Germany doxxes Conti ransomware and TrickBot ring leader
The Federal Criminal Police Office of Germany (Bundeskriminalamt or BKA) claims that Stern, the leader of the Trickbot and Conti cybercrime gangs, is a 36-year-old…
Month: May 2025
Threat Actors Exploit Google Apps Script to Host Phishing Sites
The Cofense Phishing Defense Center has uncovered a highly strategic phishing campaign that leverages Google Apps Script a legitimate development platform within Google’s ecosystem to…
Chinese Phishing Service Haozi Resurfaces, Fueling Criminal Profits
A new report from cybersecurity firm Netcraft reveals a rise in a Chinese-language Phishing-as-a-Service (PhaaS) known as Haozi. This service makes it incredibly easy for…
Exchange 2016, 2019 support ends soon: What IT should do to stay secure
Microsoft is ending support for Exchange Server 2016, Exchange Server 2019, and Outlook 2016 on October 14, 2025. That date might seem far off, but…
A Healthcare CISO’s Journey to Enabling Modern Care
Breaking Out of the Security Mosh Pit When Jason Elrod, CISO of MultiCare Health System, describes legacy healthcare IT environments, he doesn’t mince words: “Healthcare…
What VMware’s licensing crackdown reveals about control and risk
Over the past few weeks, VMware customers holding onto their perpetual licenses, which are often unsupported and in limbo, have reportedly begun receiving formal cease-and-desist…
US Sanctions Philippine Company for Supporting Crypto Scams
The US Treasury Department on Thursday announced sanctions against a Philippines-based company for providing infrastructure to hundreds of thousands of websites involved in cryptocurrency investment…
Jekyll to Zola | HAHWUL
My journey migrating from Jekyll to Zola, a Rust-based SSG. It’s been nearly three years since I switched back from Hugo to Jekyll in August…
ConnectWise warns of threat activity linked to suspected nation-state hackers
ConnectWise is investigating suspicious activity — likely associated with a nation-state actor — affecting a limited number of customers that use ScreenConnect. In a post on its…
IT Security Guru picks for Infosecurity Europe 2025
With Infosecurity Europe around the corner next week, planning your schedule can be tricky. But never fear! The Gurus have been busy collecting a selection…
Dadsec Hacker Group Uses Tycoon2FA Infrastructure to Steal Office365 Credentials
Cybersecurity researchers from Trustwave’s Threat Intelligence Team have uncovered a large-scale phishing campaign orchestrated by the notorious hacker group Storm-1575, also known as “Dadsec.” Since…
Victoria’s Secret US Website Restored After Security Incident
Victoria’s Secret website was down due to a ‘security incident’ impacting online and some in-store services. Get the latest on the lingerie giant’s efforts to…