NCSA Webboard
    • ล่าสุด
    • แท็ก
    • ฮิต
      • ติดต่อสำนักงาน
    • ลงทะเบียน
    • เข้าสู่ระบบ

    ETDA Cyber Threat Intelligence 10 July 2026

    Cyber Security News
    1
    1
    11
    โหลดโพสเพิ่มเติม
    • เก่าสุดไปยังใหม่สุด
    • ใหม่สุดไปยังเก่าสุด
    • Most Votes
    ตอบ
    • ตอบโดยตั้งกระทู้ใหม่
    เข้าสู่ระบบเพื่อตอบกลับ
    Topic นี้ถูกลบไปแล้ว เฉพาะผู้ใช้งานที่มีสิทธิ์ในการจัดการ Topic เท่านั้นที่จะมีสิทธิ์ในการเข้าชม
    • NCSA_THAICERTN
      NCSA_THAICERT
      แก้ไขล่าสุดโดย

      Vulnerabilities

      • Chrome 150 Update Patches 27 Vulnerabilities
        "Google on Wednesday announced a Chrome 150 security update that resolves 27 vulnerabilities, including two critical-severity flaws. The two critical bugs are use-after-free issues in Chrome’s Ozone and Views components. Both were found by Google last month. The Chrome refresh resolves a total of 13 use-after-free defects, including 10 high-severity and one medium-severity weakness."
        https://www.securityweek.com/chrome-150-update-patches-27-vulnerabilities/
      • Microsoft Patches RoguePlanet Defender Zero-Day Vulnerability
        "Microsoft has released a security patch to address a Defender zero-day vulnerability known as "RoguePlanet," disclosed after the June 2026 Patch Tuesday. The flaw (tracked as CVE-2026-50656) was disclosed by a security researcher using the "Nightmare Eclipse" handle as part of an ongoing dispute with Microsoft over the company's bug bounty and vulnerability disclosure practices. They also shared a proof-of-concept exploit in a self-hosted Git repository, claiming that Microsoft had previously removed their repos hosting exploits on GitHub and GitLab."
        https://www.bleepingcomputer.com/news/microsoft/microsoft-patches-rogueplanet-defender-zero-day-vulnerability/
        https://thehackernews.com/2026/07/microsoft-patches-rogueplanet-defender.html
        https://www.darkreading.com/vulnerabilities-threats/microsoft-rogueplanet-zero-day-threat
        https://www.malwarebytes.com/blog/news/2026/07/microsoft-fixes-rogueplanet-zero-day-in-defender
        https://www.securityweek.com/microsoft-patches-defender-rogueplanet-vulnerability/
        https://securityaffairs.com/195016/security/microsoft-fixed-defender-flaw-rogueplanet-cve-2026-50656.html
        https://www.theregister.com/security/2026/07/09/microsoft-closes-book-on-nightmare-eclipses-rogueplanet-zero-day/5269280
        https://www.helpnetsecurity.com/2026/07/09/microsoft-releases-fix-for-rogueplanet-defender-flaw-cve-2026-50656/
      • WolfSSL, GeoVision, VTK Vulnerabilities
        "Cisco Talos’ Vulnerability Discovery & Research team recently disclosed three vulnerabilities in WolfSSF, fourteen in GeoVision, and one vulnerability in VTK-DICOM. The vulnerabilities mentioned in this blog post have been patched by their respective vendors, in adherence to Cisco’s third-party vulnerability disclosure policy."
        https://blog.talosintelligence.com/wolfssl-vulnerabilities/
      • Palo Alto Networks Patches 13 Vulnerabilities
        "Palo Alto Networks on Wednesday published advisories describing more than a dozen vulnerabilities affecting its products. The new advisories cover 13 vulnerabilities specific to Palo Alto Networks products, as well as more than 500 flaws patched recently by Google in Chromium, which the cybersecurity giant uses for its Prisma browser. The most severe of the newly patched vulnerabilities is CVE-2026-0288. Assigned high severity and highest urgency ratings, the CVE covers multiple buffer overflows in the PAN-OS software, which powers Palo Alto’s firewalls."
        https://www.securityweek.com/palo-alto-networks-patches-13-vulnerabilities/

      Malware

      • RedHook Returns With a Dangerous Upgrade
        "RedHook is an Android Remote Access Trojan (RAT) that has re-emerged with significant improvements. While retaining core RAT functionalities, such as screen streaming and keylogging, the latest iterations demonstrate a sophisticated shift toward privilege abuse. This analysis details how RedHook abuses Android’s ADB Wireless Debugging features to autonomously obtain shell-level access (uid 2000). Also, by examining the malware’s persistence stack and its expanded command-and-control capabilities, this report provides technical insights into this evolving mobile threat. RedHook was first documented by Cyble researchers in July 2025."
        https://www.group-ib.com/blog/redhook-android-rat-upgraded/
      • How The Reddit And Discord False Report Scam Steals Accounts
        "A stranger messages you on Reddit. They say someone reported them, and the reporting account looks a lot like yours. Was it you? It wasn’t. That’s not really the point of the message. This version relies entirely on social engineering. There is no malware and no malicious links. It starts with a conversation, but the goal is to trick you into handing over a login or verification code so the scammer can access your Reddit account."
        https://www.malwarebytes.com/blog/threat-intel/2026/07/how-the-reddit-and-discord-false-report-scam-steals-accounts
        https://www.helpnetsecurity.com/2026/07/09/reddit-false-report-scam-direct-message/
      • Fake Installers, Fake Reviews, Fake Services – Real Proxies, Real Victims
        "Residential proxies are one of the hottest topics in cybersecurity today. Turns out, they are often not in residences, and they facilitate a wide range of criminal activity. In the simplest terms, a little piece of software in a TV, digital picture frame, or your phone might enable a company to sell access to your device’s bandwidth to their own customers. Those companies—proxy providers—often have affiliate programs where they pay for installation of the software. Sound familiar? It’s the same model as the advertising networks we often write about. Residential proxies are yet another tangled ecosystem full of buyers and sellers, with players in every shade of grey. This blog tells the story of a bad actor who operates an end-to-end malicious proxy business grounded in a collection of clever lookalike domains."
        https://www.infoblox.com/blog/threat-intelligence/fake-installers-fake-reviews-fake-services-real-proxies-real-victims/
        https://thehackernews.com/2026/07/fake-7-zip-installers-turn-devices-into.html
        https://securityaffairs.com/194990/malware/fake-vpn-and-7-zip-apps-turn-victims-into-residential-proxy-nodes.html
      • Compromised Injective SDK Npm Package Exfiltrates Wallet Keys And Mnemonics
        "Socket detected a malicious @injectivelabs/[email protected] release published to npm with fake telemetry functionality that exfiltrates wallet private keys and mnemonic phrases. The affected package is part of the Injective Labs TypeScript SDK and receives roughly 50,000 weekly downloads, making the incident significant for developers and applications that handle Injective wallet workflows."
        https://socket.dev/blog/compromised-injective-sdk-npm-package
        https://www.ox.security/blog/injectivelabs-npm-package-hijacked-impacting-87-dependent-packages/
        http://www.stepsecurity.io/blog/injective-npm-supply-chain-attack-18-packages-backdoored-to-steal-crypto-wallet-keys
        https://www.bleepingcomputer.com/news/security/injective-sdk-on-npm-infected-with-cryptocurrency-wallet-stealer/
      • Helix, a New Name In The Data Extortion Ecosystem?
        "ReliaQuest has identified a data extortion group operating under the name "Helix." However, the playbook it runs and the identity gaps it exploits extend well beyond the group itself. Helix uses vishing to initiate contact—we've even seen the group spoof a target's direct manager by name on caller ID. Device code phishing then sidesteps Conditional Access policies, and automated tools enumerate and mass-download SharePoint libraries before bulk exfiltration triggers an alert. ReliaQuest has confirmed shared infrastructure across attacks on multiple targets, including a phishing domain with target-specific subdomains, suggesting a widespread campaign."
        https://reliaquest.com/blog/threat-spotlight-helix-new-name-in-data-extortion-ecosystem
        https://www.bleepingcomputer.com/news/security/new-helix-vishing-group-emerges-in-sharepoint-data-theft-attacks/
      • Inside Forg365: A Telegram-Distributed Sneaky 2FA-Style PhaaS Targeting Microsoft 365
        "Forg365 is a mature Microsoft 365-focused phishing-as-a-service platform that combines device-auth phishing, AiTM delivery, AntiBot evasion, campaign delivery, session persistence, AI-assisted lure creation, and post-compromise mailbox operations inside a commercial operator ecosystem."
        https://zerobec.com/blog/inside-forg365-telegram-distributed-sneaky2fa-style-phaas
        https://www.bleepingcomputer.com/news/security/new-forg365-phishing-platform-uses-ai-to-target-microsoft-365-accounts/
      • When AI Infrastructure Becomes Part Of The Attack Surface
        "Darktrace investigated a compromised AI gateway connected to Amazon Bedrock services that was later observed communicating with cryptomining infrastructure. The incident highlights how AI gateways are becoming part of the enterprise attack surface and demonstrates the importance of behavioral analysis, cloud visibility, and securing AI infrastructure alongside identities and workloads."
        https://www.darktrace.com/blog/when-ai-infrastructure-becomes-part-of-the-attack-surface
        https://www.darkreading.com/cyber-risk/ai-gateways-keys-kingdom
        https://hackread.com/ai-gateway-amazon-bedrock-hijacked-cryptomining/
      • GodDamn Ransomware: Latest Beast Rebrand Uses Malicious Driver To Disable Defenses
        "Analysis of a recent GodDamn ransomware attack indicates that this seemingly new ransomware is in fact the latest rebrand of the Beast ransomware, which in itself was a rebrand of the Monster ransomware, which was first seen in 2022. The Symantec Threat Hunter Team tracks the developer behind these ransomware families as Hyadina."
        https://www.security.com/blog-post/goddamn-ransomware-beast-rebrand
        https://thehackernews.com/2026/07/goddamn-ransomware-uses-poisonx-driver.html
        https://www.darkreading.com/cyberattacks-data-breaches/goddamn-ransomware-byovd-smite-companies
        https://securityaffairs.com/195042/malware/goddamn-ransomware-uses-poisonx-to-blind-security-software.html
      • GigaWiper: Anatomy Of a Destructive Backdoor Assembled From Multiple Malware
        "In October 2025, Microsoft Threat Intelligence identified destructive wiping activity and uncovered a sophisticated Go programming language (Golang)-based backdoor we now track as GigaWiper, a versatile implant that combines robust command-and-control (C2) capabilities with multiple destructive payloads, including disk wiping, fake ransomware, and system-level sabotage. GigaWiper is particularly notable for its makeup. It’s not a single, purpose-built tool, but an amalgamation of separate malware families that were folded into GigaWiper as on-demand backdoor commands, giving threat actors the flexibility to choose their mode of destruction:"
        https://www.microsoft.com/en-us/security/blog/2026/07/09/gigawiper-anatomy-of-a-destructive-backdoor-assembled-from-multiple-malware/
        https://thehackernews.com/2026/07/new-gigawiper-windows-backdoor-bundles.html
        https://hackread.com/microsoft-gigawiper-backdoor-destroy-windows-pcs/
      • Analyzing AI-Augmented Network Enumeration
        "We recently came across an incident in early June where a threat actor used a vibe-coded PowerShell script for Active Directory (AD) enumeration. The script looked for the Domain Controller (DC) and mapped users, computers, and domains, before creating a directory and exporting out a number of files, and finally creating AD_Report.html to measure the success of the enumeration attempt. AI-assisted tradecraft continues to change the threat landscape. Defenders should focus on the fundamental behaviors of the attack lifecycle, because while AI can change the code syntax, it can't easily change the underlying parts of an attack, like enumeration."
        https://www.huntress.com/blog/ai-coded-malware-vibe-coding-active-directory
        https://www.infosecurity-magazine.com/news/vibe-coded-malware-ai-powershell/
      • Coordinated GitHub API Enumeration And Access Token Abuse
        "Datadog Security Research is tracking several overlapping campaigns that systematically enumerate corporate GitHub organizations, repositories, and user accounts through the GitHub API. Operators rely on automated scraping tooling with custom or legitimate-sounding user agents, leveraging GitHub "ghost" accounts that are often years old, or compromised OAuth tokens and personal access tokens (PATs) from legitimate users. Most requests target public data, making it look like ordinary API traffic. In some cases, the activity escalated past public information enumeration, appearing to successfully clone private repositories."
        https://securitylabs.datadoghq.com/articles/coordinated-github-api-enumeration/
        https://thehackernews.com/2026/07/dormant-github-accounts-help-attackers.html
      • From Invoice To AnyDesk: Uncovering a Phishing Campaign Targeting Russian Aerospace Organizations
        "The Seqrite Threat Research Team identified a targeted spear-phishing campaign disguised as a legitimate business invoice. The phishing email impersonates a legitimate Russian research institute associated with aerospace and aviation systems and is delivered using a spoofed domain designed to mimic the organization. The malicious email contains a password-protected attachment that ultimately deploys additional payloads on the victim’s system. Analysis indicates that the threat actor’s primary objective is to establish persistent remote access by silently configuring AnyDesk for unattended access, exfiltrating AnyDesk configuration data to an attacker-controlled email account and implementing persistence mechanisms to retain long-term control of the compromised host."
        https://www.seqrite.com/blog/from-invoice-to-anydesk-uncovering-a-phishing-campaign-targeting-russian-aerospace-organizations/
      • CrowdStrike Uncovers New Prompt Injection Techniques
        "Prompt injection is among the defining security challenges of the AI era. As organizations move from chatbots to AI agents, adversaries are finding more ways to manipulate the language, context, and data these systems trust. With the rise of powerful AI agents that can crawl webpages, access file stores, and even write shell commands, indirect prompt injection has emerged as a critical threat vector. Adversaries can hide these attacks in the data consumed by these agents and then hijack their capabilities to cause further damage."
        https://www.crowdstrike.com/en-us/blog/crowdstrike-uncovers-new-prompt-injection-techniques/
      • Large-Scale Exploitation Campaign Targeting Website Content Management Systems (CMS)
        "A large-scale exploitation campaign is targeting various vulnerabilities in content management systems (CMS) globally, including in Australia, with many small to medium sized Australian businesses impacted. As part of this campaign, malicious cyber actors are actively scanning websites for opportunities to deploy webshells, leveraging various vulnerabilities affecting CMS software and plugins. These vulnerabilities primarily allow unauthenticated file upload, remote code execution, server side request forgery or deserialisation."
        https://www.cyber.gov.au/about-us/view-all-content/alerts-and-advisories/large-scale-exploitation-campaign-targeting-website-content-management-systems-cms

      Breaches/Hacks/Leaks

      • AssuranceAmerica Data Breach Exposes Records Of 6.9 Million Drivers
        "American insurance company AssuranceAmerica has disclosed a data breach impacting nearly 7 million drivers after attackers gained access to its systems earlier this year. AssuranceAmerica operates through a network of over 9,500 independent agents and provides auto, renters, and commercial auto insurance coverage across 14 U.S. states. While the company has yet to publish a press release regarding the incident, it revealed in a filing with Maine's Office of the Attorney General that the data breach has exposed the information of 6,998,886 people."
        https://www.bleepingcomputer.com/news/security/assuranceamerica-data-breach-exposes-records-of-69-million-drivers/
        https://www.malwarebytes.com/blog/data-breaches/2026/07/6-9-million-drivers-license-numbers-stolen-from-assuranceamerica
        https://securityaffairs.com/195027/data-breach/assuranceamerica-breach-exposes-7-million-drivers-licenses-after-employee-account-hack.html

      General News

      • Q2 2026 Statistical Report On Malware Targeting Windows Web Servers
        "In the second quarter of 2026, the AhnLab SEcurity intelligence Center (ASEC) compiled an analysis of the current attack status for poorly managed Windows web servers and classified the malware used in these attacks. The targets were Internet Information Services (IIS) web servers and Apache Tomcat web servers running in Windows environments."
        https://asec.ahnlab.com/en/94398/
      • Statistical Report On Malware Targeting Linux SSH Servers In The Second Quarter Of 2026
        "In the second quarter of 2026, the AhnLab SEcurity intelligence Center (ASEC) collected and analyzed attack logs targeting poorly managed Linux SSH servers through honeypots. The scope of the analysis covers attack sources that progressed to executing actual malware installation commands, as well as statistics on the malware used in those attacks."
        https://asec.ahnlab.com/en/94396/
      • Statistical Report On Malware Targeting Windows Database Servers In The Second Quarter Of 2026
        "The AhnLab SEcurity intelligence Center (ASEC) analyzed attack logs from the second quarter of 2026 targeting MS-SQL server and MySQL server installations on Windows. This report summarizes the damage status, attack status, and the classification of the malware and tools used in the attacks."
        https://asec.ahnlab.com/en/94397/
      • Inside The Underground Economy: 5 Dark Web Trends Shaping The 2026 Threat Landscape
        "The dark web is no longer just a hidden marketplace for stolen credentials; it has grown far beyond that point and now affects nearly every phase of the cyberattack lifecycle. Markets that once traded only compromised accounts now also sell ransomware services, initial network access, exploit kits, phishing infrastructure, and even AI-powered attack tools. What used to be a place for selling stolen data has become the operational backbone of modern cybercrime."
        https://cyble.com/blog/dark-web-trends-2026-cyber-threat-landscape/
      • Messaging Fraud Trends Point To Smarter Attacks, Stronger Blocking
        "Fraudsters spent 2025 investing in scale. New routes, new tools, and higher message volumes moved through the SMS, voice, and chat channels that businesses rely on to reach customers. Money follows that activity. The Communications Fraud Control Association puts global telecom fraud losses at around 42 billion dollars for the year, several billion higher than its estimate for the prior year. Blocked volumes rose alongside the threat. Infobip, a communications platform that handles billions of interactions each month, reports that blocked messages grew 77% between 2024 and 2025. This means attackers pushed more traffic, and detection systems caught a wider range of it. Some markets also show better outcomes as detection infrastructure matured, a sign that defenses are catching up in places where they had lagged."
        https://www.helpnetsecurity.com/2026/07/09/infobip-messaging-fraud-trends/
      • A Single Malware File Can Outweigh An Entire AI Dataset
        "Antivirus vendors and security startups keep shipping AI features that promise to read malware the way a seasoned analyst would. The results inside security teams tell a quieter story. A new paper argues that static analysis of software, the job of deciding whether a program is malicious by examining its contents on disk, remains one of the hardest places to make generative AI work. The scale of the problem explains much of the difficulty. Standard datasets in other fields look small next to a single security sample. ImageNet, the benchmark that helped launch deep learning in computer vision, fits in about 17 GB once its images are resized down, and it holds more than a million of them. Routine static analysis means processing single files that outweigh entire datasets from other research areas."
        https://www.helpnetsecurity.com/2026/07/09/research-ai-in-cybersecurity/
        https://arxiv.org/pdf/2606.28929
      • Over 5,800 Arrests, USD 293 Million Intercepted In Global Fraud Bust
        "A global anti-fraud operation involving 97 countries and territories has led to the arrest of 5,811 individuals and the interception of USD 293 million in illicit assets. Operation First Light 2026 (15 Jan 2026 – 30 April 2026), coordinated by INTERPOL, focused on combatting social engineering scams and associated money laundering activities. Social engineering is a broad term that refers to techniques that exploit a person’s trust to obtain money or confidential information. This type of fraud can include business email compromise, sextortion, as well as romance, impersonation or investment scams."
        https://www.interpol.int/News-and-Events/News/2026/Over-5-800-arrests-USD-293-million-intercepted-in-global-fraud-bust
        https://www.bleepingcomputer.com/news/security/police-arrests-5-800-suspects-in-global-anti-fraud-crackdown/
        https://cyberscoop.com/interpol-cybercrime-crackdown-operation-first-light/
        https://www.infosecurity-magazine.com/news/china-interpol-cybercrime-crackdown/
        https://securityaffairs.com/195056/security/interpol-operation-first-light-nets-5811-arrests-and-seizes-293-million.html
        https://www.helpnetsecurity.com/2026/07/09/interpol-fraud-bust-social-engineering-scams/
      • Friendly Fire: Hijacking Defensive Cyber AI Agents For Remote Code Execution
        "We are revealing a proof-of-concept exploit that enables remote code execution in Anthropic’s Claude Code CLI (with Claude Sonnet 4.6 & 5, Opus 4.8) and OpenAI’s Codex CLI (with GPT-5.5) when employed to defensively assess the security of an open-source or third-party library. Our attack only requires an out-of-the-box configuration of Claude Code in “auto-mode” or Codex in “auto-review” and leverages prompt injections disseminated across a library’s source code that target AI-enabled cyber defense without the need for hooks, skills, plugins, MCP servers, or configuration files as an injection vector. As such, we warn against the recent initiatives that mandate the acceleration of AI-enabled defensive tools without consideration of the substantial and unmitigated risks associated with the deployment of defensive AI, especially in the context of safety-critical infrastructure—where AI is most urgently being considered for deployment."
        https://ainowinstitute.org/publications/friendly-fire-exploit-brief
        https://thehackernews.com/2026/07/friendly-fire-ai-agents-built-to-catch.html
      • A New Ransomware Leader Emerges As June 2026 Attack Volumes Climb Worldwide
        "June reversed the brief calm of May. Organizations faced an average of 2,270 weekly cyber attacks, a 10% rise from the previous month and a 17% increase compared with June last year. What makes this month notable is not just the size of the jump but its reach. Rather than one region or sector absorbing the bulk of the growth, the increase showed up almost everywhere at once, suggesting attackers spread their effort wider rather than concentrating it."
        https://blog.checkpoint.com/research/a-new-ransomware-leader-emerges-as-june-2026-attack-volumes-climb-worldwide/
      • AI Agents Are a New Kind Of Identity & Most Organizations Aren't Ready
        "I recently read an opinion piece on TechTarget by Todd Thiemann, a principal analyst at Omdia, on identity security for AI agents. It is one of the clearest things I have read on this topic, but it also made me think about something that I want to dig into further because it's the most important factor in enterprise security right now, and it's not getting the attention it deserves: the development environment. Thiemann makes a point that I have been making for a while now, and it's worth repeating loudly: AI agents are not just another type of non-human identity. They are fundamentally different. If you're still treating them like a service account or an API token, you are already behind."
        https://www.darkreading.com/identity-access-management-security/ai-agents-new-kind-identity-most-organizations-not-ready
      • Iran's Cyber Crosshairs Focus Beyond Critical Infrastructure
        "For many CISOs, the headlines detailing Iranian-linked strikes on water utilities and power grids trigger a dangerous sense of immunity: "I'm not a utility; I'm not a target." There is a comforting, yet flawed, assumption that these operations are merely geopolitical theater confined to the high-stakes arena of critical infrastructure. But in the modern threat landscape, obscurity is not a defense, and "non-critical" status is not a shield. If your organization has a digital heartbeat and an Internet-facing vulnerability, you're already at risk from multiple potential threats, whether you realize it or not."
        https://www.darkreading.com/cyber-risk/iran-cyber-crosshairs-beyond-critical-infrastructure
      • As Global Conflicts Go Digital, Businesses Need Wartime Gameplans
        "Intellect Services could hardly be less interesting. A midsized, family-owned business in Ukraine that sold tax software. Its owners really can't be faulted for not anticipating that they might one day be a huge pawn in a regional cyberwar. To Russian foreign military intelligence, Intellect Services was totally interesting. The company's platform, M.E.Doc, was ubiquitous across Ukrainian businesses. Compromising M.E.Doc they could, in effect, impact most of the country's economy. And like other midsize businesses, the company wasn't likely to have any kind of exceptional cybersecurity defenses getting in Russia's way."
        https://www.darkreading.com/cybersecurity-operations/businesses-wartime-cybersecurity-gameplans
      • 78% Of CISOs Say C-Level Do Not Fully Understand Employee-Driven Cyber Risk
        "More than three quarters of CISOs across Europe say C-level senior decision-makers do not fully understand the cyber risk posed by employees, according to new research, at a time when AI is making human-targeted attacks more sophisticated, scalable, convincing and increasingly frequent. The survey of 200 CISOs across the UK, France, Germany and Sweden, carried out by MetaCompliance, the human cyber risk management company, reveals a growing disconnect between the risks organisations face at the human layer and the level of senior understanding, alignment and support needed to manage them effectively."
        https://www.metacompliance.com/company-news/78-of-cisos-say-c-level-do-not-fully-understand-employee-driven-cyber-risk
        https://www.infosecurity-magazine.com/news/cisos-fear-execs-dont-understand/
      • ENISA’s View On Cybersecurity In The Frontier AI Era
        "This publication provides national competent authorities in Member States and EU policymakers, defenders, and service providers with an initial set of recommendations to support them in their respective roles towards developing the necessary operational capabilities to face machine-speed threats. The recommendations are not an all-inclusive checklist. ENISA aims to further refine and expand these recommendations in close cooperation with Member States and EUIBAs and will align these to upcoming European Commission Action Plan."
        https://www.enisa.europa.eu/publications/enisas-view-on-cybersecurity-in-the-frontier-ai-era
        https://www.enisa.europa.eu/sites/default/files/2026-07/ENISA view on cybersecurity in the frontier AI era_en_0.pdf
      • Florida Ransomware Negotiator Who Extorted And Attacked Multiple U.S. Victims Sentenced To Prison
        "Angelo Martino, 41, of Land O’Lakes, Florida, formerly employed as a ransomware negotiator, was sentenced today to 70 months for his role in conspiring with Blackcat/ALPHV (BlackCat) actors to extort multiple victims, as well as conspiring with other former cybersecurity professionals to attack additional victims in 2023. “Angelo Martino’s victims shared heartbreaking accounts of how their businesses were nearly destroyed, while the people they hired to help them instead betrayed them to ransomware gangs,” said Assistant Attorney General A. Tysen Duva of the Justice Department’s Criminal Division."
        https://www.justice.gov/opa/pr/florida-ransomware-negotiator-who-extorted-and-attacked-multiple-us-victims-sentenced-prison
        https://cyberscoop.com/digitalmint-ransomware-negotiator-angelo-martino-sentenced/
      • June 2026 Dark Web Breach Incident Trend Report
        "The June 2026 Dark Web Breach Incident Trend Report is based on major data breach cases posted on the deep web and dark web forums. Due to the nature of some sources, it was difficult to fully verify the accuracy of certain information, so the report includes content that requires further verification."
        https://asec.ahnlab.com/en/94411/
      • June 2026 Dark Web Issue Trend Report
        "The June 2026 Dark Web Issue Trend Report summarizes major issues that occurred on the deep web and dark web. Due to the nature of the sources, it is sometimes difficult to fully verify the accuracy of certain information, and this is noted accordingly."
        https://asec.ahnlab.com/en/94416/
      • June 2026 Dark Web Threat Actor Trend Report
        "The June 2026 Dark Web Threat Actor Trend Report focuses on trends among threat actors—including hacktivists—operating on the deep web and dark web. It is noted that the accuracy of some information could not be verified."
        https://asec.ahnlab.com/en/94417/

      อ้างอิง

      Electronic Transactions Development Agency (ETDA) 6b3b3c38-8813-4563-9263-cb10c24b1944-image.png

      1 การตอบกลับ คำตอบล่าสุด ตอบ คำอ้างอิง 0
      • First post
        Last post