ποΈ CISA Adds Actively Exploited VMware vCenter Flaw CVE-2024-37079 to KEV Catalog ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Friday added a critical security flaw affecting Broadcom VMware vCenter Server that was patched in June 2024 to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation in the wild. The vulnerability in question is CVE202437079 CVSS score 9.8, which refers to a heap overflow in the.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π’ How can businesses make their cybersecurity training stick? π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Who in the modern business needs cybersecurity training and what key factors should firms keep in mind?.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
How can businesses make their cybersecurity training stick?
Who in the modern business needs cybersecurity training β and what key factors should firms keep in mind?
β€1
π’ Thousands of Microsoft Teams users are being targeted in a new phishing campaign π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Microsoft Teams users should be on the alert, according to researchers at Check Point.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
Thousands of Microsoft Teams users are being targeted in a new phishing campaign
Microsoft Teams users should be on the alert, according to researchers at Check Point
π¦Ώ Microsoft Shared BitLocker Keys With FBI, Raising Privacy Fears π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Microsoft confirmed it can hand over BitLocker recovery keys stored in the cloud under warrant, reviving debate over who controls encrypted data. The post Microsoft Shared BitLocker Keys With FBI, Raising Privacy Fears appeared first on TechRepublic.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Microsoft Shared BitLocker Keys With FBI, Raising Privacy Fears
Microsoft confirmed it can hand over BitLocker recovery keys stored in the cloud under warrant, reviving debate over who controls encrypted data.
π¦Ώ Gmail Spam Filter Breakdown Affects 1.8B Users π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
The disruption began Saturday 5am Pacific time, Jan .24 affecting approximately 1.8 billion Gmail users worldwide with widespread email misclassification. The post Gmail Spam Filter Breakdown Affects 1.8B Users appeared first on TechRepublic.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Gmail Spam Filter Breakdown Affects 1.8B Users
The disruption began Saturday (5am Pacific time, Jan .24) affecting approximately 1.8 billion Gmail users worldwide with widespread email misclassification.
ποΈ Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have discovered two malicious Microsoft Visual Studio Code VS Code extensions that are advertised as artificial intelligence AIpowered coding assistants, but also harbor covert functionality to siphon developer data to Chinabased servers. The extensions, which have 1.5 million combined installs and are still available for download from the official Visual Studio.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ β‘ Weekly Recap: Firewall Flaws, AI-Built Malware, Browser Traps, Critical CVEs & More ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Security failures rarely arrive loudly. They slip in through trusted tools, halffixed problems, and habits people stop questioning. This weeks recap shows that pattern clearly. Attackers are moving faster than defenses, mixing old tricks with new paths. Patched no longer means safe, and every day, software keeps becoming the entry point. What follows is a set of small but telling signals.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Winning Against AI-Based Attacks Requires a Combined Defensive Approach ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
If theres a constant in cybersecurity, its that adversaries are always innovating. The rise of offensive AI is transforming attack strategies and making them harder to detect. Googles Threat Intelligence Group, recently reported on adversaries using Large Language Models LLMs to both conceal code and generate malicious scripts on the fly, letting malware shapeshift in realtime to evade.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Konni Hackers Deploy AI-Generated PowerShell Backdoor Against Blockchain Developers ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The North Korean threat actor known as Konni has been observed using PowerShell malware generated using artificial intelligence AI tools to target developers and engineering teams in the blockchain sector. The phishing campaign has targeted Japan, Australia, and India, highlighting the adversary's expansion of the targeting scope beyond South Korea, Russia, Ukraine, and European nations, Check.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π CISA Releases List of Post-Quantum Cryptography Product Categories π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
CISA released initial list of PQCcapable hardware and software to guide companies amid quantum threats.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
π Researchers Uncover βHaxorβ SEO Poisoning Marketplace π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Fortra researchers have discovered a new SEO poisoning operation known as HaxorSEO.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
π Law Firm Investigates Coupang Security Failures Ahead of Class Action Deadline π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The US law firm Hagens Berman will lead a class action lawsuit against Coupang over security failures that led to a June 2025 data breach.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
β€1
π Okta Flags Customized, Reactive Vishing Attacks Which Bypass MFA π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Threat actors posing as IT support teams use phishing kits to generate fake login sites in realtime to trick victims into handing over credentials.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
π Wiper Attack on Polish Power Grid Linked to Russiaβs Sandworm π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
A destructive cyber attack targeting Polands energy sector has been linked to Russian APT group Sandworm.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
π Python Developer π
π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
The post Python Developer appeared first on UnderDefense.π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
UnderDefense
Python Developer - UnderDefense
ποΈ Indian Users Targeted in Tax Phishing Campaign Delivering Blackmoon Malware ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have discovered an ongoing campaign that's targeting Indian users with a multistage backdoor as part of a suspected cyber espionage campaign. The activity, per the eSentire Threat Response Unit TRU, involves using phishing emails impersonating the Income Tax Department of India to trick victims into downloading a malicious archive, ultimately granting the threat.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π B2b Growth Marketing Manager (Online media, external placements, integrated campaigns) π
π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
The post B2b Growth Marketing Manager Online media, external placements, integrated campaigns appeared first on UnderDefense.π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
UnderDefense
B2b Growth Marketing Manager (Online media, external placements, integrated campaigns) - UnderDefense
π eScan Antivirus Supply Chain Breach Delivers Signed Malware π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Supply chain breach in eScan antivirus distributes multistage malware via legitimate updates.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
β€2
π’ Hackers are using LLMs to generate malicious JavaScript in real time β and theyβre going after web browsers π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Defenders advised to use runtime behavioral analysis to detect and block malicious activity at the point of execution, directly within the browser.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
Hackers are using LLMs to generate malicious JavaScript in real time β and theyβre going after web browsers
Defenders advised to use runtime behavioral analysis to detect and block malicious activity at the point of execution, directly within the browser
π¦Ώ $95M Payout: Apple Begins Compensating Users in Siri Eavesdropping Case π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Apple has started issuing Siri privacy settlement payouts, with claimants seeing deposits as low as 8 per device from a 95 million fund. The post 95M Payout Apple Begins Compensating Users in Siri Eavesdropping Case appeared first on TechRepublic.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
$95M Payout: Apple Begins Compensating Users in Siri Eavesdropping Case
Apple has started issuing Siri privacy settlement payouts, with claimants seeing deposits as low as $8 per device from a $95 million fund.
π¦Ώ WhatsApp Adds One-Tap Security Settings for Added Privacy π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
WhatsApp rolled out Strict Account Settings, a lockdownstyle mode that blocks unknown attachments, disables link previews, and silences unknown callers. The post WhatsApp Adds OneTap Security Settings for Added Privacy appeared first on TechRepublic.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
WhatsApp Adds One-Tap Security Settings for Added Privacy
WhatsApp rolled out Strict Account Settings, a lockdown-style mode that blocks unknown attachments, disables link previews, and silences unknown callers.