Cybersecurity
Microsoft warns of payroll pirate scam targeting university employees
October 11, 2025 በAI የተዘገበ
Microsoft has alerted organizations to a phishing campaign dubbed 'Payroll Pirate' that compromises Workday accounts to divert employee paychecks. The scam, active since March 2025, has affected accounts at multiple universities. Attackers use sophisticated tactics to bypass multi-factor authentication and hide their changes.
Microsoft announces premium 365 features and security store
October 04, 2025 በAI የተዘገበ
Microsoft has unveiled Microsoft 365 Premium, a new subscription tier with advanced AI capabilities, alongside the launch of the Microsoft Security Store, an online marketplace for security solutions. These announcements aim to enhance productivity and cybersecurity for businesses. The moves come as part of Microsoft's ongoing push into AI-integrated services.
Android spyware disguises itself as signal or totok updates
Cybersecurity researchers have uncovered a new strain of Android spyware that masquerades as legitimate updates for popular messaging apps Signal and Totok. The malware aims to trick users into installing it, potentially compromising their devices and data. Experts urge Android users to verify app sources to avoid falling victim.
Cl0p ransomware group claims breach of Oracle E-Business Suite
October 03, 2025 በAI የተዘገበ
The Cl0p ransomware group has claimed responsibility for hacking Oracle's E-Business Suite, asserting that it stole sensitive data from companies using the application. The hackers are now notifying affected victims and demanding ransoms to prevent data leaks. Oracle has not yet confirmed the breach.
Cisco firewalls face widespread vulnerability risk
Security researchers have identified a critical vulnerability affecting around 50,000 Cisco firewalls worldwide. The flaw could allow attackers to execute arbitrary code remotely. Cisco has urged users to patch immediately to mitigate the threat.
CISA adds Oracle and other flaws to exploited vulnerabilities catalog
The U.S. Cybersecurity and Infrastructure Security Agency has added vulnerabilities from Oracle, Mozilla, Microsoft Windows, Linux Kernel, and Microsoft Internet Explorer to its Known Exploited Vulnerabilities catalog. This action requires federal agencies to address these flaws by October 27, 2025, to mitigate risks from ongoing exploits. Among the additions is a critical Oracle vulnerability recently patched after exploitation by ransomware actors.
UK tribunal orders Apple to hand over iCloud data
October 04, 2025 በAI የተዘገበ
A UK tribunal has ruled that Apple must provide access to iCloud data for law enforcement purposes, prompting strong disapproval from the company. The decision revives concerns over encryption backdoors and user privacy in the digital age. Apple has described the order as a significant setback for data protection.
Kali Linux 2025.3 releases Gemini CLI for automated pentesting
October 07, 2025 በAI የተዘገበ
The latest Kali Linux update, version 2025.3, introduces Gemini CLI, an open-source tool that integrates Google's Gemini AI into the terminal. This innovation automates penetration testing tasks like reconnaissance and vulnerability scanning using natural language prompts. Security professionals can now streamline workflows while maintaining control over assessments.
North Korean hackers steal record $2 billion in cryptocurrency
Researchers estimate that hackers linked to North Korea have stolen more than $2 billion in cryptocurrency so far in 2025, marking a record for the regime. This activity now represents about 13% of the country's GDP, according to United Nations figures. The funds are believed to support North Korea's nuclear and missile programs.
Power plant in Karlskrona hit by cyberattack
October 04, 2025 በAI የተዘገበ
A combined heat and power plant in Karlskrona, known as Mältan, suffered a cyberattack that disrupted operations overnight. Police are investigating the incident as a suspected IT crime. The plant supplies district heating and electricity to the area.