π΅οΈββοΈ Biden's Cybersecurity EO Leaves Trump a Comprehensive Blueprint for Defense π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
New order mandates securing the federal software supply chain and communications networks, as well as deploying AI tools to protect critical infrastructure from cyberattacks but will the Trump administration follow through?.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Biden's Cyber EO Gives Trump a Blueprint for Defense
New order mandates securing the federal software supply chain, communications networks, as well as deploying AI tools to protect critical infrastructure from cyberattacks β but will the Trump administration follow through?
π΅οΈββοΈ FTC Orders GoDaddy to Fix Inadequate Security Practices π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The FTC claims that the Web hosting company's security failures led to several major breaches in the past few years.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
FTC Orders GoDaddy to Fix Inadequate Security Practices
The FTC claims that the Web hosting company's security failures led to several major breaches in the past few years.
βοΈ Chinese Innovations Spawn Wave of Toll Phishing Via SMS βοΈ
π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
Residents across the United States are being inundated with text messages purporting to come from toll road operators like EZPass, warning that recipients face fines if a delinquent toll fee remains unpaid. Researchers say the surge in SMS spam coincides with new features added to a popular commercial phishing kit sold in China that makes it simple to set up convincing lures spoofing toll road operators in multiple U.S. states.π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
Krebs on Security
Chinese Innovations Spawn Wave of Toll Phishing Via SMS
Residents across the United States are being inundated with text messages purporting to come from toll road operators like E-ZPass, warning that recipients face fines if a delinquent toll fee remains unpaid. Researchers say the surge in SMS spam coincidesβ¦
π΅οΈββοΈ Russian APT Phishes Kazakh Gov't for Strategic Intel π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
A highly targeted cyberintelligence campaign adds fuel to the increasingly complex relationship between the two former Soviet states.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Russian APT Phishes Kazakh Gov't for Strategic Intel
A highly targeted cyber-intelligence campaign adds fuel to the increasingly complex relationship between the two former Soviet states.
ποΈ European Privacy Group Sues TikTok and AliExpress for Illicit Data Transfers to China ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Austrian privacy nonprofit None of Your Business noyb has filed complaints accusing companies like TikTok, AliExpress, SHEIN, Temu, WeChat, and Xiaomi of violating data protection regulations in the European Union by unlawfully transferring users' data to China. The advocacy group is seeking an immediate suspension of such transfers, stating the companies in question cannot shield user data.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π2
π Noyb Files GDPR Complaints Against TikTok and Five Chinese Tech Giants π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
AliExpress, Shein, Temu, TikTok, WeChat and Xiaomi are accused of operating unlawful data transfers to China.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Noyb Files GDPR Complaints Against TikTok and Five Chinese Tech Giants
AliExpress, Shein, Temu, TikTok, WeChat and Xiaomi are accused of operating unlawful data transfers to China
π DORA Takes Effect: Financial Firms Still Navigating Compliance Headwinds π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The EUs DORA regulation is in effect as of January 17, with mixed evidence around compliance levels among financial firms.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
DORA Takes Effect: Financial Firms Still Navigating Compliance Headwinds
The EUβs DORA regulation is in effect as of January 17, with mixed evidence around compliance levels among financial firms
π¦
Sliver Implant Targets German Entities with DLL Sideloading and Proxying Techniques π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Key Takeaways Cyble Research and Intelligence Labs CRIL has identified an ongoing cyberattack targeting organizations in Germany. The attack is initiated through a deceptive LNK file embedded within an archive. When executed by an unsuspecting user, this LNK file triggers cmd.exe to copy and run wksprt.exe, a legitimate executable. This executable sideloads a malicious DLL that employs DLL proxying, ensuring the host application continues to operate seamlessly while executing malicious shellcode in the background. The shellcode ultimately decrypts and executes the final payload Sliver, a wellknown opensource Red Teamadversary emulation framework. Once deployed, Sliver functions as an implant, enabling threat actors to establish communication with the compromised system and...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
Sliver Implant Targets German Entities With DLL Sideloading
Learn how the Sliver implant uses DLL sideloading and proxying to target German entities. Explore the latest cyber threat techniques and defense strategies
π¦
AI Takes the Center Stage in Bidenβs Landmark Cybersecurity Order π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Overview Outgoing U.S. President Joe Biden issued an order yesterday outlining measures to improve government cybersecurity. The lengthy order includes suggestions to improve cloud and software security by building requirements into the federal acquisition process. It also orders federal agencies to adopt a number of cybersecurity technologies and practices and takes a forwardthinking approach to AI. As the culmination of efforts that began nearly four years ago in response to the Colonial Pipeline ransomware attack, the order is also valuable as a lessons learned document from an Administration that has had much to deal with in four years of dramatic cybersecurity events. Cloud, Software Security Goals Bidens final cybersecurity plan is also ambitious in its implementatio...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
ποΈ How to Bring Zero Trust to Wi-Fi Security with a Cloud-based Captive Portal? ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Recent data breaches have highlighted the critical need to improve guest WiFi infrastructure security in modern business environments. Organizations face increasing pressure to protect their networks while providing convenient access to visitors, contractors, temporary staff, and employees with BYOD. Implementing secure guest WiFi infrastructure has become essential for authenticating access,.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ New 'Sneaky 2FA' Phishing Kit Targets Microsoft 365 Accounts with 2FA Code Bypass ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have detailed a new adversaryinthemiddle AitM phishing kit that's capable of Microsoft 365 accounts with an aim to steal credentials and twofactor authentication 2FA codes since at least October 2024. The nascent phishing kit has been dubbed Sneaky 2FA by French cybersecurity company Sekoia, which detected it in the wild in December. Nearly 100 domains hosting.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ U.S. Sanctions North Korean IT Worker Network Supporting WMD Programs ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The U.S. Treasury Department's Office of Foreign Assets Control OFAC sanctioned two individuals and four entities for their alleged involvement in illicit revenue generation schemes for the Democratic People's Republic of Korea DPRK by dispatching IT workers around the world to obtain employment and draw a steady source of income for the regime in violation of international sanctions. "These.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π’ Microsoft files suit against threat actors abusing AI services π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Cyber criminals are accused of using stolen credentials for an illegal hacking as a service operation.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
Microsoft files suit against threat actors abusing AI services
Cyber criminals are accused of using stolen credentials for an illegal hacking as a service operation
ποΈ Python-Based Bots Exploiting PHP Servers Fuel Gambling Platform Proliferation ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have exposed a new campaign that targets web servers running PHPbased applications to promote gambling platforms in Indonesia. "Over the past two months, a significant volume of attacks from Pythonbased bots has been observed, suggesting a coordinated effort to exploit thousands of web apps," Imperva researcher Daniel Johnston said in an analysis. "These attacks.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π UEFI Secure Boot: Not so secure? π
π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
A vulnerability affecting a UEFI application and discovered by ESET researchers could let malicious actors deploy malicious bootkits on vulnerable systems.π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
Welivesecurity
UEFI Secure Boot: Not so secure
A vulnerability in a UEFI application discovered by ESET researchers could let malicious actors deploy malicious bootkits on vulnerable systems.
π Star Blizzard Targets WhatsApp in New Campaign π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Microsoft highlighted a new Star Blizzard campaign targeting WhatsApp accounts, as the group adapts its TTPs following the takedown of its infrastructure by law enforcement.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Star Blizzard Targets WhatsApp in New Campaign
Microsoft highlighted a new Star Blizzard campaign targeting WhatsApp accounts, as the group adapts its TTPs following the takedown of its infrastructure by law enforcement
π¦
Weekly IT Vulnerability Report: Critical Updates for SAP, Microsoft, Fortinet, and Others π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Key vulnerabilities in SAP, Microsoft, Fortinet, and others demand immediate attention as threat actors exploit critical flaws. Overview Cyble Research and Intelligence Labs CRIL analyzed significant IT vulnerabilities disclosed between January 8 and 14, 2025. The Cybersecurity and Infrastructure Security Agency CISA added seven vulnerabilities to its Known Exploited Vulnerabilities KEV catalog. Microsoft released its January 2025 Patch Tuesday updates, addressing 159 vulnerabilities, including eight zerodays, three of which are under active exploitation. Other notable vulnerabilities this week are flaws in SAP NetWeaver Application Server and other highprofile products. CRILs monitoring of underground forums also revealed discussions on critical zeroday vulnerabilities an...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
Weekly IT Vulnerability Report: Critical Security Updates
This weekβs vulnerability report highlights critical flaws in SAP, Microsoft, Fortinet, Ivanti, and more. Immediate action needed to mitigate threats exploiting these vulnerabilities.
π§ How to calculate your AI-powered cybersecurityβs ROI π§
π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
Imagine this scenario A sophisticated, malicious phishing campaign targets a large financial institution. The attackers use emails generated by artificial intelligence AI that closely mimic the companys internal communications. The emails contain malicious links designed to steal employee credentials, which the attackers could use to gain access to company assets and data for unknown purposes. The post How to calculate your AIpowered cybersecuritys ROI appeared first on Security Intelligence.π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
Security Intelligence
How to calculate your AI-powered cybersecurityβs ROI
AI-powered cybersecurity has fundamentally changed the landscape of cyber investment. Here's how your organization can measure its value.
π΅οΈββοΈ Leveraging Behavioral Insights to Counter LLM-Enabled Hacking π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
As LLMs broaden access to hacking and diversify attack strategies, understanding the thought processes behind these innovations will be vital for bolstering IT defenses.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Using Behavioral Insights to Counter LLM-Enabled Hacking
As LLMs broaden access to hacking and diversify attack strategies, understanding the thought processes behind these innovations will be vital for bolstering IT defenses.
ποΈ Critical Flaws in WGS-804HPT Switches Enable RCE and Network Exploitation ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have disclosed three security flaws in Planet Technology's WGS804HPT industrial switches that could be chained to achieve preauthentication remote code execution on susceptible devices. "These switches are widely used in building and home automation systems for a variety of networking applications," Claroty's Tomer Goldschmidt said in a Thursday report. "An attacker.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Lazarus Group Targets Developers in New Data Theft Campaign π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
SecurityScorecard identified a new campaign in which the North Korean Lazarus group aims to steal source code, secrets and cryptocurrency wallet keys from developer environments.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Lazarus Group Targets Developers in New Data Theft Campaign
SecurityScorecard identified a new campaign in which the North Korean Lazarus group aims to steal source code, secrets and cryptocurrency wallet keys from developer environments