Amazon's DNS problem knocked out half the web, likely costing billions
On Monday afternoon, Amazon confirmed that an outage affecting Amazon Web Services' cloud hosting, which had impacted millions across the Internet, had been resolved. Considered the worst outage since last year's CrowdStrike chaos, Amazon's outage caused "global turmoil," Reuters reported. AWS is the world's largest cloud provider and, therefore, the "backbone of much of the Internet," ZDNet noted. READ MORE...
Fencing and Pet Company Jewett-Cameron Hit by Ransomware
Oregon-based fencing and pet solutions provider Jewett-Cameron Company was recently targeted in a cyberattack that resulted in disruption and the theft of sensitive information. Jewett-Cameron makes kennels, crates and other accessories for dogs, as well as fencing, specialty wood, and gardening products. In a Tuesday filing with the SEC, the company revealed that it detected an intrusion into its IT environment on October 15. READ MORE...
Russian APT Switches to New Backdoor After Malware Exposed by Researchers
The Russian state-sponsored APT known as Star Blizzard has been using a new backdoor in attacks after its LostKeys malware was detailed in a public report in June, Google says. Star Blizzard has been active since at least 2019, and has been publicly linked to Russia's Federal Security Service (FSB) by the US in December 2023. In a June report, Google detailed how the APT was using the ClickFix technique to deliver the LostKeys malware. READ MORE...
Sharepoint ToolShell attacks targeted orgs across four continents
Hackers believed to be associated with China have leveraged the ToolShell vulnerability (CVE-2025-53770) in Microsoft SharePoint in attacks targeting government agencies, universities, telecommunication service providers, and finance organizations. The security flaw affects on-premise SharePoint servers and was disclosed as an actively exploited zero-day on July 20, after multiple hacking groups tied to China leveraged it in widespread attacks. READ MORE...
Attackers target retailers' gift card systems using cloud-only techniques
A newly uncovered attack campaign mounted by suspected Morocco-based attackers has been hitting global retailers and other businesses issuing gift cards. What makes this campaign stand out is how the threat actors avoid typical malware techniques and endpoint hacking and operate entirely in cloud environments. The attackers rely on phishing and smishing to harvest account credentials, then use trusted cloud services instead of deploying malware. READ MORE...
Electronic Warfare Puts Commercial GPS Users on Notice
Localized jamming and spoofing of global navigation satellite systems (GNSS) continues to be a hallmark of conflicts across the globe, with the digital signal attacks impacting air travel and transport and maritime shipping. And now, the denial-of-service issue seems to be affecting everyday organizations in other verticals, too. The level of interference coming from Russia is particularly significant. READ MORE...
Life, death, and online identity: What happens to your online accounts after death?
The rapid technological advances of recent decades have transformed nearly every aspect of our lives. One major shift is that many of us now maintain extensive digital footprints, spanning countless online accounts, from email and social media to banking, investments, cloud storage, utility payments, and more. In life, we work hard to protect these accounts from others. Yet when death or incapacity strikes, ensuring that our loved ones have legal access to them becomes critically important. READ MORE...
Social engineering gains ground as preferred method of initial access
Hackers are increasingly breaching corporate IT systems by exploiting age-old human behaviors with the help of sophisticated new technologies. Threat actors are using deepfake videos, AI-powered voice cloning and other tools to launch targeted and increasingly personalized campaigns that target corporate executives, government officials and other high-profile people for impersonation, extortion and highly disruptive attacks against major industries. READ MORE...
Streaming Fraud Campaigns Rely on AI Tools, Bots
Discussion abounds about how attackers could potentially use artificial intelligence (AI) to craft their attacks. The latest research from Human Security's Satori Threat Intelligence team shows how bad actors are using generative AI to mass produce royalty-eligible music and ghost artists to collect and launder royalties. This is streaming fraud, where bad actors play tracks on loop - but no real audience is listening - and collect royalties. READ MORE...
TP-Link warns of critical command injection flaw in Omada gateways
TP-Link is warning of two command injection vulnerabilities in Omada gateway devices that could be exploited to execute arbitrary OS commands. Omada gateways are marketed as full-stack solutions (router, firewall, VPN gateway) for small to medium businesses, and are constantly increasing in popularity. Although the two security issues lead to the same result when triggered, only one of them can be exploited by a remote attacker without authentication. READ MORE...
Researchers uncover remote code execution flaw in abandoned Rust code library
Security specialists at Edera discovered and disclosed a high-severity vulnerability in an early and since-abandoned code for an open-source async tar archive library for the Rust programming language. Researchers warned that potential exploitation, which allows for remote code execution, could bear major impacts due to widespread forking and a lack of visibility into the code's use. READ MORE...
- ...in 1797, The first parachute jump is made by Andre-Jacques Garnerin from a hydrogen balloon 3,200 feet above Paris.
- ...in 1907, the Ringling Brothers' company buys Barnum & Bailey, running them as separate circuses before merging them in 1919.
- ...in 1962, actor and comedian Bob Odenkirk ("Mr. Show", "Better Call Saul") is born in Berwyn, IL.
- ...in 1962, President Kennedy tells Americans about the Cuban Missile Crisis and announces the blockade of Cuba.
