Major Incidents or Breaches

  • Norwegian intelligence has attributed a cyber attack on a dam to Kremlin-linked threat actors.
  • ICE agents inadvertently added an unauthorised individual to a sensitive group chat, potentially exposing confidential information.

Newly Discovered Vulnerabilities

  • A security researcher has released a partial proof-of-concept exploit for a vulnerability in FortiWeb web application firewalls that allows remote authentication bypass. The researcher intends to release a full exploit, increasing the risk of exploitation in the near term.

Notable Threat Actor Activity

  • Researchers have analysed ERMAC 3.0, an Android banking trojan, after its source code and infrastructure details were leaked. The analysis highlights operational shortcomings in the malware’s infrastructure but confirms ongoing threat activity targeting banking credentials.

Trends, Tools, or Tactics of Interest

  • Microsoft is enhancing Teams’ security by adding protections against malicious URLs and dangerous file types in chats and channels.
  • The UK is deploying new facial recognition vans, expanding the use of biometric surveillance technologies.

Regulatory or Policy Developments

  • Russian authorities are intensifying efforts to restrict end-to-end encrypted calling services, impacting the privacy landscape for communication platforms operating in the region.