SecurityWeek Briefing.

"CISA releases guidance on SIEM and SOAR implementation."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 30 May 2025, 2356 UTC.

Content and Source:  "SecurityWeek Briefing."

Content via email subscription to http://feedly.com.

 https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Ffeeds.feedburner.com%2FSecurityweek

Please check email link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

SecurityWeek

88K followers40 articles per week

#security#tech

32

Today

CISA Releases Guidance on SIEM and SOAR Implementation

Governments advocate for SIEM SOAR adoption

•

by Ionut Arghire / 3h

The guidance outlines the benefits and challenges or SIEM and SOAR platforms, and shares implementation recommendations. The post appeared first on SecurityWeek .

Firebase, Google Apps Script Abused in Fresh Phishing Campaigns

15 TTPs

•

by Ionut Arghire / 8h

•

Hackers exploit Google Apps Script

Security researchers flag two phishing campaigns abusing Firebase and Google Apps Script to host malware and fake login pages. The post appeared first on SecurityWeek .

US Sanctions Philippine Company for Supporting Crypto Scams

US sanctions Funnull Technology for scams

•

by Ionut Arghire / 9h

The US Treasury Department US has slapped sanctions on Funnull Technology for providing support to cryptocurrency investment scams. The post appeared first on SecurityWeek .

Chinese Hacking Group APT41 Exploits Google Calendar to Target Governments

12 TTPs

•

by Ionut Arghire / 12h

•

Chinese hackers exploit Google Calendar

China-linked hackers used a compromised government site to target other government entities with the ToughProgress malware that uses an attacker-controlled Google Calendar for C&C. The post appeared first on SecurityWeek .

MITRE Publishes Post-Quantum Cryptography Migration Roadmap

PQC Coalition releases migration roadmap

•

by Mike Lennon / 12h

The roadmap provides an overview of four key stages of the migration process, namely preparation, baseline understanding, planning and execution, and monitoring and evaluation. The post appeared first on SecurityWeek .

ConnectWise Discloses Suspected State-Sponsored Hack

3 TTPs

•

by Ionut Arghire / 13h

The IT software provider says ScreenConnect users were impacted by the attack, which exploited a high-severity ASP.NET vulnerability. The post appeared first on SecurityWeek .

Yesterday

Chinese Hacking Group ‘Earth Lamia’ Targets Multiple Industries

13 TTPs

•

by Ionut Arghire / 1d

Active since at least 2023, the hacking group has been targeting the financial, government, IT, logistics, retail, and education sectors. The post appeared first on SecurityWeek .

Unbound Raises $4 Million to Secure Gen-AI Adoption

Unbound secures 4M seed funding

•

by Ionut Arghire / 1d

Security startup Unbound has raised $4 million in funding to help organizations adopt generative-AI tools securely and responsibly. The post appeared first on SecurityWeek .

GreyNoise Flags 9,000 ASUS Routers Backdoored Via Patched Vulnerability

7 TTPs

•

by Ryan Naraine / 1d

•

CVE-2023-39780

Professional hackers have built a network of ASUS routers that can survive firmware upgrades, factory reboots and most anti-malware scans. The post appeared first on SecurityWeek .

Victoria’s Secret Website Taken Offline After Cyberattack

Impact (Enterprise TA0040)

•

by Ionut Arghire / 1d

Website remains offline following suspected cyber incident, as experts warn of escalating threats targeting major retailers The post appeared first on SecurityWeek .

Adidas Data Breach Linked to Third-Party Vendor

3 TTPs

•

by Ionut Arghire / 1d

•

Adidas suffers consumer data breach

Adidas said hackers accessed a “third-party customer service provider” and stole customer information. The post appeared first on SecurityWeek .

Watch Now: Why Context is a Secret Weapon in Application Security Posture Management

by SecurityWeek News / 1d

Join the live webinar to understand why data in itself is not enough to make informed decisions for prioritization. The post appeared first on SecurityWeek .

May 28, 2025

Beyond GenAI: Why Agentic AI Was the Real Conversation at RSA 2025

by Marc Solomon / 1d

Agentic AI can be a great tool for many of the ‘gray area’ tasks that SOC analysts undertake. The post appeared first on SecurityWeek .

MATLAB Maker MathWorks Recovering From Ransomware Attack

MathWorks suffers ransomware attack

•

by Ionut Arghire / 2d

The incident impacted multiple web and mobile applications, licensing services, downloads and online store, website, wiki, MathWorks accounts, and other services. The post appeared first on SecurityWeek .

364,000 Impacted by Data Breach at LexisNexis Risk Solutions

LexisNexis data breach exposes 364K

•

by Ionut Arghire / 2d

Data broker giant LexisNexis Risk Solutions says personal information was stolen from 364,000 people in a December 2024 data breach. The post appeared first on SecurityWeek .

Czech Government Condemns Chinese Hack on Critical Infrastructure

EU threatens China over cyberattacks

•

by Ryan Naraine / 2d

The Czech government issues a blunt warning to China after APT31 hackers linked to intrusion at critical infrastructure network. The post appeared first on SecurityWeek .

Cerby Raises $40 Million for Identity Automation Platform

Cerby raises 40M for identity security

•

by Ionut Arghire / 2d

Identity security automation platform Cerby has raised $40 million in Series B funding to scale operations. The post appeared first on SecurityWeek .

Vietnamese Hackers Distribute Malware via Fake AI-Themed Websites

17 TTPs

•

by Ionut Arghire / 2d

•

AI scams exploit user trust

Mandiant warns that a Vietnamese hacking group tracked as UNC6032 is distributing malware via fake AI video generator websites. The post appeared first on SecurityWeek .

OneDrive Gives Web Apps Full Read Access to All Files

by Kevin Townsend / 2d

Security researchers warn that OneDrive’s file sharing tool may grant third-party web apps access to all your files—not just the one you choose to upload. The post appeared first on SecurityWeek .

Chrome 137, Firefox 139 Patch High-Severity Vulnerabilities

2 TTPs

•

by Ionut Arghire / 2d

Google and Mozilla released patches for Chrome and FireFox to address a total of 21 vulnerabilities between the two browsers, including three rated high severity. The post appeared first on SecurityWeek .

Vulnerabilities in CISA KEV Are Not Equally Critical: Report

by Ionut Arghire / 2d

New report says organizations should always consider environmental context when assessing the impact of vulnerabilities in CISA KEV catalog. The post appeared first on SecurityWeek .

May 27, 2025

The Root of AI Hallucinations: Physics Theory Digs Into the ‘Attention’ Flaw

by Kevin Townsend / 2d

Physicist Neil Johnson explores how fundamental laws of nature could explain why AI sometimes fails—and what to do about it. The post appeared first on SecurityWeek .

$223 Million Stolen in Cetus Protocol Hack

2 TTPs

•

by Ionut Arghire / 2d

•

Sui Network surpasses 2.1B TVL

Hackers exploited a vulnerability in Cetus Protocol, a liquidity provider on the SUI blockchain. The post appeared first on SecurityWeek .

Zscaler to Acquire MDR Specialist Red Canary

Zscaler acquires Red Canary

•

by SecurityWeek News / 3d

Zscaler signals a big push into the security-operations market with the announcement of plans to buy Denver-based Red Canary. The post appeared first on SecurityWeek .

Iranian Man Pleads Guilty to Role in Baltimore Ransomware Attack

Iranian man pleads guilty ransomware

•

by SecurityWeek News / 3d

Sina Gholinejad pleaded guilty to computer-fraud and wire-fraud-conspiracy charges linked to the Robbinhood ransomware hit on Baltimore. The post appeared first on SecurityWeek .

DragonForce Ransomware Hackers Exploiting SimpleHelp Vulnerabilities

3 TTPs

•

by Ionut Arghire / 3d

•

DragonForce ransomware targets MSPs via

Sophos warns that a DragonForce ransomware operator chained three vulnerabilities in SimpleHelp to target a managed service provider. The post appeared first on SecurityWeek .

Russian Government Hackers Caught Buying Passwords from Cybercriminals

12 TTPs

•

by Ryan Naraine / 3d

•

Russian hackers breach NGOs using phishing

Microsoft flags a new Kremlin hacking team buying stolen usernames and passwords from infostealer markets for use in cyberespionage attacks. The post appeared first on SecurityWeek .

Ongoing Campaign Uses 60 NPM Packages to Steal Data

9 TTPs

•

by Ionut Arghire / 3d

•

Malicious npm packages target JavaScript

Security firm Socket warns flags a campaign targeting NPM users with tens of malicious packages that can hijack system information. The post appeared first on SecurityWeek .

Dutch Intelligence Agencies Say Russian Hackers Stole Police Data in Cyberattack

Collection (Enterprise TA0009)

•

by Associated Press / 3d

•

Russian hackers breach Dutch police

The agencies said that the group, which they called Laundry Bear, is actively trying to steal sensitive data from EU and NATO countries and is “extremely likely Russian state supported.” The post appeared first on SecurityWeek .

Inside the $111 Billion Cloud Security Market: Acquisition, Expansion, and Where to Aim Next

by Kevin Townsend / 3d

As cloud security spending surges to $111 billion, new data highlights Microsoft's dominance, the U.S. market's outsized role, and Google's strategic acquisition of Wiz. The post appeared first on SecurityWeek .

Law Firms Warned of Silent Ransom Group Attacks

7 TTPs

•

by Ionut Arghire / 3d

•

FBI warns law firms of cyberattacks

The FBI warns US law firms that the Silent Ransom Group (SRG) has been constantly targeting the legal industry. The post appeared first on SecurityWeek .

May 25, 2025

Nova Scotia Power Confirms Ransomware Attack, 280k Notified of Data Breach

Collection (Enterprise TA0009)

•

by Eduard Kovacs / 4d

•

Nova Scotia Power data breach confirmed

Nova Scotia Power has finally admitted that the recent cyberattack was a ransomware attack, but it hasn’t paid the hackers. The post appeared first on SecurityWeek .

End of feed