LightNews LightNews
mbissey.bsky.social
Manuel Bissey
@mbissey.bsky.social
89 followers 160 following 960 posts
#Cybersecurity and Risk Management Executive @Microsoft. Passionate about #Cyberdefense, #Technology and #Innovation. Views are my own.
Posts Media Videos Starter Packs
mbissey.bsky.social
Manuel Bissey @mbissey.bsky.social · 2d
Astaroth banking trojan is back — abusing GitHub to evade detection and steal financial data. Even trusted platforms can host hidden predators. 💰🧑‍💻 #FinancialThreats #Malware
Astaroth Banking Trojan Abuses GitHub to Remain Operational After Takedowns
Astaroth banking trojan exploits GitHub for resilience, targeting Latin American users via phishing.
buff.ly
mbissey.bsky.social
Manuel Bissey @mbissey.bsky.social · 2d
The “Mysterious Elephant” group resurfaces with recycled malware — proof that old code never dies, it just evolves. 🐘💾 #APT #Malware
'Mysterious Elephant' Moves Beyond Recycled Malware
The cyber-espionage group has been using sophisticated custom tools to target government and diplomatic entities in South Asia since early 2025.
buff.ly
mbissey.bsky.social
Manuel Bissey @mbissey.bsky.social · 2d
CISA warns of a critical Adobe AEM flaw with perfect exploit conditions — patch now or risk giving attackers admin keys to your content kingdom. 🏰⚠️ #Vulnerability #AppSecurity
CISA Flags Adobe AEM Flaw with Perfect 10.0 Score — Already Under Active Attack
CISA adds Adobe AEM CVE-2025-54253 to its KEV list after confirmed active exploitation.
buff.ly
mbissey.bsky.social
Manuel Bissey @mbissey.bsky.social · 3d
Researchers found flaws in Unitree’s G1 humanoid robot that could let attackers hijack control — the line between sci-fi and threat report just blurred. 🤖🚨 #RobotSecurity #IoTRisks
Humanoid robot found vulnerable to Bluetooth hack, data leaks to China - Help Net Security
A vulnerability in the Unitree G1 humanoid robot allows attackers to spy, steal data, and launch attacks via Bluetooth.
buff.ly
mbissey.bsky.social
Manuel Bissey @mbissey.bsky.social · 3d
Oops… YouTube goes dark worldwide due to playback errors — a reminder of how fragile even the biggest digital ecosystems can be. 🌐🎥 #ServiceOutage #Resilience
YouTube is down worldwide with playback error
YouTube is currently facing a global outage, with users reporting playback errors on both the website and mobile apps.
buff.ly
mbissey.bsky.social
Manuel Bissey @mbissey.bsky.social · 3d
AI at Black Hat 2025: the crowd saw both promise and peril — innovation racing alongside exploitation. The question isn’t if AI changes security, but how fast. ⚡🤖 #SecureAI #SecurityInnovation
A Look at AI: Black Hat 2025 Revealed Concerns & Spotlighted Opportunities
At Black Hat 2025, AI dominated the spotlight—showcasing new cybersecurity innovations, NHI risks, and the urgent need for identity-aware AI security.
buff.ly
mbissey.bsky.social
Manuel Bissey @mbissey.bsky.social · 3d
Russian hacktivists are using “honeytrap” tactics to lure targets into sharing data. In today’s threatscape, not every connection is what it seems. 🕸️🎭 #SocialEngineering #Disinformation
Hacktivists deactivate after falling into researchers' trap
: Forescout's phony water plant fooled TwoNet into claiming a fake cyber victory – then it quietly shut up shop
buff.ly
mbissey.bsky.social
Manuel Bissey @mbissey.bsky.social · 3d
Chinese hackers exploit ArcGIS Server flaws to breach government networks — turning mapping tools into infiltration routes. 🗺️🐉 #GeospatialSecurity #NationStateThreats
Chinese Hackers Exploit ArcGIS Server as Backdoor for Over a Year
Chinese hackers used a modified ArcGIS server to maintain hidden access for over a year.
buff.ly
mbissey.bsky.social
Manuel Bissey @mbissey.bsky.social · 4d
A new “Pixnapping” attack steals MFA codes pixel by pixel from Android screens — proof that even screenshots can betray secrets. 📸🔐 #MobileSecurity #MFAR
New Android Pixnapping attack steals MFA codes pixel-by-pixel
A new side-channel attack called Pixnapping enables a malicious Android app with no permissions to extract sensitive data by stealing pixels displayed by applications or websites, and reconstructing…
buff.ly
mbissey.bsky.social
Manuel Bissey @mbissey.bsky.social · 4d
Many mobile healthcare apps still leak sensitive data — turning wellness tools into privacy traps. Security must be as personal as the data they hold. 📱❤️ #Privacy #AppSecurity
The diagnosis is in: Mobile health apps are bad for your privacy - Help Net Security
Researchers found serious privacy and security flaws in Android mobile healthcare apps, exposing sensitive health data.
buff.ly
mbissey.bsky.social
Manuel Bissey @mbissey.bsky.social · 4d
Chaos ransomware just evolved — faster, stealthier, and more destructive. Threat actors are iterating like startups. Defenders must, too. 💀⚡️ #Ransomware #ThreatIntelligence
Chaos Ransomware Upgrades With Aggressive New Variant
New encryption, wiper, and cryptocurrency-stealing capabilities make the evolving ransomware-as-a-service operation more dangerous than ever.
buff.ly
mbissey.bsky.social
Manuel Bissey @mbissey.bsky.social · 4d
OT resilience isn’t just about uptime — it’s about foresight, segmentation, and fast recovery when production meets disruption. ⚙️🛡️ #IndustrialSecurity #Resiliency #GCBR
The five-minute guide to OT cyber resilience - Help Net Security
This video shares practical steps to strengthen OT cybersecurity resilience by improving IT security, monitoring, and asset control.
buff.ly
mbissey.bsky.social
Manuel Bissey @mbissey.bsky.social · 4d
A new Oracle E-Business Suite flaw could expose sensitive corporate data worldwide. When enterprise apps go unpatched, business risk goes exponential. 🏢⚠️ #ApplicationSecurity #VulnerabilityManagement
New Oracle E-Business Suite Bug Could Let Hackers Access Data Without Login
Oracle warns of CVE-2025-61884 flaw in E-Business Suite enabling unauthorized data access.
buff.ly
mbissey.bsky.social
Manuel Bissey @mbissey.bsky.social · 5d
Solar power systems face growing cyber threats — reminding us that the path to a greener future must also be a secure one. ☀️🔒 #Energy #CriticalInfrastructure
The solar power boom opened a backdoor for cybercriminals - Help Net Security
Cyberattacks are targeting solar power systems, exposing how connected inverters and control platforms can threaten grid stability.
buff.ly
mbissey.bsky.social
Manuel Bissey @mbissey.bsky.social · 5d
Privacy risks are emerging in the most unexpected places — from smart fridges to city sensors. The invisible network around us is listening. 🕵️‍♀️🌐 #Privacy #IoTSecurity
Privacy needs where you least expect it.
When people think about privacy risks, they often picture big data companies harvesting personal information or algorithms analyzing their social media or shopping activity. While those concerns are…
buff.ly
mbissey.bsky.social
Manuel Bissey @mbissey.bsky.social · 5d
Chinese hackers are weaponizing the Velociraptor IR tool in ransomware attacks — turning defense software into an offensive edge. Adaptation cuts both ways. 🐉🦖 #ThreatIntelligence #CyberAttack
China Hackers Use Velociraptor IR Tool for Ransomware
A new adversary tactic, Storm-2603 threat group is abusing the digital forensics & incident response (DFIR) tool for persistent access to victim networks.
buff.ly
mbissey.bsky.social
Manuel Bissey @mbissey.bsky.social · 5d
Fake “inflation refund” texts are targeting New Yorkers — blending economic anxiety with classic phishing. When urgency hits your phone, pause before you tap. 📱⚠️ #PhishingScams #Fraud
Fake 'Inflation Refund' texts target New Yorkers in new scam
An ongoing smishing campaign is targeting New Yorkers with text messages posing as the Department of Taxation and Finance, claiming to offer "Inflation Refunds" in an attempt to steal victims'…
buff.ly
mbissey.bsky.social
Manuel Bissey @mbissey.bsky.social · 5d
Elastic’s latest report shows attackers doubling down on Windows systems — proving legacy dominance still means prime target status. 🪟🎯 #EndpointSecurity #ThreatLandscape
Attackers don’t linger, they strike and move on - Help Net Security
Attackers move faster than ever, using automation and AI to target Windows systems and exploit trusted tools across cloud environments.
buff.ly
mbissey.bsky.social
Manuel Bissey @mbissey.bsky.social · 6d
A new Rust-based malware, ChaosBot, hijacks cloud accounts to mine crypto and spread fast. Efficiency meets destruction in the cloud era. ☁️💣 #CloudSecurity #Malware
New Rust-Based Malware "ChaosBot" Uses Discord Channels to Control Victims' PCs
Rust-based ChaosBot exploits Discord and phishing to infiltrate networks, while Chaos-C++ adds data destruction.
buff.ly
1
mbissey.bsky.social
Manuel Bissey @mbissey.bsky.social · 6d
New report links rising cyberattacks to delayed treatments and compromised care. In healthcare, every breach is a human risk. ❤️⚕️ #HealthcareSecurity #PatientSafety
When hackers hit, patient safety takes the fall - Help Net Security
Cyberattacks continue to disrupt patient care across healthcare organizations, driving financial strain and exposing ongoing security gaps.
buff.ly
mbissey.bsky.social
Manuel Bissey @mbissey.bsky.social · 8d
Chinese threat actors are weaponizing open-source tools for stealthier attacks — blurring lines between community innovation and covert operations. 🧰🐉 #OpenSourceSecurity #ThreatActor
Chinese Hackers Weaponize Open-Source Nezha Tool in New Attack Wave
Chinese-linked hackers use Nezha and Gh0st RAT to compromise over 100 servers via phpMyAdmin flaws.
buff.ly
1
mbissey.bsky.social
Manuel Bissey @mbissey.bsky.social · 8d
Researchers found a new “Camoleak” AI attack targeting GitHub Copilot — silently exfiltrating secrets from generated code. Convenience can’t come at the cost of control. 🧑‍💻🕵️‍♂️ #SecureAI #DataExfiltration
GitHub Copilot 'CamoLeak' AI Attack Exfiltrates Data
GitHub is comparatively advanced in how it protects its built-in AI. Still, a researcher came up with a workaround for exfiltrating code and secrets.
buff.ly
mbissey.bsky.social
Manuel Bissey @mbissey.bsky.social · 8d
SOC analysts are embracing AI to cut alert fatigue and boost precision. The future of defense is human intuition, amplified by intelligent automation. 🧠⚙️ #AIOps #SOCModernization
Your SOC is tired, AI isn’t - Help Net Security
Analysts using AI in security operations achieved faster, more accurate investigations and reported smoother workflows with less fatigue.
buff.ly
mbissey.bsky.social
Manuel Bissey @mbissey.bsky.social · 9d
Hackers are turning Velociraptor, a DFIR tool, into a weapon for ransomware ops. The line between defender and attacker tools keeps fading. 🦖💀 #OffensiveSecurity #Ransomware
Hackers now use Velociraptor DFIR tool in ransomware attacks
Threat actors have started to use the Velociraptor digital forensics and incident response (DFIR) tool in attacks that deploy LockBit and Babuk ransomware.
buff.ly
mbissey.bsky.social
Manuel Bissey @mbissey.bsky.social · 9d
Cloud audits are getting tougher. In hybrid and multi-cloud worlds, visibility and consistency are your best defenses. Prepare, don’t improvise. ☁️📋 #CloudGovernance #AuditReadiness
How to Prepare for a Cloud Security Audit in Multi-Cloud and Hybrid Networks
Here is the easiest explanation! Cloud security audit are formal evaluations of an organization’s cloud environments to verify that security controls meet industry standards and regulatory…
buff.ly