OCC Notifies Congress of Incident Involving Email System
The Office of the Comptroller of the Currency (OCC) today notified Congress of a major information security incident, as required by the Federal Information Security Modernization Act. This finding is the result of internal and independent third-party reviews of OCC emails and email attachments that were subject to unauthorized access. On February 11, 2025, the OCC learned of unusual interactions between a system administrative account in its office automation environment and OCC user mailboxes. On February 12, the OCC confirmed the activity was unauthorized and immediately activated its incident response protocols which include initiating an independent third-party incident assessment and reporting the incident to the Cybersecurity and Infrastructure Security Agency. On February 12, the OCC disabled the compromised administrative accounts and confirmed that the unauthorized access had been terminated. The OCC provided public notice of the incident on February 26.
Hackers target SSRF bugs in EC2-hosted sites to steal AWS credentials
A targeted campaign exploited Server-Side Request Forgery (SSRF) vulnerabilities in websites hosted on AWS EC2 instances to extract EC2 Metadata, which could include Identity and Access Management (IAM) credentials from the IMDSv1 endpoint. Retrieving IAM credentials allows attackers to escalate their privileges and access S3 buckets or control other AWS services, potentially leading to sensitive data exposure, manipulation, and service disruption. The campaign was discovered by F5 Labs researchers, who reports that the malicious activity culminated between March 13 and 25, 2025. The traffic and behavioral patterns strongly suggest that it was carried out by a single threat actor.
SMS Pumping: How Criminals Turn Your Messaging Service into Their Cash Machine
Imagine waking up to an alarming spike in SMS costs-hundreds of thousands of messages sent overnight. There’s no surge in new customers, no viral marketing campaign. Just a bill draining your budget. The culprit? A hidden cybercrime tactic known as SMS pumping fraud. Much like a modern-day toll scam, fraudsters exploit SMS verification systems to inflate traffic, generating revenue while leaving businesses to foot the bill. This scheme has quietly siphoned millions from companies relying on SMS-based authentication, sign-ups, and notifications. But with the right strategies, businesses can detect and prevent SMS pumping.
Over 40% of UK Businesses Faced Cybersecurity Breaches in 2024
A total of 43% of UK businesses and 30% of charities experienced a cyber breach or attack in the past year, according to the newly published Cyber Security Breaches Survey 2025. The report, published today, was commissioned by the UK Department for Science, Innovation and Technology (DSIT) and the Home Office. While breach statistics mark a slight decline from 2024, they continue to reflect the significant cybersecurity challenges facing UK organizations.
Why security stacks need to think like an attacker, and score every user in real time
More than 40% of corporate fraud is now AI-driven, designed to mimic real users, bypass traditional defenses and scale at speeds that overwhelm even the best-equipped SOCs. In 2024, nearly 90% of enterprises were targeted, and half of them lost $10 million or more. Bots emulate human behavior and create entire emulation frameworks, synthetic identities, and behavioral spoofing to pull off account takeovers at scale while slipping past legacy firewalls, EDR tools, and siloed fraud detection systems.
