Organizations today face relentless cyber attacks, with high-profile breaches hitting the headlines almost daily. Reflecting on a long journey in the security field, it’s clear this isn’t just a human problem—it’s a math problem. There are simply too many threats and security tasks for any SOC to manually handle in a reasonable timeframe. Yet, there is a solution. Many refer...
A data breach at DISA Global Solutions, a firm providing background checks, and drugs and alcohol testing services,… – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday placed two security flaws impacting Microsoft Partner Center and Synacor Zimbra Collaboration Suite (ZCS) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerabilities in question are as follows – CVE-2024-49035 (CVSS score: 8.7) – An improper access control – Read More – The Hacker...
Cybersecurity threats in crypto are rising, from the Bybit hack to fake wallets stealing funds. Learn how to… – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
Last week’s $1.46 billion Ethereum theft by North Korean-linked Lazarus Group has sent shockwaves through the cybercrime ecosystem, as it has not only joined the ranks of the largest known financial thefts in history but also demonstrated that the group’s skillset is presenting new challenges for defenders. In the wake of the theft, numerous experts told CyberScoop that the group’s...
Expelling all members of an independent federal cybersecurity advisory panel as it was investigating Salt Typhoon was necessary due to previous leadership and the board “going in the wrong direction,” President Donald Trump’s nominee for deputy secretary of the Department of Homeland Security said Tuesday. Troy Edgar, who is serving as a senior adviser to Homeland Security Secretary Kristi Noem...
Democrats on the House Oversight Committee say the Department of Government Efficiency (DOGE) is jeopardizing cybersecurity by publicly exposing entry points into U.S. government systems, and told the Trump administration it needs to provide information on department officials’ access. “Decades of efforts by both Republican and Democratic administrations, along with bipartisan collaboration in Congress, have strengthened the federal government’s cybersecurity...
Kaspersky’s Securelist exposes the GitVenom campaign involving fake GitHub repositories to distribute malware. Targeting developers with seemingly legitimate… – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
Opposition activists in Belarus as well as Ukrainian military and government organizations are the target of a new campaign that employs malware-laced Microsoft Excel documents as lures to deliver a new variant of PicassoLoader. The threat cluster has been assessed to be an extension of a long-running campaign mounted by a Belarus-aligned threat actor dubbed Ghostwriter (aka Moonscape, – Read...
Cybersecurity researchers have flagged an updated version of the LightSpy implant that comes equipped with an expanded set of data collection features to extract information from social media platforms like Facebook and Instagram. LightSpy is the name given to a modular spyware that’s capable of infecting both Windows and Apple systems with an aim to harvest data. It was first...
In episode 39 of the AI Fix, our hosts watch a drone and a robot dog shoot fireworks at each other, xAI launches Grok 3, Mark explains that AIs can design genomes now, a robot starts a punch up, Zuck becomes a mind reader, an AI cracks a ten-year science question in two days, and an anatomically accurate synthetic human...
Chinese Silver Fox APT exploits trojanized medical imaging software to spread ValleyRAT malware, posing a serious threat to… – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
A serious security vulnerability has been found in popular stalkerware apps, exposing the sensitive personal information and communications of millions of people. Read more in my article on the Hot for Security blog. – Read More – Graham Cluley
Cyberattacks against industrial organizations surged in 2024 as a glut of new threat actors increasingly targeted operational technology (OT) and industrial control systems (ICS), according to cybersecurity firm Dragos. According to a report released Tuesday, attacks on industrial organizations soared by 87% last year, while the number of ransomware groups impacting the OT/ICS space jumped 60%. Dragos CEO Rob Lee...
Cyberattacks against industrial organizations surged in 2024 as a glut of new threat actors increasingly targeted operational technology (OT) and industrial control systems (ICS), according to cybersecurity firm Dragos. According to a report released Tuesday, attacks on industrial organizations soared by 87% last year, while the number of ransomware groups impacting the OT/ICS space jumped 60%. Dragos CEO Rob Lee...
Cary, NC, 25th February 2025, CyberNewsWire – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
Cybercriminals intentionally disrupted operations at a growing rate last year, Palo Alto Networks’ threat intelligence firm Unit 42 said in an annual incident response report released Tuesday. Of the nearly 500 major cyberattacks Unit 42 responded to last year, 86% involved business disruption, including operational downtime, fraud-related losses, increased operating costs and negative reputational impacts. Unit 42 called this trend...
Cybercriminals intentionally disrupted operations at a growing rate last year, Palo Alto Networks’ threat intelligence firm Unit 42 said in an annual incident response report released Tuesday. Of the nearly 500 major cyberattacks Unit 42 responded to last year, 86% involved business disruption, including operational downtime, fraud-related losses, increased operating costs and negative reputational impacts. Unit 42 called this trend...
Cybersecurity researchers are calling attention to an ongoing campaign that’s targeting gamers and cryptocurrency investors under the guise of open-source projects hosted on GitHub. The campaign, which spans hundreds of repositories, has been dubbed GitVenom by Kaspersky. “The infected projects include an automation instrument for interacting with Instagram accounts, a Telegram bot that enables – Read More – The Hacker...
A large-scale malware campaign has been found leveraging a vulnerable Windows driver associated with Adlice’s product suite to sidestep detection efforts and deliver the Gh0st RAT malware. “To further evade detection, the attackers deliberately generated multiple variants (with different hashes) of the 2.0.2 driver by modifying specific PE parts while keeping the signature valid,” Check Point – Read More –...
The first quarter of 2025 has been a battlefield in the world of cybersecurity. Cybercriminals continued launching aggressive new campaigns and refining their attack methods. Below is an overview of five notable malware families, accompanied by analyses conducted in controlled environments. NetSupport RAT Exploiting the ClickFix Technique In early 2025, threat actors began exploiting a technique – Read More –...
Various industrial organizations in the Asia-Pacific (APAC) region have been targeted as part of phishing attacks designed to deliver a known malware called FatalRAT. “The threat was orchestrated by attackers using legitimate Chinese cloud content delivery network (CDN) myqcloud and the Youdao Cloud Notes service as part of their attack infrastructure,” Kaspersky ICS CERT said in a Monday – Read...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two security flaws impacting Adobe ColdFusion and Oracle Agile Product Lifecycle Management (PLM) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerabilities in question are listed below – CVE-2017-3066 (CVSS score: 9.8) – A deserialization vulnerability impacting – Read More – The Hacker News
A botnet of 130,000 devices is launching a Password-Spraying attack on Microsoft 365, bypassing MFA and exploiting legacy authentication to access accounts. – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
Black Basta’s internal chat logs, which were leaked earlier this month, are providing defenders with actionable intelligence on the ransomware group’s operations, cybercrime experts told CyberScoop. Researchers sifting through Black Basta’s exposed communications found details about the group’s preferred tools and techniques, including custom malware loaders, indicators of compromise, cryptocurrency wallets and email addresses associated with the syndicate’s affiliates. Multiple...
Cybersecurity researchers are warning of a new campaign that leverages cracked versions of software as a lure to distribute information stealers like Lumma and ACR Stealer. The AhnLab Security Intelligence Center (ASEC) said it has observed a spike in the distribution volume of ACR Stealer since January 2025. A notable aspect of the stealer malware is the use of a...
A new information-stealing malware, ACRStealer, is leveraging legitimate platforms like Google Docs and Steam to carry out its… – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
If you just want to read the contest rules, click here. Willkommen, meine Damen und Herren, zu unserem ersten Wettbewerb in Berlin! That’s correct (if Google translate didn’t steer me wrong). While the Pwn2Own competition started in Vancouver in 2007, we always want to ensure we are reaching the right people with our choice of venue. Over the last few...
A VPN enhances online privacy, encrypts data, and secures devices. Essential for remote work, it protects against cyber threats and ensures safer internet use. – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
Payment Orchestration Platforms streamline transactions by routing payments through multiple providers, reducing costs, boosting approval rates, and enhancing… – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
Bitdefender warns CS2 fans of scams using hijacked YouTube channels, fake giveaways, and crypto fraud. Protect your Steam account and avoid phishing traps. – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
Crypto wallets are essential in keeping your cryptocurrency safe. There are different types of wallets available and choosing… – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
Ransomware doesn’t hit all at once—it slowly floods your defenses in stages. Like a ship subsumed with water, the attack starts quietly, below the surface, with subtle warning signs that are easy to miss. By the time encryption starts, it’s too late to stop the flood. Each stage of a ransomware attack offers a small window to detect and stop...
Google Cloud has announced quantum-safe digital signatures in Google Cloud Key Management Service (Cloud KMS) for software-based keys as a way to bulletproof encryption systems against the threat posed by cryptographically-relevant quantum computers. The feature, currently in preview, coexists with the National Institute of Standards and Technology’s (NIST) post-quantum cryptography (PQC) – Read More – The Hacker News
Welcome to your weekly roundup of cyber news, where every headline gives you a peek into the world of online battles. This week, we look at a huge crypto theft, reveal some sneaky AI scam tricks, and discuss big changes in data protection. Let these stories spark your interest and help you understand the changing threats in our digital world....
Australia has become the latest country to ban the installation of security software from Russian company Kaspersky, citing national security concerns. “After considering threat and risk analysis, I have determined that the use of Kaspersky Lab, Inc. products and web services by Australian Government entities poses an unacceptable security risk to Australian Government, networks and data, – Read More –...
One month into his second term, President Trump’s actions to shrink the government through mass layoffs, firings and withholding funds allocated by Congress have thrown federal cybersecurity and consumer protection programs into disarray. At the same time, agencies are battling an ongoing effort by the world’s richest man to wrest control over their networks and data. Image: Shutterstock. Greg Meland....
Investigators link the $1.4B Bybit hack to North Korea’s Lazarus Group, exposing a major crypto heist tied to state-backed cybercrime and money laundering. – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
The United States is falling “increasingly behind” its adversaries in cyberspace, a former Cyber Command and National Security Agency boss said Saturday. Speaking at the DistrictCon cybersecurity conference in Washington, D.C., retired Gen. Paul Nakasone said that “our adversaries are continuing to be able to broaden the spectrum of what they’re able to do to us.” Nakasone said incidents like...
Gathering data used to be a fringe pursuit of Silicon Valley nerds. Now we’re all at it, recording everything from menstrual cycles and mobility to toothbrushing and time spent in daylight. Is this just narcissism redesigned for the big tech age? I first heard about my friend Adam’s curious new habit in a busy pub. He said he’d been doing...
Cryptocurrency exchange Bybit on Friday revealed that a “sophisticated” attack led to the theft of over $1.46 billion worth of cryptocurrency from one of its Ethereum cold (offline) wallets, making it the largest ever single crypto heist in history. “The incident occurred when our ETH multisig cold wallet executed a transfer to our warm wallet. Unfortunately, this transaction was manipulated ...
OpenAI on Friday revealed that it banned a set of accounts that used its ChatGPT tool to develop a suspected artificial intelligence (AI)-powered surveillance tool. The social media listening tool is said to likely originate from China and is powered by one of Meta’s Llama models, with the accounts in question using the AI company’s models to generate detailed descriptions...
Republican leaders on a key House committee are canvassing the public for input on how best to move forward in Congress’ longstanding quest to tackle national data privacy and security standards. House Energy and Commerce Committee Chair Brett Guthrie, R-Ky., and Vice Chair John Joyce, R-Pa.,issued a Request for Information on Friday that seeks guidance on how to best develop...
In a major cybersecurity incident, Bybit, the world’s 2nd-largest crypto exchange suffered a $1.4 billion ETH hack from… – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
TopSec data leak: 7000+ documents expose potential Chinese government surveillance and censorship practices. Learn about the key findings… – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
Apple has pulled Advanced Data Protection, a feature that provides end-to-end encrypted data storage through iCloud, from the United Kingdom following a fight with the British government over law enforcement access. Starting Friday, U.K. users who attempt to access the feature on their phones or computers will be denied. Users who already had Advanced Data Protection turned on will be...
An analysis of a data leak from a Chinese cybersecurity company TopSec has revealed that it likely offers censorship-as-a-service solutions to prospective customers, including a state-owned enterprise in the country. Founded in 1995, TopSec ostensibly offers services such as Endpoint Detection and Response (EDR) and vulnerability scanning. But it’s also providing “boutique” solutions in order – Read More – The...
Apple is removing its Advanced Data Protection (ADP) feature for iCloud from the United Kingdom with immediate effect following government demands for backdoor access to encrypted user data. The development was first reported by Bloomberg. ADP for iCloud is an optional setting that ensures that users’ trusted devices retain sole access to the encryption keys used to unlock data stored...
A longtime former employee of the Cybersecurity and Infrastructure Security Agency, an agency in the midst of curtailing its anti-misinformation and disinformation work under President Donald Trump, has found himself being misidentified online as a key figure in another Trump administration battle. On social media and in some news outlets, Ross Foard, a former CISA information security specialist, is being...
Users will now be more vulnerable to data breaches from bad actors, Apple says, after Home Office order Business live – latest updates Apple has taken the unprecedented step of removing its strongest data security tool from customers in the UK, after the government demanded “backdoor” access to user data. UK users will no longer have access to the advanced...
