π Verizon DBIR: Small Businesses Bearing the Brunt of Ransomware Attacks π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
While the Verizon annual report showed that ransomware is rising, it also found that ransom payments are in decline.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Verizon DBIR: Small Businesses Bearing the Brunt of Ransomware Attacks
While the Verizon annual report showed that ransomware is rising, it also found that ransom payments are in decline
π1
π Ransomware Attacks Fall Sharply in March π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
NCC Group found that ransomware attacks fell by 32 in March compared to February, but described this finding as a red herring.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Ransomware Attacks Fall Sharply in March
NCC Group found that ransomware attacks fell by 32% in March compared to February, but described this finding as a βred herringβ
π1
π ETSI Unveils New Baseline Requirements for Securing AI π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
ETSIs says new technical specification for securing AI models and systems sets international benchmark.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
ETSI Unveils New Baseline Requirements for Securing AI
ETSIβs says new technical specification for securing AI models and systems sets international benchmark
π1
π Ofcom Lays Down the Law with Child Safety Rules for Tech Giants π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Ofcoms Protection of Children Codes and Guidance lists 40 new child safety measures for tech firms.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Ofcom Lays Down the Law with Child Safety Rules for Tech Giants
Ofcomβs Protection of Children Codes and Guidance lists 40 new child safety measures for tech firms
π1
ποΈ Darcula Adds GenAI to Phishing Toolkit, Lowering the Barrier for Cybercriminals ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The threat actors behind the Darcula phishingasaservice PhaaS platform have released new updates to their cybercrime suite with generative artificial intelligence GenAI capabilities. "This addition lowers the technical barrier for creating phishing pages, enabling less techsavvy criminals to deploy customized scams in minutes," Netcraft said in a new report shared with The Hacker News. ".π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π€1
ποΈ Linux io_uring PoC Rootkit Bypasses System Call-Based Threat Detection Tools ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have demonstrated a proofofconcept PoC rootkit dubbed Curing that leverages a Linux asynchronous IO mechanism called iouring to bypass traditional system call monitoring. This causes a "major blind spot in Linux runtime security tools," ARMO said. "This mechanism allows a user application to perform various actions without using system calls," the company said in.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ 159 CVEs Exploited in Q1 2025 β 28.3% Within 24 Hours of Disclosure ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
As many as 159 CVE identifiers have been flagged as exploited in the wild in the first quarter of 2025, up from 151 in Q4 2024. "We continue to see vulnerabilities being exploited at a fast pace with 28.3 of vulnerabilities being exploited within 1day of their CVE disclosure," VulnCheck said in a report shared with The Hacker News. This translates to 45 security flaws that have been weaponized.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Highest-Risk Security Flaw Found in Commvault Backup Solutions π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
A critical path traversal vulnerability in Commvaults backup and replication solutions has been reported.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Highest-Risk Security Flaw Found in Commvault Backup Solutions
A critical path traversal vulnerability in Commvaultβs backup and replication solutions has been reported
π’ Ransomware attacks are rising β but quiet payouts could mean there's more than actually reported π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Ransomware attacks continue to climb, but they may be even higher than official figures show as companies choose to quietly pay to make such incidents go away.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
Ransomware attacks are rising β but quiet payouts could mean there's more than actually reported
FBI report suggests a sharp rise in ransomware attacks, but companies choosing to settle means the problem is even worse than figures suggest
ποΈ Lazarus Hits 6 South Korean Firms via Cross EX, Innorix Zero-Day and ThreatNeedle Malware ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
At least six organizations in South Korea have been targeted by the prolific North Korealinked Lazarus Group as part of a campaign dubbed Operation SyncHole. The activity targeted South Korea's software, IT, financial, semiconductor manufacturing, and telecommunications industries, according to a report from Kaspersky published today. The earliest evidence of compromise was first detected in.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π¦Ώ Microsoft Resumes Recall Feature Rollout After Privacy Backlash, Adds Security Functions π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Microsoft is expanding the rollout of Recall after months of testing and the addition of new security features.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Microsoft Rolls Recall Feature Out to General Public After Privacy Backlash
Microsoft expanded the rollout of Recall after months of testing and the addition of new security features. Also, two other AI-powered features for Windows are publicly available.
π1
π Blue Shield of California Data Breach Affects 4.7 Million Members π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
A misconfigured tracking tool has exposed protected health information of 4.7 million Blue Shield members to Google Ads.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Blue Shield of California Data Breach Affects 4.7 Million Members
A misconfigured tracking tool has exposed protected health information of 4.7 million Blue Shield members to Google Ads
π1
π΅οΈββοΈ Navigating Regulatory Shifts & AI Risks π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
By proactively embracing emerging trends around encryption, AI security, and platform consolidation, organizations can turn compliance burdens into competitive advantage.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Navigating Regulatory Shifts & AI Risks
By proactively embracing emerging trends around encryption, AI security, and platform consolidation, organizations can turn compliance burdens into competitive advantage.
π€1
π΅οΈββοΈ FBI: Cybercrime Losses Rocket to $16.6B in 2024 π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The losses are 33 higher than the year before, with phishing leading the way as the mostreported cybercrime last year, and ransomware was the top threat to critical infrastructure, according to the FBI Internet Crime Report.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
FBI: Cybercrime Losses Rocket to $16.6B in 2024
The losses are 33% higher than the year before, with phishing leading the way as the most-reported cybercrime last year, and ransomware was the top threat to critical infrastructure, according to the FBI Internet Crime Report.
π ELENOR-corp Ransomware Targets Healthcare Sector π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
ELENORcorp ransomware, a new version of Mimic, is targeting healthcare organizations using advanced capabilities.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
ELENOR-corp Ransomware Targets Healthcare Sector
ELENOR-corp ransomware, a new version of Mimic, is targeting healthcare organizations using advanced capabilities
π’ What to look out for at RSAC Conference 2025 π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Convincing attendees that AI can revolutionize security will be the first point of order at next weeks RSA Conference but traditional threats will be a constant undercurrent.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
What to look out for at RSAC Conference 2025
Convincing attendees that AI can revolutionize security will be the first point of order at next weekβs RSA Conference β but traditional threats will be a constant undercurrent
π΅οΈββοΈ 'SessionShark' ToolKit Evades Microsoft Office 365 MFA π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The creators of the toolkit are advertising it as an educational and ethical resource, but what it promises to provide users if purchased indicates it's anything but.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
'SessionShark' ToolKit Evades Microsoft Office 365 MFA
The creators of the toolkit are advertising it as an educational and ethical resource, but what it promises to provide users if purchased indicates it's anything but.
π΅οΈββοΈ Max-Severity Commvault Bug Alarms Researchers π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Though already patched, the vulnerability is especially problematic because of the highly privileged access it offers to businesscritical systems, sensitive data, and backups for attackers.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Max-Severity Commvault Bug Alarms Researchers
Though already patched, the vulnerability is especially problematic because of the highly privileged access it offers to business-critical systems, sensitive data, and backups for attackers.
π΅οΈββοΈ NFC-Powered Android Malware Enables Instant Cash-Outs π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Researchers at security vendor Cleafy detailed a malware known as "SuperCard X" that uses the NFC reader on a victim's own phone to steal credit card funds instantly.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
NFC-Powered Android Malware Enables Instant Cash-Outs
Researchers at security vendor Cleafy detailed a malware known as "SuperCard X" that uses the NFC reader on a victim's own phone to steal credit card funds instantly.
β€2
π’ Criminals target APIs as web attacks skyrocket globally π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
More than a third of web attacks target APIs as AI expands attack surfaces and brings new security challenges.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
Criminals target APIs as web attacks skyrocket globally
More than a third of web attacks target APIs as AI expands attack surfaces and brings new security challenges
π’ M&S suspends online sales as 'cyber incident' continues π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Marks Spencer MS has informed customers that all online and app sales have been suspended as the high street retailer battles a cyber incident.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
M&S suspends online sales as 'cyber incident' continues
M&S customers have been warned to remain vigilant for phishing scams capitalizing on the incident