SecurityWeek Briefing.

"Mikko Hypponen leaves anti-malware industry to fight against drones."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 03 June 2025, 1537 UTC.

Content and Source:  "Security Week Briefing" via email subscription from https://feedly.com.

https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Ffeeds.feedburner.com%2FSecurityweek

Please check email link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

SecurityWeek

88K followers39 articles per week

#security#tech

51

Today

Mikko Hypponen Leaves Anti-Malware Industry to Fight Against Drones

by SecurityWeek News / 56min

Mikko Hypponen has joined the Finnish anti-drone company Sensofusion as Chief Research Officer after three decades of fighting malware. The post appeared first on SecurityWeek .

Why Scamming Can’t Be Stopped—But It Can Be Managed

by Kevin Townsend / 1h

With crime-as-a-service lowering the barrier to entry and prosecution lagging behind, enterprise security teams must rethink their strategies to detect and disrupt scams at scale. The post appeared first on SecurityWeek .

1,000 Instantel Industrial Monitoring Devices Possibly Exposed to Hacking

3 TTPs

•

by Eduard Kovacs / 1h

A critical command execution vulnerability has been found by a researcher in Instantel Micromate monitoring units. The post appeared first on SecurityWeek .

Zero Networks Raises $55 Million for Microsegmentation Solution

Zero Networks raises 55M Series C

•

by Ionut Arghire / 2h

Microsegmentation provider Zero Networks has raised $55 million in a Series C funding round led by Highland Europe. The post appeared first on SecurityWeek .

MainStreet Bank Data Breach Impacts Customer Payment Cards

2 TTPs

•

by Ionut Arghire / 3h

•

MainStreet Bancshares reports data breach

The incident occurred in March and impacted the personally identifiable information of approximately 4.65% of MainStreet Bancshares’ customers. The post appeared first on SecurityWeek .

Over 30 Vulnerabilities Patched in Android

by Eduard Kovacs / 3h

The latest Android updates fix vulnerabilities in Runtime, Framework, System, and third-party components of the mobile OS. The post appeared first on SecurityWeek .

Australia Enforces Ransomware Payment Reporting

Australia enforces ransomware payment reporting

•

by Ionut Arghire / 4h

Covered organizations in Australia are now required to report ransomware and other cyber extortion payments within three days. The post appeared first on SecurityWeek .

Yesterday

Google Researchers Find New Chrome Zero-Day

Execution (Enterprise TA0002)

•

by Ionut Arghire / 6h

•

CVE-2025-5419

Reported by the Google Threat Analysis Group, the vulnerability might have been exploited by commercial spyware. The post appeared first on SecurityWeek .

Microsoft, CrowdStrike Lead Effort to Map Threat Actor Names

CrowdStrike Microsoft unify cyber threat

•

by Eduard Kovacs / 7h

Microsoft and CrowdStrike are running a project that aims to align threat actor names, and Google and Palo Alto Networks will also contribute. The post appeared first on SecurityWeek .

Cartier Data Breach: Luxury Retailer Warns Customers That Personal Data Was Exposed

Impact (Enterprise TA0040)

•

by SecurityWeek News / 18h

Luxury brand Cartier disclosed a data breach in which an unauthorized party gained access to its systems and obtained some client information. The post appeared first on SecurityWeek .

Cryptojackers Caught Mining Monero via Exposed DevOps Infrastructure

14 TTPs

•

by Ryan Naraine / 23h

Cryptocurrency mining operation hits exposed Consul dashboards, Docker Engine APIs and Gitea code-hosting instances to push Monero miner. The post appeared first on SecurityWeek .

Qualcomm Flags Exploitation of Adreno GPU Flaws, Urges OEMs to Patch Urgently

by Ryan Naraine / 1d

Chipmaker says there are indications from Google Threat Analysis Group that a trio of flaws “may be under limited, targeted exploitation.” The post appeared first on SecurityWeek .

vBulletin Vulnerability Exploited in the Wild

4 TTPs

•

by Eduard Kovacs / 1d

•

Critical vBulletin vulnerabilities exploited

Exploitation of the vBulletin vulnerability tracked as CVE-2025-48827 and CVE-2025-48828 started shortly after disclosure. The post appeared first on SecurityWeek .

Chrome to Distrust Chunghwa Telecom and Netlock Certificates

by Ionut Arghire / 1d

Patterns of concerning behavior led Google to remove trust in certificates from Chunghwa Telecom and Netlock from Chrome. The post appeared first on SecurityWeek .

Alleged Conti, TrickBot Gang Leader Unmasked

3 TTPs

•

by Ionut Arghire / 1d

•

Germany identifies TrickBot leader Kovalev

Russian national Vitaly Nikolaevich Kovalev is believed to be the leader of the Conti and TrickBot cybercrime groups. The post appeared first on SecurityWeek .

Jun 1, 2025

Technical Details Published for Critical Cisco IOS XE Vulnerability

by Ionut Arghire / 1d

The critical flaw, tracked as CVE-2025-20188 (CVSS score of 10/10), allows attackers to execute arbitrary code remotely. The post appeared first on SecurityWeek .

Counter Antivirus Service AVCheck Shut Down by Law Enforcement

10 TTPs

•

by Ionut Arghire / 1d

•

AVCheck shut down by police

Counter antivirus services such as AVCheck allow cybercriminals to test whether their malware is detected by antivirus products. The post appeared first on SecurityWeek .

US Government Is Investigating Messages Impersonating Trump’s Chief of Staff, Susie Wiles

White House staff contacts hacked

•

by Associated Press / 1d

Elected officials, business executives and other prominent figures in recent weeks received messages from someone impersonating Susie Wiles. The post appeared first on SecurityWeek .

In Other News: PoC for Fortinet Bug, AI Model Subverts Shutdown, RAT Source Code Leaked

7 TTPs

•

by SecurityWeek News / 1d

Noteworthy stories that might have slipped under the radar: simple PoC code released for Fortinet zero-day, OpenAI O3 disobeys shutdown orders, source code of SilverRAT emerges online. The post appeared first on SecurityWeek .

May 30, 2025

CISA Releases Guidance on SIEM and SOAR Implementation

Governments advocate for SIEM SOAR adoption

•

by Ionut Arghire / 3d

The guidance outlines the benefits and challenges or SIEM and SOAR platforms, and shares implementation recommendations. The post appeared first on SecurityWeek .

Firebase, Google Apps Script Abused in Fresh Phishing Campaigns

15 TTPs

•

by Ionut Arghire / 4d

•

Hackers exploit Google Apps Script

Security researchers flag two phishing campaigns abusing Firebase and Google Apps Script to host malware and fake login pages. The post appeared first on SecurityWeek .

US Sanctions Philippine Company for Supporting Crypto Scams

US sanctions Funnull Technology for scams

•

by Ionut Arghire / 4d

The US Treasury Department US has slapped sanctions on Funnull Technology for providing support to cryptocurrency investment scams. The post appeared first on SecurityWeek .

Chinese Hacking Group APT41 Exploits Google Calendar to Target Governments

12 TTPs

•

by Ionut Arghire / 4d

•

Chinese hackers exploit Google Calendar

China-linked hackers used a compromised government site to target other government entities with the ToughProgress malware that uses an attacker-controlled Google Calendar for C&C. The post appeared first on SecurityWeek .

MITRE Publishes Post-Quantum Cryptography Migration Roadmap

PQC Coalition releases migration roadmap

•

by Mike Lennon / 4d

The roadmap provides an overview of four key stages of the migration process, namely preparation, baseline understanding, planning and execution, and monitoring and evaluation. The post appeared first on SecurityWeek .

ConnectWise Discloses Suspected State-Sponsored Hack

3 TTPs

•

by Ionut Arghire / 4d

The IT software provider says ScreenConnect users were impacted by the attack, which exploited a high-severity ASP.NET vulnerability. The post appeared first on SecurityWeek .

May 29, 2025

Chinese Hacking Group ‘Earth Lamia’ Targets Multiple Industries

13 TTPs

•

by Ionut Arghire / 4d

Active since at least 2023, the hacking group has been targeting the financial, government, IT, logistics, retail, and education sectors. The post appeared first on SecurityWeek .

Unbound Raises $4 Million to Secure Gen-AI Adoption

Unbound secures 4M seed funding

•

by Ionut Arghire / 4d

Security startup Unbound has raised $4 million in funding to help organizations adopt generative-AI tools securely and responsibly. The post appeared first on SecurityWeek .

GreyNoise Flags 9,000 ASUS Routers Backdoored Via Patched Vulnerability

7 TTPs

•

by Ryan Naraine / 5d

•

CVE-2023-39780

Professional hackers have built a network of ASUS routers that can survive firmware upgrades, factory reboots and most anti-malware scans. The post appeared first on SecurityWeek .

Victoria’s Secret Website Taken Offline After Cyberattack

Impact (Enterprise TA0040)

•

by Ionut Arghire / 5d

Website remains offline following suspected cyber incident, as experts warn of escalating threats targeting major retailers The post appeared first on SecurityWeek .

Adidas Data Breach Linked to Third-Party Vendor

3 TTPs

•

by Ionut Arghire / 5d

•

Adidas suffers consumer data breach

Adidas said hackers accessed a “third-party customer service provider” and stole customer information. The post appeared first on SecurityWeek .

Watch Now: Why Context is a Secret Weapon in Application Security Posture Management

by SecurityWeek News / 5d

Join the live webinar to understand why data in itself is not enough to make informed decisions for prioritization. The post appeared first on SecurityWeek .

May 28, 2025

Beyond GenAI: Why Agentic AI Was the Real Conversation at RSA 2025

by Marc Solomon / 5d

Agentic AI can be a great tool for many of the ‘gray area’ tasks that SOC analysts undertake. The post appeared first on SecurityWeek .

MATLAB Maker MathWorks Recovering From Ransomware Attack

MathWorks suffers ransomware attack

•

by Ionut Arghire / 5d

The incident impacted multiple web and mobile applications, licensing services, downloads and online store, website, wiki, MathWorks accounts, and other services. The post appeared first on SecurityWeek .

364,000 Impacted by Data Breach at LexisNexis Risk Solutions

LexisNexis data breach exposes 364K

•

by Ionut Arghire / 5d

Data broker giant LexisNexis Risk Solutions says personal information was stolen from 364,000 people in a December 2024 data breach. The post appeared first on SecurityWeek .

Czech Government Condemns Chinese Hack on Critical Infrastructure

EU threatens China over cyberattacks

•

by Ryan Naraine / 5d

The Czech government issues a blunt warning to China after APT31 hackers linked to intrusion at critical infrastructure network. The post appeared first on SecurityWeek .

Cerby Raises $40 Million for Identity Automation Platform

Cerby raises 40M for identity security

•

by Ionut Arghire / 6d

Identity security automation platform Cerby has raised $40 million in Series B funding to scale operations. The post appeared first on SecurityWeek .

Vietnamese Hackers Distribute Malware via Fake AI-Themed Websites

17 TTPs

•

by Ionut Arghire / 6d

•

AI scams exploit user trust

Mandiant warns that a Vietnamese hacking group tracked as UNC6032 is distributing malware via fake AI video generator websites. The post appeared first on SecurityWeek .

OneDrive Gives Web Apps Full Read Access to All Files

by Kevin Townsend / 6d

Security researchers warn that OneDrive’s file sharing tool may grant third-party web apps access to all your files—not just the one you choose to upload. The post appeared first on SecurityWeek .

Chrome 137, Firefox 139 Patch High-Severity Vulnerabilities

2 TTPs

•

by Ionut Arghire / 6d

Google and Mozilla released patches for Chrome and FireFox to address a total of 21 vulnerabilities between the two browsers, including three rated high severity. The post appeared first on SecurityWeek .

Vulnerabilities in CISA KEV Are Not Equally Critical: Report

by Ionut Arghire / 6d

New report says organizations should always consider environmental context when assessing the impact of vulnerabilities in CISA KEV catalog. The post appeared first on SecurityWeek .

May 27, 2025

The Root of AI Hallucinations: Physics Theory Digs Into the ‘Attention’ Flaw

by Kevin Townsend / 6d

Physicist Neil Johnson explores how fundamental laws of nature could explain why AI sometimes fails—and what to do about it. The post appeared first on SecurityWeek .

$223 Million Stolen in Cetus Protocol Hack

2 TTPs

•

by Ionut Arghire / 6d

•

Sui Network surpasses 2.1B TVL

Hackers exploited a vulnerability in Cetus Protocol, a liquidity provider on the SUI blockchain. The post appeared first on SecurityWeek .

Zscaler to Acquire MDR Specialist Red Canary

Zscaler acquires Red Canary

•

by SecurityWeek News / 6d

Zscaler signals a big push into the security-operations market with the announcement of plans to buy Denver-based Red Canary. The post appeared first on SecurityWeek .

Iranian Man Pleads Guilty to Role in Baltimore Ransomware Attack

Iranian man pleads guilty ransomware

•

by SecurityWeek News / 6d

Sina Gholinejad pleaded guilty to computer-fraud and wire-fraud-conspiracy charges linked to the Robbinhood ransomware hit on Baltimore. The post appeared first on SecurityWeek .

DragonForce Ransomware Hackers Exploiting SimpleHelp Vulnerabilities

3 TTPs

•

by Ionut Arghire / 7d

•

DragonForce ransomware targets MSPs via

Sophos warns that a DragonForce ransomware operator chained three vulnerabilities in SimpleHelp to target a managed service provider. The post appeared first on SecurityWeek .

Russian Government Hackers Caught Buying Passwords from Cybercriminals

12 TTPs

•

by Ryan Naraine / 7d

•

Russian hackers breach NGOs using phishing

Microsoft flags a new Kremlin hacking team buying stolen usernames and passwords from infostealer markets for use in cyberespionage attacks. The post appeared first on SecurityWeek .

Ongoing Campaign Uses 60 NPM Packages to Steal Data

9 TTPs

•

by Ionut Arghire / 7d

•

Malicious npm packages target JavaScript

Security firm Socket warns flags a campaign targeting NPM users with tens of malicious packages that can hijack system information. The post appeared first on SecurityWeek .

Dutch Intelligence Agencies Say Russian Hackers Stole Police Data in Cyberattack

Collection (Enterprise TA0009)

•

by Associated Press / 7d

•

Russian hackers target NATO and police

The agencies said that the group, which they called Laundry Bear, is actively trying to steal sensitive data from EU and NATO countries and is “extremely likely Russian state supported.” The post appeared first on SecurityWeek .

Inside the $111 Billion Cloud Security Market: Acquisition, Expansion, and Where to Aim Next

by Kevin Townsend / 7d

As cloud security spending surges to $111 billion, new data highlights Microsoft's dominance, the U.S. market's outsized role, and Google's strategic acquisition of Wiz. The post appeared first on SecurityWeek .

Law Firms Warned of Silent Ransom Group Attacks

7 TTPs

•

by Ionut Arghire / 7d

•

FBI warns law firms of cyberattacks

The FBI warns US law firms that the Silent Ransom Group (SRG) has been constantly targeting the legal industry. The post appeared first on SecurityWeek .