Adam Shostack
APRIL 5, 2025
Troy Hunt has a good post about being phished. Good on Troy for being transparent, and he talks about being tired and jet lagged, and that deserves sympathy. Attackers are sneaky. Troy honorably admits that he overrode 1Password and filled out the phishing site. In this post, I want to share why I think I wouldnt fall for this, even jet lagged. That defense is intensive sorting into folders, enabled by custom email addresses.
Schneier on Security
APRIL 11, 2025
Microsoft is reporting that its AI systems are able to find new vulnerabilities in source code: Microsoft discovered eleven vulnerabilities in GRUB2, including integer and buffer overflows in filesystem parsers, command flaws, and a side-channel in cryptographic comparison. Additionally, 9 buffer overflows in parsing SquashFS, EXT4, CramFS, JFFS2, and symlinks were discovered in U-Boot and Barebox, which require physical access to exploit.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Krebs on Security
APRIL 10, 2025
China-based purveyors of SMS phishing kits are enjoying remarkable success converting phished payment card data into mobile wallets from Apple and Google. Until recently, the so-called “ Smishing Triad ” mainly impersonated toll road operators and shipping companies. But experts say these groups are now directly targeting customers of international financial institutions, while dramatically expanding their cybercrime infrastructure and support staff.
Joseph Steinberg
APRIL 7, 2025
The third edition of Cybersecurity For Dummies , Joseph Steinberg ‘s best-selling introductory-level book about cybersecurity, is now available in both print and e-book format. Like its prior two counterparts, Cybersecurity For Dummies: Third Edition is written for general audiences, and can help people of all backgrounds stay cyber-secure, regardless of their technical and business skillsets.
Speaker: Erroll Amacker
Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.
The Last Watchdog
APRIL 10, 2025
SAN FRANCISCO If large language AI models are shaping our digital reality, then whoexactlyis shaping those models? And how the heck are they doing it? Related: What exactly is GenAI? Those are the questions Dr. Hidenori Tanaka wants to answer in an effort to put GenAI on solid scientific footing. And its the guiding ethos behind NTT Researchs launch of its newly spun-out Physics of Artificial Intelligence Group , which Tanaka will lead as founding director.
Schneier on Security
APRIL 8, 2025
At a Congressional hearing earlier this week, Matt Blaze made the point that CALEA, the 1994 law that forces telecoms to make phone calls wiretappable, is outdated in today’s threat environment and should be rethought: In other words, while the legally-mandated CALEA capability requirements have changed little over the last three decades, the infrastructure that must implement and protect it has changed radically.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
|
Security Affairs
APRIL 7, 2025
Cybercriminals exploit compromised accounts for EDR-as-a-Service (Emergency Data Requests – EDR), targeting major platforms According to a detailed analysis conducted by Meridian Group, an increasingly complex and structured phenomenon, commonly referred to as EDR-as-a-Service, is taking hold in the cybersecurity landscape. In a nutshell, some criminal groups are exploiting compromised accounts belonging to law enforcement and other government agencies to illicitly forward Emergency Data R
Troy Hunt
APRIL 5, 2025
After an unusually long day of travelling from Iceland, we've finally made it to the land of Guinness, Leprechauns, and a tax haven for tech companies. This week, there are a few more lessons from the successful phish against me the previous week, and in happier news, there is some really solid progress on the HIBP UX rebuild. We spent a bunch of time with Stefan and Ingiber (the guy rebuilding the front end) whilst in Reykjavik and now have a very clear plan mapped out to get this finished
The Last Watchdog
APRIL 10, 2025
TOKYO, Apr. 10, 2025 Today, NTT Corporation ( NTT ) announced a new, large-scale integration (LSI) for the real-time AI inference processing of ultra-high-definition video up to 4K resolution and 30 frames per second (fps). This low-power technology is designed for edge and power-constrained terminal deployments in which conventional AI inferencing requires the compression of ultra-high-definition video for real-time processing.
Jane Frankland
APRIL 10, 2025
Small businesses make up 90% of the global business population. They’re not just the soul of local economiesthey’re essential links in global supply chains and the heartbeat of innovation. Yet in todays AI-driven, connected digital world, many of them are facing a threat theyre reluctant to see, hear, or acknowledge. Just like the three wise monkeys , some small business owners are unintentionally following a philosophy of see no risk, hear no warning, speak no threat when it comes t
Advertisement
Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.
Security Affairs
APRIL 6, 2025
A researcher used ChatGPT-4o to create a replica of his passport in just five minutes, realistic enough to deceive most automated KYC systems. Polish researcher Borys Musielak ( @michuk ) used ChatGPT-4o to generate a fake passport in just five minutes. The document is realistic enough to bypass automated Know Your Customer (KYC) checks, the expert states. “You can now generate fake passports with GPT-4o.
Penetration Testing
APRIL 9, 2025
Invariant Labs has disclosed a critical vulnerability in the Model Context Protocol (MCP) that enables what they call Tool Poisoning Attacks (TPAs) a class of threats that may allow sensitive data exfiltration, AI behavior hijacking, and even remote code execution via seemingly benign tools used by AI agents. We urge users to exercise caution […] The post Tool Poisoning Attacks: Critical Vulnerability Discovered in Model Context Protocol (MCP) appeared first on Daily CyberSecurity.
The Last Watchdog
APRIL 11, 2025
Cary, NC, Apr. 11, 2025, CyberNewswire — Defense contractors are facing increased pressure to meet the Department of Defense’s stringent Cybersecurity Maturity Model Certification (CMMC) 2.0 requirements ahead of 2025 compliance deadlines. INE Security , a leading global provider of cybersecurity training and certifications, is highlighting how hands-on cybersecurity labs are proving critical for organizations seeking to achieve compliance efficiently and effectively.
Malwarebytes
APRIL 7, 2025
Back in August 2024, we warned about a relatively new type of SMS phishing (or smishing ) scam that was doing the rounds. Now a new wave of toll fee scams are working their way round the US. These attempts come as an unexpected text message linking to a website pretending to belong to one of the US toll authorities, like E-ZPass, The Toll Roads, SunPass, or TxTag.
Advertisement
The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.
Security Affairs
APRIL 10, 2025
AkiraBot, a CAPTCHA-evading Python framework, has spammed over 80,000 websites with AI-generated messages, targeting small and medium-sized businesses. SentinelOnes SentinelLabs researchers warn that AkiraBot, a spam framework, targets websites’ chats and contact forms to promote low-quality SEO services, AkiraBot has already targeted more than 400,000 websites and successfully spammed at least 80,000 websites since September 2024.
Adam Shostack
APRIL 10, 2025
What's wrong with this process? Appsec leaders come to me all the time, looking for feedback on their threat modeling approach. When we do it for a customer, the request and response are private, and when they're not, sometimes they end up in the blog. A recent request exemplified a couple of the problems that we see over and over: The system model provides a framework for identifying and analyzing potential threats by thoroughly describing the assets, attributes, and their interactions with
Penetration Testing
APRIL 9, 2025
A critical vulnerability in the popular WordPress automation plugin SureTriggers has exposed over 100,000 sites to the risk of unauthenticated administrative account creation, potentially allowing full site takeover. The vulnerability, tracked as CVE-2025-3102 with a CVSS score of 8.1, was responsibly disclosed by security researcher mikemyers through the Wordfence Bug Bounty Program.
Malwarebytes
APRIL 8, 2025
Google has patched 62 vulnerabilities in Android, including two actively exploited zero-days in its April 2025 Android Security Bulletin. When we say “zero-day” we mean an exploitable software vulnerability for which there was no patch at the time of the vulnerability being exploited or published. The term reflects the amount of time that a vulnerable organization has to protect against the threat by patchingzero days.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Security Affairs
APRIL 8, 2025
WhatsApp addressed a flaw, tracked as CVE-2025-30401, that could allow attackers to trick users and enable remote code execution. WhatsApp released a security update to address a vulnerability, tracked as CVE-2025-30401, that could let attackers trick users and enable remote code execution. The spoofing flaw impacts WhatsApp for Windows before version 2.2450.6.
SecureWorld News
APRIL 8, 2025
A joint cybersecurity advisory was recently issued by the United States National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and their counterparts from Australia, Canada, and New Zealand. The advisory highlights the escalating threat of "fast flux" techniques employed by cyber adversaries to obscure malicious activities and evade detection.
Penetration Testing
APRIL 11, 2025
A severe security vulnerability has been identified in the InstaWP Connect WordPress plugin, posing a significant risk to websites using this tool. The vulnerability, tracked as CVE-2025-2636, is an unauthenticated Local PHP File Inclusion flaw that could allow attackers to gain complete control over affected websites. InstaWP Connect is a WordPress plugin developed by the […] The post InstaWP Connect Plugin Exposes WordPress Sites to Critical File Inclusion Vulnerability appeared first on
The Last Watchdog
APRIL 9, 2025
Luxembourg, Luxembourg, Apr. 9, 2025, CyberNewswire — Gcore , the global edge AI, cloud, network, and security solutions provider, has launched Super Transit, a cutting-edge DDoS protection and acceleration feature, designed to safeguard enterprise infrastructure while delivering lightning-fast connectivity. This comes as organizations face a 56% year-on-year increase in high-volume, complex DDoS attacks that disrupt operations, increase latency, and compromise network security.
Speaker: Sierre Lindgren
Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.
Security Affairs
APRIL 6, 2025
Oracle confirms a cloud data breach, quietly informing customers while downplaying the impact of the security breach. Oracle confirms a data breach and started informing customers while downplaying the impact of the incident. A threat actor using the moniker rose87168 claimed to possess millions of data lines tied to over 140,000 Oracle Cloud tenants, including encrypted credentials.
SecureWorld News
APRIL 7, 2025
One of the most pressing challenges in cybersecurity is the rise of AI-driven phishing campaigns. Recent findings from Hoxhunt reveal that artificial intelligence is now outpacing human red teams in developing more sophisticated phishing attacks. As these attacks become increasingly personalized and effective, it is crucial for organizations worldwide to understand the profound impact of AI's role in cyber threats.
Penetration Testing
APRIL 8, 2025
Vidar Stealer, a notorious information-stealing malware that first emerged in 2018, continues to pose a significant threat by employing new distribution methods and evasion techniques. G DATA Security Lab’s analysis has uncovered a recent instance where Vidar Stealer was disguised within a legitimate system information tool. Vidar Stealer functions as Malware-as-a-Service (MaaS) and is used […] The post Vidar Stealer Hides in Legitimate BGInfo Tool appeared first on Daily CyberSecuri
Malwarebytes
APRIL 9, 2025
In a security advisory , Meta has disclosed a vulnerability that allowed an attacker to run arbitrary code on a users system that existed in all WhatsApp versions before 2.2450.6. WhatsApp offers a desktop application for Windows and macOS, which users can synchronize with their mobile devices. Desktop versions of WhatsApp are generally used as extensions of mobile apps rather than primary platforms.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Security Affairs
APRIL 10, 2025
Oracle confirmed a hacker stole credentials from two obsolete servers but said no Oracle Cloud systems or customer data were affected. Oracle confirmed a hacker stole and leaked credentials from two obsolete servers, but said no Oracle Cloud systems or customer data were affected. The threat actor accessed usernames from two outdated, non-Oracle Cloud Infrastructure (OCI) servers, but no customer data was exposed. “Oracle would like to state unequivocally that the Oracle Cloudalso known as
The Last Watchdog
APRIL 7, 2025
Austin, TX, USA, April 7, 2025, CyberNewswire — SpyCloud , the leading identity threat protection company, today released new analysis of its recaptured darknet data repository that shows threat actors are increasingly bypassing endpoint protection solutions: 66% of malware infections occur on devices with endpoint security solutions installed.
Penetration Testing
APRIL 6, 2025
A security researcher has recently disclosed technical details and proof-of-concept (PoC) exploit code for a vulnerability in the Linux kernel’s Performance Events system component. This flaw, identified as CVE-2023-6931, carries a CVSS score of 7.8, indicating a high severity risk. The vulnerability is described as a heap out-of-bounds write, which can be exploited to achieve […] The post Linux Kernel Vulnerability Exposes Local Systems to Privilege Escalation, PoC Published appeare
SecureList
APRIL 7, 2025
To hide their activity in infected systems, APT groups resort to various techniques to bypass defenses. Most of these techniques are well known and detectable by both EPP solutions and EDR threat-monitoring and response tools. For example, to hide their activity in Windows systems, cybercriminals can use kernel-level rootkits, in particular malicious drivers.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Expert insights. Personalized for you.
130 
Let's personalize your content