ποΈ FCC Launches 'Cyber Trust Mark' for IoT Devices to Certify Security Compliance ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The U.S. government on Tuesday announced the launch of the U.S. Cyber Trust Mark, a new cybersecurity safety label for InternetofThings IoT consumer devices. "IoT products can be susceptible to a range of security vulnerabilities," the U.S. Federal Communications Commission FCC said. "Under this program, qualifying consumer smart products that meet robust cybersecurity standards will bear.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π State-aligned APT groups are increasingly deploying ransomware β and thatβs bad news for everyone π
π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
The blurring of lines between cybercrime and statesponsored attacks underscores the increasingly fluid and multifaceted nature of todays cyberthreats.π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
Welivesecurity
State-aligned APT groups are increasingly deploying ransomware β and thatβs bad news for everyone
The blurring of lines between cybercrime and state-sponsored attacks underscores the increasingly fluid and multifaceted nature of todayβs cyberthreats
π Casio Admits Security Failings as Attackers Leak Employee and Customer Data π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Electronics firm Casio revealed that ransomware attackers have leaked the personal data of employees, customers and business partners.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Casio Admits Security Failings as Attackers Leak Employee and Customer Data
Electronics firm Casio revealed that ransomware attackers have leaked the personal data of employees, customers and business partners
π New Mirai Botnet Exploits Zero-Days in Routers and Smart Devices π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
A newly identified Mirai botnet exploits over 20 vulnerabilities, including zerodays, in industrial routers and smart home devices.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
New Mirai Botnet Exploits Zero-Days in Routers and Smart Devices
A newly identified Mirai botnet exploits over 20 vulnerabilities, including zero-days, in industrial routers and smart home devices
π¦
CISA Releases Two New Industrial Control Systems Advisories for 2025 π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Overview The Cybersecurity and Infrastructure Security Agency CISA released two critical Industrial Control Systems ICS advisories. These advisories, ICSA2500701 and ICSA2500702, aim to inform users and administrators about vulnerabilities in key ICS products. The goal is to mitigate potential risks to vital infrastructure sectors by highlighting existing security weaknesses that could be exploited by cyber attackers. ICSA2500701 ABB ASPECTEnterprise, NEXUS, and MATRIX Series Products The first advisory, ICSA2500701, addresses multiple vulnerabilities within ABB's ASPECTEnterprise, NEXUS, and MATRIX series products. ABB, a leading provider of industrial automation and control systems, has reported numerous security flaws that could severely impact system integrity. These vuln...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
CISA Advisories For ABB, Nedap Industrial Control Systems
CISA's 2025 ICS advisories highlight critical vulnerabilities in ABB and Nedap Industrial Control Systems.
π¦
The Commonwealth Cyber Security Posture 2024: A Deep Dive into Australiaβs Cyber Defense Measures π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Overview The Australian Government has shared its latest report for commonwealth cyber security. The Commonwealth Cyber Security Posture in 2024 report provides an essential update on the measures and progress related to cyber security across Australian Government entities. Tabled before the Australian Parliament, the report is a key tool for understanding the implementation and effectiveness of cyber security protocols for the 202324 financial year. As part of the government's ongoing efforts to protect national security, public trust, and the economy, the Commonwealth Cyber Security Posture in 2024 highlights areas of improvement, challenges, and recommendations for enhancing Australia's cyber defenses. According to the report, the Australian Government consists of 1002 noncorp...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
Australiaβs Commonwealth Cyber Security Posture 2024
The 2024 Commonwealth Cyber Security Posture report highlights key updates, progress, and recommendations to strengthen Australiaβs cybersecurity.
ποΈ Researchers Expose NonEuclid RAT Using UAC Bypass and AMSI Evasion Techniques ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have shed light on a new remote access trojan called NonEuclid that allows bad actors to remotely control compromised Windows systems. "The NonEuclid remote access trojan RAT, developed in C, is a highly sophisticated malware offering unauthorised remote access with advanced evasion techniques," Cyfirma said in a technical analysis published last week. "It employs.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Scammers Exploit Microsoft 365 to Target PayPal Users π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
A new PayPal phishing scam used genuine money requests, bypassing security checks to deceive recipients.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Scammers Exploit Microsoft 365 to Target PayPal Users
PayPal phishing scam used genuine money requests, bypassing security checks to deceive recipients
π§ Cloud threat report: Why have SaaS platforms on dark web marketplaces decreased? π§
π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
IBMs XForce team recently released the latest edition of the Cloud Threat Landscape Report for 2024, providing a comprehensive outlook on the rise of cloud infrastructure adoption and its associated risks. One of the key takeaways of this years report was focused on the gradual decrease in SoftwareasaService SaaS platforms being mentioned across dark web The post Cloud threat report Why have SaaS platforms on dark web marketplaces decreased? appeared first on Security Intelligence.π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
Security Intelligence
Cloud threat report: Why have SaaS platforms on dark web marketplaces decreased?
Does the decrease in SaaS platforms on dark web marketplaces suggest that cloud platforms are increasing their defenses? There are more factors to consider.
π΅οΈββοΈ Best Practices & Risks Considerations in LCNC and RPA Automation π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Lowcodenocode LCNC and robotic process automation RPA technologies allow companies to speed up development processes and reduce costs, but security is often overlooked. When this happens, the risks can outweigh the benefits.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Best Practices in LCNC & RPA Automation
Low-code/no-code (LCNC) and robotic process automation (RPA) technologies allow companies to speed up development processes and reduce costs, but security is often overlooked. When this happens, the risks can outweigh the benefits.
π US Launches Cyber Trust Mark for IoT Devices π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The voluntary Cyber Trust Mark labeling program will allow consumers to assess the cybersecurity of IoT devices when making purchasing decisions.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
US Launches Cyber Trust Mark for IoT Devices
The voluntary Cyber Trust Mark labeling program will allow consumers to assess the cybersecurity of IoT devices when making purchasing decisions
π΅οΈββοΈ Unconventional Cyberattacks Aim to Take Over PayPal Accounts π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Attackers are abusing a Microsoft 365 feature to send payment requests to users, tricking them into logging in to their accounts so attackers can seize control over them.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Unconventional Cyberattacks Aim for PayPal Account Takeover
Attackers are abusing a Microsoft 365 feature to send payment requests to users, tricking them into logging in to their accounts so attackers can seize control over them.
π΅οΈββοΈ New Docuseries Spotlights Hackers Who Shaped Cybersecurity π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
"Where Warlocks Stay Up Late" project speaks to hackers who have played pivotal roles in shaping the field of cybersecurity. The video interviews are complemented by an encyclopedia and an anthropological map.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
New Docuseries Spotlights Hackers Who Helped Shape Cybersecurity
"Where Warlocks Stay Up Late" project speaks to hackers who have played pivotal roles in shaping the field of cybersecurity. The video interviews are complemented by an encyclopedia and an anthropological map.
π¦Ώ US to Launch Cyber Trust Mark to Label Secure Smart Devices π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
The Cyber Trust Mark shows which devices meet FCC security standards.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
US to Launch Cyber Trust Mark to Label Secure Smart Devices
The Cyber Trust Mark will help consumers make more informed decisions about the cybersecurity of products, according to the White House.
ποΈ Neglected Domains Used in Malspam to Evade SPF and DMARC Security Protections ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have found that bad actors are continuing to have success by spoofing sender email addresses as part of various malspam campaigns. Faking the sender address of an email is widely seen as an attempt to make the digital missive more legitimate and get past security mechanisms that could otherwise flag it as malicious. While there are safeguards such as DomainKeys.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π΅οΈββοΈ Fed 'Cyber Trust' Label: Good Intentions That Fall Short π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The voluntary program is intended to boost consumer confidence in vulnerable IoT devices, but experts want to see vendors held to a higher standard.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Fed 'Cyber Trust' Label: Good Intentions Fall Short
The voluntary program is intended to boost consumer confidence in vulnerable IoT devices, but experts want to see vendors held to a higher standard.
π΅οΈββοΈ Green Bay Packers' Online Pro Shop Sacked by Payment Skimmer π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Cyberattackers injected the NFL Wild Card team's online Pro Shop with malicious code to steal creditcard data from 8,500 fans.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Green Bay Packers Fans Sacked by Online Payment Skimmer
Cyberattackers injected the NFL Wild Card team's online Pro Shop with malicious code to steal credit card data from 8,500 fans.
π΅οΈββοΈ India Readies Overhauled National Data Privacy Rules π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The country awaits implementation guidelines for a framework that gives Indians greater autonomy and security over their personal data and recognizes a right to personal privacy.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
India Readies Overhauled National Data Privacy Rules
The country awaits implementation guidelines for a framework that gives Indians greater autonomy and security over their personal data β and recognizes a right to personal privacy.
ποΈ Ivanti Flaw CVE-2025-0282 Actively Exploited, Impacts Connect Secure and Policy Secure ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Ivanti is warning that a critical security flaw impacting Ivanti Connect Secure, Policy Secure, and ZTA Gateways has come under active exploitation in the wild beginning midDecember 2024. The security vulnerability in question is CVE20250282 CVSS score 9.0, a stackbased buffer overflow that affects Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Ivanti Flaw CVE-2025-0282 Actively Exploited, Impacts Connect Secure and Policy Secure ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Ivanti is warning that a critical security flaw impacting Ivanti Connect Secure, Policy Secure, and ZTA Gateways has come under active exploitation in the wild beginning midDecember 2024. The security vulnerability in question is CVE20250282 CVSS score 9.0, a stackbased buffer overflow that affects Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ E.U. Commission Fined for Transferring User Data to Meta in Violation of Privacy Laws ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The European General Court on Wednesday fined the European Commission, the primary executive arm of the European Union responsible for proposing and enforcing laws for member states, for violating the bloc's own data privacy regulations. The development marks the first time the Commission has been held liable for infringing stringent data protection laws in the region. The court determined that.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity