, warned Microsoft.

EC2 instance metadata can include sensitive information such as IAM role credentials.

Gladinet's platform is widely used among managed service providers, and a critical deserialization flaw could put MSP customers in jeopardy.

Managing permissions and authorizations across dozens or hundreds of cloud services and platforms poses significant headaches for companies. An open specification aims to change that.