Wed.Jan 15, 2025

article thumbnail

Phishing False Alarm

Schneier on Security

A very security-conscious company was hit with a (presumed) massive state-actor phishing attack with gift cards, and everyone rallied to combat it—until it turned out it was company management sending the gift cards.

Phishing 261
article thumbnail

The great Google Ads heist: criminals ransack advertiser accounts via fake Google ads

Malwarebytes

Table of contents Overview Criminals impersonate Google Ads Lures hosted on Google Sites Phishing for Google account credentials Victimology Who is behind these campaigns? Fuel for other malware and scam campaigns Indicators of Compromise Overview Online criminals are targeting individuals and businesses that advertise via Google Ads by phishing them for their credentials ironically via fraudulent Google ads.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Enhancing Health Care Cybersecurity: Bridging HIPAA Gaps with Innovation

Tech Republic Security

The proposed HIPAA Security Rule introduces mandatory measures that reflect the growing sophistication of cyber threats in health care.

article thumbnail

News alert: Sweet Security’s LLM-powered detection engine reduces cloud noise to 0.04%

The Last Watchdog

Tel Aviv, Israel, Jan. 15, 2025, CyberNewswire — Sweet Security , a leader in cloud runtime detection and response, today announced the launch of its groundbreaking patent-pending Large Language Model (LLM)-powered cloud detection engine. This innovation enhances Sweet’s unified detection and response solution, enabling it to reduce cloud detection noise to an unprecedented 0.04%.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

UK Considers Banning Ransomware Payments

Tech Republic Security

The proposed mandate intends to discourage criminals from targeting critical national infrastructure and public services, as there will be no financial motivation.

article thumbnail

Threat actor leaked config files and VPN passwords for over Fortinet Fortigate devices

Security Affairs

A previously unknown threat actor released config files and VPN passwords for Fortinet FortiGate devices on a popular cybercrime forum. A previously unknown threat actor named Belsen Group published configuration files and VPN passwords for over 15,000 Fortinet FortiGate appliances. “2025 will be a fortunate year for the world. At the beginning of the year, and as a positive start for us, and in order to solidify the name of our group in your memory, we are proud to announce our first offi

VPN 127

More Trending

article thumbnail

The five biggest mistakes people make when prompting an AI

Zero Day

Ready to transform how you use AI tools?

article thumbnail

Patch Tuesday: January 2025 Security Update Patches Exploited Elevation of Privilege Attacks

Tech Republic Security

Microsofts monthly patches cover Hyper-V NT Kernel Integration VSPs, Git in Visual Studio, and more.

Software 143
article thumbnail

Sweet Security Leverages LLM to Improve Cloud Security

Security Boulevard

Sweet Security today added a cloud detection engine to its cybersecurity portfolio that makes use of a large language model (LLM) to identify potential threats in real-time. The post Sweet Security Leverages LLM to Improve Cloud Security appeared first on Security Boulevard.

article thumbnail

Python-Based Malware Powers RansomHub Ransomware to Exploit Network Flaws

The Hacker News

Cybersecurity researchers have detailed an attack that involved a threat actor utilizing a Python-based backdoor to maintain persistent access to compromised endpoints and then leveraged this access to deploy the RansomHub ransomware throughout the target network.

Malware 137
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Cisco AI Defense: Comprehensive Security for Enterprise AI Adoption

Cisco Security

Cisco AI Defense is a single, end-to-end solution that helps your organization understand and mitigate risk on both the user and application levels.

Risk 137
article thumbnail

Lazarus Group Targets Web3 Developers with Fake LinkedIn Profiles in Operation 99

The Hacker News

The North Korea-linked Lazarus Group has been attributed to a new cyber attack campaign dubbed Operation 99 that targeted software developers looking for freelance Web3 and cryptocurrency work to deliver malware.

article thumbnail

News alert: Aembit announces speakers for NHIcon event, highlighting non-human identity security

The Last Watchdog

Silver Spring, MD, Jan. 15, 2025, CyberNewswire — Aembit , the non-human identity and access management (IAM) company, unveiled the full agenda for NHIcon 2025, a virtual event dedicated to advancing non-human identity security, streaming live on Jan. 28 and headlined by industry luminary Kevin Mandia. NHIcon 2025 is co-presented by Aembit and Veza , alongside industry partners Identity Defined Security Alliance and Cloud Security Alliance.

article thumbnail

Microsoft Patch Tuesday updates for January 2025 fixed three actively exploited flaws

Security Affairs

Microsoft Patch Tuesday security updates for January 2025 addressed 161 vulnerabilities, including three actively exploited issues. Microsoft Patch Tuesday security updates for January 2025 addressed 161 vulnerabilities in Windows and Windows Components, Office and Office Components, Hyper-V, SharePoint Server,NET and Visual Studio, Azure, BitLocker, Remote Desktop Services, and Windows Virtual Trusted Platform Module. 11 of these vulnerabilities are rated Critical, and the other are rated Impor

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Google Ads Users Targeted in Malvertising Scam Stealing Credentials and 2FA Codes

The Hacker News

Cybersecurity researchers have alerted to a new malvertising campaign that's targeting individuals and businesses advertising via Google Ads by attempting to phish for their credentials via fraudulent ads on Google.

Scams 131
article thumbnail

Codefinger ransomware gang uses compromised AWS keys to encrypt S3 bucket

Security Affairs

The ransomware group Codefinger is using compromised AWS keys to encrypt S3 bucket data using SSE-C, Halcyon researchers warn. The ransomware group Codefinger has been spotted using compromised AWS keys to encrypt data in S3 buckets. The threat actor used AWSs Server-Side Encryption with Customer Provided Keys (SSE-C) for encryption, then demanded the payment of a ransom to the victim to recover the data using the attackers’ symmetric AES-256 keys required to decrypt data.

article thumbnail

Google Cloud Researchers Uncover Flaws in Rsync File Synchronization Tool

The Hacker News

As many as six security vulnerabilities have been disclosed in the popular Rsync file-synchronizing tool for Unix systems, some of which could be exploited to execute arbitrary code on a client. "Attackers can take control of a malicious server and read/write arbitrary files of any connected client," the CERT Coordination Center (CERT/CC) said in an advisory.

130
130
article thumbnail

CVE-2024-44243 macOS flaw allows persistent malware installation

Security Affairs

Microsoft disclosed details of a vulnerability in Apple macOS that could have allowed an attacker to bypass the OS’s System Integrity Protection ( SIP ). Microsoft disclosed details of a now-patched macOS flaw, tracked as CVE-2024-44243 (CVSS score: 5.5), that allows attackers with “root” access to bypass System Integrity Protection ( SIP ).

Malware 109
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

How to keep Linux optimized (and save time) with Stacer

Zero Day

If you want to get the most out of your system while keeping it clean, free of junk, and running smoothly, Stacer is the tool for you.

128
128
article thumbnail

Researcher Uncovers Critical Flaws in Multiple Versions of Ivanti Endpoint Manager

The Hacker News

Ivanti has rolled out security updates to address several security flaws impacting Avalanche, Application Control Engine, and Endpoint Manager (EPM), including four critical bugs that could lead to information disclosure. All the four critical security flaws, rated 9.8 out of 10.

article thumbnail

How to install Arch Linux without losing your mind

Zero Day

If you've ever wanted to try Arch Linux but were afraid of the installation process, there's a handy script to help ease this task.

126
126
article thumbnail

North Korean IT Worker Fraud Linked to 2016 Crowdfunding Scam and Fake Domains

The Hacker News

Cybersecurity researchers have identified infrastructure links between the North Korean threat actors behind the fraudulent IT worker schemes and a 2016 crowdfunding scam.

Scams 123
article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

Microsoft Office support in Windows 10 ends in October too - what that really means

Zero Day

The end of support is near for more than just Windows 10. But there's no need to panic.

126
126
article thumbnail

Infectious Prompt Injection Attacks on Multi-Agent AI Systems 

Security Boulevard

LLMs are becoming very powerful and reliable, and multi-agent systems multiple LLMs having a major impact tackling complex tasks are upon us, for better and worse. The post Infectious Prompt Injection Attacks on Multi-Agent AI Systems appeared first on Security Boulevard.

article thumbnail

How to delete Facebook, Messenger, or Instagram - if you want Meta out of your life

Zero Day

Peace out, Meta. It's been weird.

124
124
article thumbnail

Veeam Releases Patch for High-Risk SSRF Vulnerability CVE-2025-23082 in Azure Backup Solution

Penetration Testing

Veeam, a prominent player in data management and backup solutions, has recently disclosed a critical vulnerability in its The post Veeam Releases Patch for High-Risk SSRF Vulnerability CVE-2025-23082 in Azure Backup Solution appeared first on Cybersecurity News.

Backups 117
article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

PC running slow? This tiny storage drive gave mine an instant speed boost

Zero Day

Instead of buying an all-new processor, this thumb-sized 1TB storage drive gave my old PC a much-needed speed boost.

122
122
article thumbnail

15,000 FortiGate Firewalls Exposed: Massive Leak Includes VPN Credentials

Penetration Testing

Cybersecurity expert Kevin Beaumont has reported that over 15,000 FortiGate firewall configurations, including VPN credentials, have been publicly The post 15,000 FortiGate Firewalls Exposed: Massive Leak Includes VPN Credentials appeared first on Cybersecurity News.

Firewall 117
article thumbnail

FBI Deletes PlugX Malware From Computers Infected by China Group

Security Boulevard

A Chinese-based threat group called Mustang Panda was using a variant of the PlugX malware to infected U.S. Windows computers and steal information. The FBI, with help from French authorities and a private company, deleted the malicious code from more than 4,200 systems. The post FBI Deletes PlugX Malware From Computers Infected by China Group appeared first on Security Boulevard.

Malware 114
article thumbnail

CVE-2025-23042 (CVSS 9.1): Gradio Patches Critical ACL Bypass Flaw in Popular Machine Learning Platform

Penetration Testing

Gradio, a popular open-source Python library for creating machine learning demos and web applications, has recently patched a The post CVE-2025-23042 (CVSS 9.1): Gradio Patches Critical ACL Bypass Flaw in Popular Machine Learning Platform appeared first on Cybersecurity News.

article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.