🧠 2024 Cloud Threat Landscape Report: How does cloud security fail? 🧠
📖 Read more.
🔗 Via "Security Intelligence"
----------
👁️ Seen on @cibsecurity
Organizations often set up security rules to help reduce cybersecurity vulnerabilities and risks. The 2024 Cost of a Data Breach Report discovered that 40 of all data breaches involved data distributed across multiple environments, meaning that these bestlaid plans often fail in the cloud environment. Not surprisingly, many organizations find keeping a robust security posture The post 2024 Cloud Threat Landscape Report How does cloud security fail? appeared first on Security Intelligence.📖 Read more.
🔗 Via "Security Intelligence"
----------
👁️ Seen on @cibsecurity
Security Intelligence
2024 Cloud Threat Landscape Report: How does cloud security fail?
New data from X-Force research sheds light on the most common failed rules in cloud and hybrid security, and what organizations can do about it.
🖋️ Trump Terminates DHS Advisory Committee Memberships, Disrupting Cybersecurity Review 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
The new Trump administration has terminated all memberships of advisory committees that report to the Department of Homeland Security DHS. "In alignment with the Department of Homeland Security's DHS commitment to eliminating the misuse of resources and ensuring that DHS activities prioritize our national security, I am directing the termination of all current memberships on advisory.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Hackers Exploit Zero-Day in cnPilot Routers to Deploy AIRASHI DDoS Botnet 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Threat actors are exploiting an unspecified zeroday vulnerability in Cambium Networks cnPilot routers to deploy a variant of the AISURU botnet called AIRASHI to carry out distributed denialofservice DDoS attacks. According to QiAnXin XLab, the attacks have leveraged the security flaw since June 2024. Additional details about the shortcomings have been withheld to prevent further abuse. Some.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
📔 PlushDaemon APT Targeted South Korean VPN Software 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
PlushDaemon APT hacked South Korean VPN software with SlowStepper backdoor as part of a 2023 espionage campaign.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
PlushDaemon APT Targeted South Korean VPN Software
PlushDaemon APT hacked South Korean VPN software with SlowStepper backdoor as part of a 2023 espionage campaign
📔 Tycoon 2FA Phishing Kit Upgraded to Bypass Security Measures 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Threat researchers analyzed the updated Tycoon 2FA phishing kit, which bypasses MFA.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Tycoon 2FA Phishing Kit Upgraded to Bypass Security Measures
Threat researchers analyzed the updated Tycoon 2FA phishing kit, which bypasses MFA
📔 73% of UK Education Sector Hit by Cyber-Attacks in Past Five Years 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
New ESET research reveals that 73 of UK educational institutions experienced at least one cyberattack or breach in the past five years.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
73% of UK Education Sector Hit by Cyber-Attacks in Past Five Years
New ESET research reveals that 73% of UK educational institutions experienced at least one cyber-attack or breach in the past five years, with 20% reporting three or more incidents
📔 Ransomware Attacks Surge to Record High in December 2024 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
NCC Group observed 574 global ransomware attacks in December, the highest monthly volume it has recorded.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Ransomware Attacks Surge to Record High in December 2024
NCC Group observed 574 global ransomware attacks in December, the highest monthly volume it has recorded
🕵️♂️ Chinese Cyberspies Target South Korean VPN in Supply Chain Attack 🕵️♂️
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Advanced persistent threat group PlushDaemon, active since 2019, is using a sophisticated modular backdoor to collect data from infected systems in South Korea.📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Darkreading
Chinese APT Targets Korean VPN in Supply Chain Attack
Advanced persistent threat group PlushDaemon, active since 2019, is using a sophisticated modular backdoor to collect data from infected systems in South Korea.
🕵️♂️ Trump Pardons 'Silk Road' Dark Web Drug Market Creator 🕵️♂️
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
The pardon comes after 11 years in prison for Ross Ulbricht, who was sentenced to life without parole on several charges, including computer hacking, distribution of narcotics, and money laundering.📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Darkreading
Trump Pardons 'Silk Road' Dark Web Market Creator
The pardon comes after 11 years in prison for Ross Ulbricht, who was sentenced to life without parole on several charges, including computer hacking, distribution of narcotics, and money laundering.
🕵️♂️ Trump Overturns Biden Rules on AI Development, Security 🕵️♂️
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
The new administration moved quickly to remove any constraints on AI development and collected 500 billion in investment pledges for an Americanowned AI joint venture.📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Darkreading
Trump Overturns Biden Rules on AI Development, Security
The new administration moved quickly to remove any constraints on AI development, and collected $500 billion in investment pledges for an American-owned AI joint venture.
🖋️ TRIPLESTRENGTH Hits Cloud for Cryptojacking, On-Premises Systems for Ransomware 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Google on Wednesday shed light on a financially motivated threat actor named TRIPLESTRENGTH for its opportunistic targeting of cloud environments for cryptojacking and onpremise ransomware attacks. "This actor engaged in a variety of threat activity, including cryptocurrency mining operations on hijacked cloud resources and ransomware activity," the tech giant's cloud division said in its 11th.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Cisco Fixes Critical Privilege Escalation Flaw in Meeting Management (CVSS 9.9) 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Cisco has released software updates to address a critical security flaw impacting Meeting Management that could permit a remote, authenticated attacker to gain administrator privileges on susceptible instances. The vulnerability, tracked as CVE202520156, carries a CVSS score of 9.9 out 10.0. It has been described as a privilege escalation flaw in the REST API of Cisco Meeting Management. "This.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ QakBot-Linked BC Malware Adds Enhanced DNS Tunneling and Remote Access Features 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Cybersecurity researchers have disclosed details of a new BackConnect BC malware that has been developed by threat actors linked to the infamous QakBot loader. "BackConnect is a common feature or module utilized by threat actors to maintain persistence and perform tasks," Walmart's Cyber Intelligence team told The Hacker News. "The BackConnects in use were 'DarkVNC' alongside the IcedID.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
📔 Trump Pardons Silk Road Founder Ulbricht 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
President Trump has pardoned the founder of original dark web marketplace Silk Road.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Trump Pardons Silk Road Founder Ulbricht
President Trump has pardoned the founder of original dark web marketplace Silk Road
😱1
📔 New GhostGPT AI Chatbot Facilitates Malware Creation and Phishing 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Cybercriminals are selling access to the malicious GenAI chatbot via Telegram, providing rapid assistance for a range of nefarious activities, according to Abnormal Security.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
New GhostGPT AI Chatbot Facilitates Malware Creation and Phishing
Cybercriminals are selling access to the malicious GenAI chatbot via Telegram, providing rapid assistance for a range of nefarious activities, according to Abnormal Security
🤔1
🖋️ How to Eliminate Identity-Based Threats 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Despite significant investments in advanced technologies and employee training programs, credential and userbased attacks remain alarmingly prevalent, accounting for 5080 of enterprise breaches1,2. While identitybased attacks continue to dominate as the leading cause of security incidents, the common approach to identity security threats is still threat reduction, implementing layers of.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ SonicWall Urges Immediate Patch for Critical CVE-2025-23006 Flaw Amid Likely Exploitation 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
SonicWall is alerting customers of a critical security flaw impacting its Secure Mobile Access SMA 1000 Series appliances that it said has been likely exploited in the wild as a zeroday. The vulnerability, tracked as CVE202523006, is rated 9.8 out of a maximum of 10.0 on the CVSS scoring system. "Preauthentication deserialization of untrusted data vulnerability has been identified in the.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ New Research: The State of Web Exposure 2025 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Are your websites leaking sensitive data? New research reveals that 45 of thirdparty apps access user info without proper authorization, and 53 of risk exposures in Retail are due to the excessive use of tracking tools. Learn how to uncover and mitigate these hidden threats and risksdownload the full report here. New research by web exposure management specialist Reflectiz reveals several.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
📢 LinkedIn faces lawsuit amid claims it shared users' private messages to train AI models 📢
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
LinkedIn faces a lawsuit in the US amid allegations that it shared Premium members' private messages to train AI models.📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
ITPro
LinkedIn faces lawsuit amid claims it shared users' private messages to train AI models
The professional networking app described the allegations as "false claims with no merit"
📔 Cisco Fixes Critical Vulnerability in Meeting Management 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
The network equipment giant urged customers to patch immediately.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Cisco Fixes Critical Vulnerability in Meeting Management
The network equipment giant urged customers to patch immediately
👍1
🕵️♂️ Security Needs to Start Saying 'No' Again 🕵️♂️
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
The rush to say 'yes' allows cybersecurity teams to avoid hard conversations with business stakeholders, but also risks losing their ability to effectively protect organizations.📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Darkreading
Security Need to Start Saying 'No' Again
The rush to say "yes" allows cybersecurity teams to avoid hard conversations with business stakeholders but also risks losing their ability to effectively protect organizations.