Simon newslttrs.com
ITsec Agentur
Patrick C Miller 
'The Biggest Student Data Privacy Disaster in History': Canvas Hack Shows the Danger of Centralized EdTech https://www.404media.co/the-biggest-student-data-privacy-disaster-in-history-canvas-hack-shows-the-danger-of-centralized-edtech/
Indicator of Compromise
- 23 Followers
- 53 Following
- 439 Posts
@patrickcmiller I’m surprised at how little coverage this has had in mainstream media so far.
@patrickcmiller yeah, centralization, always a fun idea
Pyrzout 
CISA Shares New Threat Detections for Actively Exploited WSUS Vulnerability https://cybersecuritynews.com/cisa-threat-detections-wsus-vulnerability/ #CyberSecurityNews #VulnerabilityNews #cybersecuritynews #CyberSecurity #cybersecurity #vulnerability
CISA Shares New Threat Detections for Actively Exploited WSUS Vulnerability
In a critical update issued on October 29, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) has provided organizations with enhanced guidance on detecting and mitigating threat activity related to the actively exploited CVE-2025-59287 vulnerability in Microsoft's Windows Server Update Services (WSUS).
RedPacket Security[RADIANT] - Ransomware Victim: Spijkermat - https://www.redpacketsecurity.com/radiant-ransomware-victim-spijkermat/
#radiant #dark_web #data_breach #OSINT #ransomware #threatintel #tor
Tata Motors Data Leak – 70+ TB of Sensitive Info and Test Drive Data Exposed via AWS Keys https://cybersecuritynews.com/tata-motors-data-leak/ #CyberSecurityNews #cybersecuritynews #CyberSecurity #dataleak
Ransomware Attacks Demystified A Practical Guide for 2025 - https://www.redpacketsecurity.com/ransomware-attacks-demystified-a-practical-guide-for/
New Phishing Attack Using Invisible Characters Hidden in Subject Line Using MIME Encoding https://cybersecuritynews.com/new-phishing-attack-using-invisible-characters/ #CyberSecurityNews #cybersecuritynews #cybersecurity #Threats
New Phishing Attack Using Invisible Characters Hidden in Subject Line Using MIME Encoding
Cybercriminals have developed a sophisticated phishing technique that exploits invisible characters embedded within email subject lines to evade automated security filters. This attack method leverages MIME encoding combined with Unicode soft hyphens to disguise malicious intent while appearing legitimate to human readers. The technique represents an evolution in social engineering tactics, targeting email filtering mechanisms […]
BrianKrebsNew, by me: Aisuru Botnet Shifts from DDoS to Residential Proxies
Aisuru, the botnet responsible for a series of record-smashing distributed denial-of-service (DDoS) attacks this year, recently was overhauled to support a more low-key, lucrative and sustainable business: Renting hundreds of thousands of infected Internet of Things (IoT) devices to proxy services that help cybercriminals anonymize their traffic. Experts say a glut of proxies from Aisuru and other sources is fueling large-scale data harvesting efforts tied to various artificial intelligence (AI) projects, helping content scrapers evade detection by routing their traffic through residential connections that appear to be regular Internet users.
I included a section at the end mentioning that the latest Aisuru botnet code apparently tells infected systems to check in at the host fuckbriankrebs[.]com. When I heard this, I wondered what its use might be other than to just say what the domain says. But we also noticed the domain was unregistered....
Happily, the domain name was deftly snatched up last week by Philippe Caturegli, “chief hacking officer” for the security intelligence company Seralys.
Caturegli enabled a passive DNS server on that domain and within a few hours received more than 700,000 requests for unique subdomains on fuckbriankrebs[.]com.
But even with that visibility into Aisuru, it is difficult to use this domain check-in feature to measure its true size, Brundage said. After all, he said, the systems that are phoning home to the domain are only a small portion of the overall botnet.
“The bots are hardcoded to just spam lookups on the subdomains,” he said. “So anytime an infection occurs or it runs in the background, it will do one of those DNS queries.”
Read more:
https://krebsonsecurity.com/2025/10/aisuru-botnet-shifts-from-ddos-to-residential-proxies/
ITSEC NewsWindows 11 KB5067036 update rolls out Administrator Protection feature - Microsoft has released the KB5067036 preview cumulative update for Windows 11 24H2 and ... https://www.bleepingcomputer.com/news/microsoft/windows-11-kb5067036-update-rolls-out-administrator-protection-feature/ #microsoft #security
