Lohrman on Security
JUNE 22, 2025
What can public- and private-sector staff do to stay relevant and grow their career in the midst of AI-driven tech layoffs? Here’s a roundup of recent stories and solutions to help.
Security Affairs
JUNE 22, 2025
Qilin ransomware gang now offers a “Call Lawyer” feature to help affiliates pressure victims into paying, per Cybereason. The Qilin ransomware group is now offering legal support to its affiliates through a “Call Lawyer” feature to pressure victims into paying. This move, reported by cybersecurity firm Cybereason, shows Qilin stepping up its operations and trying to take over space left by rival cybercrime groups.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Penetration Testing
JUNE 22, 2025
The post NCSC Uncovers “UMBRELLA STAND” Malware: Stealthy Backdoor Targets Fortinet FortiGate Firewalls appeared first on Daily CyberSecurity.
Zero Day
JUNE 22, 2025
X Trending Miss out on Nintendo Switch 2 preorders? Here's how to buy one Nintendo Switch 2 revealed: Specs, pricing, release date (out now), and more official details The $700 Android phone that made me forget about my Pixel 9 Pro Best small business web hosting services of 2025 Memorial Day headphone sales 2025 Best Linux VPNs of 2025 Best online video editors of 2025 Best CRM software of 2025 Best small business CRM software of 2025 Best free website builders of 2025 Best website builder
Speaker: Erroll Amacker
Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.
WIRED Threat Level
JUNE 22, 2025
The US concentrated its attack on Fordow, an enrichment plant built hundreds of feet underground. Aerial photos give important clues about what damage the “bunker-buster” bombs may have caused.
Penetration Testing
JUNE 22, 2025
A critical cryptographic flaw in Meshtastic (CVE-2025-52464) allows message decryption and node hijacking due to duplicated/low-entropy keys.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
|
Penetration Testing
JUNE 22, 2025
The Prometei botnet is back with a stealthy Linux variant, actively mining Monero and stealing credentials. It uses DGA, custom UPX packing, and sophisticated anti-analysis techniques.
Security Boulevard
JUNE 22, 2025
Cybernews researchers reported that since the beginning of the year, they've detected 30 datasets containing 16 billion stolen credentials exposed on the internet, most of which had not been previously recorded and represent a massive trove of records that can be used in ransomware, phishing, BEC, and other attacks. The post 16 Billion Leaked Records May Not Be a New Breach, But They’re a Threat appeared first on Security Boulevard.
Penetration Testing
JUNE 22, 2025
Red Canary uncovers Mocha Manakin, a new threat group using "paste and run" social engineering to deploy NodeInitRAT, a custom NodeJS RAT with potential ransomware links.
Security Affairs
JUNE 22, 2025
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Iran confirmed it shut down internet to protect the country against cyberattacks Godfather Android trojan uses virtualization to hijack banking and crypto apps Cloudflare blocked record-breaking 7.3 Tbps DDoS attack against a hosting provider Linux
Advertisement
Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.
Penetration Testing
JUNE 22, 2025
RapperBot botnet resurfaces with 50,000+ active bots, now demanding Monero extortion to halt DDoS attacks. The self-proclaimed "rapper" malware targets IoT devices globally.
Pen Test Partners
JUNE 22, 2025
TL;DR Introduction The Content Security Policy (CSP) is a layer of security for web applications that helps detect and stop client-side attacks such as Cross-Site Scripting (XSS), Clickjacking, data exfiltration, or mixed content loading. Web applications will set a CSP in their response headers with a selection of parameters that control what the browser interprets […] The post CSP directives.
Penetration Testing
JUNE 22, 2025
A critical flaw (CVE-2025-4517, CVSS 9.4) in Python's tarfile module allows arbitrary file reads/writes outside the extraction directory.
Security Boulevard
JUNE 22, 2025
Are You Ready for the Future of Cybersecurity? Cybersecurity is not just about human identities anymore. A rising segment of digital focuses on non-human identities (NHIs) – a crucial feature in any contemporary cybersecurity strategy. But what are NHIs, and why should we be paying attention to them? Navigating the Landscape of Non-Human Identities A […] The post Feel Reassured with Advanced Secrets Scanning Technologies appeared first on Entro.
Advertisement
The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.
Penetration Testing
JUNE 22, 2025
Shadow Vector campaign uses malicious SVGs in phishing emails to deliver AsyncRAT & RemcosRAT in Colombia, leveraging advanced DLL sideloading and in-memory execution.
Security Boulevard
JUNE 22, 2025
The prolific Scattered Spider threat group, which recently targeted U.S. and UK retailers in a series of attacks, is now turning its attention to the insurance industry and appears to have landed a big victim in Aflac after compromising networks and systems of the Philadelphia Insurance and Erie Insurance companies. The post Scattered Spider Targets Aflac, Other Insurance Companies appeared first on Security Boulevard.
Penetration Testing
JUNE 22, 2025
Trend Micro reveals misconfigured Kubernetes containers in AWS EKS can expose sensitive AWS credentials via unencrypted HTTP API, leading to privilege escalation risks.
Security Boulevard
JUNE 22, 2025
Amazon Web Services (AWS) this week revealed it has added new categories for describing offerings provided by partners offering managed services security providers (MSSP) as part of an effort to ensure a more consistent customer experience. The post AWS Raises Expertise Bar for MSSP Partners appeared first on Security Boulevard.
Speaker: Sierre Lindgren
Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.
Penetration Testing
JUNE 22, 2025
North Korean APT BlueNoroff (TA444) exploited deepfakes in Zoom calls to trick a crypto foundation employee into installing custom macOS malware for digital asset theft.
Zero Day
JUNE 22, 2025
X Trending Miss out on Nintendo Switch 2 preorders? Here's how to buy one Nintendo Switch 2 revealed: Specs, pricing, release date (out now), and more official details The $700 Android phone that made me forget about my Pixel 9 Pro Best small business web hosting services of 2025 Memorial Day headphone sales 2025 Best Linux VPNs of 2025 Best online video editors of 2025 Best CRM software of 2025 Best small business CRM software of 2025 Best free website builders of 2025 Best website builder
Penetration Testing
JUNE 22, 2025
The post Confucius Group Evolves: Researcher Uncovers New Modular Backdoor “Anondoor” in Latest Espionage Campaign appeared first on Daily CyberSecurity.
Zero Day
JUNE 22, 2025
X Trending Miss out on Nintendo Switch 2 preorders? Here's how to buy one Nintendo Switch 2 revealed: Specs, pricing, release date (out now), and more official details The $700 Android phone that made me forget about my Pixel 9 Pro Best small business web hosting services of 2025 Memorial Day headphone sales 2025 Best Linux VPNs of 2025 Best online video editors of 2025 Best CRM software of 2025 Best small business CRM software of 2025 Best free website builders of 2025 Best website builder
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Penetration Testing
JUNE 22, 2025
Microsoft Family Safety is automatically blocking Google Chrome (v137.0.7151.68/69) in Windows 11. Learn why and how to manually unblock the browser.
Zero Day
JUNE 22, 2025
X Trending Miss out on Nintendo Switch 2 preorders? Here's how to buy one Nintendo Switch 2 revealed: Specs, pricing, release date (out now), and more official details The $700 Android phone that made me forget about my Pixel 9 Pro Best small business web hosting services of 2025 Memorial Day headphone sales 2025 Best Linux VPNs of 2025 Best online video editors of 2025 Best CRM software of 2025 Best small business CRM software of 2025 Best free website builders of 2025 Best website builder
Penetration Testing
JUNE 22, 2025
Cloudflare successfully mitigated a record-breaking 7.3 Tbps DDoS attack in May 2025, delivering 37.4 TB in 45 seconds with no service disruption.
Zero Day
JUNE 22, 2025
X Trending Miss out on Nintendo Switch 2 preorders? Here's how to buy one Nintendo Switch 2 revealed: Specs, pricing, release date (out now), and more official details The $700 Android phone that made me forget about my Pixel 9 Pro Best small business web hosting services of 2025 Memorial Day headphone sales 2025 Best Linux VPNs of 2025 Best online video editors of 2025 Best CRM software of 2025 Best small business CRM software of 2025 Best free website builders of 2025 Best website builder
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Penetration Testing
JUNE 22, 2025
Microsoft is purging old drivers from Windows Update, offering a cleaner experience. But will this new OEM-focused policy lead to unexpected compatibility issues?
Zero Day
JUNE 22, 2025
X Trending Miss out on Nintendo Switch 2 preorders? Here's how to buy one Nintendo Switch 2 revealed: Specs, pricing, release date (out now), and more official details The $700 Android phone that made me forget about my Pixel 9 Pro Best small business web hosting services of 2025 Memorial Day headphone sales 2025 Best Linux VPNs of 2025 Best online video editors of 2025 Best CRM software of 2025 Best small business CRM software of 2025 Best free website builders of 2025 Best website builder
Security Boulevard
JUNE 22, 2025
What can public- and private-sector staff do to stay relevant and grow their career in the midst of AI-driven tech layoffs? Here’s a roundup of recent stories and solutions to help. The post Will AI Replace You — or Promote You? How to Stay Ahead appeared first on Security Boulevard.
Penetration Testing
JUNE 22, 2025
Apple is reportedly in talks to acquire Perplexity AI, aiming to accelerate its AI search engine development and integrate generative AI into the next generation of Siri.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Expert insights. Personalized for you.
267 
Let's personalize your content