Krebs on Security
MARCH 27, 2025
Many successful phishing attacks result in a financial loss or malware infection. But falling for some phishing scams, like those currently targeting Russians searching online for organizations that are fighting the Kremlin war machine, can cost you your freedom or your life. The real website of the Ukrainian paramilitary group “Freedom of Russia” legion.
Schneier on Security
MARCH 26, 2025
Cloudflare has a new feature —available to free users as well—that uses AI to generate random pages to feed to AI web crawlers: Instead of simply blocking bots, Cloudflare’s new system lures them into a “maze” of realistic-looking but irrelevant pages, wasting the crawler’s computing resources. The approach is a notable shift from the standard block-and-defend strategy used by most website protection services.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
The Last Watchdog
MARCH 25, 2025
The annual pilgrimage to San Francisco for RSA Conference is fast approachingand the ramp-up has officially begun. In the latest episode of Bospars Politely Pushy podcast, Last Watchdog Editor-in-Chief Byron V. Acohido joins DigiCerts Christina Knittel and ConnectSafely.orgs Larry Magid for a spirited roundtable on how to get the most out of RSAC 2025.
SecureList
MARCH 25, 2025
In mid-March 2025, Kaspersky technologies detected a wave of infections by previously unknown and highly sophisticated malware. In all cases, infection occurred immediately after the victim clicked on a link in a phishing email, and the attackers’ website was opened using the Google Chrome web browser. No further action was required to become infected.
Speaker: Erroll Amacker
Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.
Troy Hunt
MARCH 25, 2025
You know when you're really jet lagged and really tired and the cogs in your head are just moving that little bit too slow?
Schneier on Security
MARCH 25, 2025
Citizen Lab has a new report on Paragon’s spyware: Key Findings: Introducing Paragon Solutions. Paragon Solutions was founded in Israel in 2019 and sells spyware called Graphite. The company differentiates itself by claiming it has safeguards to prevent the kinds of spyware abuses that NSO Group and other vendors are notorious for. Infrastructure Analysis of Paragon Spyware.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
|
Security Affairs
MARCH 24, 2025
The FBI warns of a significant increase in scams involving free online document converters to infect users with malware. The FBI warns that threat actors use malicious online document converters to steal users sensitive information and infect their systems with malware. “The FBI Denver Field Office is warning that agents are increasingly seeing a scam involving free online document converter tools, and we want to encourage victims to report instances of this scam.” reads the alert. &
Malwarebytes
MARCH 26, 2025
Internet security expert and educator Troy Hunt disclosed this week that he had been hit by one of the oldestand most provenscams in the online world: A phishing attack. Through an automated attack disguised as a notice from Hunts chosen newsletter provider Mailchimp, scammers stole roughly 16,000 records belonging to current and past subscribers of Hunts blog.
eSecurity Planet
MARCH 24, 2025
A sophisticated supply chain hack targeting Oracle Cloud has exfiltrated a staggering 6 million records. CloudSEKs XVigil uncovered that threat actor rose87168 began selling the stolen data on March 21. The breach, exploiting a vulnerability in Oracles cloud infrastructure, now endangers over 140,000 tenants and has raised serious questions about cloud security practices.
The Last Watchdog
MARCH 24, 2025
Quantum computings ability to break todays encryption may still be years awaybut security leaders cant afford to wait. Forresters The Future of Quantum Security makes it clear: the transition to quantum-safe cryptography must start now. Related: Quantum standards come of age The real threat isnt just the eventual arrival of quantum decryptionits that nation-state actors are already stockpiling encrypted data in harvest now, decrypt later attacks.
Advertisement
Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.
Security Affairs
MARCH 26, 2025
Google fixed a flaw in the Chrome browser for Windows that was actively exploited in attacks targeting organizations in Russia. Google has released out-of-band fixes to address a high-severity security vulnerability, tracked as CVE-2025-2783 , in Chrome browser for Windows. The flaw was actively exploited in attacks targeting organizations in Russia.
Malwarebytes
MARCH 26, 2025
The threat intel research used in this post was provided by Malwarebytes Senior Director of Research, Jrme Segura. DeepSeeks rising popularity has not only raised concerns and questions about privacy implications , but cybercriminals are also using it as a lure to trap unsuspecting Google searchers. Unfortunately, we are getting so used to sponsored Google search results being abused by criminals that we advise people not to click on them.
Schneier on Security
MARCH 24, 2025
Last month I wrote about the UK forcing Apple to break its Advanced Data Protection encryption in iCloud. More recently, both Sweden and France are contemplating mandating back doors. Both initiatives are attempting to scare people into supporting back doors, which are—of course—are terrible idea. Also: “ A Feminist Argument Against Weakening Encryption.
The Last Watchdog
MARCH 24, 2025
Paris, France, Mar. 24, 2025, CyberNewswire — Arsen , a leading cybersecurity company specializing in social engineering defense, today announced the full release of Conversational Phishing, a groundbreaking feature embedded in its phishing simulation platform. This AI-powered tool introduces dynamic, adaptive phishing conversations to train employees against evolving threats more effectively than ever before.
Advertisement
The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.
Security Affairs
MARCH 27, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium Mojo flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Google Chromium Mojo sandbox escape vulnerability, tracked as CVE-2025-2783 , to its Known Exploited Vulnerabilities (KEV) catalog. This week Google has released out-of-band fixes to address a high-severity security vulnerability , tracked as CVE-2025-2783 , in Chrome browser for Window
Malwarebytes
MARCH 26, 2025
A new phishing campaign that uses the fake CAPTCHA websites we reported about recently is targeting hotel staff in a likely attempt to access customer data, according to research from ThreatDown. Here’s how it works: Cybercriminals send a fake Booking.com email to a hotels email address, asking them to confirm a booking. Dear Team, You have received a new booking.
IT Security Guru
MARCH 26, 2025
The Gurus spoke to Robert Hann, VP of Technical Solutions at Entrust, about the future of IT and the challenges these developments pose to security teams and business leaders globally. What do you think will be the most significant changes in the IT industry over the next 5-10 years? I believe the three most influential and interconnected evolutions that will transform the IT industry throughout the next decade are AI, Robotics and Quantum Computing.
The Last Watchdog
MARCH 27, 2025
Cary, NC, Mar. 27, 2025, CyberNewswire — INE , a global leader in networking and cybersecurity training and certifications, is proud to announce it is the recipient of twelve badges in G2s Spring 2025 Report, including Grid Leader for Cybersecurity Professional Development, Online Course Providers, and Technical Skills Development, which highlight INEs superior performance relative to competitors.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Security Affairs
MARCH 25, 2025
A cyberattack on Ukraines national railway operator Ukrzaliznytsia disrupted online ticket services, causing long lines at Kyivs station. The Record Media first reported the news of a cyber attack on Ukraines national railway operator Ukrzaliznytsia that disrupted online ticket services, causing long lines at Kyivs station. The incident led to overcrowding and long delays as people were forced to buy physical tickets.
Malwarebytes
MARCH 25, 2025
The genetic testing company 23andMe filed for bankruptcy on Sunday, announcing that, in searching for financial stability through its sale to a new owner, the business will continue operating as normal, including in how customer data is handled. The company intends to continue operating its business in the ordinary course throughout the sale process, 23andMe wrote in a news statement.
Adam Shostack
MARCH 26, 2025
Grateful to introduce the Hackers' Almanack! I wrote the introduction for The DEF CON 32 Hackers Almanack ! Every year, thousands of hackers converge in Las Vegas for a joyous, crazy exploration of the edges of technology otherwise fondly called Hacker Summer Camp. They include many communities with different perspectives, all with a core commitment to hacking and exploration.
The Last Watchdog
MARCH 24, 2025
Cary, NC, Mar. 24, 2025, CyberNewswire – – INE Security , a global provider of cybersecurity training and certification, today announced its initiative to spotlight the increasing cyber threats targeting healthcare institutions. In recognition of National Physicians Week 2025, the company is drawing attention to new industry data showing a sharp rise in cyberattacks on hospitals and clinicsincidents that have cost the healthcare sector millions and posed significant risks to patient
Speaker: Sierre Lindgren
Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.
Security Affairs
MARCH 28, 2025
Russian authorities arrested three suspects for developing Mamont, a newly identified Android banking trojan. Russian authorities arrested three suspects in Saratov for developing Mamont (Russian for mammoth), a recently discovered Android banking trojan. “Three Saratov residents are suspected of fraud and unauthorized access to computer information.
Schneier on Security
MARCH 27, 2025
NIST just released a comprehensive taxonomy of adversarial machine learning attacks and countermeasures.
Security Boulevard
MARCH 25, 2025
Lasso today added an ability to autonomously simulate real-world cyberattacks against large language models (LLMs) to enable organizations to improve the security of artificial intelligence (AI) applications. The post Lasso Adds Automated Red Teaming Capability to Test LLMs appeared first on Security Boulevard.
Malwarebytes
MARCH 27, 2025
This is a sad story that illustrates how losing your ID can effectively ruin your life and reputation. 19-year-old dual German Tunisian national Rami Battikh travelled to the UK in 2019, bringing both his passport and his German national ID. When he returned to Germany, Rami noticed that his German ID card was missing. He figured he either lost it or someone stole it.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Security Affairs
MARCH 25, 2025
Astral Foods, South Africas largest poultry producer, lost over $1M due to a cyberattack disrupting deliveries and impacting operations. Astral Foods is a South African integrated poultry producer and one of the country’s largest food companies. It specializes in poultry production, animal feed, and related agricultural operations. The company supplies chicken products to retail, wholesale, and fast-food markets in South Africa and neighboring countries.
Joseph Steinberg
MARCH 24, 2025
CyberSecurity Expert Joseph Steinberg will, once gain, deliver a talk for the Penn Club and Columbia Club. The following is the official description provided by the Penn Club of Steinbergs upcoming talk, which will take place at 6:00 PM on Tuesday, May 6, 2025, in New York City. Due to the popularity of the event in October, Joseph Steinberg, author of CyberSecurity for Dummies (the third edition of which hits bookstores on April 15), and a Columbia University lecturer on the subject, will be pr
SecureWorld News
MARCH 24, 2025
Microsoft announced a major expansion of its Security Copilot platform today, introducing a suite of AI agents designed to automate common security operations tasks and reduce the burden on cybersecurity professionals. The update also includes new protections for AI workloads across multi-cloud environments and tools to manage the risks of "shadow AI.
Malwarebytes
MARCH 25, 2025
Google has admitted it accidentally deleted some users’ Google Maps Timeline data after a “technical issue” As reported by Forbes on March 11, users started noticing that their Google Maps Timelines had completely disappeared. At the time, we didn’t know anything about the cause of this issue. However, now we do, after some of the impacted users received a email from Google on March 21.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Expert insights. Personalized for you.
213 
Let's personalize your content