π¦
China Accuses the U.S. of Hacking Back as Cyber Conflict Grows π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Overview U.S. national security and cybersecurity agencies have leveled cyber espionage accusations against the Peoples Republic of China PRC for much of 2024, accusing the PRC of infiltrating U.S. critical infrastructure and telecom networks possibly in preparation for a potential cyber war between the two global powers. China has pushed back, calling such charges misinformation and accusing the U.S. of its own espionage campaigns. While the PRCs claims merit skepticism most notably that alleged Volt Typhoon activities have been U.S. misinformation or false flag operations new claims by China that two recent sophisticated cyberattacks were carried out by the U.S. are worth examining if only for the details and security insights they provide. Well examine those claims alon...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
China And U.S. Cyber Espionage Reaches Boiling Point
China accuses the U.S. of cyber espionage amid rising tensions between the two nations.
ποΈ Cloud Atlas Deploys VBCloud Malware: Over 80% of Targets Found in Russia ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The threat actor known as Cloud Atlas has been observed using a previously undocumented malware called VBCloud as part of its cyber attack campaigns targeting "several dozen users" in 2024. "Victims get infected via phishing emails containing a malicious document that exploits a vulnerability in the formula editor CVE20180802 to download and execute malware code," Kaspersky researcher Oleg.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π CISA's 2024 Review Highlights Major Efforts in Cybersecurity Industry Collaboration π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The US Cybersecurity and Infrastructure Security Agencys 2024 Year in Review marks Jen Easterlys final report before resignation.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
CISA's 2024 Review Highlights Major Efforts in Cybersecurity Industry Collaboration
The US Cybersecurity and Infrastructure Security Agencyβs 2024 Year in Review marks Jen Easterlyβs final report before resignation
π¦
Russia, Ukraine, China, and More: The Nations at the Center of the Cybercrime Epidemic π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Overview Cyberattacks on a countrys critical infrastructure have become a growing malicious trend globally. The surge in cybercrime threats and its growing impact on national security, businesses, and individuals has led experts to closely examine which regions face the most cyberattacks. A recent study from the World Cybercrime Index WCI compiled by an international team of researchers, shed light on the most targeted countries, ranking them based on the severity of cyberattacks, the skill of the perpetrators, and the professionalism of the cybercriminals involved. As of 2024, these countries face the highest levels of cybercrime threats, driven by a complex mix of geopolitical factors, technological infrastructure, and economic conditions. This blog explores the top 10 coun...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
π΅οΈββοΈ Hackers Are Hot for Water Utilities π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The US water sector suffered a stream of cyberattacks over the past year and half, from a mix of cybercriminals, hacktivists, and nationstate hacking teams. Here's how the industry and ICSOT security experts are working to better secure vulnerable drinking and wastewater utilities.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Hackers Are Hot for Water Utilities
How the water sector and security experts are helping to better secure vulnerable US drinking and wastewater utilities after a stream of cyberattacks.
π΅οΈββοΈ Defining & Defying Cybersecurity Staff Burnout π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Sometimes it feels like burnout is an inevitable part of working in cybersecurity. But a little bit of knowledge can help you and your staff stay healthy.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Defining & Defying Cybersecurity Staff Burnout
Sometimes it feels like burnout is an inevitable part of working in cybersecurity. But a little bit of knowledge can help you and your staff stay healthy.
π΅οΈββοΈ Quantum Computing Advances in 2024 Put Security In Spotlight π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The work on quantum computing hit some major milestones in 2024, making the path to a workable quantum computer seem closer than ever. Google, Microsoft, and other research efforts hit significant milestones this year, but is the cybersecurity world ready?.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Quantum Computing Advances in 2024 Put Security In Spotlight
The work on quantum computing hit some major milestones in 2024, making the path to a workable quantum computer seem closer than ever. Google, Microsoft, and other research efforts hit significant milestones this year, but is the cybersecurity world ready?
π1
π§ CISAβs cyber incident reporting portal: Progress and future plans π§
π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
On August 29, 2024, CISA announced the launch of a new cyberincident Reporting Portal, part of the new CISA Services Portal. The Incident Reporting Portal enables entities and individuals reporting cyber incidents to create unique accounts, save reports and return to submit later, and eliminate the repetitive nature of inputting routine information such as contact The post CISAs cyber incident reporting portal Progress and future plans appeared first on Security Intelligence.π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
Security Intelligence
CISAβs cyber incident reporting portal: Progress and future plans
Discover how CISA's new Cyber Incident Reporting Portal improves cyberattack reporting, aids response efforts and enhances critical infrastructure security.
π1
π΅οΈββοΈ Deepfakes, Quantum Attacks Loom Over APAC in 2025 π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Organizations in the region should expect to see threat actors accelerate their use of AI tools and mount ongoing "harvest now, decrypt later" attacks for various malicious use cases.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Deepfakes, Quantum Attacks Loom Over APAC in 2025
Organizations in the region should expect to see threat actors accelerate their use of AI tools and mount ongoing "harvest now, decrypt later" attacks for various malicious use cases.
ποΈ North Korean Hackers Deploy OtterCookie Malware in Contagious Interview Campaign ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
North Korean threat actors behind the ongoing Contagious Interview campaign have been observed dropping a new JavaScript malware called OtterCookie. Contagious Interview aka DeceptiveDevelopment refers to a persistent attack campaign that employs social engineering lures, with the hacking crew often posing as recruiters to trick individuals looking for potential job opportunities into.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ 15,000+ Four-Faith Routers Exposed to New Exploit Due to Default Credentials ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A highseverity flaw impacting select FourFaith routers has come under active exploitation in the wild, according to new findings from VulnCheck. The vulnerability, tracked as CVE202412856 CVSS score 7.2, has been described as an operating system OS command injection bug affecting router models F3x24 and F3x36. The severity of the shortcoming is lower due to the fact that it only works.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ 16 Chrome Extensions Hacked, Exposing Over 600,000 Users to Data Theft ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A new attack campaign has targeted known Chrome browser extensions, leading to at least 16 extensions being compromised and exposing over 600,000 users to data exposure and credential theft. The attack targeted publishers of browser extensions on the Chrome Web Store via a phishing campaign and used their access permissions to insert malicious code into legitimate extensions in order to steal.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
βοΈ Happy 15th Anniversary, KrebsOnSecurity! βοΈ
π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
KrebsOnSecurity.com turns 15 years old today! Maybe it's indelicate to celebrate the birthday of a cybercrime blog that mostly publishes bad news, but happily many of 2024's most engrossing security stories were about bad things happening to bad guys. It's also an occasion to note that despite my publishing fewer stories than ever this past year, we somehow managed to attract near record levels of readership thank you!.π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
Krebs on Security
Happy 15th Anniversary, KrebsOnSecurity!
KrebsOnSecurity.com turns 15 years old today! Maybe it's indelicate to celebrate the birthday of a cybercrime blog that mostly publishes bad news, but happily many of 2024's most engrossing security stories were about bad things happening to bad guys. It'sβ¦
π¦
A Look at CISA Known Exploited Vulnerabilities in 2024 π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Overview The U.S. Cybersecurity and Infrastructure Security Agency CISA added 185 vulnerabilities to its Known Exploited Vulnerabilities KEV catalog in 2024, as the database grew to 1,238 software and hardware flaws at high risk of cyberattacks. The agency removed at least two vulnerabilities from the catalog in 2024, but the database has generally grown steadily since its launch in November 2021. Well look at some of the trends and vulnerabilities from 2024, along with the vendors and projects that had the most CVEs added to the list this year. CISA Known Exploited Vulnerabilities Growth Stabilizes CISAs KEV catalog has grown at a steady rate in 2023 and 2024, with 187 vulnerabilities added in 2023 and 185 this year. Thats a pretty stable rate after KEVs first year, wh...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
CISA Adds 185 Exploited Vulnerabilities To KEV Catalog
CISA added 185 exploited vulnerabilities to its Known Exploited Vulnerabilities catalog in 2024, with Microsoft and Ivanti leading the list.
π Majority of UK SMEs Lack Cybersecurity Policy π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Insurance firm Markel Direct found that 69 of UK SMEs lack a cybersecurity policy, with a significant lack of basic cybersecurity measures in place across these firms.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Majority of UK SMEs Lack Cybersecurity Policy
Insurance firm Markel Direct found that 69% of UK SMEs lack a cybersecurity policy, with a significant lack of basic cybersecurity measures in place across these firms
π¦
Attack Surface Management (ASM) in 2025: Key Trends to Watch π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
The digital world is evolving at lightning speed, and so are the challenges that come with it. For organizations today, their attack surfacethe sum of all potential entry points for a cyberattackis expanding faster than ever before. From misconfigured cloud environments to overlooked IoT devices, vulnerabilities creep around places many dont think to check. In 2025, Attack Surface Management ASM will take center stage as organizations shift from reactive defenses to proactive strategies. ASM is no longer just a buzzword its a necessity in the cybersecurity resource. Its about seeing what attackers see and mitigating threats before they escalate. As organizations struggle with increasing cyber threats, understanding the trends shaping ASM is crucial to staying ahead of adversaries. ...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
Top Attack Surface Management Trends For 2025
Here are the key Attack Surface Management trends for 2025, including AI-driven solutions, IoT and cloud security.
ποΈ When Good Extensions Go Bad: Takeaways from the Campaign Targeting Browser Extensions ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
News has been making headlines over the weekend of the extensive attack campaign targeting browser extensions and injecting them with malicious code to steal user credentials. Currently, over 25 extensions, with an install base of over two million users, have been found to be compromised, and customers are now working to figure out their exposure LayerX, one of the companies involved in.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ New HIPAA Rules Mandate 72-Hour Data Restoration and Annual Compliance Audits ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The United States Department of Health and Human Services' HHS Office for Civil Rights OCR has proposed new cybersecurity requirements for healthcare organizations with an aim to safeguard patients' data against potential cyber attacks. The proposal, which seeks to modify the Health Insurance Portability and Accountability Act HIPAA of 1996, is part of a broader initiative to bolster the.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ β‘ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Every week, the digital world faces new challenges and changes. Hackers are always finding new ways to breach systems, while defenders work hard to keep our data safe. Whether it's a hidden flaw in popular software or a clever new attack method, staying informed is key to protecting yourself and your organization. In this week's update, we'll cover the most important developments in.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π΅οΈββοΈ What Security Lessons Did We Learn in 2024? π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Proactive defenses, crosssector collaboration, and resilience are key to combating increasingly sophisticated threats.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
What Security Lessons Did We Learn in 2024?
Proactive defenses, cross-sector collaboration, and resilience are key to combating increasingly sophisticated threats.
π¦Ώ VyprVPN Review: Can It Still Perform This Year and Beyond? π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
VyprVPN is an affordable VPN provider, but is it trustworthy enough to keep your data secure? Read our VyprVPN review to find out.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
VyprVPN Review (2025): Can It Still Perform This Year and Beyond?
VyprVPN is known for strong performance with top-notch security and speed. Discover if it remains a reliable choice for privacy and streaming this year and beyond.