And There It Was: Gone, Due Diligence is Key, Keep The Shields Up, The Leading Threats in the System, Donning New Armour, and An Amusing Plot Twist. It's CISO Intelligence for Wednesday, 12th November 2025.

Table of Contents

1. Konni Hackers Turn Google’s Find Hub into a Remote Data-Wiping Weapon
2. Blockchain Banditry: The Curious Case of the "Bitcoin Queen"
3. Vendor Diligence: Keep Friends Close, But Vendors Closer
4. AI Takes the Cybercrime Throne: Phishing Reigns Supreme
5. Mozilla Firefox Puts On Its Anti-Fingerprinting Gloves
6. When Cybercriminals Misplace Their Keys: The Rhadamanthys Infostealer Goof

Konni Hackers Turn Google’s Find Hub into a Remote Data-Wiping Weapon

Who knew that misplacing your phone could lead to a data apocalypse?

What You Need to Know

Recent findings reveal that the notorious Konni hacking group has ingeniously repurposed Google’s Find My Device Hub as a data-erasing tool. It's not just about finding your phone anymore; it's about the newfound capability of malevolent hackers to remotely wipe data with a few clicks. Executive leadership should be aware of this sophisticated threat vector and ensure that enhanced data protection measures are promptly implemented. It’s vital to prioritize the review and enhancement of current security protocols surrounding device recovery applications to thwart potential exploits.

CISO focus: Threat Intelligence and Incident Management
Sentiment: Strong Negative
Time to Impact: Immediate

In an alarming development, the world's digital community is abuzz with news that the infamous Konni hacking group has transformed Google’s Find My Device Hub into a malicious data-wiping weapon. This exploitation of a trusted tool underscores a pressing and pervasive cybersecurity threat that commands immediate attention from organizations worldwide.

The Mechanics Behind the Misuse

The Konni hackers, known for their sophisticated cyber espionage campaigns predominantly targeting governmental and corporate entities, have now turned their attention to a novel vector. Utilizing spoofed device credentials, these hackers infiltrate and seize control over Google’s legitimate recovery tool. From there, they initiate unauthorized data wipes, effectively destroying critical digital information and leaving victims devastated.

Impact on Global Cybersecurity

This development carries chilling implications for global cybersecurity protocols. Devices previously thought to be secure, especially those utilizing Google’s popular service, suddenly find themselves susceptible to unexpected and unwarranted data loss. This vulnerability not only compromises individual consumers but poses significant risks to corporate data integrity and national security.

Institutional Response and Protective Measures

Financial institutions, government bodies, and tech firms must intensify vigilance and adapt strategies to mitigate this looming threat. The priority should be twofold: patch vulnerabilities within the device recovery system and ensure robust authentication mechanisms are in place. This situation also calls for a reevaluation of risk assessment frameworks and a strengthening of incident response teams.

Strengthening Security Fortifications

1. Review and Update Security Protocols: Businesses need to revisit their data security protocols, placing a heightened focus on device management and recovery tool security.

2. Implement Robust Authentication: Introduce multi-factor authentication for device recovery tools to prevent unauthorized access.

3. Enhance Network Monitoring: Employ advanced threat detection systems to identify suspicious activity related to device and data management tools.

4. Training and Awareness: Educate stakeholders about potential threats associated with device locator tools, cultivating a culture of cybersecurity awareness.

Why Konni’s Tactics Demand Immediate Action

Konni’s prowess in crafting intricate cyber operations highlights their capability to breach security perimeters previously deemed impenetrable. The discovery of their activities raises questions about the predictability of current cybersecurity measures against innovative hacking tactics. The current digital landscape necessitates an agile response framework capable of evolving alongside emerging threats.

Final Thoughts: When Your "Find My" Finds Too Much

The exploitation of Google’s Find My Device by Konni hacking group is a formidable reminder of the ever-evolving landscape of cyber threats. While advances in technology grant convenient solutions for everyday problems, they also open new avenues for exploitation. By taking proactive steps to fortify security measures surrounding these technologies, organizations can better shield themselves from becoming the next high-profile target.

Vendor Diligence Questions

1. Are our vendors applying multi-factor authentication in their device recovery applications?
2. What measures have vendors implemented to detect and mitigate unauthorized access attempts to user data?
3. How frequently are security audits conducted on the technologies provided by our vendors to identify exploitable vulnerabilities?

Action Plan

1. Schedule an immediate review of current device recovery protocols to identify potential vulnerabilities.
2. Implement or upgrade multi-factor authentication for all access points to device management and recovery tools.
3. Initiate a training program for all employees focusing on the latest threat vectors in device security.
4. Establish a rapid response team to address and mitigate any breaches in device security proactively.

Source: Konni Hackers Turn Google’s Find Hub into a Remote Data-Wiping Weapon

Blockchain Banditry: The Curious Case of the "Bitcoin Queen"

In the world of cryptocurrency, sometimes the coins are the least 'crypto' part.

What You Need to Know

The landscape of cryptocurrency is marred with both profound innovation and notable scams. Recently, the notorious "Bitcoin Queen," who masterminded a $7.3 billion fraud accessed through her cryptocurrency pyramid scheme, was sentenced to 11 years in prison. For board members and executive management, this serves as a critical reminder of the importance of robust due diligence and anti-fraud measures in digital finance environments. Your task is to implement stringent oversight protocols, assess the robustness of existing monitoring frameworks, and reinforce security strategies to guard against similar threats.

CISO focus: Cryptocurrency and Anti-fraud Measures
Sentiment: Strong Negative
Time to Impact: Immediate

In a dramatic culmination of events, Ruja Ignatova, infamously known as the "Bitcoin Queen," was handed an 11-year prison sentence for orchestrating one of the largest cryptocurrency Ponzi schemes in history. Her brainchild, OneCoin, masqueraded as another digital currency but was ultimately exposed as a well-oiled fraudulent operation that duped investors to the tune of $7.3 billion. The scandal once again underscores the need for rigorous scrutiny and verification processes in the cryptocurrency arena.

The Fraud That Shook the Financial World

The OneCoin scam operated under the guise of being a legitimate blockchain front. Unlike genuine cryptocurrencies like Bitcoin, which use a decentralized ledger, OneCoin was built on falsehoods right from its inception. Promising massive returns, Ruja Ignatova and her cohorts managed to lure in over three million investors globally, navigating legal systems across continents with remarkable ease.

Inside the Scheme

The deceptive operation capitalized on a polished public narrative, boasting glitzy campaigns and strategic partnerships. The scheme’s allure lay in its promise of high yields with minimal investment - a classic scheme archetype. Investors were treated to extravagant events, and elite personalities even endorsed the plan, further legitimizing its false value.

Regulating the Unregulated

The magnitude of this fraud has sparked a significant debate over the necessity for regulatory frameworks within the realm of cryptocurrencies. Given the decentralized and often elusive nature of digital currencies, many investors approach the market without the safety net of regulatory oversight. This environment can become a fertile ground for scams like OneCoin.

Consequences and Cautions

As the reverberations of this case echo through legal and financial corridors worldwide, they stir imperative questions around consumer protection and financial education in the dynamic digital age. Cryptocurrencies thrive on worldwide, unregulated terrain, which has proven challenging for authorities to patrol and control effectively.

• Education and Awareness: First in line of defenses should be a strong emphasis on education. Investors are advised to remain informed and skeptical of schemes promising unusually high returns.
• Blockchain Transparency: Additional focus on transparency in blockchain technology and transactions can help in creating layers of security.
• Legal Frameworks: Prompt governmental interventions with regulations and frameworks to offer more structured guidance in digital finance.

Ripple Effects in the Financial Industry

The "Bitcoin Queen" saga has left a trail of shaken investor confidence. Traditional financial institutions are urged to adopt technologies and practices that establish trust, leveraging blockchain technology's potential while mitigating risks of fraud.

• Investor Confidence Rebuilding: Institutions must work towards regaining investor trust through transparent operations and robust protective measures.
• Cross-border Collaboration: Enhanced cooperation between international entities is pivotal in preempting similar future scams.

A Digital Lesson

The OneCoin debacle is a cautionary tale for the unforeseen vulnerability within the cryptocurrency landscape. For fintech companies, there's an immediate need to adopt fortified security measures to protect investments and the future of digital currencies.

Cryptocurrency: A Gold Rush and A Golden Trap

The case of the "Bitcoin Queen" serves a dual role - it warns of the dangers lurking in the uncharted digital currency waters while advocating for the commendable potential of the technology, if wisely governed.

Vendor Diligence Questions

1. How does the vendor ensure transparency and authenticity in cryptocurrency transactions?
2. What measures are in place to prevent the facilitation of fraudulent activities via their platform?
3. How compliant is the vendor’s solution with existing and foreseen digital finance regulatory standards?

Action Plan

1. Risk Assessment: Conduct a thorough risk assessment to understand vulnerabilities in current cryptocurrency transaction operations.
2. Strengthen Controls: Tighten internal controls and procedures to detect and prevent fraud.
3. Continuous Monitoring: Implement continuous monitoring protocols to swiftly identify suspicious activities reminiscent of pyramid scheme characteristics.

Source: “Bitcoin Queen” gets 11 years in prison for $7.3 billion Bitcoin scam

Vendor Diligence: Keep Friends Close, But Vendors Closer

Because in the world of cyber, trust but verify isn’t just a mantra; it’s a survival strategy.

What You Need to Know

The digital landscape is fraught with risks that can stem not just from within, but also through third-party vendors. Organizations entrusting sensitive data and critical processes to external providers must adopt comprehensive vendor risk management strategies to mitigate potential threats. The board and executive management are expected to ensure the implementation of robust vendor risk practices to protect organizational interests effectively from these external vulnerabilities.

CISO Focus: Third-Party Risk Management
Sentiment: Strong Positive
Time to Impact: Immediate

In the rush to optimize operations and cut costs, businesses today are outsourcing more than ever. While this strategy can lead to enhancements in efficiency and profitability, it also widens the field of potential cyber vulnerabilities. This article delves into the complexities of vendor risk management, offering insights on how businesses can implement effective strategies to safeguard their interests amid this challenging landscape.

The Growing Importance of Vendor Risk Management

Given that nearly 60% of security breaches are linked to third-party vendors, according to a report by UpGuard, managing vendor risk is no longer optional for organizations—it's imperative. With cyber threats becoming more sophisticated, the need for robust vendor risk management strategies has never been greater. Understanding the vendor landscape and its associated risks can provide organizations with a proactive approach to safeguarding their data and operations.

Key Challenges in Vendor Management

• Data Breaches: Vendors with insufficient security controls can become an easy target for attackers.
• Compliance Risks: Vendors might not adhere to necessary compliance and regulatory guidelines, exposing businesses to legal challenges.
• Operational Disruptions: Dependency on a single vendor can lead to operational bottlenecks if that vendor faces disruptions.

Effective Strategies for Vendor Risk Management

To mitigate these risks, organizations should consider implementing comprehensive strategies:

1. Comprehensive Vendor Assessments:

   • Conduct thorough due diligence before onboarding vendors to ensure they meet the necessary security standards and compliance requirements.

2. Ongoing Monitoring:

   • Implement continuous monitoring mechanisms to evaluate vendor performance and security postures over time, rather than relying on initial assessments alone.

3. Clear Contractual Obligations:

   • Establish explicit contractual terms that define the security requirements, roles, and responsibilities of both parties.

Implementing Risk Management Frameworks

Organizations can adopt frameworks such as NIST's Cybersecurity Framework to create a structured approach to vendor management. This involves identifying potential risks, protecting critical assets through robust controls, detecting breaches quickly, responding effectively, and recovering operations if a breach occurs.

Building a Resilient Vendor Ecosystem

For businesses to thrive amid these challenges, collaboration and transparency in vendor relationships are key. Establishing a collaborative environment with clear channels of communication can facilitate faster response times and reduce risks.

Leveraging Technology

Utilize advanced technologies such as AI and machine learning for real-time analytics and threat detection across the vendor network, ensuring an agile and adaptive risk management strategy.

"Are We Counting Our Vendor Eggs Before They Hatch?"

• Conduct a holistic risk assessment by evaluating all potential vulnerabilities associated with vendors to ensure they don't become a liability in disguise.

Vendor Diligence Questions

1. What security frameworks and compliance measures does the vendor adhere to?
2. How does the vendor handle data breaches and what incident response plans are in place?
3. Can the vendor provide recent audit reports and security assessment results?

Action Plan

• Conduct a Risk Assessment: Analyze existing vendor relationships to identify high-risk vendors and prioritize them for immediate evaluation.
• Implement Monitoring Tools: Deploy solutions that offer continuous monitoring and real-time alerts for unusual vendor activities.
• Training and Awareness: Design and implement training modules for staff working directly with vendors, focusing on identifying and mitigating third-party risks.

Source: Vendor Risk Management: Strategies for Protecting Your Business | UpGuard

AI Takes the Cybercrime Throne: Phishing Reigns Supreme

If robots had ethics, do you think they'd create malware too?

What You Need to Know

The proliferation of Artificial Intelligence (AI) tools within the underground cybercrime ecosystem is amplifying existing threats while ushering in new risks. Executive teams need to recognize the potential impact on organizational security strategies and prioritize fortifying defenses against AI-driven attacks, particularly phishing. The board is expected to allocate resources for enhancing cyber resilience and educating employees on recognizing AI-generated threats.

CISO Focus: Cybercrime & AI
Sentiment: Strong Negative
Time to Impact: Immediate

AI-Driven Cybercrime on the Rise

The cybersecurity landscape is rapidly evolving as advanced AI platforms designed to bolster cybercriminal activities surge onto the scene. According to Cyber Security News, AI-generated phishing has emerged as the most pressing threat in 2025, with a staggering 1,265% increase in attacks. These AI tools are tailor-made to give malicious actors a significant advantage, enabling them to craft convincing, AI-written phishing campaigns that require less effort and expertise.

Phishing: The Undefeated Champion

Phishing remains at the forefront of cyber threats, largely due to its enhanced efficiency through AI. Underground forums reveal a commonality among various AI tools in their capability to aid phishing attacks. This method of gaining unauthorized access continues to prove effective, aligning with the tools’ primary selling points. Enterprises find themselves battling an escalating wave of AI-driven phishing, compelling security teams to innovate defensive strategies.

A New Era of Polymorphic Malware

Tools like WormGPT, FraudGPT, and MalwareGPT highlight a particularly challenging development—AI-powered polymorphic malware. This type of malware is adept at altering its code to avoid detection by conventional antivirus software, as outlined by recent reports from Google researchers. The proliferation of these AI-enhanced threats underscores the dire need for organizations to adopt more adaptive and predictive security measures.

Next-Gen Threats: The Xanthorox AI

Leading the latest wave of AI-driven threats, Xanthorox AI symbolizes a more sophisticated approach to cybercrime. Unlike its predecessors, Xanthorox operates autonomously on private servers, diminishing the risk of detection and boosting its effectiveness. Its modular framework supports an array of functionalities, from designing intricate phishing schemes to generating deepfakes. This self-hosted infrastructure represents a quantum leap in threat evolution.

The Democratization of Cybercrime

The accessibility of AI tools, exemplified by Evil-GPT's free distribution, signifies a democratization of cybercrime capabilities. These tools empower even inexperienced threat actors to initiate complex cyber operations, lowering the entry barriers significantly. This democratization poses a pronounced risk to organizational cybersecurity, as more individuals can potentially partake in sophisticated cyberattacks without the prior requirement of technical acumen.

On Guard Against AI-Enhanced Phishing

Security experts urge organizations to bolster their defenses with a multi-layered approach that includes:

• Implementing advanced anti-phishing solutions
• Conducting regular threat intelligence updates and feedback loops
• Increasing employee awareness and training on recognizing AI-generated phishing attempts

The rise of AI in the cybercriminal arsenal denotes a paradigm shift that demands immediate attention and action. As these tools grow more sophisticated, organizations must strengthen their cyber defenses to face a future where AI not only assists security but potentially works against it.

Quirky Conclusion

Are we witnessing the cyber equivalent of Frankenstein's monster? The future remains uncertain, but one thing's for sure: AI is out of the lab and running amok in the dark corridors of cyberspace.

Vendor Diligence Questions

1. How does your solution detect and mitigate AI-generated phishing campaigns?
2. Can your products identify and respond to polymorphic malware threats?
3. What capabilities do you have to protect against threats operated via private servers like Xanthorox AI?

Action Plan

• Threat Monitoring: Establish continuous monitoring for AI-driven threats using threat intelligence platforms.
• Employee Training: Develop and deliver a rigorous training module focusing on AI-generated phishing.
• Incident Response Enhancement: Update incident response plans to address the nuances of AI-related threats.
• Vendor Collaboration: Work with vendors to ensure solutions are equipped to handle the specific challenges posed by AI-enhanced cybercrime.

Source: https://cybersecuritynews.com/ai-tools-promoted-by-threat-actors/

1. Cyber Security News
2. Google Research Papers on AI Polymorphic Malware
3. FBI Cybersecurity Alerts on AI and Cybercrime

Mozilla Firefox Puts On Its Anti-Fingerprinting Gloves

Catch me if you can, but you probably can't, thanks to Firefox.

What You Need to Know

Mozilla Firefox has introduced new anti-fingerprinting defenses to further protect user privacy. This enhancement aims to mask unique web browser characteristics that could previously be exploited to track users online, even without cookies. The senior executive team is advised to be aware of these improvements as they may impact both customer privacy standards and compliance obligations. Ensure that the organization's web applications are compatible with the new Firefox features and maintain a strong focus on user privacy.

CISO focus: Privacy and User Data Protection
Sentiment: Strong Positive
Time to Impact: Short (3-18 months)

Beefing Up Against Browser Fingerprinting

In an era where privacy breaches are increasingly alarming both consumers and corporations, Mozilla Firefox's latest leap forward addresses a core vulnerability: browser fingerprinting. This technique enables websites to create a unique profile based on specific configurations of a user's browser and device, facilitating tracking even without traditional cookies. Firefox's freshly unveiled defenses take a sledgehammer to this method, marking a significant coup in the quest for greater online privacy.

What is Fingerprinting?

Browser fingerprinting involves the collection of device-specific settings and attributes. These include information about the operating system, browser type and version, screen resolution, installed plugins, and even hardware capabilities. When combined, these seemingly benign data points converge into a remarkably distinctive 'fingerprint' that can identify a user across different websites.

Firefox’s New Armory

The enhancements in Firefox aim to standardize or disguise these attributes, effectively camouflaging users amongst a digital crowd. By disrupting the coherent collection of data points, Mozilla effectively throws a wrench into the tracking machinery that companies have used to analyze user behavior.

• Enhanced Fingerprint Protections: The measures make it harder for websites to reliably collect metadata that contributes to a fingerprint.
• Broader Adoption: By introducing these changes, Mozilla champions privacy advocacy and pressures the rest of the industry to follow suit.

Motivation Behind the Move

Motivated by growing privacy concerns, Mozilla's efforts align with a broader trend towards user empowerment over digital identity. As policymakers pressure tech companies to reform data collection practices, browser privacy improvements are no longer a competing advantage but a core requirement.

User and Industry Impact

For users, this means enhanced digital anonymity. For enterprises, however, it imposes a dual challenge: ensuring their own compliance with evolving privacy standards and maintaining user experience within the constraints imposed by these privacy tools.

Beneficiary or Foe?

While positively impacting privacy-conscious consumers, such developments might impact digital marketers and advertising networks reliant on user data. Companies will need to pivot towards more ethical, transparent data collection mechanisms.

Tech developers will need to keep pace with these changes to ensure optimal functionality across all browsers, preventing performance hiccups. Firefox's consistent stance on privacy not only defines its branding but also sets a precedent for competitors who might find themselves lagging if similar protections are not introduced.

The Broader Context

This initiative exemplifies a shift in cybersecurity outlooks, placing greater emphasis on crafting conducive environments for privacy rather than solely punishing breaches once they occur. As the digital landscape evolves, privacy foundational elements became paramount for consumer confidence and brand integrity.

In a marketplace where data is king, challenging traditional data tracking methods presents a paradigm shift, recalibrating norms as the public grows increasingly informed.

The Final Bow

In the grand theater of cyberspace, Firefox continues its role as an advocate for user rights. By donning its newest anti-fingerprinting cape,—albeit invisibly—it rekindles the debate of privacy versus convenience.

Vendor Diligence Questions

1. How does your product ensure compatibility with browser privacy features like Firefox’s new anti-fingerprinting measures?
2. Can your service accurately track user engagement without relying on traditional or intrusive fingerprinting techniques?
3. What are your plans for adapting to continually evolving web privacy standards?

Action Plan

1. Compatibility Assessment: Evaluate the company's web applications and third-party services for compatibility with Firefox’s new anti-fingerprinting defenses.
2. Privacy Assessment: Review data practices to ensure compliance with privacy standards inspired by these changes.
3. Staff Training: Train staff involved in web development and digital marketing on implications of browser fingerprinting defenses.
4. User Communication: Communicate the benefits of browser privacy enhancements to customers to enhance trust and brand loyalty.

Sources:

1. Bleeping Computer - Mozilla Firefox gets new anti-fingerprinting defenses
2. Mozilla Blog - Enhancing Privacy in Firefox
3. TechCrunch - The War Against Browser Fingerprinting

When Cybercriminals Misplace Their Keys: The Rhadamanthys Infostealer Goof

Who let the hackers lock themselves out? Cyber epic fail 101.

What You Need to Know

The cyber landscape just took an unexpected twist as the notorious Rhadamanthys infostealer, a once formidable malware tool, hits an operational snag. Cybercriminals behind Rhadamanthys have lost access to the servers that facilitate its malicious acts. This unforeseen disruption compromises their ability to operate effectively. Management should review the implications on organizational cybersecurity postures and prepare for possible opportunistic threats. Key actions: reassess current cyber defenses to address any evolved tactics from these actors, and reinforce systems against any derivative threats from ‘copycat’ malware operators.

CISO focus: Malware Intelligence and Countermeasures
Sentiment: Positive
Time to Impact: Immediate to Short (3-18 months)

The cyber threat landscape faced an unexpected yet befittingly ironic obstacle as the notorious group operating a powerful malware, known as Rhadamanthys infostealer, inadvertently locked themselves out of their own servers. This capability malfunction has, at least temporarily, put an end to their reign of data thievery, providing cybersecurity experts a rare moment of reprieve — a chapter right out of a "Mission: Impossible" spoof.

The Great Lockout: What Happened?

Cybercriminals with a known penchant for infiltrating systems and extracting sensitive data, perhaps tired from their relentless digital prowls, have ironically lost access to their command and control servers. These servers function as the nerve center for the Rhadamanthys infostealer, coordinating widespread data exfiltration without the need for hackers to manually redirect their attention each time.

Without access to these digital instruments of chaos, the cybercriminal group faces a significant handicap. While it’s unclear whether this locked-out status is a result of internal error or external intervention, cybersecurity experts suggest a delightful combination of both. This incident not only disrupts their current operations but might also force them to reveal new tactical shifts as their revenue stream throttles to a halt.

Rhadamanthys Infostealer: A Brief Overview

Rhadamanthys infostealer has been crawling the dark corridors of the internet with infamous repute. Specifically designed to silently siphon off credentials and data from compromised systems, this malware has proven remarkably adept at slipping through defenses. Typically distributed through phishing campaigns and bogus websites, the tool has caused considerable damage across various industries, with victims largely unaware until significant data loss occurred.

What Now? The Risks Post-Disruption

While this development is a noteworthy win for cybersecurity defenders, the circumstances may be temporary. Cybercriminals are notoriously adaptable and resourceful. With their servers compromised, there is a potential for them to deploy alternative methods, modify infrastructure, or even develop new strains of malware. Organizations must prepare for potential retaliatory hacks or targeted attacks designed to test and breach the beefed-up systems.

Expert Recommendations

• Extensive Monitoring: Increase vigilance and monitoring of systems given that the threat actors might shift to new tactics.
• Patch Management: Ensure that all systems are up-to-date with the latest security patches, exploiting any delay in software updates.
• Education & Awareness: Train employees to recognize phishing and other social engineering attacks, the primary delivery mechanism for such malware.

Vendor Diligence Questions

1. How does the vendor ensure that their own infrastructure cannot be easily compromised or locked out?
2. Can the vendor provide assurance regarding real-time incident response capabilities?
3. What mechanisms do they have in place to adapt to quickly evolving threat landscapes like breached malware groups?

Action Plan

1. Conduct an Emergency Cybersecurity Audit: Immediately verify and test for overlooked vulnerabilities that may have been targeted by Rhadamanthys previously.
2. Deploy Advanced Threat Detection Tools: Utilize AI/machine learning-based solutions that can dynamically adapt to potential threats posed by the cybercriminals’ backup plans.
3. Enhance Collaboration with Threat Intelligence Networks: Engage with cyber intelligence networks for insights on evolving tactics that these threat actors might adopt following their logistical dilemma.

Source: Rhadamanthys infostealer disrupted as cybercriminals lose server access

CISO Intelligence is lovingly curated from open source intelligence newsfeeds and is aimed at helping cybersecurity professionals be better, no matter what their stage in their career.

We're passionate advocates for good cybersecurity at home, at work, and in government.

Thank you so much for your support!

CISO Intelligence by Jonathan Care is licensed under Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International