Trending Articles

article thumbnail

Chinese Innovations Spawn Wave of Toll Phishing Via SMS

Krebs on Security

Residents across the United States are being inundated with text messages purporting to come from toll road operators like E-ZPass , warning that recipients face fines if a delinquent toll fee remains unpaid. Researchers say the surge in SMS spam coincides with new features added to a popular commercial phishing kit sold in China that makes it simple to set up convincing lures spoofing toll road operators in multiple U.S. states.

Phishing 273
article thumbnail

Biden Signs New Cybersecurity Order

Schneier on Security

President Biden has signed a new cybersecurity order. It has a bunch of provisions, most notably using the US governments procurement power to improve cybersecurity practices industry-wide. Some details : The core of the executive order is an array of mandates for protecting government networks based on lessons learned from recent major incidents—namely, the security failures of federal contractors.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Threat actor leaked config files and VPN passwords for over Fortinet Fortigate devices

Security Affairs

A previously unknown threat actor released config files and VPN passwords for Fortinet FortiGate devices on a popular cybercrime forum. A previously unknown threat actor named Belsen Group published configuration files and VPN passwords for over 15,000 Fortinet FortiGate appliances. “2025 will be a fortunate year for the world. At the beginning of the year, and as a positive start for us, and in order to solidify the name of our group in your memory, we are proud to announce our first offi

VPN 133
article thumbnail

From Notifications to Deepfakes: How Human Behaviour Is Shifting and What It Means for Cybersecurity

Jane Frankland

It had been another long day, and I’d let the non-stop barrage of tasks and notifications, each one demanding more bandwidth than I had to spare, get to me. As I sat in my kitchen, chatting to my daughter about the amount of pings each of us got, an uncomfortable thought surfaced. A few minutes earlier, Id been scrolling through LinkedIn when a video caught my attention.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

News alert: Sweet Security’s LLM-powered detection engine reduces cloud noise to 0.04%

The Last Watchdog

Tel Aviv, Israel, Jan. 15, 2025, CyberNewswire — Sweet Security , a leader in cloud runtime detection and response, today announced the launch of its groundbreaking patent-pending Large Language Model (LLM)-powered cloud detection engine. This innovation enhances Sweet’s unified detection and response solution, enabling it to reduce cloud detection noise to an unprecedented 0.04%.

article thumbnail

Microsoft: Happy 2025. Here’s 161 Security Updates

Krebs on Security

Microsoft today unleashed updates to plug a whopping 161 security vulnerabilities in Windows and related software, including three “zero-day” weaknesses that are already under active attack. Redmond’s inaugural Patch Tuesday of 2025 bundles more fixes than the company has shipped in one go since 2017. Rapid7 ‘s Adam Barnett says January marks the fourth consecutive month where Microsoft has published zero-day vulnerabilities on Patch Tuesday without evaluating any of them

More Trending

article thumbnail

FBI deleted China-linked PlugX malware from over 4,200 US computers

Security Affairs

The FBI has removed Chinese PlugX malware from over 4,200 computers in networks across the United States, the U.S. Department of Justice reported. The Justice Department and FBI, along with international partners, announced they deleted PlugX malware from thousands of infected computers worldwide as part of a multi-month law enforcement operation. The malware was operated by a China-linked threat actor, known as Mustang Panda (aka Twill Typhoon, to steal sensitive information from victim compute

Malware 122
article thumbnail

Lessons for Cybersecurity from the American Public Health System

Adam Shostack

An important step towards cyber public health Every four years, the Computing Research Association publishes a set of Quadrenial papers that explore areas and issues around computing research with potential to address national priorities. The white papers attempt to portray a comprehensive picture of the computing research field detailing potential research directions, challenges, and recommendations.

article thumbnail

CVE-2024-53691: PoC Exploit Released for Severe QNAP RCE Flaw

Penetration Testing

Security researcher c411e published a proof-of-concept (PoC) exploit code for a severe vulnerability in QNAP NAS devices, identified The post CVE-2024-53691: PoC Exploit Released for Severe QNAP RCE Flaw appeared first on Cybersecurity News.

article thumbnail

Sweet Security Leverages LLM to Improve Cloud Security

Security Boulevard

Sweet Security today added a cloud detection engine to its cybersecurity portfolio that makes use of a large language model (LLM) to identify potential threats in real-time. The post Sweet Security Leverages LLM to Improve Cloud Security appeared first on Security Boulevard.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Social Engineering to Disable iMessage Protections

Schneier on Security

I am always interested in new phishing tricks, and watching them spread across the ecosystem. A few days ago I started getting phishing SMS messages with a new twist. They were standard messages about delayed packages or somesuch, with the goal of getting me to click on a link and entering some personal information into a website. But because they came from unknown phone numbers, the links did not work.

article thumbnail

Russia-linked APT Star Blizzard targets WhatsApp accounts

Security Affairs

The Russian group Star Blizzard targets WhatsApp accounts in a new spear-phishing campaign, shifting tactics to avoid detection. In November 2024, Microsoft researchers observed the Russia-linked APT group Star Blizzard targeting WhatsApp accounts via spear-phishing, shifting tactics to avoid detection. The Star Blizzard group, aka “ Callisto “, Seaborgium , ColdRiver , and TA446, targeted government officials, military personnel,journalists and think tanks since at least 2015.

article thumbnail

Australian Government Agencies Failing to Keep Up With Cyber Security Change

Tech Republic Security

Cyber security maturity declines among Australian government agencies in 2024, as legacy IT systems hinder progress under the Essential Eight framework.

article thumbnail

Linux Kernel Privilege Escalation Vulnerability (CVE-2024-27397) Exploited: PoC Released

Penetration Testing

Security researcher liona24 has provided an in-depth analysis and a proof-of-concept (PoC) exploit code for CVE-2024-27397, a vulnerability The post Linux Kernel Privilege Escalation Vulnerability (CVE-2024-27397) Exploited: PoC Released appeared first on Cybersecurity News.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

New UEFI Secure Boot Vulnerability Could Allow Attackers to Load Malicious Bootkits

The Hacker News

Details have emerged about a now-patched security vulnerability that could allow a bypass of the Secure Boot mechanism in Unified Extensible Firmware Interface (UEFI) systems. The vulnerability, assigned the CVE identifier CVE-2024-7344 (CVSS score: 6.

Firmware 137
article thumbnail

FBI Deletes PlugX Malware from Thousands of Computers

Schneier on Security

According to a DOJ press release , the FBI was able to delete the Chinese-used PlugX malware from “approximately 4,258 U.S.-based computers and networks.” Details : To retrieve information from and send commands to the hacked machines, the malware connects to a command-and-control server that is operated by the hacking group. According to the FBI , at least 45,000 IP addresses in the US had back-and-forths with the command-and-control server since September 2023.

Malware 211
article thumbnail

CVE-2024-44243 macOS flaw allows persistent malware installation

Security Affairs

Microsoft disclosed details of a vulnerability in Apple macOS that could have allowed an attacker to bypass the OS’s System Integrity Protection ( SIP ). Microsoft disclosed details of a now-patched macOS flaw, tracked as CVE-2024-44243 (CVSS score: 5.5), that allows attackers with “root” access to bypass System Integrity Protection ( SIP ).

Malware 116
article thumbnail

Enhancing Health Care Cybersecurity: Bridging HIPAA Gaps with Innovation

Tech Republic Security

The proposed HIPAA Security Rule introduces mandatory measures that reflect the growing sophistication of cyber threats in health care.

article thumbnail

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

article thumbnail

I spent hours testing ChatGPT Tasks - and its refusal to follow directions was mildly terrifying

Zero Day

ChatGPT tasks offers AI prompt scheduling and automation, but what happens when things go wrong?

article thumbnail

News alert: Wultra secures €3M funding to help financial firms mitigate coming quantum threats

The Last Watchdog

Prague, Czech Republic, Jan. 15, 2025, CyberNewswire — Quantum computing is set to revolutionize technology, but it also presents a significant security risk for financial institutions. Czech cybersecurity startup Wultra has raised 3 million from Tensor Ventures, Elevator Ventures, and J&T Ventures to accelerate the development of its post-quantum authentication technology, safeguarding banks and fintech against the coming wave of quantum threats.

Banking 130
article thumbnail

Phishing False Alarm

Schneier on Security

A very security-conscious company was hit with a (presumed) massive state-actor phishing attack with gift cards, and everyone rallied to combat it—until it turned out it was company management sending the gift cards.

Phishing 227
article thumbnail

Microsoft Patch Tuesday updates for January 2025 fixed three actively exploited flaws

Security Affairs

Microsoft Patch Tuesday security updates for January 2025 addressed 161 vulnerabilities, including three actively exploited issues. Microsoft Patch Tuesday security updates for January 2025 addressed 161 vulnerabilities in Windows and Windows Components, Office and Office Components, Hyper-V, SharePoint Server,NET and Visual Studio, Azure, BitLocker, Remote Desktop Services, and Windows Virtual Trusted Platform Module. 11 of these vulnerabilities are rated Critical, and the other are rated Impor

article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Future-Proofing Cloud Security: Trends and Predictions for 2025 and Beyond 

Security Boulevard

In this article, we touch on the trends and predictions that in the year 2025 and beyond will fashion cloud security. The post Future-Proofing Cloud Security: Trends and Predictions for 2025 and Beyond appeared first on Security Boulevard.

article thumbnail

Zero-Day Vulnerability Suspected in Attacks on Fortinet Firewalls with Exposed Interfaces

The Hacker News

Threat hunters are calling attention to a new campaign that has targeted Fortinet FortiGate firewall devices with management interfaces exposed on the public internet.

Firewall 132
article thumbnail

News alert: Aembit announces speakers for NHIcon event, highlighting non-human identity security

The Last Watchdog

Silver Spring, MD, Jan. 15, 2025, CyberNewswire — Aembit , the non-human identity and access management (IAM) company, unveiled the full agenda for NHIcon 2025, a virtual event dedicated to advancing non-human identity security, streaming live on Jan. 28 and headlined by industry luminary Kevin Mandia. NHIcon 2025 is co-presented by Aembit and Veza , alongside industry partners Identity Defined Security Alliance and Cloud Security Alliance.

article thumbnail

iMessage text gets recipient to disable phishing protection so they can be phished

Malwarebytes

A smishing (SMS phishing) campaign is targeting iMessage users, attempting to socially engineer them into bypassing Apple’s built in phishing protection. For months, iMessage users have been posting examples online of how phishers are trying to get around this protection. And, now, the campign is gaining traction, according to our friends at BleepingComputer.

Phishing 112
article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

Codefinger ransomware gang uses compromised AWS keys to encrypt S3 bucket

Security Affairs

The ransomware group Codefinger is using compromised AWS keys to encrypt S3 bucket data using SSE-C, Halcyon researchers warn. The ransomware group Codefinger has been spotted using compromised AWS keys to encrypt data in S3 buckets. The threat actor used AWSs Server-Side Encryption with Customer Provided Keys (SSE-C) for encryption, then demanded the payment of a ransom to the victim to recover the data using the attackers’ symmetric AES-256 keys required to decrypt data.

article thumbnail

Microsoft to force new Outlook app in Windows 10 with no way to block it

Zero Day

Designed to replace the current Mail and Calendar apps, the new Outlook can only be removed after it's been installed.

130
130
article thumbnail

5 Emerging AI Threats Australian Cyber Pros Must Watch in 2025

Tech Republic Security

AI cloning and deepfakes rank among the top challenges for Australian cybersecurity professionals in 2025.

article thumbnail

Hackers Likely Stole FBI Call Logs From AT&T That Could Compromise Informants

WIRED Threat Level

A breach of AT&T that exposed nearly all of the company's customers may have included records related to confidential FBI sources, potentially explaining the Bureau's new embrace of end-to-end encryption.

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.