Schneier on Security
JANUARY 17, 2025
I am always interested in new phishing tricks, and watching them spread across the ecosystem. A few days ago I started getting phishing SMS messages with a new twist. They were standard messages about delayed packages or somesuch, with the goal of getting me to click on a link and entering some personal information into a website. But because they came from unknown phone numbers, the links did not work.
Krebs on Security
JANUARY 16, 2025
Residents across the United States are being inundated with text messages purporting to come from toll road operators like E-ZPass , warning that recipients face fines if a delinquent toll fee remains unpaid. Researchers say the surge in SMS spam coincides with new features added to a popular commercial phishing kit sold in China that makes it simple to set up convincing lures spoofing toll road operators in multiple U.S. states.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Security Affairs
JANUARY 16, 2025
Researchers discovered a 13,000-device MikroTik botnet exploiting DNS flaws to spoof 20,000 domains and deliver malware. Infoblox researchers discovered a botnet of 13,000 MikroTik devices that exploits DNS misconfigurations to bypass email protections, spoof approximately 20,000 domains, and deliver malware. In late November, the experts spotted a malspam campaign impersonating DHL which used emails about freight invoices, attaching zip files named “Invoice###.zip” or “Trackin
Adam Shostack
JANUARY 16, 2025
An important step towards cyber public health Every four years, the Computing Research Association publishes a set of Quadrenial papers that explore areas and issues around computing research with potential to address national priorities. The white papers attempt to portray a comprehensive picture of the computing research field detailing potential research directions, challenges, and recommendations.
Advertisement
Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.
Schneier on Security
JANUARY 16, 2025
According to a DOJ press release , the FBI was able to delete the Chinese-used PlugX malware from “approximately 4,258 U.S.-based computers and networks.” Details : To retrieve information from and send commands to the hacked machines, the malware connects to a command-and-control server that is operated by the hacking group. According to the FBI , at least 45,000 IP addresses in the US had back-and-forths with the command-and-control server since September 2023.
Malwarebytes
JANUARY 15, 2025
Table of contents Overview Criminals impersonate Google Ads Lures hosted on Google Sites Phishing for Google account credentials Victimology Who is behind these campaigns? Fuel for other malware and scam campaigns Indicators of Compromise Overview Online criminals are targeting individuals and businesses that advertise via Google Ads by phishing them for their credentials ironically via fraudulent Google ads.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
|
Security Affairs
JANUARY 15, 2025
A previously unknown threat actor released config files and VPN passwords for Fortinet FortiGate devices on a popular cybercrime forum. A previously unknown threat actor named Belsen Group published configuration files and VPN passwords for over 15,000 Fortinet FortiGate appliances. “2025 will be a fortunate year for the world. At the beginning of the year, and as a positive start for us, and in order to solidify the name of our group in your memory, we are proud to announce our first offi
Schneier on Security
JANUARY 13, 2025
Not sure this will matter in the end, but it’s a positive move : Microsoft is accusing three individuals of running a “hacking-as-a-service” scheme that was designed to allow the creation of harmful and illicit content using the company’s platform for AI-generated content. The foreign-based defendants developed tools specifically designed to bypass safety guardrails Microsoft has erected to prevent the creation of harmful content through its generative AI services, said S
Malwarebytes
JANUARY 13, 2025
A smishing (SMS phishing) campaign is targeting iMessage users, attempting to socially engineer them into bypassing Apple’s built in phishing protection. For months, iMessage users have been posting examples online of how phishers are trying to get around this protection. And, now, the campign is gaining traction, according to our friends at BleepingComputer.
Security Boulevard
JANUARY 15, 2025
Sweet Security today added a cloud detection engine to its cybersecurity portfolio that makes use of a large language model (LLM) to identify potential threats in real-time. The post Sweet Security Leverages LLM to Improve Cloud Security appeared first on Security Boulevard.
Advertisement
The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.
Security Affairs
JANUARY 14, 2025
The FBI has removed Chinese PlugX malware from over 4,200 computers in networks across the United States, the U.S. Department of Justice reported. The Justice Department and FBI, along with international partners, announced they deleted PlugX malware from thousands of infected computers worldwide as part of a multi-month law enforcement operation. The malware was operated by a China-linked threat actor, known as Mustang Panda (aka Twill Typhoon, to steal sensitive information from victim compute
SecureWorld News
JANUARY 13, 2025
A career in cybersecurity isn't about mastering one skillit's about layering complementary skills that make you versatile and invaluable. That's the power of a talent stack. It's a mix of technical know-how, strategic thinking, and communication skills that, together, make you stand out in a competitive field. Think of it like building a tower. Each layer adds strength and stability, supporting everything above it.
Malwarebytes
JANUARY 17, 2025
A cybercriminal campaign linked to Russia is deploying QR codes to access the WhatsApp accounts of high-profile targets like journalists, members of think tanks, and employees of non-governmental organizations (NGOs), according to new details revealed by Microsoft. The group, which Microsoft tracks by the name “Star Blizzard,” is also referred to as Coldriver by other researchers.
The Last Watchdog
JANUARY 15, 2025
Silver Spring, MD, Jan. 15, 2025, CyberNewswire — Aembit , the non-human identity and access management (IAM) company, unveiled the full agenda for NHIcon 2025, a virtual event dedicated to advancing non-human identity security, streaming live on Jan. 28 and headlined by industry luminary Kevin Mandia. NHIcon 2025 is co-presented by Aembit and Veza , alongside industry partners Identity Defined Security Alliance and Cloud Security Alliance.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Security Affairs
JANUARY 16, 2025
The Russian group Star Blizzard targets WhatsApp accounts in a new spear-phishing campaign, shifting tactics to avoid detection. In November 2024, Microsoft researchers observed the Russia-linked APT group Star Blizzard targeting WhatsApp accounts via spear-phishing, shifting tactics to avoid detection. The Star Blizzard group, aka “ Callisto “, Seaborgium , ColdRiver , and TA446, targeted government officials, military personnel,journalists and think tanks since at least 2015.
Security Boulevard
JANUARY 14, 2025
In this article, we touch on the trends and predictions that in the year 2025 and beyond will fashion cloud security. The post Future-Proofing Cloud Security: Trends and Predictions for 2025 and Beyond appeared first on Security Boulevard.
SecureWorld News
JANUARY 16, 2025
The oil and gas industry serves as the backbone of the global economy, powers industries, transportation, and homes. With the increasing reliance on digital technologies for operational efficiency, this sector has become a prime target for sophisticated cyber and physical threats. To ensure energy security and economic stability, protecting the infrastructure is essential.
Webroot
JANUARY 13, 2025
In todays cyber threat landscape, good enough is no longer good enough. Cyberattacks dont clock out at 5 PM, and neither can your security strategy. For Managed Service Providers (MSPs), offering customers 24/7 cybersecurity protection and response isnt just a competitive advantageits an essential service for business continuity, customer trust, and staying ahead of attackers.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Security Affairs
JANUARY 12, 2025
Over the weekend, Italy faced new waves of DDoS attacks carried out by pro-Russia group NoName057(16). Pro-Russia hackers Noname057(16) targeted Italian ministries, institutions, critical infrastructure’s websites and private organizations over the weekend. The new wave of attacks coincides with the visit of Ukrainian President Volodymyr Zelensky to Italy.
Malwarebytes
JANUARY 16, 2025
The FBI says it has removed PlugX malware from thousands of infected computers worldwide. The move came after suspicion that cybercriminals groups under control of the Peoples Republic of China (PRC) used a version of PlugX malware to control, and steal information from victims’ computers. PlugX has been around since at least 2008 but is under constant development.
Security Boulevard
JANUARY 16, 2025
While the power and potential of GenAI is evident for IT and security, the use cases in the security field are surprisingly immature largely due to censorship and guardrails that hamper many models utility for cybersecurity use cases. The post What is an Uncensored Model and Why Do I Need It appeared first on Security Boulevard.
Schneier on Security
JANUARY 15, 2025
A very security-conscious company was hit with a (presumed) massive state-actor phishing attack with gift cards, and everyone rallied to combat it—until it turned out it was company management sending the gift cards.
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Security Affairs
JANUARY 15, 2025
Microsoft Patch Tuesday security updates for January 2025 addressed 161 vulnerabilities, including three actively exploited issues. Microsoft Patch Tuesday security updates for January 2025 addressed 161 vulnerabilities in Windows and Windows Components, Office and Office Components, Hyper-V, SharePoint Server,NET and Visual Studio, Azure, BitLocker, Remote Desktop Services, and Windows Virtual Trusted Platform Module. 11 of these vulnerabilities are rated Critical, and the other are rated Impor
Heimadal Security
JANUARY 16, 2025
The NIS2 Directive is a pivotal regulation aimed at enhancing cybersecurity within critical sectors across the European Union. With its stringent requirements for managing cyber risks, securing supply chains, and reporting incidents, its essential for organizations to ensure compliance. This article outlines the crucial steps for aligning with NIS2 standards, drawn from our comprehensive NIS2 […] The post Your Ultimate Guide to NIS2 Compliance: Key Steps and Insights appeared first on Heim
Security Boulevard
JANUARY 14, 2025
CISA in two years has seen the number of critical infrastructure organizations signing up for its CPG services double, which has improved the overall security in most sectors, but more needs to be done to strengthen what has become a target adversarial state-sponsored threat groups. The post Critical Infrastructure Seeing Benefits of Government Program, CISA Says appeared first on Security Boulevard.
Malwarebytes
JANUARY 13, 2025
This week on the Lock and Code podcast… The era of artificial intelligence everything is here, and with it, come everyday surprises into exactly where the next AI tools might pop up. There are major corporations pushing customer support functions onto AI chatbots, Big Tech platforms offering AI image generation for social media posts, and even Google has defaulted to include AI-powered overviews into everyday searches.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Security Affairs
JANUARY 15, 2025
The ransomware group Codefinger is using compromised AWS keys to encrypt S3 bucket data using SSE-C, Halcyon researchers warn. The ransomware group Codefinger has been spotted using compromised AWS keys to encrypt data in S3 buckets. The threat actor used AWSs Server-Side Encryption with Customer Provided Keys (SSE-C) for encryption, then demanded the payment of a ransom to the victim to recover the data using the attackers’ symmetric AES-256 keys required to decrypt data.
Heimadal Security
JANUARY 13, 2025
COPENHAGEN, Denmark, and PARIS, France, January 13, 2025 Heimdal, a top European cybersecurity company, is teaming up with Watsoft, a French IT distributor focused on Managed Service Providers (MSPs). This partnership will help MSPs in France deal with todays growing cybersecurity challenges by simplifying how they manage security and offering reliable tools from a […] The post Heimdal and Watsoft Team Up to Strengthen MSP Cybersecurity in France appeared first on Heimdal Security Blog.
Security Boulevard
JANUARY 13, 2025
Hackers are exploiting the digital breadcrumbs your personally identifiable information (PII) that you leave behind daily to launch their cyber attacks. The post How Your Digital Footprint Fuels Cyberattacks and What to Do About It appeared first on Security Boulevard.
Malwarebytes
JANUARY 16, 2025
The consequences of a wave of credit card skimmerswhich is normal around the holidays are starting to show. Label maker Avery has filed a data breach notification , saying 61,193 people may have had their credit card details stolen. On December 9, Avery said it became aware of an attack on its systems. An investigation showed that cybercriminals had inserted malicious software that was used to scrape credit card information used on its website.
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
Expert insights. Personalized for you.
288 
Let's personalize your content