DataBreachToday.com

CISA Issues Emergency Directive After Cisco Exploits Persist After Reboot
CISA issued an emergency directive Thursday after discovering an advanced hacking campaign exploiting two persistent zero-days in Cisco firewall gear - malware that survives system reboots and upgrades - forcing agencies to disconnect vulnerable devices by Friday.

'RedNovember' Has Hacked Organizations in the US, Asia and Europe
A hacking group associated with widespread compromise of edge devices is a Chinese-state-aligned group, says cybersecurity firm Recorded Future. The firm says the threat actor, which it now tracks as RedNovember, is "highly likely a Chinese state-sponsored threat activity group."

ManuSec Chicago Speaker Johnny Xmas on Value of Pentesting in OT Environments
ManuSec Summit speaker Johnny Xmas, global head of offensive security for a leading U.S. manufacturer, discusses pentesting in operational technology environments, overcoming the hurdles to offensive security programs and the evolving role of OT security.

Sophisticated Cyberespionage Campaign Targets Asian Telecom, Manufacturing Sectors
A remote access Trojan that's a staple of Chinese nation-state hacking is part of an ongoing campaign targeting telecom and manufacturing sectors in Central and South Asian countries. The threat actor, tracked as Naikon, apparently has access to a new variant of PlugX malware.

Financial Institutions Break Down Silos to Combat Faster, AI-Powered Threats
Banks face AI-powered fraud attacks and stricter compliance demands. Unified platforms that integrate security, fraud detection and compliance help institutions respond faster while empowering human analysts to focus on strategic decisions.

Pentesting Tools Uncover Vulnerabilities but White Hat Skills Are Still in Demand
Automated pentesting tools offer faster visibility and robust integration with daily security operations, but automation doesn't eliminate the need for humans in the loop. Automation raises the baseline for vulnerability management and changes what white hat hackers need to know to stay relevant.

Attackers Hid Malware in Vector Image
Hackers behind a phishing campaign appear to have used artificial intelligence-generated code to hide malware behind a wall of overly complex and useless code, said Microsoft. "Not something a human would typically write from scratch due to its complexity, verbosity and lack of practical utility."

Recent Incidents Highlight Patient Record Cyber Risks Tied to Third-Party Suppliers
Vendor security risk has long been a source of pain for many healthcare providers. Veradigm - formerly Allscripts - and ApolloMD are among the latest software and services vendors reporting hacking incidents potentially triggering headaches for customers and their patients.

Passkeys to Strengthen Low-Friction Verification, Integrate With Facial Recognition
Unico has acquired San Francisco-based OwnID to enhance its identity offerings and grow its U.S. customer base. The passkey startup's low-friction login solution complements Unico's facial recognition tools and supports broader use cases with streamlined user experiences.

Researchers Uncover Covert Chinese Access to US Service Provider Infrastructure
Mandiant said it has tracked a Chinese-linked espionage campaign using BRICKSTORM malware to quietly embed within U.S. infrastructure and service providers for over a year, exploiting appliance-level blind spots to maintain persistence, evade detection and potentially develop zero-day exploits.

The AI journey has only just begun in OT. Honeywell expects this situation to quickly shift in the next one to three years.

Effects of Friday Cyberattack Still Felt in European Airports
British police arrested Tuesday night a man in his forties suspected of causing days of flight cancellations and delays at several major European airports by hacking an aviation technology company. Impacted airports include London Heathrow, Brussels Airport and Berlin Brandenburg Airport, as well as Dublin Airport.

UK High Court Overturns Home Office Request to Extradite Diogo Santos Coelho
The U.K. High Court of Justice on Sep. 11 overturned a Home Office request to extradite a Portuguese national and an alleged administrator of RaidForums who is wanted in the United States on charges of device fraud and aggravated identity theft charges.

Secret Service Disrupts Network of Telecom Devices Targeting Government Officials
The Secret Service announced Tuesday a major takedown of a telecommunications threat targeting senior U.S. government officials in New York just as President Donald Trump was delivering remarks to global leaders at the United Nations General Assembly.

Iranian Hackers Impersonate Online Recruiters
Western Europeans working in aerospace, defense manufacturing or telecoms are receiving waves of emails from putative job recruiters who actually are Iranian state hackers ready to unleash a backdoor and an infostealer. Check Point tracks the threat actor as "Nimbus Manticore."

CS4CA Europe London Event Chair Wayne Harrop on OT Risk and Collaboration
Critical infrastructure providers are facing a volatile geopolitical landscape that could lead to cyberattacks and business disruptions. In advance of the CS4CA Europe London Conference (Sept. 30 - Oct. 1, 2025), conference chair Wayne Harrop shares key cyber strategies to counter enterprise threats.

What's Left After Raking In Millions From Other People's Blood, Sweat and Tears?
Things that continue to elude scientific observation: the Loch Ness Monster, Bigfoot and the ransomware hacker who voluntarily chose retirement. "There's no such thing as 'retirement' in cybercrime," despite some ransomware hackers dangling promises to leave the field.