SC Media
20 articles
Gamaredon group expands malware arsenal in ongoing Ukraine cyberattacks
ESET reported that Gamaredon conducted 35 distinct spear-phishing campaigns targeting Ukrainian governmental and military institutions in 2025, primarily in ...
Nissan confirms employee data exposed in Oracle PeopleSoft cyberattack
Nissan Americas disclosed in a filing to the California Attorney General that a cyber event involving Oracle's personnel records led to the potential theft o...
Microsoft dismantles StegoAd campaign using malicious Edge extensions
The StegoAd campaign employed steganography to hide malicious JavaScript within image and font files, making the extensions appear legitimate and functional.
Supreme Court limits geofence search warrants, bolsters privacy rights
In a 6-3 decision, the Supreme Court ruled that the Fourth Amendment's protection against unreasonable searches and seizures applies to location data collect...
Arcova launches integrated data center development service
Arcova has launched a new end-to-end data center development offering that integrates engineering, cybersecurity, regulatory compliance, and grid-planning co...
Microsoft extends Windows Server 2022 hotpatching to 2027
Microsoft will continue to offer hotpatching for Windows Server 2022 Datacenter: Azure Edition until 2027, a move that extends support beyond the mainstream ...
Researchers discover new class of weak RSA keys in the wild
The identified weak keys exhibit patterns of regularly spaced blocks of zeros.
Trump signs executive order to accelerate US quantum computing strategy
Trump order accelerates U.S.
Why CISOs need to rethink governance in the AI era
AI governance gaps are putting CISOs under pressure as customers demand stronger compliance.
AI adoption outpaces governance, creating risks for businesses
A recent ISACA poll reveals that while 90% of organizations believe employees are using AI, only 22% have seen returns meet or exceed expectations.
Canadian hacker sentenced for Texas Republican Party website defacement
The attack, which occurred on September 11, 2021, targeted the Texas Republican Party's website, hosted by Epik.
KDDI discloses data breach affecting up to 14.2 million customers
The breach occurred when threat actors exploited a vulnerability in third-party software used by KDDI.
Fake tax notices used to deliver remote access malware in India
Attackers are employing sophisticated tactics, hiding malicious code behind convincing government branding and legal references to trick victims into downloa...
Secret Service lax phone security puts leaders at risk, report finds
A Department of Homeland Security inspector general report revealed that Secret Service agents routinely used personal cell phones for mission-critical commu...
Nebulock raises $25 million for autonomous threat hunting platform
Founded in 2023, Nebulock's AI-driven platform performs autonomous, vendor-agnostic threat hunts across endpoint, identity, cloud, network, and SaaS telemetry.
Attackers create deceptive OpenAI tenants to steal company data
The campaign, dubbed "Poisoned Tenant" and discovered by Push Security, involves attackers creating fake OpenAI organizations using Gmail addresses but sendi...
Photo-themed phishing campaign targets European and Asian hotels with Node.js implant
The campaign, which Microsoft has not attributed to a known threat actor, uses lures referencing common hotel operational issues like guest complaints, bedbu...
New SharkLoader malware campaign deploys Cobalt Strike Beacon
The StrikeShark campaign exhibits a broad geographic reach, targeting a diplomatic organization in Indonesia, government entities in Taiwan, software develop...
Deloitte joins IBM and Red Hat's initiative to secure open-source software
The partnership focuses on strengthening the security of open-source components used in enterprise software.