ThreatLocker helps organizations reduce risk by allowing trusted applications to run while limiting their access to only the resources they need. It’s a straightforward, default deny approach that gives you more control and visibility—without slowing down operations. Explore how ThreatLocker can help simplify your security strategy.
The Washington, D.C., Maryland, and Virginia (DMV) region has established itself as a top-tier player in the global cyber industry. Join us on September 18th, 2025 to celebrate the remarkable accomplishments of the DMV's cybersecurity community, connect with the brilliant minds shaping the future of the field, and experience firsthand why the DMV region is the beating heart of cyber innovation. Register now to secure your spot.
CrowdStrike has published a report on a cyberespionage campaign by a China-nexus threat actor dubbed "MURKY PANDA" which overlaps with activity tracked in the security industry as "Silk Typhoon." MURKY PANDA is notable for its "extensive knowledge of cloud environments and custom application logics," and the group has "shown considerable ability to quickly weaponize n-day and zero-day vulnerabilities." Since late 2024, the threat actor has been targeting North American entities in the government, technology, academic, legal, and professional services sectors. The group exploits internet-facing appliances to gain initial access and deploy its custom malware family "CloudedHope."
CyberArk is the leader behind the world’s most comprehensive machine identity security solution. With capabilities that span secrets, certificate management and workload identities, we enable customers to secure more machine identity use cases with the right level of privilege control. Find out exactly how we’re helping modern organizations secure their machine future.
Florida-based healthcare provider CPAP Medical, which provides sleep apnea equipment, has disclosed a data breach affecting more than 90,000 people, SecurityWeek reports. The incident occurred in December 2024, and the company discovered the breach in June 2025. The attackers may have stolen Social Security numbers and protected health information. SecurityWeek notes that no known ransomware groups have taken credit for the attack.
The Washington, D.C. Maryland, and Virginia (DMV) region has established itself as a top-tier player in the global cyber industry. Join us on September 18, 2025 to celebrate the remarkable accomplishments of the DMV's cybersecurity community, connect with the brilliant minds shaping the future of the field, and experience firsthand why the DMV region is the beating heart of cyber innovation. Register now to secure your spot.
African law enforcement agencies have arrested over 1,200 individuals as part of an INTERPOL-coordinated operation targeting cybercrime and fraud networks. The operation, which involved eighteen African countries and the UK, resulted in the recovery of US$97.4 million tied to cybercrimes, including ransomware, online scams, and business email compromise (BEC).
Interpol notes, "Authorities in Angola dismantled 25 cryptocurrency mining centres, where 60 Chinese nationals were illegally validating blockchain transactions to generate cryptocurrency. The crackdown identified 45 illicit power stations which were confiscated, along with mining and IT equipment worth more than USD 37 million, now earmarked by the government to support power distribution in vulnerable areas."
Authorities in Zambia also dismantled a major investment fraud operation that scammed 65,000 victims and raked in $300 million.
Today's issue includes events affecting Angola, China, the United Kingdom, the United States, and Zambia.
Electronics manufacturer Data I/O reports ransomware attack to SEC (The Register) The tech manufacturer Data I/O reported a ransomware attack to federal regulators, writing that the incident has taken down critical operational systems.
'Impersonation as a service' next big thing in cybercrime (The Register) Underground forums now recruiting English-speaking social engineers
MITRE Updates List of Most Common Hardware Weaknesses (SecurityWeek) MITRE has updated the list of Most Important Hardware Weaknesses to align it with evolving hardware security challenges.
US warns tech companies against complying with European and British ‘censorship’ laws (The Record) U.S. tech companies were warned they could face action from the Federal Trade Commission (FTC) for complying with the European Union and United Kingdom’s regulations about the content shared on their platforms.
House lawmakers take aim at education requirements for federal cyber jobs (CyberScoop) The bipartisan Cybersecurity Hiring Modernization Act would give the edge to skills-based hiring for cyber jobs at federal agencies.
Phone Searches at the US Border Hit a Record High (WIRED) Customs and Border Protection agents searched nearly 15,000 devices from April through June of this year, a nearly 17 percent spike over the previous three-month high in 2022. "The real issue is the chilling effect it has on all travelers."
Chinese national who sabotaged Ohio company’s systems handed four-year jail stint (The Record) A Houston resident was sentenced to four years in prison for intentionally installing malicious code on his employer's computer systems, which he activated when his role was terminated.
For a complete running list of events, please visit the Event Tracker.
DMV Rising '25 (Washington, DC, USA, Sep 18, 2025) Join us on September 18, 2025 to celebrate the remarkable accomplishments of the DMV's cybersecurity community, connect with the brilliant minds shaping the future of the field, and experience firsthand why the DMV region is the beating heart of cyber innovation. Register now to secure your spot.
DMV Rising '25 (Washington, DC, USA, Sep 18, 2025) Join us on September 18, 2025 to celebrate the remarkable accomplishments of the DMV's cybersecurity community, connect with the brilliant minds shaping the future of the field, and experience firsthand why the DMV region is the beating heart of cyber innovation. Register now to secure your spot.
HackAICon 2025 (Lisbon, Portugal, Sep 25, 2025) The first conference dedicated to combining AI and Ethical Hacking. We're bringing together OffSec pros, hackers, and leading researchers to find practical ways of using AI to secure the internet. Learn about the latest AI Hacking cosmic trends and connect with fellow professionals in engaging conversations. We banned sales pitches from the event - just knowledge sharing, leadership and technical insights.
