CyberSecurity Updates

25 Jul

Rogue CAPTCHAs: Look out for phony verification pages spreading malware

Information

Digital Security Before rushing to prove that you’re not a robot, be wary of deceptive human verification pages as an increasingly popular vector for delivering malware Phil Muncaster 24 Jul 2025  •  , 4 min. read Bots have got a lot to answer for. They now make up over half of all internet traffic, and while some, such as Google’s web crawlers and fetchers, have legitimate purposes, nearly two-fifths are considered malicious. Their power can…

Read More
25 Jul

ToolShell: An all-you-can-eat buffet for threat actors

Information

ESET Research ESET Research has been monitoring attacks involving the recently discovered ToolShell zero-day vulnerabilities ESET Research 24 Jul 2025  •  , 5 min. read On July 19th, 2025, Microsoft confirmed that a set of zero-day vulnerabilities in SharePoint Server called ToolShell is being exploited in the wild. ToolShell is comprised of CVE-2025-53770, a remote code execution vulnerability, and CVE‑2025‑53771, a server spoofing vulnerability. These attacks target on-premises Microsoft SharePoint servers, specifically those running SharePoint…

Read More
24 Jul

Phishers Target Aviation Execs to Scam Customers

Information, Insights

KrebsOnSecurity recently heard from a reader whose boss’s email account got phished and was used to trick one of the company’s customers into sending a large payment to scammers. An investigation into the attacker’s infrastructure points to a long-running Nigerian cybercrime ring that is actively targeting established companies in the transportation and aviation industries. Image: Shutterstock, Mr. Teerapon Tiuekhom. A reader who works in the transportation industry sent a tip about a recent successful phishing…

Read More
23 Jul

Why is your data worth so much? | Unlocked 403 cybersecurity podcast (S2E4)

Information

Behind every free online service, there’s a price being paid. Learn why your digital footprint is so valuable, and when you might actually be the product. 22 Jul 2025 Your digital footprint is more valuable than you think. It’s not just a trail of data left behind by your online activity – it’s a goldmine of sensitive data. In this episode of Unlocked 403, Becks sits down with ESET Global Security Advisor Jake Moore to…

Read More
22 Jul

Joint Advisory Issued on Protecting Against Interlock Ransomware

Attacks, Insights, Malware

CISA, in partnership with the Federal Bureau of Investigation (FBI), the Department of Health and Human Services, and the Multi-State Information Sharing and Analysis Center issued a joint Cybersecurity Advisory to help protect businesses and critical infrastructure organizations in North America and Europe against Interlock ransomware.   This advisory highlights known Interlock ransomware indicators of compromise and tactics, techniques, and procedures identified through recent FBI investigations.   Actions organizations can take today to mitigate Interlock ransomware threat…

Read More
21 Jul

Microsoft Fix Targets Attacks on SharePoint Zero-Day

Information, Insights

On Sunday, July 20, Microsoft Corp. issued an emergency security update for a vulnerability in SharePoint Server that is actively being exploited to compromise vulnerable organizations. The patch comes amid reports that malicious hackers have used the SharePoint flaw to breach U.S. federal and state agencies, universities, and energy companies. Image: Shutterstock, by Ascannio. In an advisory about the SharePoint security hole, a.k.a. CVE-2025-53770, Microsoft said it is aware of active attacks targeting on-premises SharePoint…

Read More
20 Jul

Microsoft Releases Guidance on Exploitation of SharePoint Vulnerability (CVE-2025-53770)

Attacks, Insights, Malware

CISA is aware of active exploitation of a new remote code execution (RCE) vulnerability enabling unauthorized access to on-premise SharePoint servers. While the scope and impact continue to be assessed, the new Common Vulnerabilities and Exposures (CVE), CVE-2025-53770, is a variant of the existing vulnerability CVE-2025-49706 and poses a risk to organizations. This exploitation activity, publicly reported as “ToolShell,” provides unauthenticated access to systems and enables malicious actors to fully access SharePoint content, including file systems and internal…

Read More
20 Jul

CISA Adds One Known Exploited Vulnerability, CVE-2025-53770 “ToolShell,” to Catalog

Attacks, Insights, Malware

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. See CISA’s Alert Microsoft Releases Guidance on Exploitation of SharePoint Vulnerability (CVE-2025-53770) for more information and to apply the recommended mitigations.  CVE-2025-53770: Microsoft SharePoint Server Remote Code Execution Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk…

Read More
17 Jul

Poor Passwords Tattle on AI Hiring Bot Maker Paradox.ai

Data Breaches, Information, Insights

Security researchers recently revealed that the personal information of millions of people who applied for jobs at McDonald’s was exposed after they guessed the password (“123456”) for the fast food chain’s account at Paradox.ai, a company that makes artificial intelligence based hiring chatbots used by many Fortune 500 firms. Paradox.ai said the security oversight was an isolated incident that did not affect its other customers, but recent security breaches involving its employees in Vietnam tell…

Read More
16 Jul

Unmasking AsyncRAT: Navigating the labyrinth of forks

Information

AsyncRAT has cemented its place as a cornerstone of modern malware and as a pervasive threat that has evolved into a sprawling network of forks and variants. While its capabilities are not that impressive on their own, it is the open-source nature of AsyncRAT that has truly amplified its impact. This blogpost provides an overview and analysis of the most relevant forks of AsyncRAT, drawing connections between them and showing how they have evolved. Key…

Read More