threats

UK Launches Hybrid Fighting Force to Secure Undersea Cables

UK enhances undersea cable defenses with autonomous vessels and warships due to rising Russian surveillance. The Atlantic Bastion program aims to secure vital underwater infrastructure against threats, utilizing AI and advanced technologies. The initiative, supported by major defense firms, may create thousands of jobs, addressing national connectivity vulnerabilities.

https://www.theregister.com/2025/12/08/uk_subsea_cables_defense/

The Hidden Cascade: Why Law Firm Breaches Destroy More Than Data

Law firms face significant cyberattack risks, with 20% targeted in the past year and average breach costs exceeding $5 million. Attackers are increasingly sophisticated, using tactics that can undermine client privilege and expose sensitive data, especially relating to M&A deals. Current security assessments overlook law firms, leaving businesses vulnerable. The article advocates treating these firms like high-risk technology vendors, proposing specific security measures to mitigate risks associated with data breaches in professional services.

https://www.recordedfuture.com/blog/the-hidden-cascade

New Wave of VPN Login Attempts Targets Palo Alto GlobalProtect Portals

New attacks targeting Palo Alto GlobalProtect VPN portals began on December 2, involving 7,000 IPs from German company 3xK GmbH. Initial brute-force attempts on GlobalProtect led to scanning SonicWall API endpoints. GreyNoise reports the attacker used previous fingerprints, generating millions of HTTP sessions. Both activities are attributed to the same actor, posing credential-based threats but not exploiting software vulnerabilities. Palo Alto recommends enforcing Multi-Factor Authentication (MFA) for protection.

https://www.bleepingcomputer.com/news/security/new-wave-of-vpn-login-attempts-targets-palo-alto-globalprotect-portals/

CISA Warns iPhone And Android Users — Secure Your Smartphone Now

CISA and UK security agencies warn smartphone users of rising cyber threats, particularly via spyware targeting messaging apps. They recommend iPhone and Android owners immediately apply strict security measures: enable advanced device modes, use only trustworthy services, restrict app permissions, and keep devices and apps up to date. Both agencies caution against using personal VPNs due to the risk of malware and poor privacy from many VPN providers. Official app stores are the safest place to get apps. Additional advice includes using strong passwords, enabling device tracking, and avoiding unknown Wi-Fi networks unless necessary.

https://www.forbes.com/sites/daveywinder/2025/11/28/cisa-warns-iphone-and-android-users—secure-your-smartphone-now/

Technology Protects Retailers, Issuers, and Consumers From CNP Fraud

Card-not-present (CNP) fraud significantly impacts merchants, especially in e-commerce, with most of the financial liability falling on retailers. Solutions like Safecypher’s dynamic security code use temporary CVVs visible only in secure banking apps, offering two-factor authentication at purchase and preventing unauthorized use even with stolen card details. Results from the Irish Post Office show this approach eliminated CNP fraud when adopted by customers.

https://www.marketingtechnews.net/news/cnp-fraud-foiled-by-banking-app-mfa/

The Global Retail Threat: Why Low-Risk Data Is the New High-Value Target

Retail cybersecurity has shifted focus from visibly sensitive data (like credit card info) to seemingly low-risk data (like browsing patterns and loyalty activities), which attackers now exploit for fraud and identity theft. Recent breaches highlight the dangers of underestimating such data. This evolving threat landscape, coupled with complex digital ecosystems, demands a strategic overhaul in risk assessment and data protection. Organizations must recognize that even low-risk data can lead to significant vulnerabilities and integrate cybersecurity awareness across all functions to maintain consumer trust and brand integrity.

https://www.mytotalretail.com/article/the-global-retail-threat-why-low-risk-data-is-the-new-high-value-target/

Cybersecurity Vendors Are Themselves Under Attack by Hackers, SentinelOne Says

Cybersecurity firms like SentinelOne face significant threats from hackers, including ransomware and state-sponsored attacks from China and North Korea. Despite their role in protecting clients, they are prime targets due to their access and insights into many systems. A recent report highlighted the taboo around discussing such attacks within the industry, as companies feel uncomfortable admitting vulnerabilities.

https://cyberscoop.com/cybersecurity-vendors-are-under-attack-sentinelone-says/

Malicious PyPI Package Targets E-commerce Sites With Automated Carding Script

Malicious Python package “disgrasya” on PyPI automates credit card fraud targeting WooCommerce sites. It mimics legitimate user behavior to bypass fraud detection, exfiltrating card data to attackers. With 34,000 downloads before removal, it highlights evolving cyber threats in e-commerce. Merchants are urged to enhance security against similar attacks.

https://gbhackers.com/malicious-pypi-package-targets-e-commerce-sites/

BitM Up! Session Stealing in Seconds Using the Browser-in-the-Middle Technique

TLDR: BitM attacks rapidly compromise web application sessions, bypassing MFA through social engineering. Adversaries target session tokens via tools like Evilginx2. Mandiant's Delusion tool enhances BitM efficiency, enabling session stealing with minimal prior knowledge of target authentication methods. Strong defenses, including hardware-based MFA and client certificates, are crucial to thwarting such threats. Organizations should adopt layered security measures to protect sensitive data from BitM exploits.

https://cloud.google.com/blog/topics/threat-intelligence/session-stealing-browser-in-the-middle/

Scroll to Top