<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 9/5/25

SHARE

Breaches

Phishing Empire Runs Undetected on Google, Cloudflare

What's believed to be a global phishing-as-a-service enterprise using cloaking techniques has been riding on public cloud infrastructure for more than 3 years. What researchers are calling a "multi-year, industrial-scale phishing and brand impersonation scheme" operated undetected for more than three years on Google Cloud and Cloudflare platforms. The team at Deep Specter Research revealed what they believe was a large-scale phishing-as-a-service (PhaaS) operation that included 48,000 hosts and more than 80 clusters abusing "high-trust" expired domains. READ MORE...

Hacking

US puts $10M bounty on three Russians accused of attacking critical infrastructure

The US State Department has put a $10 million bounty on the heads of three Russians accused of being intelligence agents hacking America's critical infrastructure - primarily via old Cisco kit, it seems. The alert directly connects them to reports of the Russian Federal Security Service's (FSB) Center 16 - aka Berserk Bear - accused of using a flaw (CVE-2018-0171) Cisco patched in 2018, but attackers recently exploited it in the Salt Typhoon hacking campaign. READ MORE...


North Korean Hackers Targeted Hundreds in Fake Job Interview Attacks

At least 230 individuals were targeted by North Korean hackers in fake cryptocurrency job interview attacks earlier this year, SentinelOne and Validin report. In continuation of the Contagious Interview campaign that started in 2022, and which was seen employing the ClickFix technique in early 2025, the threat actors pose as recruiters and invite victims to fake cryptocurrency-related interviews. READ MORE...

Trends

File security risks rise as insiders, malware, and AI challenges converge

Breaches tied to file access are happening often, and the costs add up quickly. Many organizations have faced multiple file-related incidents over the last two years, with financial losses stretching into the millions. The fallout often includes stolen customer data, reduced productivity, and exposure of intellectual property. A new study from Ponemon Institute shows that data leakage from insiders is a huge threat. Both negligence and malicious intent drive this risk. READ MORE...

Software Updates

Update your Android! Google patches 111 vulnerabilities, 2 are critical

Google has patched 111 vulnerabilities in Android, including two critical flaws, in its September 2025 Android Security Bulletin. While the last few months have been quite calm regarding the number of vulnerabilities, this month is a real whopper with 111, compared to 6 in August and none in July. The September updates are available for Android 13, 14, 15, and 16. Android vendors are notified of all issues at least a month before publication. READ MORE...

Exploits/Vulnerabilities

Threat actors abuse X's Grok AI to spread malicious links

Threat actors are using Grok, X's built-in AI assistant, to bypass link posting restrictions that the platform introduced to reduce malicious advertising. As discovered by Guardio Labs' researcher Nati Tal, mavertisers often run sketchy video ads containing adult content baits and avoid including a link to the main body to avoid being blocked by X. Instead, they hide it in the small "From:" metadata field under the video card, which apparently isn't scanned by the social media platform for malicious links. READ MORE...

On This Date

  • ...in 1774, The First Continental Congress assembles in Philadelphia, in response to the British Parliament's "Intolerable Acts."
  • ...in 1882, the first US Labor Day parade is held in NYC, 12 years before it became an official federal holiday.
  • ...in 1927, Universal releases the first "Oswald the Lucky Rabbit" cartoon, animated by the Walt Disney Studio.
  • ...in 1960, boxer Muhammad Ali (at the time still known as Cassius Clay) wins the gold medal at the Olympic Games in Rome.