Sami Laiho
@samilaiho.com
1.6K followers
170 following
2.2K posts
Keynote-speaker, Chief Research Officer, Microsoft MVP since 2011
More info: https://samilaiho.com/
Posts
Media
Videos
Starter Packs
Sami Laiho
@samilaiho.com
· 1h
Fear and Loathing in the Comm - Scattered LAPSUS$ Hunters Turn Extortion Into a Service
The crime syndicate calling itself Scattered LAPSUS$ Hunters (SLH) says it’s finished leaking Salesforce-related data-for now. In a final statement ending what it described as a year-long campaign, th...
databreach.com
Sami Laiho
@samilaiho.com
· 1d
Fake 'Inflation Refund' texts target New Yorkers in new scam
An ongoing smishing campaign is targeting New Yorkers with text messages posing as the Department of Taxation and Finance, claiming to offer "Inflation Refunds" in an attempt to steal victims' persona...
www.bleepingcomputer.com
Sami Laiho
@samilaiho.com
· 1d
Oracle E-Business Suite Zero-Day Exploited in Widespread Extortion Campaign | Google Cloud Blog
A financially motivated actor conducting a large-scale extortion campaign under the CL0P brand by exploiting a zero-day vulnerability in Oracle E-Business Suite to steal customer data.
cloud.google.com
Sami Laiho
@samilaiho.com
· 2d
Disrupting threats targeting Microsoft Teams | Microsoft Security Blog
Threat actors seek to abuse Microsoft Teams features and capabilities across the attack chain, underscoring the importance for defenders to proactively monitor, detect, and respond effectively. In thi...
www.microsoft.com
Sami Laiho
@samilaiho.com
· 3d
Hackers exploiting zero-day in Gladinet file sharing software
Threat actors are exploiting a zero-day vulnerability (CVE-2025-11371) in Gladinet CentreStack and Triofox products, which allows a local attacker to access system files without authentication.
www.bleepingcomputer.com
Sami Laiho
@samilaiho.com
· 3d
Apple now offers $2 million for zero-click RCE vulnerabilities
Apple is announcing a major expansion and redesign of its bug bounty program, doubling maximum payouts, adding new research categories, and introducing a more transparent reward structure.
www.bleepingcomputer.com
Reposted by Sami Laiho
Sami Laiho
@samilaiho.com
· 4d
DDoS Botnet Aisuru Blankets US ISPs in Record DDoS
The world's largest and most disruptive botnet is now drawing a majority of its firepower from compromised Internet-of-Things (IoT) devices hosted on U.S. Internet providers like AT&T, Comcast and Ver...
krebsonsecurity.com
Sami Laiho
@samilaiho.com
· 4d
Reposted by Sami Laiho
Sami Laiho
@samilaiho.com
· 4d
Sami Laiho
@samilaiho.com
· 4d
Responding to Cloud Incidents: A Step-by-Step Guide From the 2025 Unit 42 Global Incident Response Report
Cloud breaches are rising. This step-by-step guide from Unit 42 shows how to investigate, contain and recover from cloud-based attacks.
unit42.paloaltonetworks.com
Sami Laiho
@samilaiho.com
· 4d
Global Cyber Threats September 2025: Attack Volumes Ease Slightly, but GenAI Risks Intensify as Ransomware Surges 46% - Check Point Blog
In September 2025, the global cyber threat landscape reflected a temporary stabilization in overall attack volumes — yet beneath the surface, ransomware
blog.checkpoint.com