Szolgáltatóknak

The following article summarizes a recent SC webcast discussion between Host Adrian Sanabria and Ryan Chapman, Team Lead for the Unit 42 Managed Threat Hunting team at Palo Alto Networks. They discuss how security leaders can swiftly translate threat intelligence insights into decisive action.

Almost 1,289 Citrix NetScaler ADC and NetScaler Gateway servers continue to be at risk of intrusions involving the critical out-of-bounds memory vulnerability CVE-2025-5777, dubbed as "Citrix Bleed 2", while 2,100 instances remain vulnerable to the critical memory overflow issue, tracked as CVE-2025-6543, following the release of fixes last week, according to Cyber Security News.

Advanced persistent threat operation Blind Eagle, also known as APT-C-36, APT-Q-98, and AguilaCiega, has been leveraging Proton66, a Russian bulletproof hosting service, as part of its infrastructure in recent phishing attacks against banks and other financial entities across Colombia, including BBVA, Davivienda, Banco Caja Social, and Bancolombia, reports The Hacker News.

CBS News reports that the U.S. Department of Justice has disclosed that the infamous transnational drug cartel Sinaloa had been able to monitor and kill FBI informants after hiring a hacker in 2018.

More than 350 organizations and nearly 1,800 email addresses were discovered by Proofpoint researchers to have been targeted by a new phishing fraud scheme involving the spoofing of the Department of Government Efficiency initially flagged by the Scoop News Group, according to FedScoop.

Nearly 100 GB of emails from White House Chief of Staff Susie Wiles, Trump advisor Roger Stone, Trump legal counsel Lindsey Halligan, and Trump enemy Stormy Daniels were claimed to have been exfiltrated by Iranian state-sponsored threat operation Robert.

BleepingComputer reports that Europol has announced that five individuals allegedly involved in a $540 million cryptocurrency investment fraud scheme that has impacted over 5,000 victims were arrested as part of a Spain-led global law enforcement takedown that was conducted alongside U.S., Estonian, and French authorities.

The U.S. has been intensifying its clampdown on North Korea's fake IT worker scheme with separate actions disclosed on Monday, reports Cybersecurity Dive.

Alex Weinert distilled 15 years of defending Microsoft’s identity systems into five painful, hard-won lessons.