Breaking News – Cyber Threats (last 6h)
Generated: 2025-12-17 07:00 PST
- Your MFA Is Costing You Millions. It Doesn't Have To.
BleepingComputer • 2025-12-17 06:00 • www.bleepingcomputer.com
Passwords and app-based MFA add hidden costs through lost productivity, frequent resets, and risk of phishing and social engineering attacks. Token explains how wireless biometric, passwordless authentication eliminates credential-based attacks and delivers measurable financial returns by reducing login time across the enterprise. […]
https://www.bleepingcomputer.com/news/security/your-mfa-is-costing-you-millions-it-doesnt-have-to/ - Microsoft asks IT admins to reach out for Windows IIS failures fix
BleepingComputer • 2025-12-17 04:30 • www.bleepingcomputer.com
Microsoft has asked businesses to reach out for advice on how to temporarily mitigate a Message Queuing (MSMQ) issue causing enterprise apps and Internet Information Services (IIS) sites to fail. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-asks-it-admins-to-reach-out-for-windows-iis-failures-fix/ - Deliberate Internet Shutdowns
Schneier on Security • 2025-12-17 04:02 • www.schneier.comFor two days in September, Afghanistan had no internet. No satellite failed; no cable was cut. This was a deliberate outage, mandated by the Taliban government. It followed a more localized shutdown two weeks prior, reportedly instituted “to prevent immoral activities.” No additional explanation was given. The timing couldn’t have been worse: communities still reeling from a major earthquake https://www.schneier.com/blog/archives/2025/12/deliberate-internet-shutdowns.html
- Fix SOC Blind Spots: See Threats to Your Industry & Country in Real Time
The Hacker News • 2025-12-17 03:30 • thehackernews.com
Modern security teams often feel like they’re driving through fog with failing headlights. Threats accelerate, alerts multiply, and SOCs struggle to understand which dangers matter right now for their business. Breaking out of reactive defense is no longer optional. It’s the difference between preventing incidents and cleaning up after them.
Below is the path from reactive firefighting to a
https://thehackernews.com/2025/12/fix-soc-blind-spots-see-threats-to-your.html - China-Linked Ink Dragon Hacks Governments Using ShadowPad and FINALDRAFT Malware
The Hacker News • 2025-12-17 03:12 • thehackernews.com
The threat actor known as Jewelbug has been increasingly focusing on government targets in Europe since July 2025, even as it continues to attack entities located in Southeast Asia and South America.
Check Point Research is tracking the cluster under the name Ink Dragon. It’s also referenced by the broader cybersecurity community under the names CL-STA-0049, Earth Alux, and REF7707. The
https://thehackernews.com/2025/12/china-linked-ink-dragon-hacks.html - Operation ForumTroll continues: Russian political scientists targeted using plagiarism reports
Securelist • 2025-12-17 02:00 • securelist.com
Kaspersky’s GReAT experts have uncovered a new wave of cyberattacks by the ForumTroll APT group, targeting Russian political scientists and delivering the Tuoni framework to their devices.
https://securelist.com/operation-forumtroll-new-targeted-campaign/118492/ - Surveillance at sea: Cruise firm bans smart glasses to curb covert recording
Graham Cluley • 2025-12-17 01:33 • www.bitdefender.com
If you’re planning a cruise for your holidays, and cannot bear the idea of being parted from your Ray-Ban Meta smart glasses, you may want to avoid sailing with MSC Cruises.The cruise line has updated its list of prohibited items, specifically banning smart glasses and similar wearable devices from public areas.
Read more in my article on the Hot for Security blog.
https://www.bitdefender.com/en-us/blog/hotforsecurity/surveillance-at-sea-cruise-firm-bans-smart-glasses-to-curb-covert-recording
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
