Trump Frees Silk Road Creator Ross Ulbricht After 11 Years in Prison

Wed Jan 22 2025

Donald Trump pardoned the creator of the world’s first dark-web drug market, who is now a libertarian cause célèbre in some parts of the crypto community.

Wired

Microsoft Teams vishing attacks trick employees into handing over remote access

Tue Jan 21 2025

Attackers believed to be affiliated with ransomware groups have recently been observed using a technique in which they bombard employees with spam emails and then call them on Microsoft Teams posing a

CSO Online

ChatGPT-Lücke ermöglicht DDoS-Attacken

Tue Jan 21 2025

srcset="https://b2b-contenthub.

CSO Online

Mirai Variant Murdoc Botnet Exploits AVTECH IP Cameras and Huawei Routers

Tue Jan 21 2025

Cybersecurity researchers have warned of a new large-scale campaign that exploits security flaws in AVTECH IP cameras and Huawei HG532 routers to rope the devices into a Mirai botnet variant dubbed Murdoc Botnet. The ongoing activity "demonstrates enhanced capabilities, exploiting vulnerabilities to compromise devices and establish expansive botnet networks," Qualys security researcher Shilpesh...

The Hacker News

13,000 MikroTik Routers Hijacked by Botnet for Malspam and Cyberattacks

Tue Jan 21 2025

A global network of about 13,000 hijacked Mikrotik routers has been employed as a botnet to propagate malware via spam campaigns, the latest addition to a list of botnets powered by MikroTik devices. The activity "take[s] advantage of misconfigured DNS records to pass email protection techniques," Infoblox security researcher David Brunsdon said in a technical report published last week. "This...

The Hacker News

ChatGPT API flaws could allow DDoS, prompt injection attacks

Tue Jan 21 2025

OpenAI-owned ChatGPT might have a vulnerability that could allow threat actors to launch distributed denial of service (DDoS) attacks on unsuspecting targets.

CSO Online

Ex-CIA Analyst Pleads Guilty to Sharing Top-Secret Data with Unauthorized Parties

Tue Jan 21 2025

A former analyst working for the U.S. Central Intelligence Agency (CIA) pleaded guilty to transmitting top secret National Defense Information (NDI) to individuals who did not have the necessary authorization to receive it and attempted to cover up the activity. Asif William Rahman, 34, of Vienna, was an employee of the CIA since 2016 and had a Top Secret security clearance with access to...

The Hacker News

HackGATE: Setting New Standards for Visibility and Control in Penetration Testing Projects

Tue Jan 21 2025

Imagine receiving a penetration test report that leaves you with more questions than answers. Questions like, "Were all functionalities of the web app tested?" or " Were there any security issues that could have been identified during testing?" often go unresolved, raising concerns about the thoroughness of the security testing. This frustration is common among many security teams. Pentest...

The Hacker News

7 top cybersecurity projects for 2025

Tue Jan 21 2025

As 2025 dawns, CISOs face the grim reality that the battle against cyberattackers never ends.

CSO Online

EU to take aim at healthcare cyber threat

Tue Jan 21 2025

The European Commission is presenting an action plan to strengthen cybersecurity in healthcare as one of its key priorities in the first 100 days of the commission’s new mandate.

CSO Online

PNGPlug Loader Delivers ValleyRAT Malware Through Fake Software Installers

Tue Jan 21 2025

Cybersecurity researchers are calling attention to a series of cyber attacks that have targeted Chinese-speaking regions like Hong Kong, Taiwan, and Mainland China with a known malware called ValleyRAT. The attacks leverage a multi-stage loader dubbed PNGPlug to deliver the ValleyRAT payload, Intezer said in a technical report published last week. The infection chain commences with a phishing...

The Hacker News

CERT-UA Warns of Cyber Scams Using Fake AnyDesk Requests for Fraudulent Security Audits

Tue Jan 21 2025

The Computer Emergency Response Team of Ukraine (CERT-UA) is warning of ongoing attempts by unknown threat actors to impersonate the cybersecurity agency by sending AnyDesk connection requests. The AnyDesk requests claim to be for conducting an audit to assess the "level of security," CERT-UA added, cautioning organizations to be on the lookout for such social engineering attempts that seek to...

The Hacker News

So geht Tabletop Exercise

Tue Jan 21 2025

Übung macht den Incident-Response-Meister.

CSO Online

Unsecured Tunneling Protocols Expose 4.2 Million Hosts, Including VPNs and Routers

Mon Jan 20 2025

New research has uncovered security vulnerabilities in multiple tunneling protocols that could allow attackers to perform a wide range of attacks. "Internet hosts that accept tunneling packets without verifying the sender's identity can be hijacked to perform anonymous attacks and provide access to their networks," Top10VPN said in a study, as part of a collaboration with KU Leuven professor...

The Hacker News

DoNot Team Linked to New Tanzeem Android Malware Targeting Intelligence Collection

Mon Jan 20 2025

The Threat actor known as DoNot Team has been linked to a new Android malware as part of highly targeted cyber attacks. The artifacts in question, named Tanzeem (meaning "organization" in Urdu) and Tanzeem Update, were spotted in October and December 2024 by cybersecurity company Cyfirma. The apps in question have been found to incorporate identical functions, barring minor modifications to the...

The Hacker News

Cyberangriff auf Bundesdruckerei-Tochter

Mon Jan 20 2025

2476561975 TippaPatt – Shutterstock.

CSO Online

⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [20 January]

Mon Jan 20 2025

As the digital world becomes more complicated, the lines between national security and cybersecurity are starting to fade. Recent cyber sanctions and intelligence moves show a reality where malware and fake news are used as tools in global politics. Every cyberattack now seems to have deeper political consequences. Governments are facing new, unpredictable threats that can't be fought with...

The Hacker News

HPE’s sensitive data exposed in alleged IntelBroker hack

Mon Jan 20 2025

IntelBroker has struck again.

CSO Online

Product Walkthrough: How Satori Secures Sensitive Data From Production to AI

Mon Jan 20 2025

Every week seems to bring news of another data breach, and it’s no surprise why: securing sensitive data has become harder than ever. And it’s not just because companies are dealing with orders of magnitude more data. Data flows and user roles are constantly shifting, and data is stored across multiple technologies and cloud environments. Not to mention, compliance requirements are only getting...

The Hacker News

Ridding your network of NTLM

Mon Jan 20 2025

Microsoft has hinted at a possible end to NTLM a few times, but with quite a few Windows 95 or 98 in use that do not support the alternative, Kerberos, it won’t be an easy job to do.

CSO Online

How organizations can secure their AI code

Mon Jan 20 2025

In 2023, the team at data extraction startup Reworkd was under tight deadlines.

CSO Online

Midsize firms universally behind in slog toward DORA compliance

Mon Jan 20 2025

Beginning Friday, Jan.

CSO Online

Hackers Deploy Malicious npm Packages to Steal Solana Wallet Keys via Gmail SMTP

Mon Jan 20 2025

Cybersecurity researchers have identified three sets of malicious packages across the npm and Python Package Index (PyPI) repository that come with capabilities to steal data and even delete sensitive data from infected systems. The list of identified packages is below - @async-mutex/mutex, a typosquat of async-mute (npm) dexscreener, which masquerades as a library for accessing liquidity pool...

The Hacker News

Diese Security-Technologien haben ausgedient

Mon Jan 20 2025

Zeit für eine Frischzellenkur?JL_OFF | shutterstock.

CSO Online

How to Get Around the US TikTok Ban

Sun Jan 19 2025

TikTok is now unavailable in the United States—and getting around the ban isn’t as simple as using a VPN. Here’s what you need to know.

Wired

TikTok Goes Dark in the U.S. as Federal Ban Takes Effect January 19, 2025

Sun Jan 19 2025

Popular video-sharing social network TikTok has officially gone dark in the United States, as a federal ban on the app comes into effect on January 19, 2025. "We regret that a U.S. law banning TikTok will take effect on January 19 and force us to make our services temporarily unavailable," the company said in a pop-up message. "We're working to restore our service in the U.S. as soon as possible...

The Hacker News

US Names One of the Hackers Allegedly Behind Massive Salt Typhoon Breaches

Sat Jan 18 2025

Plus: New details emerge about China’s cyber espionage against the US, the FBI remotely uninstalls malware on 4,200 US devices, and victims of the PowerSchool edtech breach reveal what hackers stole.

Wired

U.S. Sanctions Chinese Cybersecurity Firm Over Treasury Hack Tied to Salt Typhoon

Sat Jan 18 2025

The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) has imposed sanctions against a Chinese cybersecurity company and a Shanghai-based cyber actor for their alleged links to the Salt Typhoon group and the recent compromise of the federal agency. "People's Republic of China-linked (PRC) malicious cyber actors continue to target U.S. government systems, including the recent...

The Hacker News

Secure AI? Dream on, says AI red team

Sat Jan 18 2025

The group responsible for red teaming of over 100 generative AI products at Microsoft has concluded that the work of building safe and secure AI systems will never be complete.

CSO Online

US hits back against China’s Salt Typhoon group

Fri Jan 17 2025

The US is hitting back against the threat group, dubbed Salt Typhoon by Microsoft, which is allegedly behind recent cyber attacks against American telecommunications providers, as part of a wider camp

CSO Online

The FCC’s Jessica Rosenworcel Isn’t Leaving Without a Fight

Fri Jan 17 2025

As the US faces “the worst telecommunications hack in our nation’s history,” by China’s Salt Typhoon hackers, the outgoing FCC chair is determined to bolster network security if it’s the last thing she does.

Wired

DORA-Umsetzung hält Banken-CISOs auf Trab

Fri Jan 17 2025

Finanzunternehmen müssen seit heute die neuen Regeln der EU-Verordnung DORA anwenden.

CSO Online

Critical Flaws in WGS-804HPT Switches Enable RCE and Network Exploitation

Fri Jan 17 2025

Cybersecurity researchers have disclosed three security flaws in Planet Technology's WGS-804HPT industrial switches that could be chained to achieve pre-authentication remote code execution on susceptible devices. "These switches are widely used in building and home automation systems for a variety of networking applications," Claroty's Tomer Goldschmidt said in a Thursday report. "An attacker...

The Hacker News

Python-Based Bots Exploiting PHP Servers Fuel Gambling Platform Proliferation

Fri Jan 17 2025

Cybersecurity researchers have exposed a new campaign that targets web servers running PHP-based applications to promote gambling platforms in Indonesia. "Over the past two months, a significant volume of attacks from Python-based bots has been observed, suggesting a coordinated effort to exploit thousands of web apps," Imperva researcher Daniel Johnston said in an analysis. "These attacks...

The Hacker News

Poor patching regime is opening businesses to serious problems

Fri Jan 17 2025

Vulnerability remediation is taking a severe hit as security teams are faced with fatigue from a growing number of publicly disclosed vulnerabilities.

CSO Online

How to Bring Zero Trust to Wi-Fi Security with a Cloud-based Captive Portal?

Fri Jan 17 2025

Recent data breaches have highlighted the critical need to improve guest Wi-Fi infrastructure security in modern business environments. Organizations face increasing pressure to protect their networks while providing convenient access to visitors, contractors, temporary staff, and employees with BYOD. Implementing secure guest Wi-Fi infrastructure has become essential for authenticating access,...

The Hacker News

U.S. Sanctions North Korean IT Worker Network Supporting WMD Programs

Fri Jan 17 2025

The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) sanctioned two individuals and four entities for their alleged involvement in illicit revenue generation schemes for the Democratic People's Republic of Korea (DPRK) by dispatching IT workers around the world to obtain employment and draw a steady source of income for the regime in violation of international sanctions. "These...

The Hacker News

New 'Sneaky 2FA' Phishing Kit Targets Microsoft 365 Accounts with 2FA Code Bypass

Fri Jan 17 2025

Cybersecurity researchers have detailed a new adversary-in-the-middle (AitM) phishing kit that's capable of Microsoft 365 accounts with an aim to steal credentials and two-factor authentication (2FA) codes since at least October 2024. The nascent phishing kit has been dubbed Sneaky 2FA by French cybersecurity company Sekoia, which detected it in the wild in December. Nearly 100 domains hosting...

The Hacker News

EU’s DORA could further strain cybersecurity skills gap

Fri Jan 17 2025

Efforts spent in achieving compliance with the EU’s Digital Operational Resilience Act (DORA) are likely to pile further pressure on the already strained cybersecurity skills market.

CSO Online

European Privacy Group Sues TikTok and AliExpress for Illicit Data Transfers to China

Fri Jan 17 2025

Austrian privacy non-profit None of Your Business (noyb) has filed complaints accusing companies like TikTok, AliExpress, SHEIN, Temu, WeChat, and Xiaomi of violating data protection regulations in the European Union by unlawfully transferring users' data to China. The advocacy group is seeking an immediate suspension of such transfers, stating the companies in question cannot shield user data...

The Hacker News

Was ist ein Payload?

Fri Jan 17 2025

Ähnlich wie damals die griechischen Soldaten, die im Inneren des trojanischen Pferdes auf den passenden Zeitpunkt lauerten, werden Payloads zum Beispiel in vermeintlich harmlosen Dateianhängen verstec

CSO Online

Millions of tunneling hosts are vulnerable to spoofing, DDoS attacks, say researchers

Fri Jan 17 2025

There are more than 4 million vulnerable hosts on the internet that accept unauthenticated traffic, say Belgian researchers, who warn that, unless action is taken by CISOs and network product manufact

CSO Online

Hackers Likely Stole FBI Call Logs From AT&T That Could Compromise Informants

Fri Jan 17 2025

A breach of AT&T that exposed “nearly all” of the company’s customers may have included records related to confidential FBI sources, potentially explaining the bureau’s new embrace of end-to-end encryption.

Wired

How do you unlock automation within IT security and IT operations?

Thu Jan 16 2025

The proliferation of endpoints in today’s enterprises is outpacing the ability of IT operations and security teams to cost-effectively manage increasingly complex environments.

CSO Online

Biden White House goes all out in final, sweeping cybersecurity order

Thu Jan 16 2025

The Biden administration’s last cybersecurity action is a comprehensive and ambitious 50-page executive order (EO) entitled “Strengthening and Promoting Innovation in the Nation’s Cybersecurity” which

CSO Online

Russian Star Blizzard Targets WhatsApp Accounts in New Spear-Phishing Campaign

Thu Jan 16 2025

The Russian threat actor known as Star Blizzard has been linked to a new spear-phishing campaign that targets victims' WhatsApp accounts, signaling a departure from its longstanding tradecraft in a likely attempt to evade detection. "Star Blizzard's targets are most commonly related to government or diplomacy (both incumbent and former position holders), defense policy or international relations...

The Hacker News

International agierende Internetbetrüger geschnappt

Thu Jan 16 2025

Insgesamt waren ca.

CSO Online

Neuer EU-Plan für mehr Cybersicherheit im Gesundheitswesen

Thu Jan 16 2025

srcset="https://b2b-contenthub.

CSO Online

Ready to Simplify Trust Management? Join Free Webinar to See DigiCert ONE in Action

Thu Jan 16 2025

The digital world is exploding. IoT devices are multiplying like rabbits, certificates are piling up faster than you can count, and compliance requirements are tightening by the day. Keeping up with it all can feel like trying to juggle chainsaws while riding a unicycle. Traditional trust management? Forget it. It's simply not built for today's fast-paced, hybrid environments. You need a...

The Hacker News

FTC orders GoDaddy to fix its infosec practices

Thu Jan 16 2025

Web-hosting giant GoDaddy has been called out by the US Federal Trade Commission (FTC) for its lax security practices, since at least January 2018, with an order to immediately implement a tighter inf

CSO Online

The $10 Cyber Threat Responsible for the Biggest Breaches of 2024

Thu Jan 16 2025

You can tell the story of the current state of stolen credential-based attacks in three numbers: Stolen credentials were the #1 attacker action in 2023/24, and the breach vector for 80% of web app attacks. (Source: Verizon). Cybersecurity budgets grew again in 2024, with organizations now spending almost $1,100 per user (Source: Forrester).  Stolen credentials on criminal forums cost as...

The Hacker News

Biden's Cyber Ambassador Urges Trump Not to Cede Ground to Russia and China in Global Tech Fight

Thu Jan 16 2025

Nathaniel Fick, the ambassador for cyberspace and digital policy, has led US tech diplomacy amid a rising tide of pressure from authoritarian regimes. Will the Trump administration undo that work?

Wired

New UEFI Secure Boot Vulnerability Could Allow Attackers to Load Malicious Bootkits

Thu Jan 16 2025

Details have emerged about a now-patched security vulnerability that could allow a bypass of the Secure Boot mechanism in Unified Extensible Firmware Interface (UEFI) systems. The vulnerability, assigned the CVE identifier CVE-2024-7344 (CVSS score: 6.7), resides in a UEFI application signed by Microsoft's "Microsoft Corporation UEFI CA 2011" third-party UEFI certificate, according to a new...

The Hacker News

Researchers Find Exploit Allowing NTLMv1 Despite Active Directory Restrictions

Thu Jan 16 2025

Cybersecurity researchers have found that the Microsoft Active Directory Group Policy that's designed to disable NT LAN Manager (NTLM) v1 can be trivially bypassed by a misconfiguration. "A simple misconfiguration in on-premise applications can override the Group Policy, effectively negating the Group Policy designed to stop NTLMv1 authentications," Silverfort researcher Dor Segal said in a...

The Hacker News

Hackers Hide Malware in Images to Deploy VIP Keylogger and 0bj3ctivity Stealer

Thu Jan 16 2025

Threat actors have been observed concealing malicious code in images to deliver malware such as VIP Keylogger and 0bj3ctivity Stealer as part of separate campaigns. "In both campaigns, attackers hid malicious code in images they uploaded to archive[.]org, a file-hosting website, and used the same .NET loader to install their final payloads," HP Wolf Security said in its Threat Insights Report...

The Hacker News

GitHub’s Deepfake Porn Crackdown Still Isn’t Working

Thu Jan 16 2025

Over a dozen programs used by creators of nonconsensual explicit images have evaded detection on the developer platform, WIRED has found.

Wired

A New Jam-Packed Biden Executive Order Tackles Cybersecurity, AI, and More

Thu Jan 16 2025

US president Joe Biden just issued a 40-page executive order that aims to bolster federal cybersecurity protections, directs government use of AI—and takes a swipe at Microsoft’s dominance.

Wired

Python-Based Malware Powers RansomHub Ransomware to Exploit Network Flaws

Thu Jan 16 2025

Cybersecurity researchers have detailed an attack that involved a threat actor utilizing a Python-based backdoor to maintain persistent access to compromised endpoints and then leveraged this access to deploy the RansomHub ransomware throughout the target network. According to GuidePoint Security, initial access is said to have been facilitated by means of a JavaScript malware downloaded named...

The Hacker News

Researcher Uncovers Critical Flaws in Multiple Versions of Ivanti Endpoint Manager

Thu Jan 16 2025

Ivanti has rolled out security updates to address several security flaws impacting Avalanche, Application Control Engine, and Endpoint Manager (EPM), including four critical bugs that could lead to information disclosure. All the four critical security flaws, rated 9.8 out of 10.0 on the CVSS scale, are rooted in EPM, and concern instances of absolute path traversal that allow a remote...

The Hacker News

SIEM buyer’s guide: Top 15 security information and event management tools — and how to choose

Thu Jan 16 2025

Security information and event management (SIEM) is a blue-collar tool for network security professionals.

CSO Online

Cybersecurity hiring is deeply flawed, demoralizing, and needs to be fixed

Thu Jan 16 2025

When people think about starting a new job, words like “exciting,” “motivating,” and “rewarding” often come to mind.

CSO Online

CISA warns second BeyondTrust vulnerability also exploited in the wild

Wed Jan 15 2025

The US Cybersecurity and Infrastructure Security Agency (CISA) has added to its catalog of known exploited vulnerabilities a second vulnerability by BeyondTrust, which was patched in December.

CSO Online

Google Ads Users Targeted in Malvertising Scam Stealing Credentials and 2FA Codes

Wed Jan 15 2025

Cybersecurity researchers have alerted to a new malvertising campaign that's targeting individuals and businesses advertising via Google Ads by attempting to phish for their credentials via fraudulent ads on Google. "The scheme consists of stealing as many advertiser accounts as possible by impersonating Google Ads and redirecting victims to fake login pages," Jérôme Segura, senior director of...

The Hacker News

Lazarus Group Targets Web3 Developers with Fake LinkedIn Profiles in Operation 99

Wed Jan 15 2025

The North Korea-linked Lazarus Group has been attributed to a new cyber attack campaign dubbed Operation 99 that targeted software developers looking for freelance Web3 and cryptocurrency work to deliver malware. "The campaign begins with fake recruiters, posing on platforms like LinkedIn, luring developers with project tests and code reviews," Ryan Sherstobitoff, senior vice president of Threat...

The Hacker News

Die Top 10 Geschäftsrisiken in Deutschland 2025

Wed Jan 15 2025

Cyberangriffe zählen nach wie vor zu den größten Geschäftsrisiken.

CSO Online

Perfide Ransomware-Attacke gegen AWS-Nutzer

Wed Jan 15 2025

srcset="https://b2b-contenthub.

CSO Online

North Korean IT Worker Fraud Linked to 2016 Crowdfunding Scam and Fake Domains

Wed Jan 15 2025

Cybersecurity researchers have identified infrastructure links between the North Korean threat actors behind the fraudulent IT worker schemes and a 2016 crowdfunding scam. The new evidence suggests that Pyongyang-based threamoret groups may have pulled off illicit money-making scams that predate the use of IT workers, SecureWorks Counter Threat Unit (CTU) said in a report shared with The Hacker...

The Hacker News

Cisco’s homegrown AI to help enterprises navigate AI adoption

Wed Jan 15 2025

As the world rushes to integrate AI into all aspects of enterprise applications, there’s a pressing need to secure data-absorbing AI systems from malicious interferences.

CSO Online

Google Cloud Researchers Uncover Flaws in Rsync File Synchronization Tool

Wed Jan 15 2025

As many as six security vulnerabilities have been disclosed in the popular Rsync file-synchronizing tool for Unix systems, some of which could be exploited to execute arbitrary code on a client. "Attackers can take control of a malicious server and read/write arbitrary files of any connected client," the CERT Coordination Center (CERT/CC) said in an advisory. "Sensitive data, such as SSH keys,...

The Hacker News

CISA unveils ‘Secure by Demand’ guidelines to bolster OT security

Wed Jan 15 2025

The US Cybersecurity and Infrastructure Security Agency (CISA), along with its international cybersecurity allies, has unveiled the “Secure by Demand” guidelines to safeguard operational technology (O

CSO Online

The High-Stakes Disconnect For ICS/OT Security

Wed Jan 15 2025

Why does ICS/OT need specific controls and its own cybersecurity budget today? Because treating ICS/OT security with an IT security playbook isn’t just ineffective—it’s high risk. In the rapidly evolving domain of cybersecurity, the specific challenges and needs for Industrial Control Systems (ICS) and Operational Technology (OT) security distinctly stand out from traditional IT security. ICS/OT...

The Hacker News

Diese Unternehmen hat’s schon erwischt

Wed Jan 15 2025

Lesen Sie, welche Unternehmen in Deutschland aktuell von Cyberangriffen betroffen sind.

CSO Online

The CFO may be the CISO’s most important business ally

Wed Jan 15 2025

CISOs frequently encounter inherent conflicts with business colleagues in their day-to-day responsibilities.

CSO Online

FBI Deletes PlugX Malware from 4,250 Hacked Computers in Multi-Month Operation

Wed Jan 15 2025

The U.S. Department of Justice (DoJ) on Tuesday disclosed that a court-authorized operation allowed the Federal Bureau of Investigation (FBI) to delete PlugX malware from over 4,250 infected computers as part of a "multi-month law enforcement operation." PlugX, also known as Korplug, is a remote access trojan (RAT) widely used by threat actors associated with the People's Republic of China (PRC...

The Hacker News

Stop wasting money on ineffective threat intelligence: 5 mistakes to avoid

Wed Jan 15 2025

Strong capabilities in cyber threat intelligence (CTI) can help take a cybersecurity program to the next level on many different fronts.

CSO Online