Cybersecurity News
Remote Desktop Protocol (RDP) is an amazing technology developed by Microsoft that lets you access and control another computer over a network. It’s like having your office computer with you wherever you go. For businesses, this means IT staff can manage systems remotely, and employees can work from home or anywhere, making RDP a true … Read More “RDP: a Double-Edged Sword for IT Teams – Essential Yet Exploitable – The Hacker News” »
Data from Resilience found that third-party attacks made up 23% of material cyber insurance claims in 2024, with ransomware attacks targeting vendors a major driver – Read More –
Louis Donald Mendonsa, 62, was sentenced following a guilty plea for distributing child sexual abuse materials (CSAM) via… – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
In February 2025, Sophos completed the Secureworks deal and SolarWinds went private – Read More –
Microsoft on Thursday unmasked four of the individuals that it said were behind an Azure Abuse Enterprise scheme that involves leveraging unauthorized access to generative artificial intelligence (GenAI) services in order to produce offensive and harmful content. The campaign, called LLMjacking, has targeted various AI offerings, including Microsoft’s Azure OpenAI Service. The tech giant is … Read More “Microsoft Exposes LLMjacking Cybercriminals Behind Azure AI Abuse Scheme – The Hacker News” »
Four in ten flaws exploited by threat actors in 2024 were from 2020 or earlier, with some dating back to the 1990s, according to a GreyNoise report – Read More –
The threat actor known as Sticky Werewolf has been linked to targeted attacks primarily in Russia and Belarus with the aim of delivering the Lumma Stealer malware by means of a previously undocumented implant. Cybersecurity company Kaspersky is tracking the activity under the name Angry Likho, which it said bears a “strong resemblance” to Awaken … Read More “Sticky Werewolf Uses Undocumented Implant to Deploy Lumma Stealer in Russia and Belarus – The Hacker News” »
A dataset used to train large language models (LLMs) has been found to contain nearly 12,000 live secrets, which allow for successful authentication. The findings once again highlight how hard-coded credentials pose a severe security risk to users and organizations alike, not to mention compounding the problem when LLMs end up suggesting insecure coding practices … Read More “12,000+ API Keys and Passwords Found in Public Datasets Used for LLM Training – The Hacker News” »
A joint operation between the Thai and Singapore police has resulted in the arrest of a man allegedly responsible for over 90 data extortion attacks worldwide – Read More –
A hacker using the alias GHOSTR, linked to 90+ data breaches, was arrested in a joint effort by law enforcement in Thailand, Singapore, and cybersecurity firm Group-IB. – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
U.S. authorities say a 21-year-old U.S. Army soldier attempted to sell stolen sensitive information to a foreign intelligence service as part of a broader effort to extort victims and leak call records of high-ranking public officials. In November while on active duty, Cameron Wagenius made multiple attempts to extort $500,000 from a major telecommunications company … Read More “Army soldier linked to Snowflake attack spree allegedly tried to sell data to foreign spies – CyberScoop” »
Strong eCommerce customer service builds trust, boosts loyalty, and drives sales. Learn key strategies, best practices, and tools to enhance online support. – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
Google is gradually phasing out SMS-based verification as part of its two-step verification (2SV) process across its suite of services, signaling a significant shift in how the tech giant approaches user authentication and security. The change, which will affect Gmail and all other Google services where users sign in with their Google accounts, marks a … Read More “Here’s what Google is (and isn’t) planning with SMS account verification – CyberScoop” »
Google is gradually phasing out SMS-based verification as part of its two-step verification (2SV) process across its suite of services, signaling a significant shift in how the tech giant approaches user authentication and security. The change, which will affect Gmail and all other Google services where users sign in with their Google accounts, marks a … Read More “Here’s what Google is (and isn’t) planning with SMS account verification – CyberScoop” »
Do you want to have the best communication system at your workplace? Learn how to maximize the benefits… – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
President Donald Trump’s nominee to lead the consumer-focused federal agency that Elon Musk wants to “delete” and that Republican lawmakers have railed against since its creation indicated to senators Thursday that he could continue some data-focused work started by his Democratic predecessor. In his nomination hearing to lead the Consumer Financial Protection Bureau, Jonathan McKernan … Read More “CFPB nominee signals openness to continuing data-broker work – CyberScoop” »
Auto-color: New Linux backdoor malware targeting the US and Asia. Learn about its advanced evasion, persistence, and detection… – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
Microsoft has identified individuals from Iran, China, Vietnam and the United Kingdom as primary players in an alleged international scheme to hijack and sell Microsoft accounts that could bypass safety guidelines for generative AI tools. In December, Microsoft petitioned a Virginia court to seize infrastructure and software from 10 unnamed individuals who the company claims … Read More “Microsoft IDs developers behind alleged generative AI hacking-for-hire scheme – CyberScoop” »
FortiGuard Labs discovers Winos 4.0 malware targeting Taiwan via phishing. Learn how this advanced threat steals data and… – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
Companies are being warned that malicious hackers are using a novel technique to break into businesses – by pretending to offer audits of the company’s cybersecurity. Read more in my article on the Tripwire State of Security blog. – Read More – Graham Cluley
In today’s digital era, cashless transactions have become the norm. With the convenience of online payments, more people are… The post Exploring the Benefits of Payment HSM: Enhancing Security in a Cashless World appeared first on JISA Softech Pvt Ltd. – Read More – JISA Softech Pvt Ltd
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: Communication modules for Modicon M580 and Quantum controllers Vulnerability: Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a stack overflow attack, which could result in loss of confidentiality, integrity, and denial of service of … Read More “Schneider Electric Communication Modules for Modicon M580 and Quantum Controllers – All CISA Advisories” »
CISA released two Industrial Control Systems (ICS) advisories on February 27, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-058-01 Schneider Electric Communication Modules for Modicon M580 and Quantum Controllers ICSMA-25-058-01 Dario Health USB-C Blood Glucose Monitoring System Starter Kit Android Application CISA encourages users and administrators to … Read More “CISA Releases Two Industrial Control Systems Advisories – All CISA Advisories” »
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Dario Health Equipment: USB-C Blood Glucose Monitoring System Starter Kit Android Application, Application Database and Internet-based Server Infrastructure Vulnerabilities: Exposure of Private Personal Information to an Unauthorized Actor, Improper Output Neutralization For Logs, Storage of Sensitive Data In a Mechanism Without … Read More “Dario Health USB-C Blood Glucose Monitoring System Starter Kit Android Application – All CISA Advisories” »
DragonForce ransomware attacks Saudi firms stealing 6TB data, escalating cyber threats in real estate – Read More –
A new campaign is targeting companies in Taiwan with malware known as Winos 4.0 as part of phishing emails masquerading as the country’s National Taxation Bureau. The campaign, detected last month by Fortinet FortiGuard Labs, marks a departure from previous attack chains that have leveraged malicious game-related applications. “The sender claimed that the malicious file … Read More “Silver Fox APT Uses Winos 4.0 Malware in Cyber Attacks Against Taiwanese Organizations – The Hacker News” »
Winos 4.0 malware uses phishing emails to target organizations in Taiwan, Fortinet experts warn – Read More –
Posted by Jordy Zomer on Feb 27 Hey all, First of all, cool findings! I’ve been working on the CodeQL query and have a revised version that I think improves accuracy and might offer some performance gains (though I haven’t done rigorous benchmarking). The key change is the use of `StackVariableReachability` and making sure … Read More “Re: MitM attack against OpenSSH’s VerifyHostKeyDNS-enabled client – Full Disclosure” »
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Feb 27 SEC Consult Vulnerability Lab Security Advisory < 20250226-0 > ======================================================================= title: Multiple Vulnerabilities product: Siemens A8000 CP-8050 PLC Siemens A8000 CP-8031 PLC vulnerable version: <05.40 for Vulnerability 1, <05.30 for Vulnerability 2 fixed version: 05.40 for Vulnerability 1, 05.30 for Vulnerability 2… – Read … Read More “SEC Consult SA-20250226-0 :: Multiple vulnerabilities in Siemens A8000 CP-8050 & CP-8031 PLC – Full Disclosure” »
Angry Likho APT resurfaces, targeting Russian and Belarusian organizations with Lumma Stealer malware via phishing attacks, stealing credentials, banking data, and more. – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
Cybersecurity researchers have discovered an updated version of an Android malware called TgToxic (aka ToxicPanda), indicating that the threat actors behind it are continuously making changes in response to public reporting. “The modifications seen in the TgToxic payloads reflect the actors’ ongoing surveillance of open source intelligence and demonstrate their commitment to enhancing the – … Read More “New TgToxic Banking Trojan Variant Evolves with Anti-Analysis Upgrades – The Hacker News” »
Organizations are either already adopting GenAI solutions, evaluating strategies for integrating these tools into their business plans, or both. To drive informed decision-making and effective planning, the availability of hard data is essential—yet such data remains surprisingly scarce. The “Enterprise GenAI Data Security Report 2025” by LayerX delivers unprecedented insights – Read More – The … Read More “89% of Enterprise GenAI Usage Is Invisible to Organizations Exposing Critical Security Risks, New Report Reveals – The Hacker News” »
The threat actor known as Space Pirates has been linked to a malicious campaign targeting Russian information technology (IT) organizations with a previously undocumented malware called LuckyStrike Agent. The activity was detected in November 2024 by Solar, the cybersecurity arm of Russian state-owned telecom company Rostelecom. It’s tracking the activity under the name Erudite Mogwai. … Read More “Space Pirates Targets Russian IT Firms With New LuckyStrike Agent Malware – The Hacker News” »
Veracode found a 47% increase in the average time taken to patch software vulnerabilities, driven by growing reliance on third-party code – Read More –
In its 2025 Global Threat Report, CrowdStrike observed a significant escalation in Chinese cyber espionage activities – Read More –
OpenSSF has released new baseline security best practices to improve open source software quality – Read More –
FBI confirms North Korea’s Lazarus Group responsible for Bybit crypto heist – Read More –
A new malware campaign has been observed targeting edge devices from Cisco, ASUS, QNAP, and Synology to rope them into a botnet named PolarEdge since at least the end of 2023. French cybersecurity company Sekoia said it observed the unknown threat actors leveraging CVE-2023-20118 (CVSS score: 6.5), a critical security flaw impacting Cisco Small Business … Read More “PolarEdge Botnet Exploits Cisco and Other Flaws to Hijack ASUS, QNAP, and Synology Devices – The Hacker News” »
The U.S. Federal Bureau of Investigation (FBI) formally linked the record-breaking $1.5 billion Bybit hack to North Korean threat actors, as the company’s CEO Ben Zhou declared a “war against Lazarus.” The agency said the Democratic People’s Republic of Korea (North Korea) was responsible for the theft of the virtual assets from the cryptocurrency exchange, … Read More “Bybit Hack Traced to SafeWallet Supply Chain Attack Exploited by North Korean Hackers – The Hacker News” »
Cyberattacks carried out by China-backed nation-state actors surged last year, showcasing technical advancements and specialized targeting in a broader escalation of the country’s ability to infiltrate global critical infrastructure, CrowdStrike said in an annual threat report released Thursday. “After decades of investment into China’s offensive capabilities, they’re now on par with other world powers,” Adam … Read More “It’s not just Salt Typhoon: All China-backed attack groups are showcasing specialized offensive skills – CyberScoop” »
A U.S. Army soldier who pleaded guilty last week to leaking phone records for high-ranking U.S. government officials searched online for non-extradition countries and for an answer to the question “can hacking be treason?” prosecutors in the case said Wednesday. The government disclosed the details in a court motion to keep the defendant in custody … Read More “U.S. Soldier Charged in AT&T Hack Searched “Can Hacking Be Treason” – Krebs on Security” »
In episode 406 of the “Smashing Security” podcast, we explore how the cryptocurrency exchange Bybit has been hacked to the jaw-dropping tune of $1.5 billion, and we look at what is being done to better defend women and girls’ safety online. All this and more is discussed in the latest edition of the “Smashing Security” … Read More “Smashing Security podcast #406: History’s biggest heist just happened, and online abuse – Graham Cluley” »
Post Content – Read More – IC3.gov News
A partisan divide opened Wednesday over a bill to bolster the cyber workforce, legislation that earned unanimous support in the House Homeland Security Committee last year but that Democrats are now wary of under President Donald Trump. Under the legislation, students at technical schools and community colleges would receive scholarships in return for two years … Read More “Cyber workforce legislation vote gives rise to partisan rift on House Homeland Security Committee – CyberScoop” »
Federal IT and cyber government veteran Karen Evans is the new executive assistant director for cybersecurity at the Cybersecurity and Infrastructure Security Agency. It’s one of the most prominent cyber jobs in the federal government, previously held by Jeff Greene and Eric Goldstein. A description of the post on the CISA website says that the … Read More “Karen Evans steps into a leading federal cyber position: executive assistant director for cybersecurity at CISA – CyberScoop” »
A cross-site scripting (XSS) vulnerability in a virtual tour framework has been weaponized by malicious actors to inject malicious scripts across hundreds of websites with the goal of manipulating search results and fueling a spam ads campaign at scale. Security researcher Oleg Zaytsev, in a report shared with The Hacker News, said the campaign – … Read More “Hackers Exploited Krpano Framework Flaw to Inject Spam Ads on 350+ Websites – The Hacker News” »
99% of organizations report API-related security issues, highlighting risks from API growth – Read More –
DISA Global Solutions confirms data breach affecting 3.3M people, exposing sensitive personal info – Read More –
A push is gearing up to renew an expiring 10-year-old cybersecurity law that was viewed at its initial passage as the most significant cybersecurity legislation Congress had ever passed, and that advocates say now fosters several important threat-sharing initiatives. The 2015 Cybersecurity Information Sharing Act provides safeguards for companies that voluntarily share threat intelligence data … Read More “A major cybersecurity law is expiring soon — and advocates are prepping to push Congress for renewal – CyberScoop” »
HaveIbeenPwned (HIBP) website has significantly expanded its database with hundreds of millions of newly compromised credentials extracted by hackers though infostealer logs. – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
