Stoyko Stoykov 4 months ago

🚨 Crypto24 uses custom RealBlindingEDR + Google Drive exfil before encrypting. EDR blind, SMB moves, VSS wipe. Defenders: tamper‑protection, app control, cloud‑egress watch. #CyberSec Source:

Cybersecurity News

Inside Crypto24: Custom EDR-Blinding and Google Drive Exfiltration in Recent Ransomware Intrusions

Stoyko Stoykov 4 months ago

⚡Patch Tuesday alert! Kerberos EoP flaw hits AD. Patch DCs first, block external AD ports, lock down fast. #PatchTuesday #CyberSec #Kerberos Source:

Cybersecurity News

Kerberos Zero-Day Leads August Patch Tuesday: 111 Microsoft Vulnerabilities Fixed

Stoyko Stoykov 4 months ago

🚨 30k+ Exchange servers in hybrid mode still unpatched! If using Exchange 2016/2019, patch & rotate creds ASAP, switch to dedicated hybrid app. Risk tenant‑level. #CyberSec Source:

Cybersecurity News

Nearly 30,000 Exchange Servers Left Unpatched Against Critical Hybrid Flaw (CVE-2025-53786)

Stoyko Stoykov 4 months ago

🚨 150+ malicious Firefox wallet extensions stole $1M+ crypto! GreedyBear weaponized Extension Hollowing: clean start → credential theft. Use hardware wallets. 🛡️ #CyberSec #Crypto Source:

Cybersecurity News

GreedyBear - How 150+ Malicious Firefox Wallet Extensions Stole $1M in Crypto

Stoyko Stoykov 4 months ago

🚨 ShinyHunters leaked 39k Google Ads leads from hacked Salesforce. Fix: MFA, rotate API tokens, limit exports, monitor logins. #CyberSec #ZeroTrust 🚨 Source:

Cybersecurity News

ShinyHunters Leaks Google Ads Prospect Data via Compromised Salesforce Instance

Stoyko Stoykov 4 months ago

🚨 ShinyHunters hit Salesforce, spilling GoogleAds lead info (names, emails, phones). Token hygiene weak. Fix: MFA, rotate tokens, lock egress. Lead‑list phishing! #ZeroTrust #CyberSec Source:

Cybersecurity News

ShinyHunters Leaks Google Ads Prospect Data via Compromised Salesforce Instance

Stoyko Stoykov 4 months ago

🚨 WinRAR phishing attack drops RomCom RAT via crafted ZIPs. Patch ASAP, scan archives, whitelist WinRAR startup folder. #ZeroDay #Phishing #CyberSecurity Source:

Cybersecurity News

WinRAR Zero‑Day CVE‑2025‑8088: Phishing Campaigns Planting the ‘RomCom’ RAT

Stoyko Stoykov 4 months ago

⚠️ Hybrid Exchange still a soft‑spot. Attackers can silently elevate to tenant‑admin, bypass MFA & take over M365. Patch the update by Wed Aug 11, tighten OIDC, & monitor token fires. #CyberSec #ZeroTrust 🚨 Source:

Cybersecurity News

CISA’s Emergency Directive on CVE-2025-53786: A Silent Privilege‑Escalation Threat for Hybrid Exchange

Stoyko Stoykov 4 months ago

SonicWall Gen7 zero-day reportedly bypasses MFA; 20+ orgs hit. Today: disable WAN mgmt, geofence VPN, audit admins/logs, rotate secrets, prep to patch fast. Assume probed. #infosec 🔥🛡️ Source:

Cybersecurity News

SonicWall Gen 7 Zero‑Day: Targeted Breaches and an MFA Bypass in the Perimeter

Stoyko Stoykov 4 months ago

CISA: SharePoint under active exploit. Patch now, lock uploads, watch w3wp→cmd/ps, and remove internet exposure. Assume probing today. Blue teams, move. 🛡️⚡️ #infosec #BlueTeam #SharePoint Source:

Cybersecurity News

Breaking the ToolShell Chain: CISA Warns of Active Exploitation in Microsoft SharePoint

Stoyko Stoykov 4 months ago

Ransomware crews are mass-exploiting on-prem SharePoint. Patch now, lock down service accounts, monitor w3wp→PowerShell, and hunt webshells in IIS dirs. Assume breach. #BlueTeam 🛡️ #Infosec Source:

Cybersecurity News

Ransomware Gangs Are Mass-Exploiting a Microsoft SharePoint Flaw: What Security Teams Need to Know

Stoyko Stoykov 4 months ago

Stealth Falcon abused a Windows WebDAV URI bug since March for click-to-RCE on patched hosts. Mitigate: disable WebClient, lock handlers, watch DAV + LOLBins. Patch now. 🚨 #infosec #DFIR Source:

BitBase

Bitbase - Stay Secure. Stay Informed.

Stoyko Stoykov 4 months ago

2025's ransomware landscape: Fake browser updates 🌐 are the new normal. Remember, your instincts *are* your firewall. #Ransomware2025 #SmartScreenSafety #UpdateVerify #CyberSecuritySuperpower 🔍💻🔒☁️

Stoyko Stoykov 4 months ago

🚨 2025 DDoS attacks hitting 100M+ rps! 💥 MPLS cores and scrubs are crumbling.🌪️ Traditional defenses? Falling short. AI is our only hope. 🤖 What's your strategy? #CyberResilience #DNS #DDoS #Infosec #AIDefense #2025CyberWar

Stoyko Stoykov 4 months ago

🚨 URGENT ALERT! 🚨 Nation-state hackers are exploiting an actively SharePoint zero-day flaw. If you haven't patched yet, do it IMMEDIATELY! Time is of the essence - avoid being the next target. #ZeroDay #CyberSecurity #ThreatIntel #PatchNow

Stoyko Stoykov 4 months ago

🚨 Midnight struck on 6/30/2025, and 155 orgs fell to ransomware. Enterprise software under siege. #CyberArmageddon isn't a movie, it's our reality. Time to fortify, folks. Share your top defense strategies below. 🛡️ #RansomwareWar2025 #InfoSec

Stoyko Stoykov 4 months ago

🚨 #LockBit still wreaking havoc in 2025! Latest attack on tech hubs proves passive monitoring isn't enough. 🔒 Proactive defense + swift response is key. 🔍 Are you ready? Share your strategy! #CyberSecurity #Ransomware #DefendLike2025 💻🛡️

Stoyko Stoykov 5 months ago

🚨 Alert! 🚨 Russian hackers exploit a critical zero-day flaw in a widely used VPN. 🕵️‍♂️💥 This is a game-changer for remote work security. 🔐 Update & patch immediately! 🚨 #CyberSecurity #VPN #ZeroDay #Infosec #PatchNow

Stoyko Stoykov 5 months ago

Butterfly effect in #infosec: a tiny #GitHub oversight in 2025? Meet #CryptoRabbit's global ransomware hunt! 🦋🔒 Devs, your Easter egg check now could save millions later. #CyberSecurity #Malware #SupplyChain #CodeSecurity

Stoyko Stoykov 5 months ago

🚨 2025 VPN woes! 🏢💻 Zero-day exploits are cranking up the heat on enterprise networks this July. Spot unusual logs? 🔍 You're seeing the siege. Patch now or isolate—every second counts! 🔥 #CyberSecurity #VPN #ZeroDay #Infosec