Application Security DevSecOps Specialist NTT DATA | Italy | On-site – View job details As an Application Security DevSecOps Specialist, you will integrate security into CI/CD pipelines using tools such as SAST, DAST, SCA, secret scanning, and container scanning to ensure secure software delivery. You will conduct code security reviews, triage findings, and collaborate with...Read More
Analysis of the embedded obfuscated JavaScript within these fake CAPTCHA pages revealed a multistage payload delivery system that initiated downloads from secondary command-and-control servers: 45[.]221[.]64[.]245/mot/ 104[.]164[.]55[.]7/231/means.d We assess that the threat actors likely initiated their attack campaign through a sophisticated social engineering scheme involving these fake CAPTCHA pages. The pages appear to have delivered information...Read More
Analysis One of the European Union’s top legal advisors is trying to change how banks treat cybercrime victims – meaning they could enjoy greater financial protections sooner than expected. In a recently published legal opinion, Advocate General Athanasios Rantos urged lawmakers to alter their interpretation of the Second Payment Services Directive (PSD2), which would require...Read More
An August ransomware attack against the state of Nevada has been traced to a May intrusion, when a state employee mistakenly downloaded a malware-laced tool from a spoofed website, according to a forensic report the state released Wednesday. State officials refused to submit to a ransom demand and recovered 90% of the impacted data after...Read More
I was fortunate enough to spend several days last week at the Aspen Institute’s Crosscurrent summit on AI and national security in San Francisco. My first takeaway: I very much recommend being in sunny (at the moment, at least) San Francisco rather than slushy, raw New York in early March. The second took a little...Read More
Spanish analysts traced a stealthy Edge based backdoor that records cameras, microphones and files, revealing novel use of DevTools protocol and Pastefy for remote control. In February 2026, specialists from the Spanish company S2 Grupo LAB52 detected a new cyberattack against Ukrainian institutions. According to experts, Russian hackers are behind it, using the Edge browser...Read More
Arctic Wolf’s The State of Cybersecurity: 2025 Trends Report revealed that 23% of organizations experienced at least one significant ransomware attack in 2024. And these attacks remain difficult for organizations to remediate without succumbing to threat actor demands, with the same report finding 76% of victim organizations are electing to pay the ransom to regain...Read More
Flashpoint has announced the release of its 2026 Global Threat Intelligence Report (GTIR), providing security leaders from threat intelligence and vulnerability management teams to physical security professionals and the CISO’s office with a proprietary data-driven, ground-truth view of the converging threats defining today’s hybrid risk environment. Powered by Flashpoint’s Primary Source Collection (PSC), the 2026...Read More
Key Findings Record fragmentation and decentralization: The number of active extortion groups in Q3 2025 rose to a record of 85 groups, the highest number observed to date. The top 10 groups accounted only for 56% of all published victims, down from 71% in Q1. Stable high activity: Ransomware victim postings stabilized at an average...Read More
Cambodian authorities said last week that they had cut activity in scam compounds by half since the start of this year, as the government in Phnom Penh responds to international pressure to clamp down on digital criminal networks. The Southeast Asian country has grown into a global hub for digital scammers in recent years. Experts estimate...Read More