π¦Ώ Australian IT Sector Maintains Strong Employment Outlook for 2025 π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
IT hiring intentions remain strong, though competition for jobs could be fierce.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Australian IT Sector Maintains Strong Employment Outlook for 2025
ManpowerGroupβs Employment Outlook Survey for Q1 2025 found the Australian IT sector has the strongest net employment outlook of any sector at the beginning of 2025.
π§ Is the water safe? The state of critical infrastructure cybersecurity π§
π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
On September 25, CISA issued a stark reminder that critical infrastructure remains a primary target for cyberattacks. Vulnerable systems in industrial sectors, including water utilities, continue to be exploited due to poor cyber hygiene practices. Using unsophisticated methods like bruteforce attacks and leveraging default passwords, threat actors have repeatedly managed to compromise operational technology OT The post Is the water safe? The state of critical infrastructure cybersecurity appeared first on Security Intelligence.π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
Security Intelligence
Is the water safe? The state of critical infrastructure cybersecurity
While the U.S. government works to improve critical infrastructure cybersecurity, continuing attacks reveal that more needs to be done.
ποΈ Google Project Zero Researcher Uncovers Zero-Click Exploit Targeting Samsung Devices ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have detailed a nowpatched security flaw impacting Monkey's Audio APE decoder on Samsung smartphones that could lead to code execution. The highseverity vulnerability, tracked as CVE202449415 CVSS score 8.1, affects Samsung devices running Android versions 12, 13, and 14. "Outofbounds write in libsaped.so prior to SMR Dec2024 Release 1 allows remote.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π1
π Cybercriminals Use Fake CrowdStrike Job Offers to Distribute Cryptominer π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
CrowdStrike warned it had observed a phishing campaign impersonating the firms recruitment process to lure victims into downloading cryptominer.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Cybercriminals Use Fake CrowdStrike Job Offers to Distribute Cryptominer
CrowdStrike warned it had observed a phishing campaign impersonating the firmβs recruitment process to lure victims into downloading cryptominer
π΅οΈββοΈ China's UNC5337 Exploits a Critical Ivanti RCE Bug, Again π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
New year, same story. Despite Ivanti's commitment to securebydesign principles, Chinese threat actors are exploiting its edge devices for the nth time.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Threat Actors Exploit a Critical Ivanti RCE Bug, Again
New year, same story. Despite Ivanti's commitment to secure-by-design principles, Chinese threat actors are exploiting its edge devices for the nth time.
π΅οΈββοΈ Fake CrowdStrike 'Job Interviews' Become Latest Hacker Tactic π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Cybercriminals are luring victims into downloading the XMRig cryptomining malware via convincing emails, inviting them to schedule fake interviews using a malicious link.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Fake CrowdStrike Job Interviews Become Latest Hacker Tactic
Cybercriminals are luring victims into downloading the XMRig cryptomining malware via convincing emails, inviting them to schedule fake interviews using a malicious link.
π΅οΈββοΈ Russia Carves Out Commercial Surveillance Success Globally π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Growing sales of the System for Operative Investigative Activities SORM, a Russian wiretapping platform, in Central Asia and Latin American suggests increasing risks for Western businesses.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Russia Carves Out Commercial Surveillance Success
Growing sales of the System for Operative Investigative Activities (SORM), a Russian wiretapping platform, in Central Asia and Latin American suggests increasing risks for Western businesses.
π±1
ποΈ DoJ Indicts Three Russians for Operating Crypto Mixers Used in Cybercrime Laundering ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The U.S. Department of Justice DoJ on Friday indicted three Russian nationals for their alleged involvement in operating the cryptocurrency mixing services Blender.io and Sinbad.io. Roman Vitalyevich Ostapenko and Alexander Evgenievich Oleynik were arrested on December 1, 2024, in coordination with the Netherlands' Financial Intelligence and Investigative Service, Finland's National Bureau of.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Microsoft Sues Hacking Group Exploiting Azure AI for Harmful Content Creation ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Microsoft has revealed that it's pursuing legal action against a "foreignbased threatactor group" for operating a hackingasaservice infrastructure to intentionally get around the safety controls of its generative artificial intelligence AI services and produce offensive and harmful content. The tech giant's Digital Crimes Unit DCU said it has observed the threat actors "develop.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π1
ποΈ WordPress Skimmers Evade Detection by Injecting Themselves into Database Tables ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers are warning of a new stealthy credit card skimmer campaign that targets WordPress ecommerce checkout pages by inserting malicious JavaScript code into a database table associated with the content management system CMS. "This credit card skimmer malware targeting WordPress websites silently injects malicious JavaScript into database entries to steal sensitive payment.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Expired Domains Allowed Control Over 4,000 Backdoors on Compromised Systems ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
No less than 4,000 unique web backdoors previously deployed by various threat actors have been hijacked by taking control of abandoned and expired infrastructure for as little as 20 per domain. Cybersecurity company watchTowr Labs said it pulled off the operation by registering over 40 domain names that the backdoors had been designed to use for commandandcontrol C2. In partnership with the.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Three Russians Charged with Crypto Mixer Money Laundering π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Three Russian men have been indicted on money laundering charges connected to cryptocurrency mixers.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Three Russians Charged with Crypto Mixer Money Laundering
Three Russian men have been indicted on money laundering charges connected to cryptocurrency mixers
π Telefonica Breach Hits 20,000 Employees and Exposes Jira Details π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Telefonica has confirmed a breach of its internal ticketing system exposing more than 236,000 lines of customer data.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Telefonica Breach Hits 20,000 Employees and Exposes Jira Details
Telefonica has confirmed a breach of its internal ticketing system exposing more than 236,000 lines of customer data
π WEF Warns of Growing Cyber Inequity Amid Escalating Complexities in Cyberspace π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
A new WEF report highlighted growing disparities in the cyber capabilities of different types of organizations and regions.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
WEF Warns of Growing Cyber Inequity Amid Escalating Complexities in Cyberspace
A new WEF report highlighted growing disparities in the cyber capabilities of different types of organizations and regions
ποΈ β‘ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [13 January] ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The cyber worlds been buzzing this week, and its all about staying ahead of the bad guys. From sneaky software bugs to advanced hacking tricks, the risks are real, but so are the ways to protect yourself. In this recap, well break down whats happening, why it matters, and what you can do to stay secure. Lets turn awareness into action and keep one step ahead.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Ransomware on ESXi: The mechanization of virtualized attacks ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
In 2024, ransomware attacks targeting VMware ESXi servers reached alarming levels, with the average ransom demand skyrocketing to 5 million. With approximately 8,000 ESXi hosts exposed directly to the internet according to Shodan, the operational and business impact of these attacks is profound. Most of the Ransomware strands that are attacking ESXi servers nowadays, are variants of the.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π¦
CyberSecurity Malaysia Flags Major Threats in Chrome and WordPress β Are You Safe? π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Google Chrome and WordPress users face highseverity security threats. CyberSecurity Malaysia advises immediate updates to prevent potential exploits and safeguard data. Overview CyberSecurity Malaysia has recently notified users of critical vulnerabilities in two widely used software platforms Google Chrome and the WordPress File Upload plugin. If exploited, these vulnerabilities could allow attackers to execute arbitrary code, escalate privileges, or cause disruptions. Security updates have been issued, and users are strongly advised to apply these updates immediately to protect their systems. This article provides an indepth look at these vulnerabilities, their potential impacts, affected products, and recommended mitigation actions. Google Chrome Security Update Goo...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
Cybersecurity Malaysia Flags Major Threats In Chrome & WP
Critical Chrome and WordPress vulnerabilities flagged by CyberSecurity Malaysia β act now to secure systems.
π’ Phishing campaign targets developers with fake CrowdStrike job offers π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Victims are drawn in with the promise of an interview for a junior developer role at CrowdStrike.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
Phishing campaign targets developers with fake CrowdStrike job offers
Victims are drawn in with the promise of an interview for a junior developer role at CrowdStrike
π New Ransomware Group Uses AI to Develop Nefarious Tools π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Researchers at Check Point said FunkSec operators appear to use AI for malware development.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
New Ransomware Group Uses AI to Develop Nefarious Tools
Researchers at Check Point said FunkSec operators appear to use AI for malware development
π1
π¦Ώ Bitwarden vs 1Password: Battle of the Best β Who Wins? π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Bitwarden and 1Password are two of the top password managers. Find out which password manager is the best for you using this comprehensive comparison.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Bitwarden vs 1Password: Battle of the Best β Who Wins?
While Bitwardenβs generous free version is a big advantage, I feel 1Passwordβs refined user experience makes it the better pick for most users and businesses.
π¦
Inside the Active Threats of Ivantiβs Exploited Vulnerabilities π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Threats, exploitation, and mitigation of Ivantis two critical actively exploited vulnerabilitiesCVE20250282 and CVE20250283affecting its Connect Secure, Policy Secure, and Neurons for ZTA Gateways. Overview On January 8, 2025, Ivanti disclosed two critical vulnerabilitiesCVE20250282 and CVE20250283affecting its Connect Secure, Policy Secure, and Neurons for ZTA Gateways. These vulnerabilities expose enterprises to unauthenticated remote code execution RCE and privilege escalation risks. While Ivanti has released patches to address these issues, threat actor exploitation, particularly of CVE20250282, has prompted a global response. This blog aims to provide detailed insights into these vulnerabilities and their exploitation, offering valuable guidance for mitigating risks. A ...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
Ivanti Exploited: Inside Active Threats & Risks
All about Ivantiβs two critical exploited vulnerabilitiesβCVE-2025-0282 and CVE-2025-0283βaffecting its Connect Secure, Policy Secure, and Neurons for ZTA Gateways.