Sami Laiho
LightNews LightNews
banner
samilaiho.com
Sami Laiho
@samilaiho.com
1.6K followers 180 following 2.7K posts
Keynote-speaker, Chief Research Officer, Microsoft MVP since 2011

More info: https://samilaiho.com/
Posts Replies Media Videos
samilaiho.com
Iran’s internet shutdown is now one of its longest ever, as protests continue
techcrunch.com/2026/01/15/i...
Iran’s internet shutdown is now one of its longest ever, as protests continue | TechCrunch
Iran’s government-imposed internet shutdown enters its second week as authorities continue their violent crackdown on protesters.
techcrunch.com
January 18, 2026 at 12:34 PM
samilaiho.com
Canadian investment regulator confirms hackers hit 750,000 investors
therecord.media/canada-ciro-...
Canadian investment regulator confirms hackers hit 750,000 investors
The nongovernmental Canadian Investment Regulatory Organization, which oversees the country's debt and equity marketplaces as well as some financial institutions, released details about an August 2025...
therecord.media
January 18, 2026 at 12:33 PM
samilaiho.com
Winter Olympics Could Share Podium With Cyberattackers
www.darkreading.com/remote-workf...
Cyber Threats Loom Over 2026 Winter Olympics
The Games in the Italian Alps are attracting hacktivists looking to reach billions of people and state-sponsored cyber-spies targeting the glitterati.
www.darkreading.com
January 18, 2026 at 12:32 PM
samilaiho.com
Black Basta boss makes it onto Interpol's 'Red Notice' list
www.bleepingcomputer.com/news/securit...
Black Basta boss makes it onto Interpol's 'Red Notice' list
The identity of the Black Basta ransomware gang leader has been confirmed by law enforcement in Ukraine and Germany, and the individual has been added to the wanted list of Europol and Interpol.
www.bleepingcomputer.com
January 18, 2026 at 12:32 PM
samilaiho.com
cymulate.com/blog/cve-202...
CVE-2026-20965: Cymulate Research Labs Discovers Token Validation Flaw that Leads to Tenant-Wide RCE in Azure Windows Admin Center
Cymulate Research Labs uncovered CVE-2026-20965, a token validation flaw in Azure Windows Admin Center enabling tenant-wide RCE and lateral movement.
cymulate.com
January 17, 2026 at 7:15 PM
samilaiho.com
CISA, Allies Sound Alarm on OT Network Exposure
www.databreachtoday.com/cisa-allies-...
CISA, Allies Sound Alarm on OT Network Exposure
U.S. and allied cyber agencies issued new guidance warning that insecure operational technology connectivity - driven by remote access, third-party vendors and IT
www.databreachtoday.com
January 17, 2026 at 3:36 PM
samilaiho.com
CISA, Allies Sound Alarm on OT Network Exposure
www.databreachtoday.com/cisa-allies-...
CISA, Allies Sound Alarm on OT Network Exposure
U.S. and allied cyber agencies issued new guidance warning that insecure operational technology connectivity - driven by remote access, third-party vendors and IT
www.databreachtoday.com
January 17, 2026 at 1:37 PM
samilaiho.com
Hackers now exploiting critical Fortinet FortiSIEM flaw in attacks
www.bleepingcomputer.com/news/securit...
Hackers now exploiting critical Fortinet FortiSIEM flaw in attacks
Attackers are now exploiting a critical Fortinet FortiSIEM vulnerability with publicly available proof-of-concept exploit code.
www.bleepingcomputer.com
January 17, 2026 at 1:36 PM
samilaiho.com
Cisco finally fixes AsyncOS zero-day exploited since November
www.bleepingcomputer.com/news/securit...
Cisco finally fixes AsyncOS zero-day exploited since November
​Cisco finally patched a maximum-severity AsyncOS zero-day exploited in attacks targeting Secure Email Gateway (SEG) appliances since November 2025.
www.bleepingcomputer.com
January 17, 2026 at 1:36 PM
samilaiho.com
Google now lets you change your @gmail.com address, rolling out
www.bleepingcomputer.com/news/technol...
Google now lets you change your @gmail.com address, rolling out
Google has confirmed that it's now possible to change your @gmail.com address. This means that if your current email is [email protected], you can now change it to [email protected].
www.bleepingcomputer.com
January 17, 2026 at 1:35 PM
samilaiho.com
www.darkreading.com/remote-workf...
'Most Severe AI Vulnerability to Date' Hits ServiceNow
The ITSM giant tacked agentic AI onto a largely unguarded legacy chatbot, exposing customers' data and connected systems.
www.darkreading.com
January 16, 2026 at 5:50 PM
samilaiho.com
Closing the Door on Net-NTLMv1: Releasing Rainbow Tables to Accelerate
Protocol Deprecation
cloud.google.com/blog/topics/...
Releasing Rainbow Tables to Accelerate Protocol Deprecation | Google Cloud Blog
Mandiant aims to lower the barrier for security professionals to demonstrate the insecurity of Net-NTLMv1.
cloud.google.com
January 16, 2026 at 4:54 PM
samilaiho.com
Critical flaw lets hackers track, eavesdrop via Bluetooth audio devices
www.bleepingcomputer.com/news/securit...
Critical WhisperPair flaw lets hackers track, eavesdrop via Bluetooth audio devices
A critical vulnerability in Google's Fast Pair protocol can allow attackers to hijack Bluetooth audio accessories like wireless headphones and earbuds, track users, and eavesdrop on their conversation...
www.bleepingcomputer.com
January 16, 2026 at 4:53 PM
samilaiho.com
Trio of Critical Bugs Spotted in Delta Industrial PLCs
www.darkreading.com/ics-ot-secur...
Trio of Critical Bugs Spotted in Delta Industrial PLCs
Experts disagree on whether the vulnerabilities in a programmable logic controller from Delta are a five-alarm fire or not much to worry over.
www.darkreading.com
January 16, 2026 at 4:53 PM
samilaiho.com
A simple CodeBuild flaw put every AWS environment at risk – and pwned 'the
central nervous system of the cloud'
www.theregister.com/2026/01/15/c...
A simple CodeBuild flaw put every AWS environment at risk
: And it's 'not unique to AWS,' researcher tells The Reg
www.theregister.com
January 16, 2026 at 4:53 PM
samilaiho.com
UAT-8837 targets critical infrastructure sectors in North America
blog.talosintelligence.com/uat-8837/
UAT-8837 targets critical infrastructure sectors in North America
Cisco Talos is closely tracking UAT-8837, a threat actor we assess with medium confidence is a China-nexus advanced persistent threat (APT) actor.
blog.talosintelligence.com
January 16, 2026 at 4:53 PM
samilaiho.com
New Remcos Campaign Distributed Through Fake Shipping Document
www.fortinet.com/blog/threat-...
New Remcos Campaign Distributed Through Fake Shipping Document
FortiGuard Labs analyzes a phishing campaign delivering a fileless Remcos RAT via malicious Word templates, CVE-2017-11882 exploitation, and in-memory execution.…
www.fortinet.com
January 16, 2026 at 4:52 PM
samilaiho.com
Critical Privilege Escalation Vulnerability in Modular DS plugin affecting
40k+ Sites exploited in the wild
URL: patchstack.com/articles/cri...
Classification: Critical, Solution: Official Fix, Exploit Maturity: High, CVSSv3.1: 10.0
Critical Privilege Escalation Vulnerability in Modular DS plugin affecting 40k+ Sites exploited in the wild - Patchstack
Unauthenticated privilege escalation vulnerability discovered in the Modular DS plugin. 🚨 Learn how attackers gain wp-admin access, active exploitation details, and how to stay protected.
patchstack.com
January 16, 2026 at 7:42 AM
samilaiho.com
learn.microsoft.com/en-us/answer...
Lenova laptop no longer shutdown after installing KB5073455 - Microsoft Q&A
Hello all, it is very critical, effecting multiple systems, Lenova laptop no longer shutdown after installing KB5073455, any idea or bug from Microsoft for the same
learn.microsoft.com
January 16, 2026 at 7:35 AM
samilaiho.com
state-of-iranblackout.whisper.security
Iran Internet Shutdown Report | Whisper
Forensic analysis of Iran's coordinated internet shutdown with real-time BGP and censorship data.
state-of-iranblackout.whisper.security
January 15, 2026 at 5:52 PM
samilaiho.com
www.bleepingcomputer.com/news/securit...
Palo Alto Networks warns of DoS bug letting hackers disable firewalls
Palo Alto Networks patched a high-severity vulnerability that could allow unauthenticated attackers to disable firewall protections in denial-of-service (DoS) attacks.
www.bleepingcomputer.com
January 15, 2026 at 5:44 PM
samilaiho.com
Exploit code public for critical FortiSIEM command injection flaw
www.bleepingcomputer.com/news/securit...
Exploit code public for critical FortiSIEM command injection flaw
Technical details and a public exploit have been published for a critical vulnerability affecting Fortinet's Security Information and Event Management (SIEM) solution that could be leveraged by a remo...
www.bleepingcomputer.com
January 15, 2026 at 2:03 PM
samilaiho.com
France fines telcos €42M for sub-par security prior to 24M customer breach
www.theregister.com/2026/01/14/f...
France fines telcos €42M for issues leading to 2024 breach
: Three major GDPR violations, including a lack of basic security controls, lead to hefty dent in profits
www.theregister.com
January 15, 2026 at 2:02 PM
samilaiho.com
Reprompt: The Single-Click Microsoft Copilot Attack that Silently Steals Your
Personal Data
www.varonis.com/blog/reprompt
Reprompt: The Single-Click Microsoft Copilot Attack that Silently Steals Your Personal Data
Varonis Threat Labs discovered a way to bypass Copilot’s safety controls, steal users’ darkest secrets, and evade detection.
www.varonis.com
January 15, 2026 at 2:01 PM
samilaiho.com
Inside RedVDS: How a single virtual desktop provider fueled worldwide
cybercriminal operations
www.microsoft.com/en-us/securi...
Inside RedVDS: How a single virtual desktop provider fueled worldwide cybercriminal operations | Microsoft Security Blog
Microsoft’s investigation into RedVDS services and infrastructure uncovered a global network of disparate cybercriminals purchasing and using to target multiple sectors. In collaboration with law enfo...
www.microsoft.com
January 15, 2026 at 2:00 PM