The ASD/ACSC have just released their annual cyber threat report for 2024-2025. It's always an interesting read, you can access it here: https://www.cyber.gov.au/about-us/view-all-content/reports-and-statistics/annual-cyber-threat-report-2024-2025 The most targeted sectors last year were financial, insurance, healthcare, social assistance and info media & comms, with the top 3 reported cyber incidents affecting critical infrastructure encompassing compromised asset/network/i

Just came across this in today's news feeds... This isnt going to be good news for anyone, except the ransomware groups....

Its sad that we are now at the point where everything should be assumed as fake when it comes to videos & content online (and of course...

The FBICD have just released an advisory regarding the UNC6040 and UNC6395 threat actors who are targeting Salesforce platforms of late,...

This is an awesome read and quite hilarious, can't believe this attacker/threat actor could of made such a simple mistake! wow! 🫣...

Patch Tuesday is again upon us. This month the new SMB patch rolled out, enabling a new feature that enables support for auditing SMB...

An interesting diary entry from the SANS Internet Storm Center today on sextortion observations and associated bitcoin addresses over the...

Citrix has released the fixes to address the latest 3 security flaws in NetScaler ADC and NetScaler Gateway, including CVE-2025-7775 that...

MITRE have just Updated their Most Important Hardware Weaknesses List, which you can access here: https://cwe.mitre.org/topHW/archive/20...

At Nexon, we have been performing penetration testing, red teaming, and threat assessment for close to 20 years.  During this time, we...

I came across this post from Kevin this morning. A great reminder to everyone that if you want to reduce your online presence, BADBOOL...

Most organisations these days are very familiar with phishing and Spear Phishing campaigns and are typically included in annual...

Yesterday I came across a post regarding the Lockbit ransomware gang, who had been hacked big time (they clearly pissed off someone), and...

A good example of a logic bomb attack, 6 years in the making, we haven't seen many of these attacks for a number of years now. For you...

One to be vigilant on when browsing LinkedIn job advertisements. North Korea are posting fake posts atm and during the interview process...

ICYMI last week, MITRE ATT&CK Version 17 was released which includes ESXi updates, more defensive data components, additional tools and...

Microsoft’s most recent Secure Future Initiative (SFI) Progress Report has just come out, and this report details the steps the company...

This is pretty crazy.. https://www.wsj.com/politics/national-security/in-secret-meeting-china-acknowledged-role-in-u-s-infrastructure-hac...

It's Patch Tuesday again this week. This month Microsoft patches address 126 vulnerabilities and one vulnerability that it said has been...

Google has just released its monthly patch run, addressing 62 vulnerabilities, of which 2 are under active exploitation....