ποΈ DoNot Team Linked to New Tanzeem Android Malware Targeting Intelligence Collection ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The Threat actor known as DoNot Team has been linked to a new Android malware as part of highly targeted cyber attacks. The artifacts in question, named Tanzeem meaning "organization" in Urdu and Tanzeem Update, were spotted in October and December 2024 by cybersecurity company Cyfirma. The apps in question have been found to incorporate identical functions, barring minor modifications to the.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
β€1
π΅οΈββοΈ Name That Toon: Incentives π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Feeling creative? Have something to say about cybersecurity? Submit your caption and our panel of experts will reward the winner with a 25 gift card.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Name That Toon: Incentives
Feeling creative? Have something to say about cybersecurity? Submit your caption and our panel of experts will reward the winner with a $25 gift card.
π HPE Launches Investigation After Hacker Claims Data Breach π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
HPE is investigating claims of data breach by hacker IntelBroker, who offered stolen files for sale.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
HPE Launches Investigation After Hacker Claims Data Breach
HPE is investigating claims of data breach by hacker IntelBroker, who offered stolen files for sale
π1
π Indian APT Group DONOT Misuses App for Intelligence Gathering π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Android apps, linked to APT group DONOT, disguised as a chat platform for intelligence gathering.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Indian APT Group DONOT Misuses App for Intelligence Gathering
Android apps, linked to APT group DONOT, disguised as a chat platform for intelligence gathering
π¦
Fortinet Zero-Day CVE-2024-55591 Exposed: Super-Admin Access Risk π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Overview Fortinet, a global leader in cybersecurity solutions, recently released a critical advisory addressing a significant vulnerability CVE202455591 in its FortiOS and FortiProxy products. This flaw, which has a CVSSv3 score of 9.6, is categorized as a critical authentication bypass vulnerability and is currently being exploited in the wild. Attackers leveraging this vulnerability can potentially gain superadmin privileges by exploiting weaknesses in the Node.js WebSocket module, making this a highstakes issue for organizations relying on Fortinet's products. This blog provides a detailed overview of the vulnerability, affected versions, Indicators of Compromise IOCs, mitigation strategies, and steps for administrators to protect their systems effectively. The Vulnerabil...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
Fortinet Zero-Day CVE-2024-55591: Super-Admin Risk
Learn about CVE-2024-55591, a critical zero-day vulnerability in FortiOS and FortiProxy actively exploited by attackers.
ποΈ CERT-UA Warns of Cyber Scams Using Fake AnyDesk Requests for Fraudulent Security Audits ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The Computer Emergency Response Team of Ukraine CERTUA is warning of ongoing attempts by unknown threat actors to impersonate the cybersecurity agency by sending AnyDesk connection requests. The AnyDesk requests claim to be for conducting an audit to assess the "level of security," CERTUA added, cautioning organizations to be on the lookout for such social engineering attempts that seek to.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ PNGPlug Loader Delivers ValleyRAT Malware Through Fake Software Installers ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers are calling attention to a series of cyber attacks that have targeted Chinesespeaking regions like Hong Kong, Taiwan, and Mainland China with a known malware called ValleyRAT. The attacks leverage a multistage loader dubbed PNGPlug to deliver the ValleyRAT payload, Intezer said in a technical report published last week. The infection chain commences with a phishing.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π1
π’ Data privacy professionals are severely underfunded β and itβs only going to get worse π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
European data privacy professionals say they're short of cash, short of skilled staff, and stressed.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
Data privacy professionals are severely underfunded β and itβs only going to get worse
European data privacy professionals say they're short of cash, short of skilled staff, and stressed
ποΈ HackGATE: Setting New Standards for Visibility and Control in Penetration Testing Projects ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Imagine receiving a penetration test report that leaves you with more questions than answers. Questions like, "Were all functionalities of the web app tested?" or " Were there any security issues that could have been identified during testing?" often go unresolved, raising concerns about the thoroughness of the security testing. This frustration is common among many security teams. Pentest.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Most European Privacy Teams Are Understaffed and Underfunded π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
ISACA research claims privacy budgets are set to decline further in 2025.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Most European Privacy Teams Are Understaffed and Underfunded
ISACA research claims privacy budgets are set to decline further in 2025
π Why NOC Fails Your Security. NOC is NOT Your SOC π
π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
Regarding protecting a business, theres a common myth that a Support team or Network Operations Center NOC can handle security. But heres the truth NOC vs SOC isnt just a difference in acronymsits a difference in purpose. Security isnt the same as support tickets or network uptime. Security requires specialized knowledge, tools, and a whole The post Why NOC Fails Your Security. NOC is NOT Your SOC appeared first on UnderDefense.π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
UnderDefense
NOC vs SOC: What's the Key Difference?
NOC vs SOC: Which one is the best for your business and how not to be confused when choosing one for your security
π¦
Critical Mozilla Vulnerabilities Prompt Urgent Updates for Firefox and Thunderbird Users π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Overview Mozilla products, including the popular Mozilla Firefox and Thunderbird, have been found to contain multiple vulnerabilities that could allow attackers to execute arbitrary code, cause system instability, and even gain escalated privileges. The severity of these issues is high, and they affect both desktop and mobile versions of Mozilla's browser and email client. The Indian Computer Emergency Response Team CERTIn reported these Mozilla vulnerabilities in an advisory published on January 20, 2025, with patches already available in recent updates. Users and organizations relying on Mozilla Firefox, Mozilla Thunderbird, and their extended support release ESR versions are advised to take immediate action to mitigate risks. The Mozilla vulnerabilities are present in sever...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
CERT-In Reports Critical Mozilla Vulnerabilities
CERT-In reports critical Mozilla vulnerabilities in Firefox & Thunderbird.
π Russian Ransomware Groups Deploy Email Bombing and Teams Vishing π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Sophos has warned of IT impersonation vishing attacks designed to remotely deploy ransomware.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Russian Ransomware Groups Deploy Email Bombing and Teams Vishing
Sophos has warned of IT impersonation vishing attacks designed to remotely deploy ransomware
ποΈ Ex-CIA Analyst Pleads Guilty to Sharing Top-Secret Data with Unauthorized Parties ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A former analyst working for the U.S. Central Intelligence Agency CIA pleaded guilty to transmitting top secret National Defense Information NDI to individuals who did not have the necessary authorization to receive it and attempted to cover up the activity. Asif William Rahman, 34, of Vienna, was an employee of the CIA since 2016 and had a Top Secret security clearance with access to.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π¦
JoCERT Issues Warning on Exploitable Command Injection Flaws in HPE Aruba Products π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Overview JoCERT has issued an alert regarding critical command injection vulnerabilities discovered in HPE Arubas 501 Wireless Client Bridge. The vulnerabilities, tracked as CVE202454006 and CVE202454007, allow authenticated attackers with administrative privileges to execute arbitrary commands on the device's underlying operating system. These flaws have been rated as high severity CVSS score 7.2 and pose a significant risk if left unaddressed. A publicly released proofofconcept PoC exploit further amplifies the urgency for organizations using affected devices to take immediate action. Vulnerabilities Overview HPE Aruba Networking has confirmed the existence of multiple command injection vulnerabilities in the web interface of the 501 Wireless Client Bridge. Below is a ...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
JoCERT Warns Of HPE Aruba Command Injection Flaws
JoCERT alerts users about critical command injection vulnerabilities in HPE Aruba 501 Wireless Client Bridge. Learn about the risks and urgent patch updates.
π’ HPE confirms data breach probe after IntelBroker claims π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IntelBroker claims to have stolen HPE source code in the breach.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
HPE confirms data breach probe after IntelBroker claims
IntelBroker claims to have stolen HPE source code in the breach
π¦Ώ 5 Best Endpoint Detection & Response Solutions for 2025 π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Endpoint detection and response EDR software is the best way to detect, investigate, and respond to advanced attacks. Endpoint detection and response software is a security solution that protects against malware and other threats.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
5 Best Endpoint Detection & Response Solutions for 2025
Discover the best EDR solutions to protect your business from threats. Explore our guide, compare features, and elevate your cybersecurity today.
π§ Are attackers already embedded in U.S. critical infrastructure networks? π§
π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
The threat of cyberattacks against critical infrastructure in the United States has evolved beyond data theft and espionage. Intruders are already entrenched in the nations most vital systems, waiting to unleash attacks. For instance, CISA has raised alarms about Volt Typhoon, a statesponsored hacking group that has infiltrated critical infrastructure networks. Their goal? To establish The post Are attackers already embedded in U.S. critical infrastructure networks? appeared first on Security Intelligence.π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
Security Intelligence
Are attackers already embedded in U.S. critical infrastructure networks?
CISA has raised alarms that cyber intruders are already entrenched in the nationβs critical infrastructure systems, waiting to unleash attacks.
ποΈ Mirai Variant Murdoc_Botnet Exploits AVTECH IP Cameras and Huawei Routers ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have warned of a new largescale campaign that exploits security flaws in AVTECH IP cameras and Huawei HG532 routers to rope the devices into a Mirai botnet variant dubbed MurdocBotnet. The ongoing activity "demonstrates enhanced capabilities, exploiting vulnerabilities to compromise devices and establish expansive botnet networks," Qualys security researcher Shilpesh.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ 13,000 MikroTik Routers Hijacked by Botnet for Malspam and Cyberattacks ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A global network of about 13,000 hijacked Mikrotik routers has been employed as a botnet to propagate malware via spam campaigns, the latest addition to a list of botnets powered by MikroTik devices. The activity "takes advantage of misconfigured DNS records to pass email protection techniques," Infoblox security researcher David Brunsdon said in a technical report published last week. "This.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π GDPR Fines Total β¬1.2bn in 2024 π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Data from DLA Piper showed a 33 yearonyear fall in GDPR fines issued in Europe in 2024, with total penalties reaching 1.2bn.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
GDPR Fines Total β¬1.2bn in 2024
Data from DLA Piper showed a 33% year-on-year fall in GDPR fines issued in Europe in 2024, with total penalties reaching β¬1.2bn