CyberNetSecIO
@netsecio.bsky.social
Cybersecurity professional with over 10 years of specialized experience in security operations, threat intelligence, incident response, and security automation.
A new guide from the OSCE calls for the end of security silos. 🤝 It urges a unified cyber-physical defense strategy to protect critical infrastructure from blended threats and remote attacks on ICS. #OSCE #CriticalInfrastructure #ICS #CyberPhysical
OSCE Guide Urges Unified Cyber-Physical Defense for Critical Infrastructure
The Organization for Security and Cooperation in Europe (OSCE) has released a new technical guide urging a unified approach to physical and cybersecurity for the protection of critical infrastructure.
cyber.netsecops.io
November 10, 2025 at 4:26 PM
A new guide from the OSCE calls for the end of security silos. 🤝 It urges a unified cyber-physical defense strategy to protect critical infrastructure from blended threats and remote attacks on ICS. #OSCE #CriticalInfrastructure #ICS #CyberPhysical
The Akira ransomware gang strikes again, hitting U.S. manufacturer Koch & Co. 🏭 The group claims to have stolen 54GB of sensitive financial and HR data, threatening a leak if the ransom isn't paid. #Akira #Ransomware #DataBreach #Manufacturing
Akira Ransomware Hits US Manufacturer Koch & Co., Threatens to Leak 54GB of Data
The Akira ransomware group has claimed a cyberattack on U.S. manufacturer Koch & Co., alleging the theft of 54GB of sensitive corporate data including financials and HR files.
cyber.netsecops.io
November 10, 2025 at 4:26 PM
The Akira ransomware gang strikes again, hitting U.S. manufacturer Koch & Co. 🏭 The group claims to have stolen 54GB of sensitive financial and HR data, threatening a leak if the ransom isn't paid. #Akira #Ransomware #DataBreach #Manufacturing
📢 OWASP Top 10 2025 is here! The new list introduces 'Software Supply Chain Failures' and 'Mishandling of Exceptional Conditions'. Security Misconfiguration jumps to #2, reflecting modern cloud risks. 🔒 #OWASP #AppSec #DevSecOps
OWASP Top 10 for 2025 Released, Spotlighting Supply Chain and Design Flaws
The OWASP Foundation has released its 2025 Top 10 list, introducing new categories for Software Supply Chain Failures and highlighting the growing importance of secure design and configuration.
cyber.netsecops.io
November 10, 2025 at 4:26 PM
📢 OWASP Top 10 2025 is here! The new list introduces 'Software Supply Chain Failures' and 'Mishandling of Exceptional Conditions'. Security Misconfiguration jumps to #2, reflecting modern cloud risks. 🔒 #OWASP #AppSec #DevSecOps
The clock is ticking for defense contractors! ⏰ The DoD's CMMC program officially began its phased rollout on Nov 10. Cybersecurity compliance is now becoming mandatory for all DIB contracts. #CMMC #DoD #Cybersecurity #Compliance
It
As of November 10, 2025, the U.S. Department of Defense (DoD) has officially started the phased rollout of its CMMC program, which will mandate cybersecurity certification for all defense contractors.
cyber.netsecops.io
November 10, 2025 at 4:26 PM
The clock is ticking for defense contractors! ⏰ The DoD's CMMC program officially began its phased rollout on Nov 10. Cybersecurity compliance is now becoming mandatory for all DIB contracts. #CMMC #DoD #Cybersecurity #Compliance
EU governments are under siege, warns new ENISA report. 🇪🇺 Hacktivist DDoS attacks make up 60% of incidents, with pro-Russia groups leading the charge. Data breaches & ransomware pose deeper threats. #ENISA #DDoS #CyberWarfare #NIS2
EU Governments Under Siege: ENISA Reports Massive Surge in DDoS and Data Attacks
A new ENISA report finds EU public administrations are heavily targeted by DDoS attacks from hacktivists, as well as damaging data breaches and ransomware, putting essential services and citizen data at risk.
cyber.netsecops.io
November 10, 2025 at 4:26 PM
EU governments are under siege, warns new ENISA report. 🇪🇺 Hacktivist DDoS attacks make up 60% of incidents, with pro-Russia groups leading the charge. Data breaches & ransomware pose deeper threats. #ENISA #DDoS #CyberWarfare #NIS2
Major supply chain attack in Sweden: 'Datacarry' ransomware hits IT provider Miljödata, leaking personal data of 1.5M people. 🇸🇪 Municipal services disrupted, major firms like SAS & Volvo affected. #Ransomware #DataBreach #GDPR
Swedish IT Supplier Breach Exposes Personal Data of 1.5 Million Citizens
A ransomware attack by the
cyber.netsecops.io
November 10, 2025 at 4:26 PM
Major supply chain attack in Sweden: 'Datacarry' ransomware hits IT provider Miljödata, leaking personal data of 1.5M people. 🇸🇪 Municipal services disrupted, major firms like SAS & Volvo affected. #Ransomware #DataBreach #GDPR
🚨 CATASTROPHIC BREACH: Chinese security firm Knownsec hacked, exposing state-sponsored cyber arsenal. Leaked files reveal RATs for all OSs, hardware attack tools, and a global target list including India, UK & SK. #ThreatIntel #China #CyberWarfare
China
A massive data breach at Chinese cybersecurity firm Knownsec has exposed a trove of state-sponsored hacking tools, malware, and global surveillance target lists, revealing large-scale data theft from multiple nations.
cyber.netsecops.io
November 10, 2025 at 4:26 PM
🚨 CATASTROPHIC BREACH: Chinese security firm Knownsec hacked, exposing state-sponsored cyber arsenal. Leaked files reveal RATs for all OSs, hardware attack tools, and a global target list including India, UK & SK. #ThreatIntel #China #CyberWarfare
🏆 Pwn2Own Ireland Day 1: Hackers earn $522,500 for 34 unique zero-days! 100% success rate against printers, NAS & routers from QNAP, Synology, HP & more. Patches expected within 90 days. #Pwn2Own #ZeroDay #Hacking #InfoSec
Pwn2Own Day 1: Hackers Net $522K for 34 Zero-Days in SOHO Devices
On Day 1 of Pwn2Own Ireland 2025, security researchers earned $522,500 by demonstrating 34 zero-day vulnerabilities against popular SOHO devices from QNAP, Synology, Canon, and HP with a 100% success rate.
cyber.netsecops.io
November 9, 2025 at 9:50 PM
🚨 CRITICAL VULNERABILITY: Three new flaws in runC, the core runtime for Docker & Kubernetes, allow for container escape. Attackers could gain host access. This is a major threat to cloud environments. Patch immediately! #runC #Docker #Kubernetes
Critical Container Escape Flaws in runC Threaten Docker & Kubernetes
Three critical new vulnerabilities have been found in runC, the core container runtime for Docker and Kubernetes, which could allow attackers to escape container isolation and access the host OS.
cyber.netsecops.io
November 9, 2025 at 9:50 PM
🚨 CRITICAL VULNERABILITY: Three new flaws in runC, the core runtime for Docker & Kubernetes, allow for container escape. Attackers could gain host access. This is a major threat to cloud environments. Patch immediately! #runC #Docker #Kubernetes
🇵🇭 Philippines lawmakers propose a dedicated national Cybersecurity Fund to combat digital attacks. The fund aims to bolster incident response and protect critical infrastructure in both public and private sectors. #Philippines #CyberSecurity #Policy
Philippines Lawmakers Push for National Cybersecurity Fund
Lawmakers in the Philippines have proposed a dedicated national Cybersecurity Risk Management and Mitigation Fund to finance prevention and response to cyberattacks on government and businesses.
cyber.netsecops.io
November 9, 2025 at 9:49 PM
🇵🇭 Philippines lawmakers propose a dedicated national Cybersecurity Fund to combat digital attacks. The fund aims to bolster incident response and protect critical infrastructure in both public and private sectors. #Philippines #CyberSecurity #Policy
🚌 SECURITY ALERT: Chinese-made Yutong electric buses used in Europe & Australia can be remotely disabled, Norwegian tests reveal. Findings trigger urgent security reviews of critical transit infrastructure. #ICS #CyberSecurity #CriticalInfrastructure
Chinese-Made Electric Buses in Europe & Australia Pose Remote Shutdown Risk
Cybersecurity tests in Norway show that Chinese-made Yutong electric buses, used widely in Europe and Australia, could be remotely disabled, raising major national security concerns.
cyber.netsecops.io
November 9, 2025 at 9:49 PM
🚌 SECURITY ALERT: Chinese-made Yutong electric buses used in Europe & Australia can be remotely disabled, Norwegian tests reveal. Findings trigger urgent security reviews of critical transit infrastructure. #ICS #CyberSecurity #CriticalInfrastructure
🔒 Privacy Alert: Microsoft's 'Whisper Leak' attack can identify AI chat topics even through encryption. By analyzing packet sizes & timing, it spies on conversations with OpenAI, Mistral & more. #AI #Privacy #CyberSecurity #SideChannel
Microsoft
Microsoft researchers detail
cyber.netsecops.io
November 9, 2025 at 9:49 PM
🔒 Privacy Alert: Microsoft's 'Whisper Leak' attack can identify AI chat topics even through encryption. By analyzing packet sizes & timing, it spies on conversations with OpenAI, Mistral & more. #AI #Privacy #CyberSecurity #SideChannel
🚨 BREAKING: The Washington Post confirms breach by Clop ransomware. Attackers exploited Oracle E-Business Suite flaws in a campaign hitting 100+ companies. Data stolen, massive ransoms demanded. #Clop #Ransomware #Oracle #CyberAttack
Washington Post Breached by Clop Ransomware via Oracle Flaws
The Clop ransomware group has breached The Washington Post and over 100 other organizations by exploiting vulnerabilities in Oracle
cyber.netsecops.io
November 9, 2025 at 9:49 PM
🚨 BREAKING: The Washington Post confirms breach by Clop ransomware. Attackers exploited Oracle E-Business Suite flaws in a campaign hitting 100+ companies. Data stolen, massive ransoms demanded. #Clop #Ransomware #Oracle #CyberAttack
Hackers claim to have breached 'Radon,' a Russian nuclear waste facility, and stolen its entire database. The breach could be used to forge safety documents or launch further attacks on Rosatom. ☢️ #CyberAttack #Nuclear #Russia #CriticalInfrastructure
Hackers Claim Breach and Full Database Theft from Russian Nuclear Waste Facility
A threat actor has claimed a breach of Radon, a nuclear waste management plant operated by Russia
cyber.netsecops.io
November 5, 2025 at 2:06 PM
Hackers claim to have breached 'Radon,' a Russian nuclear waste facility, and stolen its entire database. The breach could be used to forge safety documents or launch further attacks on Rosatom. ☢️ #CyberAttack #Nuclear #Russia #CriticalInfrastructure
Identity is the new perimeter. 🛡️ Reports show stolen credentials & over-privileged accounts (99%!) are the top cloud threats. Time to shift to a 'zero standing privileges' model. #CloudSecurity #Identity #ZeroTrust #CIEM
Identity is the New Perimeter: Stolen Credentials and Over-Privileged Accounts Drive Cloud Breaches
Security reports reveal that identity-based attacks, fueled by stolen credentials and over-privileged cloud identities, are the leading cause of cloud security incidents, urging a move to zero standing privileges.
cyber.netsecops.io
November 5, 2025 at 2:06 PM
Identity is the new perimeter. 🛡️ Reports show stolen credentials & over-privileged accounts (99%!) are the top cloud threats. Time to shift to a 'zero standing privileges' model. #CloudSecurity #Identity #ZeroTrust #CIEM
Massive data breach at Swedish IT firm Miljödata exposes personal info of 1.5 million people. Data was dumped on the darknet, triggering a major GDPR investigation. 🇸🇪 #DataBreach #GDPR #Sweden #Privacy
Swedish IT Firm Breach Exposes Data of 1.5 Million, Sparks GDPR Probe
A data breach at Swedish IT services firm Miljödata has compromised the personal information of over 1.5 million people, leading to a major GDPR investigation by the Swedish Data Protection Authority (IMY).
cyber.netsecops.io
November 5, 2025 at 2:06 PM
Massive data breach at Swedish IT firm Miljödata exposes personal info of 1.5 million people. Data was dumped on the darknet, triggering a major GDPR investigation. 🇸🇪 #DataBreach #GDPR #Sweden #Privacy
🚨 CISA KEV UPDATE: Two new vulnerabilities in Gladinet (CVE-2025-11371) and CWP (CVE-2025-48703) are being actively exploited. Federal agencies must patch now under BOD 22-01. #KEV #PatchNow #CISA #Vulnerability
CISA Adds Actively Exploited Gladinet and CWP Flaws to KEV Catalog
CISA has added two actively exploited vulnerabilities, CVE-2025-11371 in Gladinet and CVE-2025-48703 in CWP, to its KEV Catalog, mandating federal agencies to patch.
cyber.netsecops.io
November 5, 2025 at 2:06 PM
🚨 CISA KEV UPDATE: Two new vulnerabilities in Gladinet (CVE-2025-11371) and CWP (CVE-2025-48703) are being actively exploited. Federal agencies must patch now under BOD 22-01. #KEV #PatchNow #CISA #Vulnerability
🚨 CISA exposes critical ICS vulnerabilities in products from Fuji Electric, Delta Electronics, Radiometrics & more. Flaws with CVSS scores up to 10.0 could allow RCE and disrupt critical infrastructure. Patch now! ⚠️ #ICS #OTsecurity #Vulnerability
CISA Warns of Critical ICS Flaws in Fuji, Delta, and Radiometrics Systems
CISA has issued five advisories detailing critical vulnerabilities in Industrial Control Systems (ICS) from Fuji Electric, Survision, Delta, Radiometrics, and IDIS, posing risks of RCE and operational disruption.
cyber.netsecops.io
November 5, 2025 at 2:06 PM
🚨 CISA exposes critical ICS vulnerabilities in products from Fuji Electric, Delta Electronics, Radiometrics & more. Flaws with CVSS scores up to 10.0 could allow RCE and disrupt critical infrastructure. Patch now! ⚠️ #ICS #OTsecurity #Vulnerability
🇸🇪 Sweden's power grid operator, Svenska kraftnät, confirms data breach after Everest ransomware gang claims theft of 280GB of data. The attack was limited to an external system; power grid unaffected. ⚡ #Everest #Ransomware #DataBreach #Sweden
Everest Ransomware Hits Swedish Power Grid Operator, Steals 280GB of Data
The Everest ransomware group has claimed a data breach against Sweden
cyber.netsecops.io
November 4, 2025 at 6:16 PM
🇸🇪 Sweden's power grid operator, Svenska kraftnät, confirms data breach after Everest ransomware gang claims theft of 280GB of data. The attack was limited to an external system; power grid unaffected. ⚡ #Everest #Ransomware #DataBreach #Sweden
📈 Europe is now the #2 global target for ransomware, says new CrowdStrike report. Attacks are accelerating, with some deployments taking just 24 hours. Geopolitical tensions from Russia, China & DPRK are fueling the fire. #Ransomware #ThreatIntel
Europe Now #2 Global Ransomware Target, Attacks Accelerating to 24-Hour Deployments
CrowdStrike
cyber.netsecops.io
November 4, 2025 at 6:16 PM
📈 Europe is now the #2 global target for ransomware, says new CrowdStrike report. Attacks are accelerating, with some deployments taking just 24 hours. Geopolitical tensions from Russia, China & DPRK are fueling the fire. #Ransomware #ThreatIntel
🤖 Novel 'SesameOp' backdoor discovered by Microsoft uses the OpenAI Assistants API for C2 communications. This espionage tool hides malicious traffic within legitimate API calls, making detection a major challenge. #Malware #OpenAI #C2 #Espionage
Microsoft Discovers
Microsoft researchers have discovered
cyber.netsecops.io
November 4, 2025 at 6:16 PM
🤖 Novel 'SesameOp' backdoor discovered by Microsoft uses the OpenAI Assistants API for C2 communications. This espionage tool hides malicious traffic within legitimate API calls, making detection a major challenge. #Malware #OpenAI #C2 #Espionage
⚖️ China amends its Cybersecurity Law, massively increasing fines for non-compliance up to 10x for critical infrastructure operators. The new rules, effective Jan 1, 2026, also introduce a new clause on AI governance. #CyberLaw #China #Compliance
China Amends Cybersecurity Law, Massively Increasing Fines and Adding AI Governance Clause
China has amended its Cybersecurity Law, effective January 1, 2026, to significantly increase financial penalties for non-compliance and introduce new rules for AI governance.
cyber.netsecops.io
November 4, 2025 at 6:16 PM
⚖️ China amends its Cybersecurity Law, massively increasing fines for non-compliance up to 10x for critical infrastructure operators. The new rules, effective Jan 1, 2026, also introduce a new clause on AI governance. #CyberLaw #China #Compliance
💸 Financial fallout: SK Telecom's operating profit drops 90% due to a data breach affecting 27M customers. The breach went undetected for 3 years and resulted in a $96.5M fine. A stark reminder of the cost of cyber incidents. #DataBreach #SKTelecom
SK Telecom Profit Plummets 90% Following Massive Data Breach Affecting 27 Million Customers
SK Telecom
cyber.netsecops.io
November 4, 2025 at 6:15 PM
💸 Financial fallout: SK Telecom's operating profit drops 90% due to a data breach affecting 27M customers. The breach went undetected for 3 years and resulted in a $96.5M fine. A stark reminder of the cost of cyber incidents. #DataBreach #SKTelecom
🚨 Unbelievable insider threat: Two cybersecurity pros from incident response & negotiation firms indicted for using ALPHV/BlackCat ransomware to extort U.S. companies. Nearly $1.3M stolen from one victim. #Ransomware #InsiderThreat #BlackCat
Insider Threat Shocker: Cybersecurity Pros Indicted for Wielding ALPHV/BlackCat Ransomware
Two cybersecurity professionals from Sygnia and DigitalMint have been indicted for using ALPHV/BlackCat ransomware to attack and extort U.S. businesses.
cyber.netsecops.io
November 4, 2025 at 6:15 PM
🚨 Unbelievable insider threat: Two cybersecurity pros from incident response & negotiation firms indicted for using ALPHV/BlackCat ransomware to extort U.S. companies. Nearly $1.3M stolen from one victim. #Ransomware #InsiderThreat #BlackCat
CISA adds critical Motex LANSCOPE RCE flaw (CVE-2025-61932) to its KEV catalog. ⚠️ The bug is actively exploited to drop backdoors. Federal agencies must patch by Nov 12. #KEV #CISA #Vulnerability #CyberSecurity
CISA Adds Actively Exploited Motex LANSCOPE RCE Flaw to KEV Catalog
CISA has added CVE-2025-61932, a critical remote code execution vulnerability in Motex
cyber.netsecops.io
November 4, 2025 at 5:53 PM
CISA adds critical Motex LANSCOPE RCE flaw (CVE-2025-61932) to its KEV catalog. ⚠️ The bug is actively exploited to drop backdoors. Federal agencies must patch by Nov 12. #KEV #CISA #Vulnerability #CyberSecurity