The Good, the Bad and the Ugly in Cybersecurity – Week 11

This intelligence brief covers several concurrent high-impact events: U.S. and European authorities dismantled the SocksEscort proxy service used for fraud and seized servers, domains, and cryptocurrency; a former DigitalMint employee was charged for conspiring with the BlackCat ransomware group; attackers exploited FortiGate NGFW appliances (via known CVEs and weak credentials) to extract AD/LDAP credentials and move laterally; Microsoft’s Patch Tuesday addresses multiple critical RCEs and other flaws; and Iran-linked hacktivist Handala claimed theft of 50 TB and wiped over 200,000 Stryker devices, causing global disruption.