Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Arctic Wolf

What's Behind The Rise of Spear Phishing Attacks on IT Leaders?

Nov 11, 2025 By Arctic Wolf In Arctic Wolf
Phishing has been a mainstay of cybercrime for decades – and for good reason. Threat actors continually evolve their phishing tactics, techniques, and procedures (TTPs), adapting the method with new tools and technologies to ensure it remains highly effective. IT leaders have become especially attractive targets: their privileged access amplifies the impact of a successful compromise.
Read Post
CalCom

NTLM Relay Attacks: Back from the Dead - and Still Haunting Active Directory

Nov 11, 2025 By CalCom In CalCom
NTLM Relay attacks should be history. Yet in 2025, they remain one of the most effective ways to compromise Active Directory. We first covered this problem back in 2020, when we wrote about a troubling vulnerability that refused to die: NTLM Relay attacks. At the time, many believed NTLM Relay attacks were a relic of the past, an old problem long solved by Kerberos and modern authentication protocols.
Read Post
safeaeon

What Is a Dictionary Attack In Cyber Security? How To Detect & Prevent It?

Nov 10, 2025 By SafeAeon Inc. In SafeAeon
Most people are aware of ways to ensure their online security, yet they often fail to implement them fully. A common guideline when signing up for an account on any website is to create a strong password; however, 65% of people reuse passwords across websites. Not just that, people use passwords that are easier to guess, like ‘123456’, ‘iloveyou’, ‘welcome’, and personal details. These passwords regularly appear in data breach leaks.
Read Post
netwrix

Understanding the golden ticket attack with Mimikatz

Nov 10, 2025 By Jeff Warren In Netwrix
Golden ticket attacks target the KRBTGT account in Active Directory, allowing attackers to forge Kerberos tickets and impersonate domain admins. Tools like Mimikatz make this attack simple and long-lasting, since forged tickets can remain valid for years. Netwrix Threat Manager, Privilege Secure, and Identity Threat Detection & Response (ITDR) help detect anomalies, rotate KRBTGT credentials, and enforce Just-in-Time access to prevent compromise.
Read Post

Language Switching Attacks: The New Threat Vector in LLM Security

Nov 10, 2025 By A10 Networks In A10 Networks
Language Switching Attacks: The New Threat Vector in LLM Security In this clip from "Securing AI Part 4: The Rising Threat of Hidden Attacks in Multimodal AI," Diptanshu Purwar discusses the growing trend of language-switching attacks. These techniques exploit the ongoing development and training gaps in Large Language Models (LLMs). Diptanshu explains how attackers can evade an LLM's built-in filters and guardrails by rapidly shifting between different languages, particularly less common ones, to find weaknesses where the model's safety data is sparse.
View Video
knowbe4

Quantum Route Redirect: Anonymous Tool Streamlining Global Phishing Attack

Nov 10, 2025 By KnowBe4 Threat Lab In KnowBe4
KnowBe4 Threat Labs has uncovered an emerging advanced phishing campaign targeting Microsoft 365 users globally to steal their credentials. The attackers are wielding a powerful new tool that’s completely changing the game for cybercriminals—turning what used to be complex, technical phishing setups into simple one-click launches that can bypass certain technical controls. Welcome to the era of “Quantum Route Redirect.".
Read Post
Trustwave

The Cat's Out of the Bag: A 'Meow Attack' Data Corruption Campaign Simulation via MAD-CAT

Nov 7, 2025 By Karl Biron In Trustwave
In 2024, I published Feline Hackers Among Us? (A Deep Dive and Simulation of the Meow Attack), which explored the notorious Meow attack campaign that had plagued unsecured databases since 2020. That article focused on demonstrating the attack against a single MongoDB instance using a simple Python script. A proof-of-concept that illustrates how devastating misconfigurations can be.
Read Post
safeaeon

What Happened During St Paul Cyber Attack? How did the City Recover from it?

Nov 7, 2025 By SafeAeon Inc. In SafeAeon
On July 25, 2025, St. Paul, Minnesota, suffered a digital crisis. Initially, it looked like a few irregular system alerts. In reality, it was a coordinated ransomware attack by the notorious Interlock gang. This gang has been on the radar of federal investigators for quite some time. The St Paul cyber attack forced the city to shut down its networks and suspend online services. People switched to paper-based operations to prevent further damage.
Read Post
safeaeon

How to Survive a Cyber Attack? Steps to Prepare, Respond, and Recover

Nov 7, 2025 By SafeAeon Inc. In SafeAeon
Cybercrime is growing at a rapid pace, and ransomware has become one of the most significant threats to businesses today. These attacks spread quickly across networks using strong encryption and target companies of all sizes. Security leaders, such as CISOs and CIOs, now carry far greater responsibility. They need to protect digital assets, manage crises, and maintain business operations even in the event of an attack.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.