In order to provide you the best services, DrGlenn regularly posts articles and new security concerns. Check back often!

With the increase in digital ecosystems, cyber threats are growing in complexity and magnitude. Instead of just planning against the traditional attacks, nowadays organizations are planning against the disruptive ability of quantum computing. Quantum technology is set to deliver unprecedented computer capabilities, yet it is also likely to sabotage the cryptographic principles that modern cybersecurity is based on.  The future of cybersecurity is obvious with this duality: Quantum-Agile Architectures the architecture created to evolve and adapt to the demands of the quantum era, the architecture that will be able to stay on top of the threats.  This article discusses the basics of quantum agility, the reasons why enterprises should embrace quantum agility, and the solutions...

In the Netherlands, three 17-year-olds are suspected of providing services to a foreign power with one said to be in contact with an unnamed Russian-government affiliated hacker group. It was also confirmed that the suspect with links to the Russian hacking group instructed the other two to map Wi-Fi networks in The Hague on multiple occasions. This is according to a statement published by the Netherland’s National Public Prosecution Service on October 17. The collected information was shared by the suspect with the connection to the Russian group with the client for a fee. The information could be used for digital espionage and cyber-attacks. The Dutch Public Prosecution Service said there were no indications as yet that pressure was exerted on the suspect who was in contact with...

The Counter Threat Unit™ (CTU) research team analyzes security threats to help organizations protect their systems. Based on observations in July and August, CTU™ researchers identified the following noteworthy issues and changes in the global threat landscape: Ransomware remains a volatile threat despite disruptions Absent MFA allows exploitation of stolen credentials Legacy vulnerabilities maintain their value Ransomware remains a volatile threat despite disruptions Law enforcement actions have made an impact on the ransomware ecosystem but have not reduced the number of attacks. Ransomware continues to pose a major threat to organizations. Even though the number of victims posted to leak sites has declined since reaching an all-time peak in March 2025, the figures in July and...

AI is no longer an experiment in the security stack — it’s becoming the centerpiece. Foundry’s 2025 Security Priorities Study finds that 58% of organizations plan to boost spending on AI-enabled security tools next year, signaling a decisive shift from curiosity to commitment. And it’s not just budgets following the trend. The research finds 93% say they’re already using or are actively researching using AI in their security technologies over the next 12 months. The urgency makes sense. CISOs are watching attackers weaponize generative AI to automate phishing, create deepfakes, and craft more convincing social engineering campaigns. In response, they’re turning to agentic and generative AI to harden defenses, augment analysts, and improve resilience at scale. Foundry At the...

Law enforcement agencies in the United States and France have seized control of domains linked to the notorious BreachForums hacking forum, commonly used for the leaking of stolen data, and the sale of hacked credentials.However, observers are warning the takedown - although worthy and laudable - may be more symbolic than final, as a version of BreachForums on the dark web remains active.If you visit breachforums.hn today you will be greeted by an animated seizure announcement, featuring the logos of the United States Department of Justice, FBI, France’s BL2C cybercrime unit, and Paris Prosecutor’s Office.Rather than the usual messageboard where cybercriminals traded their wares, the site not points to a specialist subdomain of the website of the Internet Complaint Center (IC3),...

Oct 11, 2025Ravie LakshmananCloud Security / Network Security Cybersecurity company Huntress on Friday warned of "widespread compromise" of SonicWall SSL VPN devices to access multiple customer environments. "Threat actors are authenticating into multiple accounts rapidly across compromised devices," it said. "The speed and scale of these attacks imply that the attackers appear to control valid credentials rather than brute-forcing." A significant chunk of the activity is said to have commenced on October 4, 2025, with more than 100 SonicWall SSL VPN accounts across 16 customer accounts having been impacted. In the cases investigated by Huntress, authentications on the SonicWall devices originated from the IP address 202.155.8[.]73. The company noted that in some instances, the...

Business email compromise, commonly known as “BEC” has become a major issue inthe corporate world. Globally, this condition has been a challenge for the legalauthorities as to exactly who is liable for the damages caused by BEC. South Africancompanies are suffering under the weight of BEC crimes as the courts grapple with themultitude of cases coming before them. This form of cyber attack is appearing in SouthAfrica as some of the highest around the world. As legal complications continue, SouthAfrican businesses are now turning their attention to methods they can use to protect theirfinances and reputations.The official definition of BEC is: “a criminal act where criminals illegally access anemail account and communicate as if they are the user”.  In other words, it’s a...

The Digital Personal Data Protection (DPDP) Act 2023 has reshaped the approach that enterprises take towards data protection. Compliance can no longer be a reactive practice; it must be smart, agile, and open. Business organizations must operate consent, facilitate early breach alerts, and keep responsibility in ever-more complicated internet ecosystems. The core of this transformation is technology. AI, blockchain, and automation are the keys to integrating privacy into operations, providing resilience, and transforming compliance into a strategic asset instead of a liability. The Importance of Technology to DPDP Act The DPDP Act lays emphasis on standards like consent, data minimization, purpose limitation, and breach notification. On the one hand, these principles sound simple,...

A Chinese-speaking cybercrime group is hijacking trusted Internet Information Services (IIS) worldwide to run SEO scams that redirect users to shady ads and gambling sites, Cisco Talos has found. The group, tracked as UAT-8099, exploit IIS servers that have a good reputation to manipulate search engine results for financial gain. The compromised IIS servers redirect users to unauthorized advertisements or illegal gambling websites.  The IIS servers affected were identified in India, Thailand, Vietnam, Canada and Brazil, targeting organizations such as universities, tech firms and telecom providers. This was based on Cisco's file census and DNS traffic analysis. The majority of their targets are mobile users, encompassing not only Android devices but also Apple iPhone devices....

You face no shortage of challenges in securing your organization from cyberattacks. The threat landscape continues to evolve, attack surfaces are expanding with the advent of new technologies, new adversary tactics and techniques keep emerging, and there’s more scrutiny than ever about what you’re doing to safeguard your environment. Accurately assessing where you’re vulnerable to threats isn’t easy. Testing your defenses is an effective, proactive way to measure the strength of your security and set a course for lowering your risk before a threat actor strikes. Put your defenses to the test and determine your risk Introducing Sophos Advisory Services – proactive security testing services that provide expert, independent assessment of your cyber defenses and recommendations for...

In this blogpost, we uncover the first known cases of collaboration between Gamaredon and Turla, in Ukraine. Key points of this blogpost: In February 2025, we discovered that the Gamaredon tool PteroGraphin was used to restart Turla’s Kazuar backdoor on a machine in Ukraine. In April and June 2025, we detected that Kazuar v2 was deployed using Gamaredon tools PteroOdd and PteroPaste. These discoveries lead us to believe with high confidence that Gamaredon is collaborating with Turla. Turla’s victim count is very low compared to the number of Gamaredon compromises, suggesting that Turla choose the most valuable machines. Both groups are affiliated with the FSB, Russia’s main domestic intelligence and security agency. Threat actor profiles Gamaredon Gamaredon has been active since...

The U.S. Marine Corps is celebrated for its precision and ability to adapt on the battlefield. But behind the IT scenes, another battle was taking place against outdated IT systems that made it harder to serve Marines and their families. That’s where Marine Corps Community Services took command. The organization is the department within the USMC responsible for programs that improve Marine quality of life, from child care and family counseling to fitness centers, retail stores, and dining facilities. Yet, MCCS was bogged down by sluggish IT processes. Approvals for new systems—known as authorizations to operate (ATOs)—could take years and cost more than $1 million per system. These roadblocks made it difficult to keep pace with modern needs. “With IT service delivery, there are...

In May 2025, the European Union levied financial sanctions on the owners of Stark Industries Solutions Ltd., a bulletproof hosting provider that materialized two weeks before Russia invaded Ukraine and quickly became a top source of Kremlin-linked cyberattacks and disinformation campaigns. But new findings show those sanctions have done little to stop Stark from simply rebranding and transferring their assets to other corporate entities controlled by its original hosting providers. Image: Shutterstock. Materializing just two weeks before Russia invaded Ukraine in 2022, Stark Industries Solutions became a frequent source of massive DDoS attacks, Russian-language proxy and VPN services, malware tied to Russia-backed hacking groups, and fake news. ISPs like Stark are called...

Sep 11, 2025Ravie LakshmananArtificial Intelligence / Mobile Security Google on Tuesday announced that its new Google Pixel 10 phones support the Coalition for Content Provenance and Authenticity (C2PA) standard out of the box to verify the origin and history of digital content. To that end, support for C2PA's Content Credentials has been added to Pixel Camera and Google Photos apps for Android. The move, Google said, is designed to further digital media transparency. C2PA's Content Credentials are a tamper-evident, cryptographically signed digital manifest providing verifiable provenance for digital content such as images, videos, or audio files. The metadata type, according to Adobe, serves as a "digital nutrition label," giving information about the creator, how it was made,...

The UN Reveals Widespread Trafficking into Online Scam Operations Every day, thousands of lives are torn apart in the shadows of Southeast Asia. A harrowing UN Human Rights Office (OHCHR) report from 29 August 2023 reveals that hundreds of thousands of individuals have been trafficked and forced into online scam operations, often under brutal and inhumane conditions. Across the region, particularly in Cambodia and Myanmar, victims are coerced into carrying out romance scams, crypto fraud, and illegal gambling from clandestine “scam centres” or compounds. The numbers are staggering: credible estimates suggest at least 120,000 people in Myanmar and around 100,000 in Cambodia are being held and forced into these operations The Human Toll: Victims, Not Perpetrators These trafficked...

Artificial intelligence (AI) redefines the financial landscape as it never happened before, getting approval of credits quicker in an automated fashion, detecting fraud, and increasing access to services. Such transformative power comes with a great responsibility. AI has the potential of democratizing finance, and this will depend on the responsible way it will be embraced and implemented. Financial inclusion once a distant aspiration is now within reach, provided we guide AI with ethical intent and inclusive design. The time for action is now. The Dual Power of AI: Opportunity and Risk AI offers game-changing potential in tackling financial exclusion, especially in regions where traditional banking models fail. Through technologies such as: Machine learning-based credit scoring...

Bridgestone has confirmed it is responding to a cyber incident that has impacted several of its manufacturing sites in North America. The incident impacted the tire manufacturer’s two plants in Aiken County, South Carolina, local TV station WRDW reported on September 1. It is understood that the sites remained operational. However, employees whose jobs were impacted were offered the options to stay at work and do preventive maintenance and receive a full day’s pay or to go home without pay. In the city of Joliette, in the Canadian province of Quebec, a Bridgestone facility employing 1400 has halted operations since August 31, according to several local media outlets. After being told to stay home and fearing the risk of not being paid, the employees of the Joliette plant will...

Sophos Endpoint + Taegis. The best of both worlds. I’m delighted to announce that Sophos Endpoint is now natively integrated and automatically included in all Taegis™ Extended Detection and Response (XDR) and Taegis Managed Detection and Response (MDR) subscriptions. Customers gain immediate access to combined prevention, detection, and response capabilities in a single platform – while lowering costs and simplifying operations. The integration follows Sophos’ acquisition of Secureworks in February 2025 and represents a major milestone in combining the companies’ strengths to help customers defeat cyberattacks with a higher ROI. Endpoint protection remains one of the most critical layers of defense against today’s cyberthreats, delivering both frontline prevention and vital...

From Meta shutting down millions of WhatsApp accounts linked to scam centers all the way to attacks at water facilities in Europe, August 2025 saw no shortage of impactful cybersecurity news 28 Aug 2025 As August 2025 comes to a close, ESET Chief Security Evangelist Tony Anscombe reviews a selection of the top cybersecurity stories that moved the needle, raised the alarms or offered vital lessons over the past 30 or so days, as well as offers insights they hold for your own cyber-defenses: Don't forget to check out the July 2025 edition of Tony's monthly security news roundup for more insights. Connect with us on Facebook, X, LinkedIn and Instagram. Source link

“The fundamental issue here is that key pieces of our critical infrastructure, for example network technologies like core routers, remain far too easy to compromise and gain persistence on,” said David Shipley of Beauceron Security. “China’s rampant success is the bill come due for insecurity-by-design.” Critical infrastructure, sensitive comms targeted This week, intelligence agencies in the US, UK, Canada, Australia, New Zealand, Finland, Germany, Italy, Czech Republic, Japan, Poland, Spain, and the Netherlands issued a joint cybersecurity advisory about Salt Typhoon. The group became notorious after having breached major US telecom and internet service providers (ISPs), including AT&T, Verizon, T-Mobile, Lumen Technologies, Charter, Consolidated, and Windstream...