Natoli Engineering hit by ransomware group Akira, claims data leak

Akira ransomware group claims breach of Natoli Engineering, Field and Goldberg LLC, and Saskarc Inc., leaking hundreds of GBs of financial, personal, and corporate data on the dark web. #DataBreach #RansomwareAttack #USA link: https://ift.tt/2ciEGof

Critical Claroty Authentication Bypass Flaw Opened OT to AttackJai Vijayan, Contributing WriterCVE-2025-54603 allows attackers to disrupt vital operational technology (OT) environments and critical infrastructure, potentially leading to data theft.https://https://lnkd.in/ebJxrZdg

Every cyberattack leaves traces — in logs, in network packets, in hidden files. The challenge? Most organizations don’t know how to read them. At CyberUP Institute, our Digital Forensics programs train teams to: ✔ Collect and preserve digital evidence ✔ Reconstruct the attack timeline ✔ Strengthen defenses for the future 🔗 Learn more: https://lnkd.in/eCJP98M9 #DigitalForensics #CyberDefense #CyberUp

Seeing CVE-2025-2747 land on the CISA KEV list immediately took me back to ZeroLogon (CVE-2020-1472). Different products, same lesson: a pre-auth authentication bypass can lead to full domain takeover when chained with other weaknesses. TryHackMe provides a lab demonstrating ZeroLogon exploitation and the use of secretsdump and evil-winrm to extract and use credentials in a controlled environment. Quick wins: inventory affected systems and patch; isolate staging/sync services if you can’t patch; and add focused monitoring for authentication anomalies (Netlogon/AD events). #infosec #vulnerabilitymanagement #zeroday #ADsecurity

🔥 Beat an "Hercules" on Hack The Box, 5th machine of 9th. This was a very tough Active Directory lab. It simulated a full domain compromise and required careful work and patience. I'll skip the technical steps, but the main lesson is clear: many small weaknesses, when combined, create a big risk. It was hard, but the more you study Active Directory, the more these boxes become manageable rather than impossible. Pro tip: focus on identity, delegation, and certificate management in AD - understanding these areas gives the best return for both attack awareness and defence. For defenders, tighten delegation rules, manage certificates carefully, and watch for unusual authentication patterns. Did you ever solve a box that seemed impossible at first? What changed? Share below.

Threat Profile: GodRAT What it is: A remote access trojan (RAT) based on the Gh0st RAT codebase that allows attackers to control compromised systems and steal credentials. TLP:CLEAR Pulsedive GodRAT threat page with related news, TTPs, and more in comments.

CERT-EU Conference Recap: Last week, Outflank's Max Grim presented on how #redteams can leverage file formats and interpreters less likely to trigger security alarms, enabling covert execution that bypass traditional AV detections as well as AMSI. #certeuconf25

Security rarely collapses at the moment of intrusion; it collapses when impact is allowed to accrue. That message dominated a recent Breach and Attack Simulation summit, where practitioners stressed evidence over predictions. Internet‑wide scanners process a new exploit within minutes; once inside, adversaries pivot fast using well‑worn tradecraft such as LSASS credential theft and HTTPS C2. Our Incident Response, Red Team and Pen Test work is aligned to continuous validation: proving which controls stop which steps, and measuring mean time to detect, investigate and contain across ATT&CK techniques. https://lnkd.in/gfwxgEt8 #IncidentResponse #RedTeam #PenTesting #BreachAndAttackSimulation #CredentialAccess

For a successful zero-trust solution, the potential threat of a backdoor should never be in the equation. ✍️ “If a backdoor exists, one day a clever hacker will figure out how to exploit it, essentially defeating the entire concept of zero trust,” said Xiid CTO Federico S. 🖥️ He shares more of his insights on eliminating backdoor access in Forbes https://hubs.la/Q03PGyxj0

Even the stealthiest attackers leave traces — if you know where to look. Just ask Anthony James. The network tells the story of every action taken, hiding critical clues in the subtlest of deviations from the norm. Learn how you can uncover undeniable proof in encrypted traffic and the suspicious structures of essential protocols. https://xtra.li/43cPaNB