Exploitation of Blue Angel Software Suite (typically found in VOIP/SIP systems) https://isc.sans.edu/diary/32410

World map · Exploited vulnerabilities · The Shadowserver Foundation

VulnCheck

5VTechnologies Blue Angel Software Suite Hardcoded Credentials

CVE-2025-34034 | CWE-798 Use of Hard-coded Credentials | Affecting An affected version range remains undefined | Severity: critical | CVSS: 9.3

A ransomware attack against Transport for London at the start of September has cost the organization £39 million Two teens were arraigned in court last Friday for it

Teenagers appear in court over Transport for London cyber attack

Thalha Jubair, 19, and Owen Flowers, 18, were arrested in September by the National Crime Agency.

A recent study has found that while 95% of respondents are confident about their ability to recover from a ransomware attack using their backups, only 15% of those who were attacked managed to do so

OpenText Cybersecurity 2025 Global Ransomware Survey: Rising Confidence Meets a Growing AI Threat

OpenText™ (NASDAQ: OTEX) (TSX: OTEX), a global leader in secure information management for AI, today released the findings of its fourth annual ...

Anyone know what this is? zircon7g4qp46d3gjhejbgxnqwzebcjqs2wkke5pxeux4rrgvbuoulqd[.]onion

Ransomware payment rates have dropped below 25% for the first time in history. Coveware says cyber defenders, law enforcement, and legal specialists should take this as a validation of their efforts.

Coveware: Ransomware Recovery First Responders

Insider Threats Loom while Ransom Payment Rates Plummet

The percentage of companies choosing to pay ransoms dropped significantly, while threat actors shift their tactics in response to decreasing profits.

A new Microsoft Teams feature will let organizations track employees based on nearby WiFi networks. According to privacy experts, the new feature will allow companies to crack down on workers who dodge return-to-office mandates.

Microsoft 365 Roadmap | Microsoft 365

Around several thousands individuals who were held at the KK Park scam compound have fled or have been moved to new locations over the past week, according to Cyber Scam Monitor. The change comes after a new round of US Treasury sanctions and a move from Myanmar's military junta to crack down on some of the biggest compounds. https://cyberscammonitor.substack.com/p/whats-happening-at-kk-park

India's WazirX cryptocurrency exchange has resumed trading 15 months after a major security breach. The company was hacked for $235 million worth of assets in July of last year.

WazirX Blog

Trading to Resume on WazirX with Zero Trading Fee from 24th October - WazirX Blog

Trading on WazirX restarts October 24 with ZERO trading fees! Rollout to happen in phases over 4 days to ensure a smooth, stable return to full tra...

Talks from the r2con 2025 security conference, which is taking place over the weekend, are available on YouTube: https://www.youtube.com/@radareorg/playlists

New infosec drama... this one between Cato and Fortinet

#fortifud #sase #catonetworks #whenindoubttestitout | Michael Ortega | 77 comments

RE: Fortinet