Schneier on Security

MAY 27, 2025

One one my biggest worries about VPNs is the amount of trust users need to place in them, and how opaque most of them are about who owns them and what sorts of data they retain. A new study found that many commercials VPNS are (often surreptitiously) owned by Chinese companies. It would be hard for U.S. users to avoid the Chinese VPNs. The ownership of many appeared deliberately opaque, with several concealing their structure behind layers of offshore shell companies.

VPN 301

VPN 301

Krebs on Security

MAY 29, 2025

Image: Shutterstock, ArtHead. The U.S. government today imposed economic sanctions on Funnull Technology Inc. , a Philippines-based company that provides computer infrastructure for hundreds of thousands of websites involved in virtual currency investment scams known as pig butchering.” In January 2025, KrebsOnSecurity detailed how Funnull was being used as a content delivery network that catered to cybercriminals seeking to route their traffic through U.S.

Scams 211

Scams Internet Internet Cybercrime 211

Lohrman on Security

MAY 25, 2025

What is the current situation with nation-state cyber attacks in the middle of 2025? Heres a look at some of the biggest cyber threats from Russia, China, Iran and North Korea.

Cyber threats 207

Cyber threats Cyber Attacks 207

Security Affairs

MAY 25, 2025

Operation ENDGAME dismantled key ransomware infrastructure, taking down 300 servers, 650 domains, and seizing 21.2M in crypto. From May 19 to 22, 2025, Operation ENDGAME, coordinated by Europol and Eurojust, disrupted global ransomware infrastructure. Law enforcement took down down 300 servers and 650 domains, and issuing 20 international arrest warrants. “A Command Post was set up at Europol headquarters in The Hague during the action week, with investigators from Canada, Denmark, France,

Ransomware 126

Ransomware Cybercrime Malware Cryptocurrency 126

Speaker: Erroll Amacker

Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.

Risk

Jane Frankland

MAY 30, 2025

Everyone’s talking about AI aren’t they, and when I gave a keynote on Artificial Intelligence and cybersecurity recently, I relayed how the rise of AI has brought us to a pivotal moment in historya moment brimming with both extraordinary opportunity and unparalleled risk. Central to this debate, though, is the approach that nations are taking toward regulation.

Artificial Intelligence 130

Artificial Intelligence Risk Government Technology 130

Schneier on Security

MAY 28, 2025

Russia is proposing a rule that all foreigners in Moscow install a tracking app on their phones. Using a mobile application that all foreigners will have to install on their smartphones, the Russian state will receive the following information: Residence location Fingerprint Face photograph Real-time geo-location monitoring This isn’t the first time we’ve seen this.

Mobile 299

Mobile 299

The Hacker News

MAY 25, 2025

Cybersecurity researchers have disclosed a malware campaign that uses fake software installers masquerading as popular tools like LetsVPN and QQ Browser to deliver the Winos 4.0 framework. The campaign, first detected by Rapid7 in February 2025, involves the use of a multi-stage, memory-resident loader called Catena.

Malware 118

Malware VPN Software Cybersecurity 118

Security Affairs

MAY 28, 2025

GreyNoise researchers warn of a new AyySSHush botnet compromised over 9,000 ASUS routers, adding a persistent SSH backdoor. GreyNoisediscovered the AyySSHush botnet has hacked over 9,000 ASUS routers, adding a persistent SSH backdoor. “Using an AI powered network traffic analysis tool we built called SIFT, GreyNoise has caught multiple anomalous network payloads with zero-effort that are attempting to disable TrendMicro security features in ASUS routers, then exploit vulnerabilities and no

Firmware 134

Firmware Internet Internet Hacking 134

The Last Watchdog

MAY 30, 2025

Non-human service accounts have quietly become one of the biggest liabilities in enterprise security. Related: Why identity is the cornerstone of cyber defense These machine credentials used to automate connections between systems now outnumber humans by 30 to 1. That gap is likely even wider in cloud-intensive environments. Yet despite their scale, service accounts remain largely invisible to traditional IAM and PAM systems.

Risk 130

Risk Cyber Insurance Accountability Insurance 130

Schneier on Security

MAY 30, 2025

There’s a new cybersecurity awareness campaign: Take9. The idea is that people—you, me, everyone—should just pause for nine seconds and think more about the link they are planning to click on, the file they are planning to download, or whatever it is they are planning to share. There’s a website —of course—and a video , well-produced and scary.

Cybersecurity 212

Cybersecurity Scams Security Awareness Phishing 212

Advertisement

Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.

Cyber threats

Zero Day

MAY 26, 2025

Here's how to ensure your organization is innovating in the right places.

129

129

The Hacker News

MAY 28, 2025

Cybersecurity researchers have discovered a security flaw in Microsoft's OneDrive File Picker that, if successfully exploited, could allow websites to access a user's entire cloud storage content, as opposed to just the files selected for upload via the tool.

Cybersecurity 125

Cybersecurity 125

Security Affairs

MAY 28, 2025

Researchers found a fake Bitdefender site spreading the Venom RAT by tricking users into downloading it as antivirus software. DomainTools Intelligence (DTI) researchers warn of a malicious campaign using a fake website (bitdefender-download[.]com) spoofing Bitdefenders Antivirus for Windows download page to trick visitors into downloading a remote access trojan called Venom RAT. “A malicious campaign using a fake website to spread VenomRAT, a Remote Access Trojan (RAT), is detailed in thi

Antivirus 120

Antivirus Malware Banking Passwords 120

Malwarebytes

MAY 27, 2025

A recent discovery by cybersecurity researcher Jeremiah Fowler of an unsecured database containing over 184 million unique login credentials has once again highlighted the growing threat posed by infostealers. While the sheer volume of exposed dataincluding emails, passwords, and authorization URLsis alarming, the real concern is not just about the exposure itself, but in how cybercriminals collect and weaponize these credentials.

Identity Theft 129

Identity Theft Passwords Accountability Phishing 129

Advertisement

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

Cybersecurity

SecureList

MAY 28, 2025

Introduction Zanubis is a banking Trojan for Android that emerged in mid-2022. Since its inception, it has targeted banks and financial entities in Peru, before expanding its objectives to virtual cards and crypto wallets. The main infection vector of Zanubis is impersonating legitimate Peruvian Android applications and then misleading the user into enabling the accessibility permissions.

Banking 109

Banking Malware Energy and Utilities Encryption 109

Penetration Testing

MAY 29, 2025

As artificial intelligence continues to revolutionize industries, cybercriminals are exploiting the growing demand for AI-driven tools by embedding The post Warning: Fake AI Tools Spread CyberLock Ransomware and Numero Destructive Malware appeared first on Daily CyberSecurity.

Artificial Intelligence 120

Artificial Intelligence Malware Ransomware Cybersecurity 120

The Hacker News

MAY 26, 2025

As many as 60 malicious npm packages have been discovered in the package registry with malicious functionality to harvest hostnames, IP addresses, DNS servers, and user directories to a Discord-controlled endpoint.

DNS 116

DNS Accountability 116

Security Affairs

MAY 27, 2025

Sophos warns that a DragonForce ransomware operator chained three vulnerabilities in SimpleHelp to target a managed service provider. Sophos researchers reported that a DragonForce ransomware operator exploited three chained vulnerabilities in SimpleHelp software to attack a managed service provider. SimpleHelp is a remote support and access software designed for IT professionals and support teams.

Ransomware 105

Ransomware Software Retail Data breaches 105

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Duo's Security Blog

MAY 28, 2025

Identity is under siege. Sixty percent of all Cisco Talos IR cases in 2024 saw identity as a key component of reported attacks. Organizations are facing relentless challenges in keeping their systems secure. As attackers grow more sophisticated, traditional Identity and Access Management (IAM) providers have fallen short, leaving critical gaps in their defenses.

Social Engineering 124

Social Engineering Engineering Phishing Marketing 124

WIRED Threat Level

MAY 26, 2025

Hackers. AI data scrapes. Government surveillance. Thinking about where to start when it comes to protecting your online privacy can be overwhelming. Heres a simple guide for youand anyone who claims they have nothing to hide.

Surveillance 118

Surveillance Government 118

Zero Day

MAY 27, 2025

Even if your Samsung phone offers battery life that's just good enough, adjusting these settings will take things up a notch.

125

125

The Hacker News

MAY 27, 2025

Microsoft has shed light on a previously undocumented cluster of threat activity originating from a Russia-affiliated threat actor dubbed Void Blizzard (aka Laundry Bear) that it said is attributed to "worldwide cloud abuse.

Phishing 120

Phishing Government Hacking 120

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Penetration Testing

MAY 29, 2025

A new wave of attacks uncovered by Netskope Threat Labs reveals a sophisticated global malware campaign delivering the The post PureHVNC RAT Spreads Through Fake Job Offers and Multi-Stage Obfuscation appeared first on Daily CyberSecurity.

Malware 116

Malware Cybersecurity Social Engineering Scams 116

The Last Watchdog

MAY 28, 2025

Reactive security isnt just outdated its become a liability. Attackers have figured out how to weaponize speed, and defenders are struggling to keep pace. Related: Mastering adversary emulation At RSAC 2025 , I spoke with Derek Manky , Chief Security Strategist and Global VP of Threat Intelligence at Fortinets FortiGuard Labs, about how and why the game has changed and what defenders can do to adapt.

Cybercrime 130

Cybercrime Internet Internet 130

SecureWorld News

MAY 28, 2025

In early May 2025, two of the United Kingdom's best-known grocers, Marks & Spencer (M&S) and the Co-op, as well as luxury retailer Harrods, were struck by sophisticated social-engineering attacks that tricked IT teams into resetting critical passwords and deploying ransomware across their networks. Online systems were shut down in response, payments couldn't be accepted, and shelves were left empty as the supply chain broke down.

Retail 105

Retail Social Engineering Passwords Ransomware 105

Zero Day

MAY 25, 2025

Is a one-person mega-business realistic? And what are the best tools and technologies to scale and sustain a small-team business?

Technology 103

Technology 103

Speaker: Sierre Lindgren

Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.

Scams

The Hacker News

MAY 30, 2025

The China-linked threat actor behind the recent in-the-wild exploitation of a critical security flaw in SAP NetWeaver has been attributed to a broader set of attacks targeting organizations in Brazil, India, and Southeast Asia since 2023.

111

111

Penetration Testing

MAY 26, 2025

A deceptively crafted fake Google Meet page has surfaced on compromised WordPress sites, tricking unsuspecting visitors into manually The post Fake Google Meet Page Tricks Users into Running Malware appeared first on Daily CyberSecurity.

Malware 112

Malware Cybersecurity Social Engineering Engineering 112

Tech Republic Security

MAY 27, 2025

A remote prompt injection flaw in GitLab Duo allowed attackers to steal private source code and inject malicious HTML. GitLab has since patched the issue.

Artificial Intelligence 109

Artificial Intelligence 109

Security Affairs

MAY 26, 2025

China-linked APT exploit Ivanti EPMM flaws to target critical sectors across Europe, North America, and Asia-Pacific, according to EclecticIQ. Researchers from EclecticIQ observed a China-linked APT group that chained two Ivanti EPMM flaws, tracked as CVE-2025-4427 and CVE-2025-4428 , in attacks against organizations in Europe, North America, and Asia-Pacific.

Mobile 93

Mobile Telecommunications Authentication Internet 93

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity