CIRCLE WITH A DOT

New ransom group blog post!Group name: payloadPost title: Notaría 89Info: https://cti.fyi/groups/payload.html#ransomware #cti #threatintelligence #cybersecurity #infosec

New from DTI: Technical breakdown of the TLS private key exposure for Qihoo 360’s "Security Claw" AI Platform.Read more here: https://dti.domaintools.com/research/exposure-of-tls-private-key-for-myclaw-360-in-qihoo-360-security-claw-ai-platform #CyberSecurity #ThreatIntel #AI #InfoSec

Security News Digest - 2026-03-19 19 updates from 7 sources: BleepingComputer: Bitrefill blames North Korean Lazarus group for cyberattack https://www.bleepingcomputer.com/news/security/bitrefill-blames-north-korean-lazarus-group-for-cyberattack/ The Record from Recorded Future News: US intel chiefs urge lawmakers to extend Section 702 surveillance power without changes https://therecord.media/us-intel-chiefs-urge-lawmakers-to-extend-section-702 SecurityWeek: Privacy Platform Cloaked Raises $375M to Expand Enterprise Reach https://www.securityweek.com/privacy-platform-cloaked-raises-375m-to-expand-consumer-tools-and-enterprise-reach/ SecurityWeek: Critical ScreenConnect Vulnerability Exposes Machine Keys https://www.securityweek.com/critical-screenconnect-vulnerability-exposes-machine-keys/ Security Boulevard: FBI Data Purchases Ignite New Clash Over Privacy and Surveillance https://securityboulevard.com/2026/03/fbi-data-purchases-ignite-new-clash-over-privacy-and-surveillance/ Security Boulevard: Mend.io Expands Its Global Infrastructure with a Dedicated Cloud Region in India https://securityboulevard.com/2026/03/mend-io-expands-its-global-infrastructure-with-a-dedicated-cloud-region-in-india/ Security Boulevard: News alert: SpyCloud study reveal stolen tokens, session data fuel surge in non-human identity attacks https://securityboulevard.com/2026/03/news-alert-spycloud-study-reveal-stolen-tokens-session-data-fuel-surge-in-non-human-identity-attacks/ SecurityWeek: 1stProtect Emerges From Stealth With $20 Million in Funding https://www.securityweek.com/1stprotect-emerges-from-stealth-with-20-million-in-funding/ SecurityWeek: Oasis Security Raises $120 Million for Agentic Access Management https://www.securityweek.com/oasis-security-raises-120-million-for-agentic-access-management/ Red Canary: Intelligence Insights: March 2026 https://redcanary.com/blog/threat-intelligence/intelligence-insights-march-2026/ The Hacker News: 54 EDR Killers Use BYOVD to Exploit 34 Signed Vulnerable Drivers and Disable Security https://thehackernews.com/2026/03/54-edr-killers-use-byovd-to-exploit-34.html Security Boulevard: BSidesSLC – BSidesSLC 2025 Opening Ceremonies – Kickoff From Sandy, Utah https://securityboulevard.com/2026/03/bsidesslc-bsidesslc-2025-opening-ceremonies-kickoff-from-sandy-utah/ The Hacker News: Speagle Malware Hijacks Cobra DocGuard to Steal Data via Compromised Servers https://thehackernews.com/2026/03/speagle-malware-hijacks-cobra-docguard.html Security Boulevard: When Do We Actually Need a Kubernetes Platform Team? https://securityboulevard.com/2026/03/when-do-we-actually-need-a-kubernetes-platform-team/ BleepingComputer: New ‘PolyShell’ flaw allows unauthenticated RCE on Magento e-stores https://www.bleepingcomputer.com/news/security/new-polyshell-flaw-allows-unauthenticated-rce-on-magento-e-stores/ Security Boulevard: FBI Seizes Two Websites Linked to Pro-Iranian Group Handala https://securityboulevard.com/2026/03/fbi-seizes-two-websites-linked-to-pro-iranian-group-handala/ iTnews - Security: Hacker says they compromised millions of confidential police tips https://www.itnews.com.au/news/hacker-says-they-compromised-millions-of-confidential-police-tips-624447?utm_source=feed&utm_medium=rss&utm_campaign=iTnews+Security+feed BleepingComputer: Navia discloses data breach impacting 2.7 million people https://www.bleepingcomputer.com/news/security/navia-discloses-data-breach-impacting-27-million-people/ iTnews - Security: Gov to explore "future connectivity between identity exchanges" https://www.itnews.com.au/news/gov-to-explore-future-connectivity-between-identity-exchanges-624431?utm_source=feed&utm_medium=rss&utm_campaign=iTnews+Security+feed#InfoSec #SecurityNews

#Synology just put out the second critical security update for their NAS operating system in four days <https://www.synology.com/en-global/releaseNote/DSM#ver_72806-8>; the previous one was released on the 16th.The new one is to fix, of all things, a vulnerability in telnetd:https://lists.gnu.org/archive/html/bug-inetutils/2026-03/msg00031.htmlI'm glad they're patching it, but I kind of wish they would just, I dunno, not ship telnetd with their OS? I'm hard-pressed to think of a use-case for telnetd that can't be satisfied with sshd.#infosec

@VictimOfSimony exactly!

Daily drop: insights on ransomware, data breaches, and more. Don’t miss today’s playlist. https://www.youtube.com/playlist?list=PLXqx05yil_mdFJWsrQUQRCN8QZ0a7l02z#Ransomware #DataSecurity #InfoSec #OnlineSafety #DarkWeb

Security News Digest - 2026-03-19 26 updates from 6 sources: Security News | TechCrunch: Consumer-focused privacy company Cloaked raises $375M as it expands to enterprise https://techcrunch.com/2026/03/19/consumer-focused-privacy-company-cloaked-raises-375m-as-it-expands-to-enterprise/ SecurityWeek: Russian APT Exploits Zimbra Vulnerability Against Ukraine https://www.securityweek.com/russian-apt-exploits-zimbra-vulnerability-against-ukraine/ SecurityWeek: Hacker Conversations: Ben Harris, From Unintentional Young Hacker to Intentional Adult CEO https://www.securityweek.com/hacker-conversations-ben-harris-from-unintentional-young-hacker-to-intentional-adult-ceo/ The Record from Recorded Future News: Interlock ransomware gang exploited Cisco firewall zero-day weeks before disclosure: Amazon https://therecord.media/cisco-ransomware-interlock-firewalls Security Boulevard: How AI Code Assistants Change Application Security https://securityboulevard.com/2026/03/how-ai-code-assistants-change-application-security/ Security Boulevard: Bolster your defenses and close the code-to-cloud gap with Tenable and OX https://securityboulevard.com/2026/03/bolster-your-defenses-and-close-the-code-to-cloud-gap-with-tenable-and-ox/ BleepingComputer: 7 Ways to Prevent Privilege Escalation via Password Resets https://www.bleepingcomputer.com/news/security/7-ways-to-prevent-privilege-escalation-via-password-resets/ Security Boulevard: What Is Data Mapping and Why It Matters for GDPR https://securityboulevard.com/2026/03/what-is-data-mapping-and-why-it-matters-for-gdpr/ Security Boulevard: AI-Powered Adaptive Authentication and Behavioral Biometrics: The Enterprise Guide 2026 https://securityboulevard.com/2026/03/ai-powered-adaptive-authentication-and-behavioral-biometrics-the-enterprise-guide-2026/ Security Boulevard: President Trump’s Cyber Strategy for America: Why Integrity Is the Foundation of Modern Cyber Defense https://securityboulevard.com/2026/03/president-trumps-cyber-strategy-for-america-why-integrity-is-the-foundation-of-modern-cyber-defense/ SecurityWeek: Security Firm Aura Discloses Data Breach Impacting 900,000 Records https://www.securityweek.com/security-firm-aura-discloses-data-breach-impacting-900000-records/ The Hacker News: ThreatsDay Bulletin: FortiGate RaaS, Citrix Exploits, MCP Abuse, LiveChat Phish & More https://thehackernews.com/2026/03/threatsday-bulletin-fortigate-raas.html BleepingComputer: Russian hackers exploit Zimbra flaw in Ukrainian govt attacks https://www.bleepingcomputer.com/news/security/russian-apt28-military-hackers-exploit-zimbra-flaw-in-ukrainian-govt-attacks/ Security Boulevard: BSidesCache 2025 – Oh, The Places Your Packets Will Go! https://securityboulevard.com/2026/03/bsidescache-2025-oh-the-places-your-packets-will-go/ Security Boulevard: SIEM Is Not Dead. It Just Stopped Moving Fast Enough. https://securityboulevard.com/2026/03/siem-is-not-dead-it-just-stopped-moving-fast-enough/ SecurityWeek: Marquis Data Breach Affects 672,000 Individuals https://www.securityweek.com/marquis-data-breach-affects-672000-individuals/ Security News | TechCrunch: CISA urges companies to secure Microsoft Intune systems after hackers mass-wipe Stryker devices https://techcrunch.com/2026/03/19/cisa-urges-companies-to-secure-microsoft-intune-systems-after-hackers-mass-wipe-stryker-devices/ Security News | TechCrunch: FBI seizes pro-Iranian hacking group’s websites after destructive Stryker hack https://techcrunch.com/2026/03/19/fbi-seizes-pro-iranian-hacking-groups-websites-after-destructive-stryker-hack/ The Record from Recorded Future News: White House pours cold water on cyber ‘letters of marque’ speculation https://therecord.media/offensive-cyber-white-house-hacking SecurityWeek: Iran Readied Cyberattack Capabilities for Response Prior to Epic Fury https://www.securityweek.com/iran-readied-cyberattack-capabilities-for-response-prior-to-epic-fury/ The Record from Recorded Future News: FBI, CISA warn on Microsoft Intune risks after Iran-linked cyberattack on Stryker https://therecord.media/fbi-cisa-warn-of-microsoft-intune-risks-stryker Security Boulevard: Snowflake Change Control: Why Provisioning Falls Short https://securityboulevard.com/2026/03/snowflake-change-control-why-provisioning-falls-short/ Security Boulevard: PowerShell Is a Security Risk – Here’s How to Fix It https://securityboulevard.com/2026/03/powershell-is-a-security-risk-heres-how-to-fix-it/ BleepingComputer: FBI seizes Handala data leak site after Stryker cyberattack https://www.bleepingcomputer.com/news/security/fbi-seizes-handala-data-leak-site-after-stryker-cyberattack/ Security Boulevard: Jeremy Snyder talks AI Governance on Security Weekly – FireTail Blog https://securityboulevard.com/2026/03/jeremy-snyder-talks-ai-governance-on-security-weekly-firetail-blog/ The Record from Recorded Future News: New Android malware hiding in streaming apps to spy on users’ personal notes https://therecord.media/malware-streaming-apps-android#InfoSec #SecurityNews

Location: Ashburn, USAdded: 2026-03-17T16:04#shodansafari #infosec

Possible Phishing on: ️hxxps[:]//assistancesosh[.]wixsite[.]com/my-site-1/ 🧬 Analysis at: https://urldna.io/scan/69bbdf103b7750000791d8fa#cybersecurity #phishing #infosec #urldna #scam #infosec

New.Unit42: Analyzing the Current State of AI Use in Malware https://unit42.paloaltonetworks.com/ai-use-in-malware/ @unit42_intel #infosec #malware #threatresearch

New on Yazoul: Security Dashboards for threat intelligence & SOC teams CVE trends Breach impact️ Threat activity timeline Severity analyticsAll dashboards are interconnected and updated daily. https://www.yazoul.net/stats#CyberSecurity #ThreatIntel #OSINT #Infosec

Possible Phishing on: ️hxxps[:]//wmailsignin0000z97jed3[.]weebly[.]com 🧬 Analysis at: https://urldna.io/scan/69bc01783b775000084c93e2#cybersecurity #phishing #infosec #urldna #scam #infosec

Every organization has a “Mike.”The one who knows how everything works.That’s not a strength. That’s a risk.New article: When Security Architecture Depends on Tribal Knowledgehttps://jimguckin.com/2026/03/19/when-security-architecture-depends-on-tribal-knowledge/#CyberSecurity #SecurityArchitecture #InfoSec #SecurityLeadership

New.Microsoft Threat Intelligence: When tax season becomes cyberattack season: Phishing and malware campaigns using tax-related lures https://www.microsoft.com/en-us/security/blog/2026/03/19/when-tax-season-becomes-cyberattack-season-phishing-and-malware-campaigns-using-tax-related-lures/ #Microsoft #infosec #malware #phishing #scam

Critical RCE Vulnerability Patched in Delta Electronics COMMGR 2Delta Electronics patched a critical stack-based buffer overflow (CVE-2026-3630) and an out-of-bounds read (CVE-2026-3631) in its COMMGR 2 software that could allow unauthenticated attackers to execute remote code or leak sensitive data.**Make sure all industrial devices are isolated from the internet and accessible from trusted networks only. Update Delta Electronics COMMGR 2 software to version 2.11.1 as soon as possible. In the meantime make sure they are isolated from the internet.**#cybersecurity #infosec #advisory #vulnerabilityhttps://beyondmachines.net/event_details/critical-rce-vulnerability-patched-in-delta-electronics-commgr-2-l-p-i-8-y/gD2P6Ple2L

ASN: AS31726Location: Hovden, NOAdded: 2026-03-17T16:18#shodansafari #infosec

Possible Phishing on: ️hxxps[:]//shaydenanna[.]wixsite[.]com/my-site 🧬 Analysis at: https://urldna.io/scan/69bbad073b77500009a8e451#cybersecurity #phishing #infosec #urldna #scam #infosec

El Curso de Hacking con Kali Linux está disponible de manera permanente en el aula virtual con acceso inmediato. WhatsApp: https://wa.me/51949304030 https://www.reydes.com/archivos/cursos/Curso_Hacking_Kali_Linux.pdf #cybersecurity #ethicalhacking #infosec #hacker #hacking #cyberattack #kalilinux

Possible Phishing on: ️hxxp[:]//ryanml[.]github[.]io/website 🧬 Analysis at: https://urldna.io/scan/69bbf3693b77500003449e35#cybersecurity #phishing #infosec #urldna #scam #infosec

Is there a link to the official announcement?Tech Crunch: FBI seizes pro-Iranian hacking group’s websites after destructive Stryker hack https://techcrunch.com/2026/03/19/fbi-seizes-pro-iranian-hacking-groups-websites-after-destructive-stryker-hack/ @TechCrunch @lorenzofb #infosec