π§ Are successful deepfake scams more common than we realize? π§
π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
Many times a day worldwide, a boss asks one of their team members to perform a task during a video call. But is the person assigning tasks actually who they say they are? Or is it a deepfake? Instead of blindly following orders, employees must now ask themselves if they are becoming a victims of The post Are successful deepfake scams more common than we realize? appeared first on Security Intelligence.π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
Security Intelligence
Are successful deepfake scams more common than we realize?
Deepfake scams are already responsible for millions of dollars in business losses β and it's possible that many more cases have gone unreported.
π΅οΈββοΈ DoJ Busts Up Another Multinational DPRK IT Worker Scam π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
A departmentwide initiative has now led to five major law enforcement actions, in an attempt to curb the increasingly common trend of North Korean hackers posing as IT job applicants.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
DoJ Busts Up Another Multinational DPRK IT Worker Scam
A departmentwide initiative has now led to five major law enforcement actions, in an attempt to curb the increasingly common trend of North Korean hackers posing as IT job applicants.
π΅οΈββοΈ MITRE's Latest ATT&CK Simulations Tackles Cloud Defenses π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The MITRE framework's applied exercise provides defenders with critical feedback about how to detect and defend against common, but sophisticated, attacks.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
MITRE's Latest ATT&CK Simulations Tackle Cloud Defenses
Applying the results of MITRE's ATT&CK Evaluations gives defenders critical information about how to detect and defend against common, but sophisticated, attacks.
π΅οΈββοΈ Cisco: Critical Meeting Management Bug Requires Urgent Patch π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The bug has been given a 9.9 CVSS score, and could allow authenticated threat actors to escalate their privileges to adminlevel if exploited.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Cisco: Critical Meeting Management Bug Requires Urgent Patch
The bug has been given a 9.9 CVSS score, and could allow authenticated threat actors to escalate their privileges to admin-level if exploited.
π΅οΈββοΈ 3 Use Cases for Third-Party API Security π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Thirdparty API security requires a tailored approach for different scenarios. Learn how to adapt your security strategy to outbound data flows, inbound traffic, and SaaStoSaaS interconnections.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Adapt Third-Party API Security to Three Specific Use Cases
Third-party API security requires a tailored approach for different scenarios. Learn how to adapt your security strategy to outbound data flows, inbound traffic, and SaaS-to-SaaS interconnections.
π1
π΅οΈββοΈ CISOs Are Gaining C-Suite Swagger, but Has It Come With a Cost? π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The number of CISOs who report directly to the CEO is up sharply in recent years, but many still say it's not enough to secure adequate resources.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
CISOs Are Gaining C-Suite Swagger
The number of CISOs who report directly to the CEO is up sharply in recent years, but many still say it's not enough to secure adequate resources.
ποΈ Meta's Llama Framework Flaw Exposes AI Systems to Remote Code Execution Risks ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A highseverity security flaw has been disclosed in Meta's Llama large language model LLM framework that, if successfully exploited, could allow an attacker to execute arbitrary code on the llamastack inference server. The vulnerability, tracked as CVE202450050, has been assigned a CVSS score of 6.3 out of 10.0. Supply chain security firm Snyk, on the other hand, has assigned it a.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π2
ποΈ MintsLoader Delivers StealC Malware and BOINC in Targeted Cyber Attacks ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Threat hunters have detailed an ongoing campaign that leverages a malware loader called MintsLoader to distribute secondary payloads such as the StealC information stealer and a legitimate opensource network computing platform called BOINC. "MintsLoader is a PowerShell based malware loader that has been seen delivered via spam emails with a link to KongtukeClickFix pages or a JScript file,".π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ GamaCopy Mimics Gamaredon Tactics in Cyber Espionage Targeting Russian Entities ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A previously unknown threat actor has been observed copying the tradecraft associated with the Kremlinaligned Gamaredon hacking group in its cyber attacks targeting Russianspeaking entities. The campaign has been attributed to a threat cluster dubbed GamaCopy, which is assessed to share overlaps with another hacking group named Core Werewolf, also tracked as Awaken Likho and PseudoGamaredon.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Change Healthcare Breach Almost Doubles in Size to 190 Million Victims π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Change Healthcare has claimed 190 million customers were affected by a megabreach last year.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Change Healthcare Breach Almost Doubles in Size to 190 Million Victims
Change Healthcare has claimed 190 million customers were affected by a mega-breach last year
β€1
π Subaru Bug Enabled Remote Vehicle Tracking and Hijacking π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
A nowpatched vulnerability could have enabled threat actors to remotely control Subaru cars.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Subaru Bug Enabled Remote Vehicle Tracking and Hijacking
A now-patched vulnerability could have enabled threat actors to remotely control Subaru cars
π’ UnitedHealth reveals 190 million US citizens were impacted by the Change Healthcare breach π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
UnitedHealth has confirmed that 190 million US citizens were affected by the Change Healthcare cyber attack in 2024.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
UnitedHealth reveals 190 million US citizens were impacted by the Change Healthcare breach
Experts said the Change Healthcare breach should serve as a warning to other firms that think paying the ransom is a guaranteed fix
π’ Developers can't get a handle on application security risks π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Research by Legit Security shows a majority of organizations have high risk applications in developer environments.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
Developers can't get a handle on application security risks
A Legit Security report found critical risks across every company it looked at
π¦Ώ 1Password Review: Features, Pricing & Security π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
1Passwords toptier security and sleek user interface make it a solid password manager to try this year. Read our handson 1Password review to learn more.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
1Password Review: Features, Pricing & Security
Discover the features and benefits of 1Password in our detailed review. Find out if it's right for you today.
ποΈ β‘ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [27 January] ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Welcome to your weekly cybersecurity scoop! Ever thought about how the same AI meant to protect our hospitals could also compromise them? This week, were breaking down the sophisticated world of AIdriven threats, key updates in regulations, and some urgent vulnerabilities in healthcare tech that need our attention. As we unpack these complex topics, we'll equip you with sharp insights to.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Do We Really Need The OWASP NHI Top 10? ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The Open Web Application Security Project has recently introduced a new Top 10 project the NonHuman Identity NHI Top 10. For years, OWASP has provided security professionals and developers with essential guidance and actionable frameworks through its Top 10 projects, including the widely used API and Web Application security lists. Nonhuman identity security represents an emerging.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π CISOs Boost Crisis Simulation Budgets Amid High-Profile Cyber-Attacks π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
74 of CISOs plan to increase their cyber crisis simulation budgets in 2025.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
CISOs Boost Crisis Simulation Budgets Amid High-Profile Cyber-Attacks
74% of CISOs plan to increase their cyber crisis simulation budgets in 2025
π¦
United Against Cybercrime: ASEAN Ministers Forge New Security Pathways π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Overview The digital world in Southeast Asia is evolving rapidly, with nations striving to balance innovation, inclusivity, and security. The recently held 5th ASEAN Digital Ministers' Meeting ADGMIN in Bangkok, Thailand, marked a significant milestone in this journey. The meeting highlighted the importance of cybersecurity in shaping a resilient digital future for the region. The ASEAN Digital Masterplan 2025 ADM 2025 continues to serve as a guiding framework for fostering collaboration, enabling trust in digital services, and promoting the safe and inclusive use of technology. From addressing online scams to operationalizing the ASEAN Regional Computer Emergency Response Team CERT and advancing AI governance, the event showcased ASEAN's commitment to fortifying its digital eco...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
ASEAN Unites Against Cybercrime: New Security Pathways
ASEAN strengthens cybersecurity with AI governance, anti-online scam strategies, and cross-border data protectionβbuilding a secure, resilient digital future.
π New Phishing Campaign Targets Mobile Devices with Malicious PDFs π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
A novel phishing campaign identified by Zimperium targets mobile users with malicious PDFs, impersonating USPS to steal credentials.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
New Phishing Campaign Targets Mobile Devices with Malicious PDFs
A novel phishing campaign identified by Zimperium targets mobile users with malicious PDFs, impersonating USPS to steal credentials
π SaaS Breaches Skyrocket 300% as Traditional Defenses Fall Short π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Obsidian found that threat actors are focusing on SaaS applications to steal sensitive data, with most organizations' security measures not set up to deal with these attacks.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
SaaS Breaches Skyrocket 300% as Traditional Defenses Fall Short
Obsidian found that threat actors are focusing on SaaS applications to steal sensitive data, with most organizations' security measures not set up to deal with these attacks
π΅οΈββοΈ The Case for Proactive, Scalable Data Protection π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Whether you're facing growing data demands and increased cyber threats, or simply looking to futureproof your business, it's time to consider the longterm benefits of transitioning to a cloudfirst infrastructure.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
The Case for Proactive, Scalable Data Protection
Whether you're facing growing data demands and increased cyber threats, or simply looking to future-proof your business, it's time to consider the long-term benefits of transitioning to a cloud-first infrastructure.