Malwarebytes
JANUARY 9, 2025
Like many other data brokers, Gravy is a company you may never have heard of, but it almost certainly knows a lot about you if youre a US citizen. Data brokers come in different shapes and sizes. What they have in common is that they gather personally identifiable data from various sourcesfrom publicly available data to stolen datasetsand then sell the gathered data on.
Security Boulevard
JANUARY 9, 2025
What to expect in 2025 and beyond, into the future. Here are some likely predictions across cybersecurity, GenAI and innovation, and defensive cyber. The post From Cybersecurity Consolidation to GenAI and Innovation – What to Expect: 2025 Predictions appeared first on Security Boulevard.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Malwarebytes
JANUARY 9, 2025
Small businesses and boutique organizations should use caution when leaning on browser-friendly artificial intelligence (AI) tools to generate ideas, content, and marketing copy, as a set of Google Chrome extensions were recently compromised to deliver info-stealing malware disguised as legitimate updates. Analyzed by researchers at Extension Total, the cybercriminal campaign has managed to take over the accounts of at least 36 Google Chrome extensions that provide AI and VPN services.
IT Security Guru
JANUARY 9, 2025
As we begin the New Year, it offers a chance for reflection on 2024 and to consider what we can do as security professionals and business leaders in 2025 that will keep us relevant and in the best position to counter cyber threats going forward. The IT Security Guru caught up with Darren Guccione, CEO and co-founder of Keeper Security to see what he thinks should be the industry’s resolutions in the coming year.
Speaker: Erroll Amacker
Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.
Security Boulevard
JANUARY 9, 2025
A bad actor is using a Microsoft 365 test domain and a self-created distribution list to bypass traditional email protections and entice victims to hand over their PayPal account information in what Fortinet's CISO is calling a "phish-free" phishing campaign. The post Fortinet CISO Details Phish-Free Phishing Scheme Using PayPal appeared first on Security Boulevard.
Security Affairs
JANUARY 9, 2025
Scaling up a security operations center (SOC) is inevitable for many organizations. How AI supports growth without overloading analysts. Scaling up a security operations center (SOC) is inevitable for many organizations. Although it might sting, keeping pace with business growth, increased threat volume and complexity, or compliance and regulatory demands requires enhancing and expanding SOC capabilities.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
|
Security Boulevard
JANUARY 9, 2025
While AI/ML and automation promise to help streamline and reduce security operation costs, these efforts could be significantly boosted by the increased availability of standard interfaces The post Open Interfaces Needed to Cut Security Operations Costs & Boost Efficiency appeared first on Security Boulevard.
Security Affairs
JANUARY 9, 2025
A group of hacktivists, known as the Ukrainian Cyber Alliance, breached Russian ISP Nodex, stole sensitive documents, and wiped systems. Ukrainian Cyber Alliance hacked Russian ISP Nodex, stole sensitive data, and wiped systems, highlighting their cyberattack capabilities. The Ukrainian Cyber Alliance has been active since 2016, the Pro-Ukraine group has targeted Russian entities since the invasion of Ukraine.
Tech Republic Security
JANUARY 9, 2025
Hidden dependencies, social engineering attacks, and the complexity of foundation models can all contribute tothe insecure use of open-source software in 2025.
Security Affairs
JANUARY 9, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti Connect Secure, Policy Secure, and ZTA Gateways flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an Ivanti Connect Secure Vulnerability, tracked as CVE-2025-0282 (CVSS score: 9.0) to its Known Exploited Vulnerabilities (KEV) catalog.
Advertisement
Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.
Security Boulevard
JANUARY 9, 2025
Our nations critical infrastructure is increasingly brittle and under attack. Take the recent report that the drinking water of millions of Americans is at risk due to technical vulnerabilities. The post Building Resilience Into Cyber-Physical Systems Has Never Been This Mission-Critical appeared first on Security Boulevard.
Security Affairs
JANUARY 9, 2025
Medusind, a medical billing provider, disclosed a data breach that occurred in December 2023 and affected over 360,000 individuals. Medusind is a company that provides medical billing, coding, and revenue cycle management (RCM) services to healthcare organizations, including medical practices, dental practices, and other providers. The company disclosed a data breach discovered on December 29, 2023, that impacted 360,934 individuals.
Zero Day
JANUARY 9, 2025
If you're just now jumping onto the Linux train, you might be wondering what apps to install first. Here are the first 10 I find should be installed by all.
Trend Micro
JANUARY 9, 2025
Our research shows how attackers use platforms like YouTube to spread fake installers via trusted hosting services, employing encryption to evade detection and steal sensitive browser data.
Advertisement
The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.
WIRED Threat Level
JANUARY 9, 2025
A hack of location data company Gravy Analytics has revealed which apps areknowingly or notbeing used to collect your information behind the scenes.
Zero Day
JANUARY 9, 2025
Our experts sifted through thousands of CES exhibitors to find the best tech. ZDNET, CNET, PCMag, Mashable, and Lifehacker combined to select the winners.
WIRED Threat Level
JANUARY 9, 2025
The inside story of the teenager whose swatting calls sent armed police racing into hundreds of schools nationwideand the private detective who tracked him down.
Zero Day
JANUARY 9, 2025
Our experts sifted through the thousands of CES exhibitors to find the best tech.
Speaker: Sierre Lindgren
Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.
The Hacker News
JANUARY 9, 2025
Cybersecurity researchers have uncovered a new, stealthier version of a macOS-focused information-stealing malware called Banshee Stealer. "Once thought dormant after its source code leak in late 2024, this new iteration introduces advanced string encryption inspired by Apple's XProtect," Check Point Research said in a new analysis shared with The Hacker News.
Zero Day
JANUARY 9, 2025
Google's Chromium source code will be used as the basis for new open-source web browsers.
The Hacker News
JANUARY 9, 2025
Japan's National Police Agency (NPA) and National Center of Incident Readiness and Strategy for Cybersecurity (NCSC) accused a China-linked threat actor named MirrorFace of orchestrating a persistent attack campaign targeting organizations, businesses, and individuals in the country since 2019.
Zero Day
JANUARY 9, 2025
Robot vacuums are getting some outstanding upgrades this year, and ZDNET has picked the best ones of them all.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
The Hacker News
JANUARY 9, 2025
Threat actors are attempting to take advantage of a recently disclosed security flaw impacting GFI KerioControl firewalls that, if successfully exploited, could allow malicious actors to achieve remote code execution (RCE).
Security Boulevard
JANUARY 9, 2025
Addressing configuration drift - a seemingly minor issue - is essential to maintaining a secure and resilient IT environment. The post Security Implications of Configuration Drift appeared first on Security Boulevard.
WIRED Threat Level
JANUARY 9, 2025
The fate of TikTok now rests in the hands of the US Supreme Court. If a law banning the social video app this month is upheld, it wont disappear from your phonebut it will get messy fast.
The Hacker News
JANUARY 9, 2025
Palo Alto Networks has released software patches to address several security flaws in its Expedition migration tool, including a high-severity bug that an authenticated attacker could exploit to access sensitive data.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Zero Day
JANUARY 9, 2025
The Bebird EarSight Flow gently shoots water into your ears to clean them and has a special camera that allows you to watch the process in real time from the app.
Security Boulevard
JANUARY 9, 2025
From storing state IDs, driver's licenses and passports to managing payment information, digital wallets have revolutionized the way we handle personal credentials. The post Digital Wallets: From Consumer Convenience to Corporate Security appeared first on Security Boulevard.
Zero Day
JANUARY 9, 2025
At CES 2025, Dreame introduced its premium X50 Ultra, which aspires to go where no robot vac has gone before.
Security Boulevard
JANUARY 9, 2025
Software maker Ivanti, which for more than a year has been plagued by security flaws in its appliance, unveiled two new ones this week, with Mandiant researchers saying that one likely is being activity exploited by China-linked threat groups. The post Chinese-linked Hackers May Be Exploiting Latest Ivanti Vulnerability appeared first on Security Boulevard.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Expert insights. Personalized for you.
133 
Let's personalize your content