InfoSec News 20251030
Top News
-
LinkedIn phishing targets finance execs with fake board invites
"Hackers are abusing LinkedIn to target finance executives with direct-message phishing attacks that impersonate executive board invitations, aiming to steal their Microsoft credentials."
TLP1 : Green
-
Malicious NPM packages fetch infostealer for Windows, Linux, macOS
"Ten malicious packages mimicking legitimate software projects in the npm registry download an information-stealing component that collects sensitive data from Windows, Linux, and macOS systems."
TLP1 : Green
-
New Attack Targets DDR5 Memory to Steal Keys From Intel and AMD TEEs
"Intel and AMD have published advisories after academics disclosed details of the new TEE.fail attack method."
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
Ex-Defense contractor exec pleads guilty to selling cyber exploits to Russia
"Former US defense contractor exec Peter Williams pled guilty to stealing trade secrets and selling cyber exploits to a Russian broker, per the US DOJ."
TLP1 : Green
-
Russian hackers, likely linked to Sandworm, exploit legitimate tools against Ukrainian targets
"Russian actors, likely linked to Sandworm, targeted Ukrainian firms using LotL tactics and dual-use tools to steal data and stay hidden, says Symantec and Carbon Black."
TLP1 : Green
-
Major US Telecom Backbone Firm Hacked by Nation-State Actors
"Ribbon Communications provides technology for communications networks and its customers include the US government and major telecom firms."
TLP1 : Green
Breaches: Data Breaches and Hacks
-
Canada says hacktivists breached water and energy facilities
"The Canadian Centre for Cyber Security warned today that hacktivists have breached critical infrastructure systems multiple times across the country, allowing them to modify industrial controls that could have led to dangerous conditions."
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits
-
Attackers exploiting WSUS vulnerability drop Skuld infostealer (CVE-2025-59287)
"Attackers have been spotted exploiting the recently patched WSUS vulnerability (CVE-2025-59287) to deploy infostealer malware on unpatched Windows servers."
TLP1 : Green
-
Chromium flaw crashes Chrome, Edge, Atlas: Researcher publishes exploit after Google’s silence
"The vulnerability, dubbed Brash, can crash browsers within seconds by flooding the document.title API, and Google’s silence raises questions about its disclosure process."
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
Rethinking identity security in the age of autonomous AI agents
"The rise of autonomous AI agents is challenging the very foundation of enterprise security. These systems don’t just follow static workflows or code. They make independent decisions, take actions across systems, and in many cases, do so without human oversight."
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
Suspected Nation-State Threat Actor Uses New Airstalk Malware in a Supply Chain Attack
"We have discovered a new Windows-based malware family we've named Airstalk, which is available in both PowerShell and .NET variants. We assess with medium confidence that a possible nation-state threat actor used this malware in a likely supply chain attack. We have created the threat activity cluster CL-STA-1009 to identify and track any further related activity."
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.