ThreatLocker helps organizations reduce risk by allowing trusted applications to run while limiting their access to only the resources they need. It’s a straightforward, default deny approach that gives you more control and visibility—without slowing down operations. Explore how ThreatLocker can help simplify your security strategy.
The Washington, D.C., Maryland, and Virginia (DMV) region has established itself as a top-tier player in the global cyber industry. Join us on September 18th, 2025 to celebrate the remarkable accomplishments of the DMV's cybersecurity community, connect with the brilliant minds shaping the future of the field, and experience firsthand why the DMV region is the beating heart of cyber innovation. Register now to secure your spot.
HR software provider Workday is the latest organization to fall victim to a wave of social engineering attacks targeting Salesforce instances, BleepingComputer reports. The company didn't name Salesforce, but referred to "a recent social engineering campaign targeting many large organizations, including Workday." The company said in a press release, "We recently identified that Workday had been targeted, and threat actors were able to access some information from our third-party CRM platform. There is no indication of access to customer tenants or the data within them. We acted quickly to cut the access and have added extra safeguards to protect against similar incidents in the future. The type of information the actor obtained was primarily commonly available business contact information, like names, email addresses, and phone numbers, potentially to further their social engineering scams."
BleepingComputer notes that the ShinyHunters extortion group is behind the wave of Salesforce attacks, previously hitting Adidas, Qantas, Allianz Life, Louis Vuitton, Dior, Tiffany & Co., Chanel, and Google. The threat actor uses voice phishing attacks to trick employees into linking a malicious OAuth app to their company's Salesforce instance. Salesforce advises customers to follow its security guidance to prevent these attacks.
CyberArk is the leader behind the world’s most comprehensive machine identity security solution. With capabilities that span secrets, certificate management and workload identities, we enable customers to secure more machine identity use cases with the right level of privilege control. Find out exactly how we’re helping modern organizations secure their machine future.
Colt, a London-headquartered telecommunications giant operating in thirty countries, has disclosed that a "cyber incident" has been disrupting some of its operations over the past week, the Register reports. The disruptions began on August 12th, taking down the company's customer service portal and Voice API platforms.
Colt hasn't shared details on the nature of the attack, but the WarLock ransomware group claimed responsibility for the incident and is offering to sell stolen data for $200,000. The gang claims to have stolen a million company documents with employees' personal information and salary details. The crooks' claims are unconfirmed.
The Washington, D.C. Maryland, and Virginia (DMV) region has established itself as a top-tier player in the global cyber industry. Join us on September 18, 2025 to celebrate the remarkable accomplishments of the DMV's cybersecurity community, connect with the brilliant minds shaping the future of the field, and experience firsthand why the DMV region is the beating heart of cyber innovation. Register now to secure your spot.
The US Justice Department has unsealed six indictments authorizing the seizure of over $2.8 million in cryptocurrency from a wallet controlled by Ianis Aleksandrovich Antropenko, who has been charged with operating the Zeppelin ransomware. The Justice Department alleges, "[T]he cryptocurrency and other assets are proceeds of (or were involved in laundering the proceeds of) ransomware activity. Those assets were laundered in various ways, including by using the cryptocurrency mixing service ChipMixer, which was taken down in a coordinated international operation in 2023. Antropenko also laundered cryptocurrency by exchanging cryptocurrency for cash and depositing the cash in structured cash deposits."
Today's issue includes events affecting , and the United Kingdom the United States.
From Access to Attack Paths: How Attackers Exploit Identity (N2K CyberWire) This is a sponsored story produced in collaboration with SpecterOps.
Mobile Phishers Target Brokerage Accounts in ‘Ramp and Dump’ Cashout Scheme (KrebsOnSecurity) Cybercriminal groups peddling sophisticated phishing kits that convert stolen card data into mobile wallets have recently shifted their focus to targeting customers of brokerage services, new research shows. Undeterred by security controls at these trading platforms that block users from…
Ghost-Tapping and the Chinese Cybercriminal Retail Fraud Ecosystem (Recorded Future) Explore how Chinese-speaking cybercriminals use NFC relay fraud ("ghost-tapping") to exploit mobile wallets, conduct retail fraud, and launder funds via Telegram.
Boffins release 5G traffic sniffing tool (The Register) Sni5Gect research crew targets sweet spot during device / network handshake pause
Is Germany on the Brink of Banning Ad Blockers? User Freedom, Privacy, and Security Is At Risk. (Mozilla) The recent court ruling is the latest development in a legal battle between publisher Axel Springer and Eyeo (the maker of Adblock Plus) that has been winding its way around the German legal system for more than a decade.
New York claims Zelle’s shoddy security enabled a billion dollars in scams (The Verge) Zelle is under fire again.
For a complete running list of events, please visit the Event Tracker.
HackAICon 2025 (Lisbon, Portugal, Sep 25, 2025) The first conference dedicated to combining AI and Ethical Hacking. We're bringing together OffSec pros, hackers, and leading researchers to find practical ways of using AI to secure the internet. Learn about the latest AI Hacking cosmic trends and connect with fellow professionals in engaging conversations. We banned sales pitches from the event - just knowledge sharing, leadership and technical insights.
