ποΈ Cybersecurity in the AI Era: Evolve Faster Than the Threats or Get Left Behind ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
AI is changing cybersecurity faster than many defenders realize. Attackers are already using AI to automate reconnaissance, generate sophisticated phishing lures, and exploit vulnerabilities before security teams can react. Meanwhile, defenders are overwhelmed by massive amounts of data and alerts, struggling to process information quickly enough to identify real threats. AI offers a way to.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Pakistan-Linked Hackers Expand Targets in India with CurlBack RAT and Spark RAT ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A threat actor with ties to Pakistan has been observed targeting various sectors in India with various remote access trojans like Xeno RAT, Spark RAT, and a previously undocumented malware family called CurlBack RAT. The activity, detected by SEQRITE in December 2024, targeted Indian entities under railway, oil and gas, and external affairs ministries, marking an expansion of the hacking crew's.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Major WordPress Plugin Flaw Exploited in Under 4 Hours π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Flaw in SureTriggers plugin allows unauthenticated users to create admin accounts on WordPress sites.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Major WordPress Plugin Flaw Exploited in Under 4 Hours
Flaw in SureTriggers plugin allows unauthenticated users to create admin accounts on WordPress sites
π Prodaft Offers "No Judgment" Deal to Buy Dark Web Accounts from Cybercrime Forum Users π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Through the SYS Initiative, Prodaft is offering a secure, anonymous channel for individuals to share information about ongoing cybercrime activities.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Prodaft Offers "No Judgment" Deal to Buy Dark Web Accounts from Cybercrime Forum Users
Through the SYS Initiative, Prodaft is offering a secure, anonymous channel for individuals to share information about ongoing cybercrime activities
π New Malware ResolverRAT Targets Healthcare and Pharma Sectors π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
ResolverRAT targets healthcare organizations using advanced evasion techniques and social engineering.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
New Malware ResolverRAT Targets Healthcare and Pharma Sectors
ResolverRAT targets healthcare organizations using advanced evasion techniques and social engineering
π US Blocks Foreign Governments from Acquiring Citizen Data π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The US government has implemented a program that applies export controls on data transactions to certain countries of concern, including China and Russia.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
US Blocks Foreign Governments from Acquiring Citizen Data
The US government has implemented a program that applies export controls on data transactions to certain countries of concern, including China and Russia
π1
π Digital Certificate Lifespans to Fall to 47 Days by 2029 π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
CABrowser Forum members have voted in favor of shortening TLSSSL certificate lifespans to 47 days.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Digital Certificate Lifespans to Fall to 47 Days by 2029
CA/Browser Forum members have voted in favor of shortening TLS/SSL certificate lifespans to 47 days
π AI Hallucinations Create βSlopsquattingβ Supply Chain Threat π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Experts have warned that threat actors could hijack AI hallucinations in slopsquatting attacks.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
AI Hallucinations Create βSlopsquattingβ Supply Chain Threat
Experts have warned that threat actors could hijack AI hallucinations in βslopsquattingβ attacks
π¦
DOGE βBig Ballsβ Ransomware and the False Connection to Edward Coristine π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble DOGE BIG BALLS Ransomware and the False Connection to Edward Coristine " dataimagecaption"" datamediumfile"httpscyble.comwpcontentuploads202504NewCybleBlogs300x150.png" datalargefile"httpscyble.comwpcontentuploads202504NewCybleBlogs1024x512.png" title"DOGE "Big Balls" Ransomware and the False Connection to Edward Coristine 1" Key Takeaways This attack leverages a ZIP file with a deceptive LNK shortcut to silently execute a multistage PowerShellbased infection chain, ensuring stealthy deployment. A vulnerable driver CVE20152291 is exploited through a Bring Your Own Vulnerable Driver BYOVD technique to gain kernellevel readwrite access for privilege escalation. The payload is a customized version of Fog ransomware, branded as "DOGE BIG BALLS Ransomware," reflecting an attemp...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
Doge Big Balls Ransomware Edward Coristine
Cyble investigates the DOGE BIG BALLS Ransomware, analyzing its operation and the false ties made to Edward Coristine.
β€1
ποΈ ResolverRAT Campaign Targets Healthcare, Pharma via Phishing and DLL Side-Loading ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have discovered a new, sophisticated remote access trojan called ResolverRAT that has been observed in attacks targeting healthcare and pharmaceutical sectors. "The threat actor leverages fearbased lures delivered via phishing emails, designed to pressure recipients into clicking a malicious link," Morphisec Labs researcher Nadav Lorber said in a report shared with The.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π΅οΈββοΈ Chinese APTs Exploit EDR 'Visibility Gap' for Cyber Espionage π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Blind spots in network visibility, including in firewalls, IoT devices, and the cloud, are being exploited by Chinese statebacked threat actors with increasing success, according to new threat intelligence. Here's how experts say you can get eyes on it all.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Chinese APTs Exploit EDR 'Visibility Gap' for Cyber Espionage
Blind spots in network visibility, including in firewalls, IoT devices, and the cloud, are being exploited by Chinese state-backed threat actors with increasing success, according to new threat intelligence. Here's how experts say you can get eyes on it all.
π΅οΈββοΈ Fortinet Zero-Day Bug May Lead to Arbitrary Code Execution π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
A threat actor posted about the zeroday exploit on the same day that Fortinet published a warning about known vulnerabilities under active exploitation.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Fortinet Zero-Day Bug May Lead to Arbitrary Code Execution
A threat actor posted about the zero-day exploit on the same day that Fortinet published a warning about known vulnerabilities under active exploitation.
π1
π΅οΈββοΈ AI Code Tools Widely Hallucinate Packages π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The hallucination problem is not just pervasive, it is persistent as well, according to new research.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
AI Code Tools Widely Hallucinate Packages
The hallucination problem is not just pervasive, it is persistent as well, according to new research.
π΅οΈββοΈ Threat Intel Firm Offers Crypto in Exchange for Dark Web Accounts π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Prodaft is currently buying accounts from five Dark Web forums and offers to pay extra for administrator or moderator accounts. The idea is to infiltrate forums to boost its threat intelligence.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Threat Intel Firm Offers Crypto for Dark Web Accounts
Prodaft is currently buying accounts from five Dark Web forums and offers to pay extra for administrator or moderator accounts. The idea is to infiltrate forums to boost its threat intelligence.
βοΈ Trump Revenge Tour Targets Cyber Leaders, Elections βοΈ
π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
President Trump last week revoked security clearances for Chris Krebs, the former director of the Cybersecurity and Infrastructure Security Agency CISA who was fired by Trump after declaring the 2020 election the most secure in U.S. history. The White House memo, which also suspended clearances for other security professionals at Krebs's employer SentinelOne, comes as CISA is facing huge funding and staffing cuts.π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
Krebs on Security
Trump Revenge Tour Targets Cyber Leaders, Elections
President Trump last week revoked security clearances for Chris Krebs, the former director of the Cybersecurity and Infrastructure Security Agency (CISA) who was fired by Trump after declaring the 2020 election the most secure in U.S. history. The White Houseβ¦
π1π€¬1
ποΈ Gladinetβs Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A recently disclosed security flaw in Gladinet CentreStack also impacts its Triofox remote access and collaboration solution, according to Huntress, with seven different organizations compromised to date. Tracked as CVE202530406 CVSS score 9.0, the vulnerability refers to the use of a hardcoded cryptographic key that could expose internetaccessible servers to remote code execution attacks.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π1
ποΈ Meta Resumes E.U. AI Training Using Public User Data After Regulator Approval ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Meta has announced that it will begin to train its artificial intelligence AI models using public data shared by adults across its platforms in the European Union, nearly a year after it paused its efforts due to data protection concerns from Irish regulators. "This training will better support millions of people and businesses in Europe, by teaching our generative AI models to better.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π’ CISA issues warning in wake of Oracle cloud credentials leak π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
The security agency has published guidance for enterprises at risk.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
CISA issues warning in wake of Oracle cloud credentials leak
The security agency has published guidance for enterprises at risk
π NTLM Hash Exploit Targets Poland and Romania Days After Patch π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
An NTLM hash disclosure spoofing vulnerability that leaks hashes with minimal user interaction has been observed being exploited in the wild.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
NTLM Hash Exploit Targets Poland and Romania Days After Patch
An NTLM hash disclosure spoofing vulnerability that leaks hashes with minimal user interaction has been observed being exploited in the wild
ποΈ CVE-2025-24054 Under Active AttackβSteals NTLM Credentials on File Download ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday added a mediumseverity security flaw impacting Microsoft Windows to its Known Exploited Vulnerabilities KEV catalog, following reports of active exploitation in the wild. The vulnerability, assigned the CVE identifier CVE202524054 CVSS score 6.5, is a Windows New Technology LAN Manager NTLM hash disclosure.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π NTLM Hash Exploit Targets Poland and Romania Days After Patch π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
An NTLM hash disclosure spoofing vulnerability that leaks hashes with minimal user interaction has been observed being exploited in the wild.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
NTLM Hash Exploit Targets Poland and Romania Days After Patch
An NTLM hash disclosure spoofing vulnerability that leaks hashes with minimal user interaction has been observed being exploited in the wild