Sat.Mar 08, 2025 - Fri.Mar 14, 2025

article thumbnail

What Really Happened With the DDoS Attacks That Took Down X

WIRED Threat Level

Elon Musk said a massive cyberattack disrupted X on Monday and pointed to IP addresses originating in the Ukraine area as the source of the attack. Security experts say that's not how it works.

DDOS 145
article thumbnail

TP-Link Router Botnet

Schneier on Security

There is a new botnet that is infecting TP-Link routers: The botnet can lead to command injection which then makes remote code execution (RCE) possible so that the malware can spread itself across the internet automatically. This high severity security flaw (tracked as CVE-2023-1389 ) has also been used to spread other malware families as far back as April 2023 when it was used in the Mirai botnet malware attacks.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Soft-Launching and Open Sourcing the Have I Been Pwned Rebrand

Troy Hunt

Designing the first logo for Have I Been Pwned was easy: I took a SQL injection pattern, wrote "have i been pwned?" after it and then, just to give it a touch of class, put a rectangle with rounded corners around it: Job done! I mean really, what more did I need for a pet project with a stupid name that would likely only add to the litany of failed nerdy ideas I'd had before that?

Passwords 302
article thumbnail

ClickFix: How to Infect Your PC in Three Easy Steps

Krebs on Security

A clever malware deployment scheme first spotted in targeted attacks last year has now gone mainstream. In this scam, dubbed “ ClickFix ,” the visitor to a hacked or malicious website is asked to distinguish themselves from bots by pressing a combination of keyboard keys that causes Microsoft Windows to download password-stealing malware.

Phishing 220
article thumbnail

Why Giant Content Libraries Do Nothing for Your Employees’ Cyber Resilience

Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.

article thumbnail

Akira ransomware gang used an unsecured webcam to bypass EDR

Security Affairs

The Akira ransomware gang exploited an unsecured webcam to bypass EDR and launch encryption attacks on a victim’s network. Cybersecurity researchers at S-RM team discovered a novel attack technique used by the Akira ransomware gang. The ransomware group used an unsecured webcam to encrypt systems within atarget’s network, bypassing Endpoint Detection and Response (EDR).

article thumbnail

Thousands of WordPress Websites Infected with Malware

Schneier on Security

The malware includes four separate backdoors : Creating four backdoors facilitates the attackers having multiple points of re-entry should one be detected and removed. A unique case we haven’t seen before. Which introduces another type of attack made possibly by abusing websites that don’t monitor 3rd party dependencies in the browser of their users.

Malware 274

More Trending

article thumbnail

Alleged Co-Founder of Garantex Arrested in India

Krebs on Security

Authorities in India today arrested the alleged co-founder of Garantex , a cryptocurrency exchange sanctioned by the U.S. government in 2022 for facilitating tens of billions of dollars in money laundering by transnational criminal and cybercriminal organizations. Sources close to the investigation told KrebsOnSecurity the Lithuanian national Aleksej Besciokov , 46, was apprehended while vacationing on the coast of India with his family.

article thumbnail

Women in Cybersecurity & IWD: Why I’m Done!

Jane Frankland

For nearly a decade, we’ve heard the same discussion in cybersecurity circles about the gender diversity problem. As the first women owned penetration testing provider in the UK some 28-years ago, Ive researched, campaigned, written, spoken and stepped up as a visible role model, always presenting the business case. I’ve also watched how panels, passion projects, and awareness campaigns touting the need for inclusivity and diversity have come and gone including my own.

article thumbnail

China, Russia, Iran, and North Korea Intelligence Sharing

Schneier on Security

Former CISA Director Jen Easterly writes about a new international intelligence sharing co-op: Historically, China, Russia, Iran & North Korea have cooperated to some extent on military and intelligence matters, but differences in language, culture, politics & technological sophistication have hindered deeper collaboration, including in cyber.

article thumbnail

News alert: Aptori’s AI-driven platform reduces risk, ensures compliance — now on Google Marketplace

The Last Watchdog

San Jose, Calif., Mar. 12, 2025, CyberNewswire — Aptori , a leader in AI-driven application security, today announced the launch of its AI-driven AppSec Platform on Google Cloud Marketplace as part of graduating from Google Clouds ISV Startup Springboard program. This new agentic AI solution leverages semantic reasoning to analyze application code and logic in real time, delivering deterministic vulnerability detection, contextual risk prioritization, and automated remediation.

Risk 130
article thumbnail

Zero Trust Mandate: The Realities, Requirements and Roadmap

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

article thumbnail

Microsoft: 6 Zero-Days in March 2025 Patch Tuesday

Krebs on Security

Microsoft today issued more than 50 security updates for its various Windows operating systems, including fixes for a whopping six zero-day vulnerabilities that are already seeing active exploitation. Two of the zero-day flaws include CVE-2025-24991 and CVE-2025-24993 , both vulnerabilities in NTFS , the default file system for Windows and Windows Server.

article thumbnail

Fake CAPTCHA websites hijack your clipboard to install information stealers

Malwarebytes

There are more and more sites that use a clipboard hijacker and instruct victims on how to infect their own machine. I realize that may sound like something trivial to steer clear from, but apparently its not because the social engineering behind it is pretty sophisticated. At first, these attacks were more targeted at people that could provide cybercriminals a foothold at a targeted company, but their popularity has grown so much that now anyone can run into one of them.

article thumbnail

Silk Typhoon Hackers Indicted

Schneier on Security

Lots of interesting details in the story : The US Department of Justice on Wednesday announced the indictment of 12 Chinese individuals accused of more than a decade of hacker intrusions around the world, including eight staffers for the contractor i-Soon, two officials at China’s Ministry of Public Security who allegedly worked with them, and two other alleged hackers who are said to be part of the Chinese hacker group APT27, or Silk Typhoon, which prosecutors say was involved in the US T

article thumbnail

U.S. CISA adds Apple products and Juniper Junos OS flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple products and Juniper Junos OS flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog : CVE-2025-21590 Juniper Junos OS Improper Isolation or Compartmentalization Vulnerability CVE-2025-24201 Apple Multiple Products WebKit Out-of-Bounds Write Vulnerability The vulnerability C

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Symantec Uses OpenAI Operator to Show Rising Threat of AI Agents

Security Boulevard

Symantec threat researchers used OpenAI's Operator agent to carry out a phishing attack with little human intervention, illustrating the looming cybersecurity threat AI agents pose as they become more powerful. The agent learned how to write a malicious PowerShell script and wrote an email with the phishing lure, among other actions. The post Symantec Uses OpenAI Operator to Show Rising Threat of AI Agents appeared first on Security Boulevard.

Phishing 110
article thumbnail

X users report login troubles as Dark Storm claims cyberattack

Malwarebytes

In the early morning hours of March 10, thousands of users on X (formerly Twitter) began having trouble logging into the platform. It was only the first service blip of at least three to come that same day and, if one cybercriminal group is to be believed, it was all on purpose. Twitter has been taken offline by Dark Storm Team read one message on the messaging and social media platform Telegram.

DDOS 128
article thumbnail

Weekly Update 442

Troy Hunt

We survived the cyclone! That was a seriously weird week with lots of build-up to an event that last occurred before I was born. It'd been 50 years since a cyclone came this far south, and the media was full of alarming predictions of destruction. In the end, we maxed out at 52kts just after I recorded this video: It’s here. But 47kts max gusts isn’t too bad, nothing actually blowing over here (yet). pic.twitter.com/qFyrZdiyRW — Troy Hunt (@troyhunt) March 7, 2025 We re

Phishing 145
article thumbnail

Experts warn of mass exploitation of critical PHP flaw CVE-2024-4577

Security Affairs

Threat actors exploit PHP flaw CVE-2024-4577 for remote code execution. Over 1,000 attacks detected globally. GreyNoise researchers warn of a large-scale exploitation of a critical vulnerability, tracked as CVE-2024-4577 (CVSS 9.8), in PHP. An attacker could exploit the vulnerability to achieve remote code execution on vulnerable servers using Apache and PHP-CGI.

DDOS 103
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

SideWinder targets the maritime and nuclear sectors with an updated toolset

SecureList

Last year, we published an article about SideWinder , a highly prolific APT group whose primary targets have been military and government entities in Pakistan, Sri Lanka, China, and Nepal. In it, we described activities that had mostly happened in the first half of the year. We tried to draw attention to the group, which was aggressively extending its activities beyond their typical targets, infecting government entities, logistics companies and maritime infrastructures in South and Southeast As

article thumbnail

Android devices track you before you even sign in

Malwarebytes

Google is spying on Android users, starting from even before they have logged in to their Google account. That’s what researchers from Dublins Trinity College found after they conducted a measurement study to investigate the cookies, identifiers and other data stored on Android devices by Google Play Services. As the company behind the Android Operating System (OS), the Google Play Store, the most popular search engine in the world, and part of the leading company in digital advertising (A

article thumbnail

GUEST ESSAY: Four essential strategies to bolster cyber resilience in critical infrastructure

The Last Watchdog

In 2023, victims reported nearly 900,000 cybercrime complaints to the FBI. Altogether, losses eclipsed $12.5 billion a significant 22% increase from the losses in 2022. Related: Closing the resiliency gap Unsurprisingly, experts predict this trend will continue to grow as we move further into the future. While any business is a potential target for hackers, critical infrastructure organizations including defense, healthcare, energy, utilities, and financial services companies are perhaps most

article thumbnail

RansomHouse gang claims the hack of the Loretto Hospital in Chicago

Security Affairs

Another American hospital falls victim to a ransomware attack; the RansomHouse gang announced the hack of Loretto Hospital in Chicago.” The RansomHouse gang announced the hack of Loretto Hospital in Chicago, the groups claims to have stolen 1.5TB of sensitive data. The Loretto Hospital is a not-for-profit, community-focused health care provider.

Hacking 116
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

DeepSeek and AI-Generated Malware Pose New Danger for Cybersecurity

SecureWorld News

The rapid advancement of generative AI has brought both innovation and concern to the cybersecurity landscape. A recent report from Tenable highlights how DeepSeek R1, an open-source AI model, can generate rudimentary malware, including keyloggers and ransomware. While the AI-generated malware required manual debugging to function properly, its mere existence signals an urgent need for security teams to adapt their defenses.

Malware 99
article thumbnail

Don’t let your kids on Roblox if you’re worried, says Roblox CEO

Malwarebytes

In response to growing worries about the safety of children using Roblox, the CEO of the company has said to parents: “My first message would be, if you’re not comfortable, don’t let your kids be on Roblox.” Roblox is one of the most popular gaming platforms, especially among young children. Reportedly , of the over 80 million players per day, roughly 40% of them are below the age of 13.

Scams 93
article thumbnail

News alert: GitGuardian discloses 70% of leaked secrets remain active 2 years — remediation urgent

The Last Watchdog

Boston, Mass., Mar. 11, 2025, CyberNewswire — GitGuardian , the security leader behind GitHub’s most installed application, today released its comprehensive “2025 State of Secrets Sprawl Report,” revealing a widespread and persistent security crisis that threatens organizations of all sizes. The report exposes a 25% increase in leaked secrets year-over-year, with 23.8 million new credentials detected on public GitHub in 2024 alone.

article thumbnail

North Korea-linked APT Moonstone used Qilin ransomware in limited attacks

Security Affairs

Microsoft researchers reported that North Korea-linked APT tracked as Moonstone Sleet has employed the Qilin ransomware in limited attacks. Microsoft observed a North Korea-linked APT group, tracked as Moonstone Sleet, deploying Qilin ransomware in limited attacks since February 2025. The APT group uses Qilin ransomware after previously using custom ransomware. “Moonstone Sleet has previously exclusively deployed their own custom ransomware in their attacks, and this represents the first i

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Elon Musk Blames ‘Massive Cyberattack’ for Widespread X Outage

eSecurity Planet

On March 10, social media platform X experienced widespread outages affecting tens of thousands of users globally. X owner Elon Musk attributed the unexpected blackout, which persisted for hours, to a massive cyberattack. Musk claimed the attack was unusually powerful, hinting that a sophisticated, well-funded group possibly linked to a nation-state may have been responsible.

article thumbnail

New Information Supplement: Payment Page Security and Preventing E-Skimming

PCI perspectives

The PCI Security Standards Council (PCI SSC) has introduced a new information supplement: Payment Page Security and Preventing E-Skimming Guidance for PCI DSS Requirements 6.4.3 and 11.6.1. This document provides direction for merchants and service providers implementing controls to protect payment card data during e-commerce transactions.

eCommerce 110
article thumbnail

RIP Mark Klein

Schneier on Security

2006 AT&T whistleblower Mark Klein has died.

article thumbnail

Microsoft Patch Tuesday security updates for March 2025 fix six actively exploited zero-days

Security Affairs

Microsoft Patch Tuesday security updates for March 2025 address 56 security vulnerabilities in its products, including six actively exploited zero-days. Microsoft Patch Tuesday security updates for March 2025 addressed 56 vulnerabilities in Windows and Windows Components, Office and Office Components, Azure,NET and Visual Studio, Remote Desktop Services, DNS Server, and Hyper-V Server.

DNS 108
article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!