InfoSec News 20250711
Top News
-
Fake Gaming and AI Firms Push Malware on Cryptocurrency Users via Telegram and Discord
"Cryptocurrency users are the target of an ongoing social engineering campaign that employs fake startup companies to trick users into downloading malware that can drain digital assets from both Windows and macOS systems."
TLP1 : Green
-
Browser extensions turn nearly 1 million browsers into website-scraping bots
"Extensions load unknown sites into invisible Windows. What could go wrong?"
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
Russian pro basketball player arrested for alleged role in ransomware attacks
"Russian professional basketball player Daniil Kasatkin was arrested in France at the request of the United States for allegedly acting as a negotiator for a ransomware gang."
TLP1 : Green
-
Four arrested in UK over M&S, Co-op, Harrods cyberattacks
"The UK's National Crime Agency (NCA) arrested four people suspected of being involved in cyberattacks on major retailers in the country, including Marks & Spencer, Co-op, and Harrods."
TLP1 : Green
-
MPs Warn of “Significant” Iranian Cyber-Threat to UK
"Iranian threat actors pose a major threat to the UK, especially its petrochemical, utilities and finance sectors, a new parliamentary report has warned."
TLP1 : Green
Breaches: Data Breaches and Hacks
-
Pierce County, WA libraries notify 336K people of data breach
"The Pierce County Library System this week confirmed it notified 336,826 people of an April 2025 data breach that compromised names and dates of birth."
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits
-
Asus and Adobe vulnerabilities
"Cisco Talos’ Vulnerability Discovery & Research team recently disclosed two vulnerabilities each in Asus Armoury Crate and Adobe Acrobat products."
TLP1 : Green
-
AMD warns of new Meltdown, Spectre-like bugs affecting CPUs
"Low-severity bugs but infosec pros claim they are a 'critical' overall threat – patch accordingly"
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
Anatomy of a Scattered Spider attack: A growing ransomware threat evolves
"The cybercriminal group has broadened its attack scope across several new industries, bringing valid credentials to bear on help desks before leveraging its new learnings of cloud intrusion tradecraft to set the stage for ransomware."
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
Evolving Tactics of SLOW#TEMPEST: A Deep Dive Into Advanced Malware Techniques
"In late 2024, we discovered a malware variant related to the SLOW#TEMPEST campaign. In this research article, we explore the obfuscation techniques employed by the malware authors. We deep dive into these malware samples and highlight methods and code that can be used to detect and defeat the obfuscation techniques."
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.