Agentic web browsers that leverage artificial intelligence (AI) capabilities to autonomously execute actions across multiple websites on behalf of a user could be trained and tricked into falling prey to phishing and scam traps. thehackernews.com/2026/03/re...
Verder laat het onderzoek zien hoe aanvallers hun ransomware-campagnes hebben ontwikkeld tot aanvallen met grote impact die de bedrijfsvoering verstoren en gericht zijn op complexe wereldwijde toeleveringsketens en kritieke industrieën. www.beveiligingswereld.nl/ni...
Vooral in februari en december waren er relatief veel incidenten.
Uit het Annual Threat Monitor Report van NCC Group, het moederbedrijf van Fox-IT, blijkt dat 2025 wereldwijd een recordjaar was voor ransomware-activiteiten. Het aantal ransomware-aanvallen steeg met 50% ten opzichte van het jaar daarvoor, tot 7.874 incidenten wereldwijd.
However, there's little in the set that merits an immediate all-hands on-deck kind of response that some Microsoft updates warrant, according to some security experts. www.darkreading.com/applicat...
The patch drop is larger than last month's relatively light 63-patch security update and contains the usual mix of privilege escalation vulnerabilities, remote code execution (RCE) flaws, denial of service issues, vulnerabilities that enable data theft and other bugs.
Microsoft this week released patches for 83 CVEs across its product range, six of which it expects attackers are more like to exploit for a variety of reasons.
The research team found fake install pages for Claude Code were spreading exclusively through Google-sponsored links for searches such as "Claude Code," "Claude Code install," and "Claude Code CLI."
www.darkreading.com/cloud-se...
A new variation of the ClickFix technique is capitalizing on the popularity of Anthropic's Claude Code and other AI coding tools.
Researchers at Push Security discovered the threat campaign, which combines malvertising with a social engineering attack.
Opvallend is dat mkb-bedrijven ongeveer evenveel uitgeven aan het herstellen van aanvallen als aan het voorkomen ervan. www.channelconnect.nl/securi...
Vorig jaar werd één op de vier mkb-bedrijven gehackt, hoewel vrijwel alle slachtoffers vooraf beveiligingsmaatregelen hadden getroffen. De financiële schade was aanzienlijk: 57 procent van de getroffen bedrijven verloor tussen de 10.000 en 100.000 dollar.
www.channelconnect.nl/securi...
NIS2, ISO 27001, AVG, BIO, DORA: elk framework heeft zijn eigen taal, zijn eigen checklists en zijn eigen auditcyclus. Voor een mkb-klant met een kleine IT-afdeling en een directeur die al tien andere ballen in de lucht houdt, is het resultaat voorspelbaar: afhaken.
Ergens in de afgelopen jaren is compliance van urgent naar vermoeiend gegaan. De stapel normen, frameworks en verplichtingen is alleen maar hoger geworden, tot het punt dat organisaties er niet meer doorheen kijken.
Deadline dates are swiftly approaching following publication in 2024; the EU will enforce Euro 7 in phases beginning this November. www.darkreading.com/cyber-ri...
The European Union's (EU) latest emissions standard, dubbed Euro 7, sets new and updated regulations for all gasoline, diesel, and electric vehicles as part of the Union's work toward achieving zero pollution.
If manufacturers want to sell new vehicles in Europe next year, they must not only adhere to updated emission standards, but for the first time, prioritize cybersecurity as well.
The activity, observed in February 2026, makes use of the terminal emulator program instead of instructing users to launch the Windows Run dialog and paste a command into it. thehackernews.com/2026/03/mi...
Microsoft on Thursday disclosed details of a new widespread ClickFix social engineering campaign that has leveraged the Windows Terminal app as a way to activate a sophisticated attack chain and deploy the Lumma Stealer malware.
Secure FTD (Firewall Threat Defense), a firewall that combines ASA with other, more advanced features
Secure Firewall Management Center (FMC), the centralized management system for the firewall and firewall threat defense products www.darkreading.com/vulnerab...
Cisco has disclosed 48 vulnerabilities in its firewall ecosystem, two of which are as critical as vulnerabilities get.
They affect the following Cisco technologies:
Adaptive Security Appliance (ASA), a traditional, stateful firewall
In coordination with Europol's Cyber Intelligence Extension Programme (CIEP), Microsoft seized 330 domains that composed the platform's user control panels and fake login pages. www.darkreading.com/threat-i...
Europol and several private sector partners, including Microsoft, Trend Micro, and Cloudflare, disrupted the Tycoon 2FA phishing-as-a-service (PhaaS) platform this week in an international operation.
One of the most widely used and effective phishing platforms on the threat landscape has been taken down — at least for now.
www.dutchitleaders.nl/news/7...
Privacy- en securityinvesteringen van gemeenten leiden nauwelijks tot hoger volwassenheidsniveau
Gemeenten hebben de afgelopen jaren meer geïnvesteerd in teams voor privacy en informatiebeveiliging. Deze groei leidt echter nauwelijks tot een hoger volwassenheidsniveau.
It described the phishing attacks as an identity-based threat that takes advantage of OAuth's standard, by-design behavior rather than exploiting software vulnerabilities or stealing credentials.
thehackernews.com/2026/03/mi...
The activity, the company said, targets government and public-sector organizations with the end goal of redirecting victims to attacker-controlled infrastructure without stealing their tokens.
Microsoft on Monday warned of phishing campaigns that employ phishing emails and OAuth URL redirection mechanisms to bypass conventional phishing defenses implemented in email and browsers.
It also lets users choose custom keywords like "login," "verify," "security," or "account," and integrates URL shorteners such as TinyURL to obscure the destination URL. thehackernews.com/2026/03/st...
