ποΈ CISA and FDA Warn of Critical Backdoor in Contec CMS8000 Patient Monitors ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The U.S. Cybersecurity and Infrastructure Security Agency CISA and the Food and Drug Administration FDA have issued alerts about the presence of hidden functionality in Contec CMS8000 patient monitors and Epsimed MN120 patient monitors. The vulnerability, tracked as CVE20250626, carries a CVSS v4 score of 7.7 on a scale of 10.0. The flaw, alongside two other issues, was reported to CISA.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Top 5 AI-Powered Social Engineering Attacks ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Social engineering has long been an effective tactic because of how it focuses on human vulnerabilities. Theres no bruteforce spray and pray password guessing. No scouring systems for unpatched software. Instead, it simply relies on manipulating emotions such as trust, fear, and respect for authority, usually with the goal of gaining access to sensitive information or protected systems.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Italy Bans Chinese DeepSeek AI Over Data Privacy and Ethical Concerns ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Italy's data protection watchdog has blocked Chinese artificial intelligence AI firm DeepSeek's service within the country, citing a lack of information on its use of users' personal data. The development comes days after the authority, the Garante, sent a series of questions to DeepSeek, asking about its data handling practices and where it obtained its training data. In particular, it wanted.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Google Bans 158,000 Malicious Android App Developer Accounts in 2024 ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Google said it blocked over 2.36 million policyviolating Android apps from being published to the Google Play app marketplace in 2024 and banned more than 158,000 bad developer accounts that attempted to publish such harmful apps. The tech giant also noted it prevented 1.3 million apps from getting excessive or unnecessary access to sensitive user data during the time period by working with.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Threat Actors Target Public-Facing Apps for Initial Access π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Cisco Talos found that exploitation of publicfacing applications made up 40 of incidents it observed in Q4 2024, marking a notable shift in initial access techniques.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Threat Actors Target Public-Facing Apps for Initial Access
Cisco Talos found that exploitation of public-facing applications made up 40% of incidents it observed in Q4 2024, marking a notable shift in initial access techniques
π Tata Technologies Hit by Ransomware Attack π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The Indian tech giant temporarily suspended some of its IT services, which have now been restored.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Tata Technologies Hit by Ransomware Attack
The Indian tech giant temporarily suspended some of its IT services, which have now been restored
π΅οΈββοΈ Can AI & the Cyber Trust Mark Rebuild Endpoint Confidence? π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The Cyber Trust Mark has the potential to change how we define and measure security at the endpoint level. But potential isn't enough.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Can AI & the Cyber Trust Mark Rebuild Endpoint Confidence?
The Cyber Trust Mark has the potential to change how we define and measure security at the endpoint level. But potential isn't enough.
π΅οΈββοΈ State Data Privacy Regulators Are Coming. What Story Will You Tell Them? π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Regulators are ready to enforce new state data privacy laws. Here's how experts say organizations can stay compliant and avoid penalties.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
State Data Privacy Regulators Are Coming. What Story Will You Tell Them?
Regulators are ready to enforce new state data privacy laws. Here's how experts say organizations can stay compliant and avoid penalties.
π€1
π΅οΈββοΈ Tenable to Acquire Vulcan Cyber to Boost Exposure Management Focus π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The deal, expected to close this quarter, will give Tenable One Exposure Management muchneeded integration with over 100 thirdparty security tools and platforms.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Tenable to Acquire Vulcan Cyber to Boost Exposure Management Focus
The deal, expected to close this quarter, will give Tenable One Exposure Management much-needed integration with over 100 third-party security tools and platforms.
π΅οΈββοΈ Code-Scanning Tool's License at Heart of Security Breakup π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Nine application security toolmakers band together to fork the popular Semgrep codescanning project, touching off a controversy over access to features and fairness.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Code-Scanning Tool's License at Heart of Security Breakup
Nine application security toolmakers band together to fork the popular Semgrep code-scanning project, touching off a controversy over access to features and fairness.
βοΈ FBI, Dutch Police Disrupt βManipulatersβ Phishing Gang βοΈ
π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
The FBI and authorities in The Netherlands this week seized a number of servers and domains for a hugely popular spam and malware dissemination service operating out of Pakistan. The proprietors of the service, who use the collective nickname "The Manipulaters," have been the subject of three stories published here since 2015. The FBI said the main clientele are organized crime groups that try to trick victim companies into making payments to a third party.π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
Krebs on Security
FBI, Dutch Police Disrupt βManipulatersβ Phishing Gang
The FBI and authorities in The Netherlands this week seized a number of servers and domains for a hugely popular spam and malware dissemination service operating out of Pakistan. The proprietors of the service, who use the collective nickname "Theβ¦
π΅οΈββοΈ DoJ Shutters Cybercrime Forums Behind Attacks on 17M Americans π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The "Cracked" and "Nulled" Dark Web sites are now offline, along with the Pakistani "Saim Raza" network of underground forums aka HeartSender.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
DoJ Shutters Forums Behind Cyberattacks on 17M Americans
The "Cracked" and "Nulled" Dark Web sites are now offline, along with the Pakistani "Saim Raza" network of underground forums (aka HeartSender).
π΅οΈββοΈ Community Health Center Data Breach Affects 1M Patients π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The CHC remains operational, but a host of personal data is now in the hands of a "skilled cybercriminal," it said.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Community Health Center Data Breach Affects 1M Patients
The CHC remains operational, but a host of personal data is now in the hands of a "skilled cybercriminal," it said.
π΅οΈββοΈ DeepSeek Jailbreak Reveals Its Entire System Prompt π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Now we know exactly how DeepSeek was designed to work, and we may even have a clue toward its highly publicized scandal with OpenAI.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
DeepSeek Jailbreak Reveals Its Entire System Prompt
Now we know exactly how DeepSeek was designed to work, and we may even have a clue toward its highly publicized scandal with OpenAI.
π1
ποΈ Malvertising Scam Uses Fake Google Ads to Hijack Microsoft Advertising Accounts ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have discovered a malvertising campaign that's targeting Microsoft advertisers with bogus Google ads that aim to take them to phishing pages that are capable of harvesting their credentials. "These malicious ads, appearing on Google Search, are designed to steal the login information of users trying to access Microsoft's advertising platform," Jrme Segura, senior.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Meta Confirms Zero-Click WhatsApp Spyware Attack Targeting 90 Journalists, Activists ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Metaowned WhatsApp on Friday said it disrupted a campaign that involved the use of spyware to target journalists and civil society members. The campaign, which targeted around 90 members, involved the use of spyware from an Israeli company known as Paragon Solutions. The attackers were neutralized in December 2024. In a statement to The Guardian, the encrypted messaging app said it has reached.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π€1
ποΈ U.S. and Dutch Authorities Dismantle 39 Domains Linked to BEC Fraud Network ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
U.S. and Dutch law enforcement agencies have announced that they have dismantled 39 domains and their associated servers as part of efforts to disrupt a network of online marketplaces originating from Pakistan. The action, which took place on January 29, 2025, has been codenamed Operation Heart Blocker. The vast array of sites in question peddled phishing toolkits and fraudenabling tools and.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ BeyondTrust Zero-Day Breach Exposed 17 SaaS Customers via Compromised API Key ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
BeyondTrust has revealed it completed an investigation into a recent cybersecurity incident that targeted some of the company's Remote Support SaaS instances by making use of a compromised API key. The company said the breach involved 17 Remote Support SaaS customers and that the API key was used to enable unauthorized access by resetting local application passwords. The breach was first flagged.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π1
ποΈ Crazy Evil Gang Targets Crypto with StealC, AMOS, and Angel Drainer Malware ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A Russianspeaking cybercrime gang known as Crazy Evil has been linked to over 10 active social media scams that leverage a wide range of tailored lures to deceive victims and trick them into installing malware such as StealC, Atomic macOS Stealer aka AMOS, and Angel Drainer. "Specializing in identity fraud, cryptocurrency theft, and informationstealing malware, Crazy Evil employs a.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π’ Tata Technologies hit by ransomware attack π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
A ransomware attack forced the technology provider to shut down several IT services.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
Tata Technologies hit by ransomware attack
A ransomware attack forced the technology provider to shut down several IT services
π¦Ώ TechRepublic Premium Editorial Calendar: Policies, Hiring Kits, and Glossaries for Download π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic Premium content helps you solve your toughest IT issues and jumpstart your career or next project.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
TechRepublic Premium Editorial Calendar: Policies, Hiring Kits, and Glossaries for Download
TechRepublic Premium content helps you solve your toughest IT issues and jump-start your career or next project.