π΅οΈββοΈ 2 Android Zero-Day Bugs Under Active Exploit π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Neither security issue requires user interaction and one of the vulnerabilities was used to unlock a student activist's device in an attempt to install spyware.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
2 Android Zero-Day Bugs Under Active Exploit
Neither security issue requires user interaction, and one of the vulnerabilities was used to unlock a student activist's device in an attempt to install spyware.
ποΈ Amazon EC2 SSM Agent Flaw Patched After Privilege Escalation via Path Traversal ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have disclosed details of a nowpatched security flaw in the Amazon EC2 Simple Systems Manager SSM Agent that, if successfully exploited, could permit an attacker to achieve privilege escalation and code execution. The vulnerability could permit an attacker to create directories in unintended locations on the filesystem, execute arbitrary scripts with root privileges,.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Cryptocurrency Miner and Clipper Malware Spread via SourceForge Cracked Software Listings ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Threat actors have been observed distributing malicious payloads such as cryptocurrency miner and clipper malware via SourceForge, a popular software hosting service, under the guise of cracked versions of legitimate applications like Microsoft Office. "One such project, officepackage, on the main website sourceforge.net, appears harmless enough, containing Microsoft Office addins copied from a.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Fortinet Urges FortiSwitch Upgrades to Patch Critical Admin Password Change Flaw ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Fortinet has released security updates to address a critical security flaw impacting FortiSwitch that could permit an attacker to make unauthorized password changes. The vulnerability, tracked as CVE202448887, carries a CVSS score of 9.3 out of a maximum of 10.0. "An unverified password change vulnerability CWE620 in FortiSwitch GUI may allow a remote unauthenticated attacker to modify.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π΅οΈββοΈ 2 Android Zero-Day Bugs Under Active Exploit π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Neither security issue requires user interaction, and one of the vulnerabilities was used to unlock a student activist's device in an attempt to install spyware.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
2 Android Zero-Day Bugs Under Active Exploit
Neither security issue requires user interaction, and one of the vulnerabilities was used to unlock a student activist's device in an attempt to install spyware.
π΅οΈββοΈ UK Orgs Pull Back Digital Projects With Looming Threat of Cyberwarfare π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Artificial intelligence poses a significant concern when it comes to nationstate cyberthreats and AI's ability to supercharge attacks.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
UK Orgs Pull Back Digital Projects
Artificial intelligence poses a significant concern when it comes to nation-state cyberthreats and AI's ability to supercharge attacks.
π1
π Google Cloud: China Achieves βCyber Superpowerβ Status π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Google Clouds Sandra Joyce said that Chinese state actors advanced techniques and ability to stay undetected pose huge challenges.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Google Cloud: China Achieves βCyber Superpowerβ Status
Google Cloudβs Sandra Joyce said that Chinese state actorsβ advanced techniques and ability to stay undetected pose huge challenges
π¦
ICS Vulnerability Report: Energy, Manufacturing Device Fixes Urged by Cyble π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
ICS Vulnerability Report " dataimagecaption"ICS Vulnerability Report " datamediumfile"httpscyble.comwpcontentuploads202504ICSVulnerabilityReport300x150.png" datalargefile"httpscyble.comwpcontentuploads202504ICSVulnerabilityReport1024x512.png" title"ICS Vulnerability Report Energy, Manufacturing Device Fixes Urged by Cyble 1" Overview The Cyble report, part of the latest ICS Vulnerability Report, examined 70 ICS, Operational Technology OT, and Supervisory Control and Data Acquisition SCADA vulnerabilities identified in 16 recent advisories issued by the U.S. Cybersecurity and Infrastructure Security Agency CISA. Cyble highlighted several critical industrial control system ICS vulnerabilities in recent reports to clients, with the most severe vulnerabilities reaching 9.8 to 9.9 ...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
ICS Vulnerability Report: Energy, Manufacturing Fixes Urged
Explore Cybleβs ICS Vulnerability Report uncovering critical flaws in energy, manufacturing & OT systems. Learn how to mitigate ICS cyber risks effectively.
π¦
ICS Vulnerability Report: Energy, Manufacturing Device Fixes Urged by Cyble π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
ICS Vulnerability Report " dataimagecaption"ICS Vulnerability Report " datamediumfile"httpscyble.comwpcontentuploads202504ICSVulnerabilityReport300x150.png" datalargefile"httpscyble.comwpcontentuploads202504ICSVulnerabilityReport1024x512.png" title"ICS Vulnerability Report Energy, Manufacturing Device Fixes Urged by Cyble 1" Overview The Cyble report, part of the latest ICS Vulnerability Report, examined 70 ICS, Operational Technology OT, and Supervisory Control and Data Acquisition SCADA vulnerabilities identified in 16 recent advisories issued by the U.S. Cybersecurity and Infrastructure Security Agency CISA. Cyble highlighted several critical industrial control system ICS vulnerabilities in recent reports to clients, with the most severe vulnerabilities reaching 9.8 to 9.9 ...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
ICS Vulnerability Report: Energy, Manufacturing Fixes Urged
Explore Cybleβs ICS Vulnerability Report uncovering critical flaws in energy, manufacturing & OT systems. Learn how to mitigate ICS cyber risks effectively.
π¦Ώ Can VPNs Be Tracked by the Police? π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
VPNs are popular due to the fact they add security and privacy to what are otherwise fairly open WiFi and public internet channels. But can VPNs be tracked by the police?.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Can VPNs Be Tracked by the Police?
VPNs are popular because they add security to fairly open Wi-Fi and public internet channels. But can VPNs be tracked by the police?
π Google Cloud: CISOs Demand Simplified Security Tools Amid Growing Tech Complexity π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Google Cloud announced a number of security products designed to reduce complexity for security leaders.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Google Cloud: CISOs Demand Simplified Security Tools Amid Growing Tech Complexity
Google Cloud announced a number of security products designed to reduce complexity for security leaders
π Over 40% of UK Businesses Faced Cybersecurity Breaches in 2024 π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The Cyber Security Breaches Survey 2025 has been released by the UK Home Office and DSIT today, reporting a slight decline in incidents compared to 2024 report.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Over 40% of UK Businesses Faced Cybersecurity Breaches in 2024
The Cyber Security Breaches Survey 2025 has been released by the UK Home Office and DSIT today, reporting a slight decline in incidents compared to 2024 report
π’ Seized database helps Europol snare botnet customers in βOperation Endgameβ follow-up sting π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Europol has detained several people believed to be involved in a botnet operation as part of a followup to a major takedown last year.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
Seized database helps Europol snare botnet customers in βOperation Endgameβ follow-up sting
Customers of the SmokeLoader malware have been detained
π’ Seized database helps Europol snare botnet customers in βOperation Endgameβ follow-up sting π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Europol has detained several people believed to be involved in a botnet operation as part of a followup to a major takedown last year.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
Seized database helps Europol snare botnet customers in βOperation Endgameβ follow-up sting
Customers of the SmokeLoader malware have been detained
π SpyNote Malware Targets Android Users with Fake Google Play Pages π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
A new Android malware campaign uses fake Google Play pages to distribute the SpyNote Trojan.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
SpyNote Malware Targets Android Users with Fake Google Play Pages
A new Android malware campaign uses fake Google Play pages to distribute the SpyNote Trojan
π Google Cloud: China Achieves βCyber Superpowerβ Status π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Google Clouds Sandra Joyce said that Chinese state actors advanced techniques and ability to stay undetected pose huge challenges.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Google Cloud: China Achieves βCyber Superpowerβ Status
Google Cloudβs Sandra Joyce said that Chinese state actorsβ advanced techniques and ability to stay undetected pose huge challenges
π’ Foreign AI model launches may have improved trust in US AI developers, says Mandiant CTO β as he warns Chinese cyber attacks are at an βunprecedented levelβ π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Concerns about enterprise AI deployments have faded due to greater understanding of the technology and negative examples in the international community, according to Mandiant CTO Charles Carmakal.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
Foreign AI model launches may have improved trust in US AI developers, says Mandiant CTO β as he warns Chinese cyber attacks areβ¦
Mandiant CTO Charles Carmakal believes AI model security concerns will ultimately improve trust in US providers
π Google Cloud: CISOs Demand Simplified Security Tools Amid Growing Tech Complexity π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Google Cloud announced a number of security products designed to reduce complexity for security leaders.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Google Cloud: CISOs Demand Simplified Security Tools Amid Growing Tech Complexity
Google Cloud announced a number of security products designed to reduce complexity for security leaders
βοΈ China-based SMS Phishing Triad Pivots to Banks βοΈ
π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
Chinabased purveyors of SMS phishing kits are enjoying remarkable success converting phished payment card data into mobile wallets from Apple and Google. Until recently, the socalled Smishing Triad mainly impersonated toll road operators and shipping companies. But experts say these groups are now directly targeting customers of international financial institutions, while dramatically expanding their cybercrime infrastructure and support staff.π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
Krebs on Security
China-based SMS Phishing Triad Pivots to Banks
China-based purveyors of SMS phishing kits are enjoying remarkable success converting phished payment card data into mobile wallets from Apple and Google. Until recently, the so-called βSmishing Triadβ mainly impersonated toll road operators and shippingβ¦
π¦
ICS Vulnerability Report: Energy, Manufacturing Device Fixes Urged by Cyble π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
ICS Vulnerability Report " dataimagecaption"ICS Vulnerability Report " datamediumfile"httpscyble.comwpcontentuploads202504ICSVulnerabilityReport300x150.png" datalargefile"httpscyble.comwpcontentuploads202504ICSVulnerabilityReport1024x512.png" title"ICS Vulnerability Report Energy, Manufacturing Device Fixes Urged by Cyble 1" Overview The Cyble report, part of the latest ICS Vulnerability Report, examined 70 ICS, Operational Technology OT, and Supervisory Control and Data Acquisition SCADA vulnerabilities identified in 16 recent advisories issued by the U.S. Cybersecurity and Infrastructure Security Agency CISA. Cyble highlighted several critical industrial control system ICS vulnerabilities in recent reports to clients, with the most severe vulnerabilities reaching 9.8 to 9.9 ...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
ICS Vulnerability Report: Energy, Manufacturing Fixes Urged
Explore Cybleβs ICS Vulnerability Report uncovering critical flaws in energy, manufacturing & OT systems. Learn how to mitigate ICS cyber risks effectively.
βοΈ China-based SMS Phishing Triad Pivots to Banks βοΈ
π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
Chinabased purveyors of SMS phishing kits are enjoying remarkable success converting phished payment card data into mobile wallets from Apple and Google. Until recently, the socalled Smishing Triad mainly impersonated toll road operators and shipping companies. But experts say these groups are now directly targeting customers of international financial institutions, while dramatically expanding their cybercrime infrastructure and support staff.π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
Krebs on Security
China-based SMS Phishing Triad Pivots to Banks
China-based purveyors of SMS phishing kits are enjoying remarkable success converting phished payment card data into mobile wallets from Apple and Google. Until recently, the so-called βSmishing Triadβ mainly impersonated toll road operators and shippingβ¦