Tuesday, October 7 2025

News Roundups

Here you can access the latest 48hr Global News Roundups from DFM

We scour the internet to find the latest stories relating to:

DFIR, Cyber Investigations, Major Cyber Incidents, Exploits & Threat Intelligence, Law Enforcement, Policy,  and Standards & Compliance

We also provide an Editorial Perspective and a Reference List for further reading.

Sign up now to get these emailed direct to your inbox.

NEWS ROUNDUP – 5th August 2025

05/08/2025

Digital Forensics & Incident Response Talos IR confirms ransomware can seize full network control within 24-48 hours, urging rapid log access and live IR readiness. Talos report CERT‑UA reveals AI-powered “LameHug” malware linked to APT28, auto-generating Windows commands via LLM; DFIR […]

NEWS ROUNDUP – 3rd August 2025

03/08/2025

Digital Forensics & Incident Response Talos IR released a report showing ransomware can take over networks within 24-48 hours. Organizations are urged to preserve logs and enable rapid live analysis. Read more CERT-UA uncovered the “LameHug” malware campaign using AI-generated […]

NEWS ROUNDUP – 1st August 2025

01/08/2025

🔍 Digital Forensics & Incident Response Insights AI‑powered “LameHug” malware deployed in Ukraine: CERT‑UA attributes the first LLM‑driven malware to APT28, dynamically generating Windows commands-behavior‑based analysis now essential. Logpoint issues LameHug detection advisory: Includes Sigma rules, IoC feeds, and recommendations […]

NEWS ROUNDUP – 30TH July 2025

30/07/2025

🔍 Digital Forensics & Incident Response Insights AI‑powered “LameHug” malware in Ukraine: CERT‑UA uncovered APT28’s first LLM‑driven malware that auto‑generates system commands-DFIR teams should decode dynamic payload behaviours. LameHug reverse‑engineering insights (Cato Networks): Technical teardown includes indicators of compromise and […]

NEWS ROUNDUP – 28TH July 2025

28/07/2025

🔍 Digital Forensics & Incident Response Insights Talos IR ransomware timeline report: Highlights how ransomware variants achieve full network control within 24-48 hours, underscoring urgency in log retention and live IR workflows. CISA guidance on SharePoint exploitation: New detects, webshell indicators […]

NEWS ROUNDUP – 26TH July 2025

26/07/2025

🔍 Digital Forensics & Incident Response Insights AI‑powered “LameHug” malware in Ukraine: CERT‑UA links this new APT28 campaign to espionage on defense ministries-DFIR analysts must reverse-engineer AI-generated payloads and C2 frameworks. Fancy Bear Microsoft 365 token‑stealing malware: UK NCSC highlights a […]

NEWS ROUNDUP – 24TH July 2025

24/07/2025

🔍 Digital Forensics & Incident Response Insights AI-powered “LameHug” malware in Ukraine: CERT-UA links new APT28 strain to espionage on defense ministries-DFIR teams need to dissect AI-generated payloads and C2 patterns. Fancy Bear email credential malware: UK NCSC flags token-stealing malware […]

NEWS ROUNDUP – 22nd July 2025

22/07/2025

🔍 Digital Forensics & Incident Response Insights China’s cyber sector amplifies Beijing’s hacking of U.S. targets: Fresh intelligence shows Chinese APT groups are exploiting zero‑days at scale-DFIR teams must now analyse novel exploit artefacts. SonicWall SMA “OVERSTEP” firmware rootkit: GTIG […]

NEWS ROUNDUP – 20th July 2025

20/07/2025

🔍 Digital Forensics & Incident Response Insights China’s cyber sector amplifies Beijing’s hacking of U.S. targets: U.S. intel reveals Chinese groups using zero-days at scale-urgent DFIR focus on new exploit artifacts needed. SonicWall SMA “OVERSTEP” boot-level rootkit: GTIG warns UNC6148 […]