Government looks at tech to tackle peak electricity demand
Science minister Patrick Vallance has unveiled £4m in funding to support technology projects that can help manage the UK’s electricity grid. Vallance has called on…
Month: August 2025
HTTP/1.1 Must Die: What This Means for AppSec Leadership
Andrzej Matykiewicz | 06 August 2025 at 22:23 UTC At Black Hat USA and DEFCON 2025, PortSwigger’s Director of Research, James Kettle, issued a stark…
Researchers Uncover ECScape Flaw in Amazon ECS Enabling Cross-Task Credential Theft
Aug 06, 2025Ravie LakshmananDevOps / Container Security Cybersecurity researchers have demonstrated an “end-to-end privilege escalation chain” in Amazon Elastic Container Service (ECS) that could be…
Black Hat USA: Startup breaks secrets management tools
A total of 14 common vulnerabilities and exposures (CVEs) spanning CyberArk’s Conjur and HashiCorp’s Vault enterprise secrets management platforms have been addressed and disclosed this…
Mustang Panda Targets Windows Users with ToneShell Malware Disguised as Google Chrome
The China-aligned threat actor Mustang Panda, also known as Earth Preta, HIVE0154, RedDelta, and Bronze President, has been deploying the ToneShell backdoor against Windows users,…
Chinese Groups Stole 115 Million US Cards in 16-Month Smishing Campaign
A new report from cybersecurity firm SecAlliance has revealed a highly organized criminal operation run by Chinese syndicates that may have compromised as many as…
Breaking Down Data Silos in the Age of AI: How Hitachi Vantara Sees The A/NZ Opportunity Evolving
Data volumes are exploding and while this provides an unprecedented opportunity for organisations to leverage and benefit from AI, it’s also a challenge of an…
Lazarus Hackers Use Fake Camera/Microphone Alerts to Deploy PyLangGhost RAT
North Korean state-sponsored threat actors associated with the Lazarus Group, specifically the subgroup known as Famous Chollima, have evolved their tactics by deploying a new…
Health expands cloud footprint with $32m Azure deal
The Department of Health, Disability and Ageing is scaling up its cloud capabilities with a $32 million contract for Microsoft Azure services. The three-year deal…
Akira ransomware abuses CPU tuning tool to disable Microsoft Defender
Akira ransomware is abusing a legitimate Intel CPU tuning driver to turn off Microsoft Defender in attacks from security tools and EDRs running on target…
Akira and Lynx Ransomware Target MSPs Using Stolen Credentials and Exploited Vulnerabilities
The Acronis Threat Research Unit (TRU) dissected recent samples from the Akira and Lynx ransomware families, revealing incremental enhancements in their ransomware-as-a-service (RaaS) models and…
Fake VPN and Spam Blocker Apps Tied to VexTrio Used in Ad Fraud, Subscription Scams
The malicious ad tech purveyor known as VexTrio Viper has been observed developing several malicious apps that have been published on Apple and Google’s official…