ποΈ Beware: Fake CAPTCHA Campaign Spreads Lumma Stealer in Multi-Industry Attacks ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers are calling attention to a new malware campaign that leverages fake CAPTCHA verification checks to deliver the infamous Lumma information stealer. "The campaign is global, with Netskope Threat Labs tracking victims targeted in Argentina, Colombia, the United States, the Philippines, and other countries around the world," Leandro Fres, senior threat research engineer at.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ New Research: The State of Web Exposure 2025 ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Are your websites leaking sensitive data? New research reveals that 45 of thirdparty apps access user info without proper authorization, and 53 of risk exposures in Retail are due to the excessive use of tracking tools. Learn how to uncover and mitigate these hidden threats and risksdownload the full report here. New research by web exposure management specialist Reflectiz reveals several.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Custom Backdoor Exploiting Magic Packet Vulnerability in Juniper Routers ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Enterprisegrade Juniper Networks routers have become the target of a custom backdoor as part of a campaign dubbed Jmagic. According to the Black Lotus Labs team at Lumen Technologies, the activity is so named for the fact that the backdoor continuously monitors for a "magic packet" sent by the threat actor in TCP traffic. "Jmagic campaign marks the rare occasion of malware designed.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Chained Vulnerabilities Exploited in Ivanti Cloud Service Appliances π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Threat actors chained Ivanti CSA vulnerabilities for RCE, credential theft webshell deployment.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Chained Vulnerabilities Exploited in Ivanti Cloud Service Appliances
Threat actors chained Ivanti CSA vulnerabilities for RCE, credential theft & webshell deployment
π Bookmakers Ramp Up Efforts to Combat Arbitrage Betting Fraud π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Arbitrage betting fraud rises, forcing bookmakers to adopt stricter measures against automated scams.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Bookmakers Ramp Up Efforts to Combat Arbitrage Betting Fraud
Arbitrage betting fraud rises, forcing bookmakers to adopt stricter measures against automated scams
π΅οΈββοΈ Cloudflare CDN Bug Outs User Locations on Signal, Discord π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Attackers can use a zero or oneclick flaw to send a malicious image to targets an image that can deanonymize a user within seconds, posing a threat to journalists, activists, hackers, and others whose locations are sensitive.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Cloudflare CDN Bug Outs User Locations on Signal, Discord
Attackers can use a zero- or one-click flaw to send a malicious image to targets β an image that can deanonymize a user within seconds, posing a threat to journalists, activists, hackers, and others whose locations are sensitive.
π΅οΈββοΈ Tesla Gear Gets Hacked Multiple Times in Pwn2Own Contests π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The first team to successfully hack the electric vehicle maker's charger won 50,000 for their ingenuity.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Tesla Gear Gets Hacked Multiple Times in Pwn2Own Contests
The first team to successfully hack the electric vehicle maker's charger won $50,000 for their ingenuity.
π΅οΈββοΈ War Game Pits China Against Taiwan in All-Out Cyberwar π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
At Black Hat and DEF CON, cybersecurity experts were asked to game out how Taiwan could protect its communications and power infrastructure in case of invasion by China.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
War Game Pits China Against Taiwan in All-Out Cyberwar
At Black Hat and DEF CON, cybersecurity experts were asked to game out how Taiwan could protect its communications and power infrastructure in case of invasion by China.
ποΈ Android's New Identity Check Feature Locks Device Settings Outside Trusted Locations ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Google has launched a new feature called Identity Check for supported Android devices that locks sensitive settings behind biometric authentication when outside of trusted locations. "When you turn on Identity Check, your device will require explicit biometric authentication to access certain sensitive resources when you're outside of trusted locations," Google said in a post announcing the.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ CISA Adds Five-Year-Old jQuery XSS Flaw to Exploited Vulnerabilities List ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday placed a nowpatched security flaw impacting the popular jQuery JavaScript library to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The mediumseverity vulnerability is CVE202011023 CVSS score 6.16.9, a nearly fiveyearold crosssite scripting XSS bug that could be.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Ransomware Gangs Linked by Shared Code and Ransom Notes π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
SentinelOne researchers highlighted similarities in the approaches used by the HellCat and Morpheus ransomware groups, suggesting shared infrastructure.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Ransomware Gangs Linked by Shared Code and Ransom Notes
SentinelOne researchers highlighted similarities in the approaches used by the HellCat and Morpheus ransomware groups, suggesting shared infrastructure
ποΈ DoJ Indicts 5 Individuals for $866K North Korean IT Worker Scheme Violations ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The U.S. Department of Justice DoJ on Thursday indicted two North Korean nationals, a Mexican national, and two of its own citizens for their alleged involvement in the ongoing fraudulent information technology IT worker scheme that seeks to generate revenue for the Democratic People's Republic of Korea DPRK in violation of international sanctions. The action targets Jin SungIl , Pak.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π’ How to enable M365 Copilot for your organisation π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Maximising the value of technology in an evolving defence sector.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
How to enable M365 Copilot for your organisation
Migrate and optimize your IT environment
π’ Hackers are using Microsoft Teams to conduct βemail bombingβ attacks π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Experts told ITPro that tactics like this are on the rise, and employees must be trained effectively.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
Hackers are using Microsoft Teams to conduct βemail bombingβ attacks
Experts told ITPro that tactics like this are on the rise, and employees must be trained effectively
π’ CISOs are gaining more influence in the boardroom, and itβs about time π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
CISO influence in the Csuite and boardrooms is growing, new research shows, as enterprises focus heavily on cybersecurity capabilities.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
CISOs are gaining more influence in the boardroom, and itβs about time
Closer ties between CISOs and C-suite execs offers marked benefits for enterprises
ποΈ 2025 State of SaaS Backup and Recovery Report ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The modern workplace has undergone a seismic transformation over recent years, with hybrid work becoming the norm and businesses rapidly adopting cloudbased SoftwareasaService SaaS applications to facilitate it. SaaS applications like Microsoft 365 and Google Workspace have now become the backbone of business operations, enabling seamless collaboration and productivity. However, this.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Russian Scammers Target Crypto Influencers with Infostealers π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Crazy Evil, a group of crypto scammers, exploit NFTs and cryptocurrencies with malware targeting influencers and tech professionals.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Russian Scammers Target Crypto Influencers with Infostealers
Crazy Evil, a group of crypto scammers, exploit NFTs and cryptocurrencies with malware targeting influencers and tech professionals
π North Korean IT Workers Holding Data Hostage for Extortion, FBI Warns π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
A new FBI advisory warned that North Korean IT worker schemes have escalated their activities in recent months to include data extortion.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
North Korean IT Workers Holding Data Hostage for Extortion, FBI Warns
A new FBI advisory warned that North Korean IT worker schemes have escalated their activities in recent months to include data extortion
π’ UK businesses patchy at complying with data privacy rules π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Companies need clear and welldefined data privacy strategies.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
UK businesses patchy at complying with data privacy rules
Companies need clear and well-defined data privacy strategies
β€1
π΅οΈββοΈ Strengthening Our National Security in the AI Era π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
For the first time in a long while, the federal government and the software sector alike finally have the tools and resources needed to do security well consistently and costeffectively.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Strengthening Our National Security in the AI Era
For the first time in a long while, the federal government and the software sector alike finally have the tools and resources needed to do security well β consistently and cost-effectively.
π§ How cyberattacks on grocery stores could threaten food security π§
π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
Grocery store shoppers at many chains recently ran into an unwelcome surprise empty shelves and delayed prescriptions. In early November, Ahold Delhaize USA was the victim of a cyberattack that significantly disrupted operations at more than 2,000 stores, including Hannaford, Food Lion and Stop and Shop. Specific details of the nature of the attack have The post How cyberattacks on grocery stores could threaten food security appeared first on Security Intelligence.π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
Security Intelligence
How cyberattacks on grocery stores could threaten food security
Grocery store shoppers at many chains recently ran into an unwelcome surprise β empty shelves and delayed prescriptions resulting from a major cyberattack.