Mustang Panda Uses SnakeDisk USB Worm to Deliver Yokai Backdoor to Thailand-Based Targets Summary of the discovery IBM X-Force researchers Golo Mühr and Joshua Chung reported that the China-aligned threat actor known as Mustang Panda has deployed an updated TONESHELL backdoor alongside a previously undocumented USB worm called SnakeDisk. According to the analysis, the worm…
Browser-Based Attacks: What Security Teams Need to Prepare For Now What is a browser-based attack — and why it matters Attacks that target users in their web browsers have seen an unprecedented rise in recent years. A browser-based attack leverages the browser — and the rich, interactive content it renders — as the primary attack…
FBI Alert: UNC6040 and UNC6395 Target Salesforce Orgs for Data Theft and Extortion What the FBI alert says The FBI has issued a FLASH alert warning that two threat clusters, tracked as UNC6040 and UNC6395, are compromising organizations’ Salesforce environments to steal data and extort victims. The FBI has issued a FLASH alert warning that…
FBI: UNC6040 and UNC6395 Target Salesforce Instances to Steal Data and Extort Victims Summary of the FBI FLASH alert The FBI has issued a FLASH warning that two threat clusters, tracked as UNC6040 and UNC6395, are compromising organizations’ Salesforce environments to steal data and extort victims. The advisory raises immediate concern for enterprises that rely…
HybridPetya Ransomware Can Circumvent UEFI Secure Boot to Modify EFI System Partition Overview A recently reported ransomware strain known as HybridPetya is capable of bypassing the UEFI Secure Boot mechanism to place a malicious application on the EFI System Partition (ESP). The ability to write to the ESP and persist at or before the operating…
Three Immediate Priorities During a Cyberattack: Clarity, Control, Lifeline Overview When a cyberattack begins, response speed and the sequence of actions determine whether an organization contains damage or faces prolonged disruption. A concise framework highlighted by Acronis TRU — clarity, control, and a lifeline — captures the immediate priorities MSPs and IT teams need to…
Microsoft resolves streaming lag and stutter introduced by August 2025 Windows updates Summary of the incident Microsoft has resolved severe lag and stuttering issues that affected streaming software on Windows 10 and Windows 11 systems following the installation of the August 2025 security updates. Users reported degraded playback and interrupted live streams after the update;…
US Charges Alleged Administrator of LockerGoga, MegaCortex, and Nefilim Ransomware Summary of the DOJ Action The U.S. Department of Justice has charged Ukrainian national Volodymyr Viktorovich Tymoshchuk for his alleged role as the administrator of three major ransomware operations: LockerGoga, MegaCortex, and Nefilim. This charging announcement aligns with an ongoing law-enforcement campaign to identify, charge,…
How CISOs Win Budget Approval: Framing Security as Business Risk Management Why the budget fight matters now It’s budget season. Once again, security is being questioned, scrutinized, or deprioritized. For many organizations the security function remains a cost center competing with product development, sales initiatives, and operational efficiency projects. Yet the consequences of underfunding security…
Salesloft GitHub Account Compromise Triggered Drift Supply‑Chain Breach, Mandiant Says Summary of the incident Salesloft has disclosed that the chain of events behind a data breach tied to its Drift application began with the compromise of a Salesloft GitHub account. Google-owned Mandiant, which investigated the incident, reported that the threat actor tracked as UNC6395 accessed…