DXS International, an official partner of NHS England, said the breach has not affected its operations This article has been indexed from www.infosecurity-magazine.com Read the original article: UK: NHS Supplier Confirms Cyber-Attack, Operations Unaffected
IT Security News Hourly Summary 2025-12-22 12h : 10 posts
10 posts were published in the last hour 11:3 : Now Admins Can Block External Users in Microsoft Teams From Defender Portal 11:3 : 125,000 IPs WatchGuard Firebox Devices Exposed to Internet Vulnerable to 0-day RCE Attacks 11:2 : Hackers…
Now Admins Can Block External Users in Microsoft Teams From Defender Portal
Microsoft is set to enhance the security integration between Microsoft Teams and Microsoft Defender for Office 365 with a new feature rolling out next month. According to a new notification in the Microsoft 365 Message Center (MC1200058), security administrators will…
125,000 IPs WatchGuard Firebox Devices Exposed to Internet Vulnerable to 0-day RCE Attacks
The Shadowserver Foundation identified approximately 125,000 WatchGuard Firebox firewall devices worldwide at risk due to a critical vulnerability actively exploited. The flaw, tracked as CVE-2025-14733, enables unauthenticated remote attackers to execute arbitrary code on unpatched devices with minimal effort. The…
Hackers Using Phishing Tools to Access M365 Accounts via OAuth Device Code
Threat actors are now targeting Microsoft 365 accounts using a growing attack method known as OAuth device code phishing. This technique takes advantage of the OAuth 2.0 device authorization flow, a legitimate Microsoft feature designed for devices with limited input…
Multiple Exim Server Vulnerabilities Let Attackers Seize Control of the Server
Security researchers at the National Institute of Standards and Technology (NIST) have uncovered critical security flaws in the Exim mail server. That could allow remote attackers to take complete control of vulnerable systems. The vulnerabilities affect Exim version 4.99 when…
Ukrainian Nefilim Ransomware Affiliate Pleads Guilty in US
Artem Stryzhak pleaded guilty to conspiracy to commit computer fraud after he was extradited earlier this year. The post Ukrainian Nefilim Ransomware Affiliate Pleads Guilty in US appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
9 MFA Mistakes in Manufacturing IT and Fixes
Discover the most common MFA mistakes in manufacturing IT and learn practical fixes to improve security, uptime, and authentication on factory floors. The post 9 MFA Mistakes in Manufacturing IT and Fixes appeared first on Security Boulevard. This article has…
15 Best Passwordless Authentication Solutions in 2026
Compare the 15 best passwordless authentication solutions for 2026. Explore features, pricing, use cases, and how to choose the right tool. The post 15 Best Passwordless Authentication Solutions in 2026 appeared first on Security Boulevard. This article has been indexed…
10 Best Multi-Factor Authentication Solutions in 2026
Explore the 10 best MFA solutions in 2026. Compare features, pricing, pros, cons, and find the right multi-factor authentication tool for your business. The post 10 Best Multi-Factor Authentication Solutions in 2026 appeared first on Security Boulevard. This article has…
DIG AI: Uncensored darknet AI assistant at the service of criminals and terrorists
Resecurity has identified the emergence of uncensored darknet AI assistants, enabling threat actors to leverage advanced data processing capabilities for malicious purposes. One of these – DIG AI – was identified on September 29 of this year and has already…
Nefilim Ransomware Affiliate Pleads Guilty
A Ukrainian man has pleaded guilty to charges connecting him to Nefilim ransomware attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: Nefilim Ransomware Affiliate Pleads Guilty
Advent Of Configuration Extraction – Part 4: Turning capa Into A Configuration Extractor For TinyShell variant
In the third part of our series ‘Advent of Configuration Extraction’, we dissect a lightweight Linux backdoor, that is derived from an open-source backdoor called TinySHell. It is designed to provide silent, persistent remote access to compromised servers. The malware…
University of Sydney discloses a data breach impacting 27,000 people
Hackers stole personal data of about 27,500 people from the University of Sydney after accessing an online code library, the university confirmed. The University of Sydney disclosed a data breach in which threat actors accessed an online code library and…
WatchGuard Patches Firebox Zero-Day Exploited in the Wild
The critical-severity bug in the Fireware OS’s iked process leads to unauthenticated remote code execution. The post WatchGuard Patches Firebox Zero-Day Exploited in the Wild appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
574 arrests, $3 million recovered in Africa-wide cybercrime crackdown
Law enforcement agencies across 19 countries arrested 574 suspects and recovered approximately $3 million during a major cybercrime operation spanning Africa. Suspects were arrested in Ghana in connection to the cyber-fraud case, with over 100 digital devices seized. (Source: Europol)…
Docker makes hardened images free open and transparent for everyone
Docker has made its open source Docker Hardened Images project available at no cost for every developer and organization. The catalog contains more than 1,000 container images built on open source distributions such as Debian and Alpine and is released…
UK Government Acknowledges It Is Investigating Cyber Incident After Media Reports
The British government is investigating a “cyber incident” following news reports that hackers linked to China have gained access to thousands of confidential documents. The post UK Government Acknowledges It Is Investigating Cyber Incident After Media Reports appeared first on…
Why Networking Is Your Secret Weapon in Cybersecurity Job Hunting
In this episode, Tom Eston discusses the unique challenges in the current cybersecurity job market, emphasizing the importance of networking. Tom provides practical tips on how to enhance networking skills, such as attending conferences, volunteering for open source projects, creating…
Scripted Sparrow Sends Millions of BEC Emails Each Month
Fortra has uncovered a prolific BEC group dubbed “Scripted Sparrow” spanning three continents and at least five countries This article has been indexed from www.infosecurity-magazine.com Read the original article: Scripted Sparrow Sends Millions of BEC Emails Each Month
Data Authorities Probe Trade Union Breach
Authorities to probe June breach of trade union Prospect Custodian Trustees in which sensitive data may have been compromised This article has been indexed from Silicon UK Read the original article: Data Authorities Probe Trade Union Breach
Threat Actors are Hiring Insiders in Banks, Telecoms, and Tech from $3,000 to $15,000 for Access or Data
Cyber criminals are changing their tactics by recruiting insiders within organizations instead of relying on traditional attack methods like brute force or social engineering. Recent findings show that employees in banks, telecom companies, and technology firms are being approached through…
ByteDance AI Models Show Tenfold Growth This Year
Doubao models from TikTok parent ByteDance see more than tenfold growth over December 2024, as China pushes expansion of AI economy This article has been indexed from Silicon UK Read the original article: ByteDance AI Models Show Tenfold Growth This…
A week in security (December 15 – December 21)
A list of topics we covered in the week of December 15 to December 21 of 2025 This article has been indexed from Malwarebytes Read the original article: A week in security (December 15 – December 21)