June, 2025

article thumbnail

What LLMs Know About Their Users

Schneier on Security

Simon Willison talks about ChatGPT’s new memory dossier feature. In his explanation, he illustrates how much the LLM—and the company—knows about its users. It’s a big quote, but I want you to read it all. Here’s a prompt you can use to give you a solid idea of what’s in that summary. I first saw this shared by Wyatt Walls. please put all text under the following headings into a code block in raw JSON: Assistant Response Preferences, Notable Past Conversation T

article thumbnail

Patch Tuesday, June 2025 Edition

Krebs on Security

Microsoft today released security updates to fix at least 67 vulnerabilities in its Windows operating systems and software. Redmond warns that one of the flaws is already under active attack, and that software blueprints showing how to exploit a pervasive Windows bug patched this month are now public. The sole zero-day flaw this month is CVE-2025-33053 , a remote code execution flaw in the Windows implementation of WebDAV — an HTTP extension that lets users remotely manage files and direct

Software 231
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Critical flaw in Cisco ISE impacts cloud deployments on AWS, Microsoft Azure, and Oracle Cloud Infrastructure

Security Affairs

Cisco fixed a critical flaw in the Identity Services Engine (ISE) that could allow unauthenticated attackers to conduct malicious actions. A vulnerability tracked as CVE-2025-20286 (CVSS score 9.9) in cloud deployments of Cisco ISE on AWS, Microsoft Azure, and Oracle Cloud Infrastructure allows unauthenticated remote attackers to access sensitive data, perform limited administrative actions, modify configurations, or disrupt services.

article thumbnail

CISA Alert: Critical Vulnerabilities Found in CyberData SIP Emergency Intercom Devices

Penetration Testing

CISA issues critical warning for CyberData SIP Emergency Intercom (Model 011209) with severe vulnerabilities (CVSS 9.8), risking remote access and code execution. Update now.

Risk 86
article thumbnail

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

Speaker: Erroll Amacker

Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.

article thumbnail

INTERPOL Dismantles 20,000+ Malicious IPs Linked to 69 Malware Variants in Operation Secure

The Hacker News

INTERPOL on Wednesday announced the dismantling of more than 20,000 malicious IP addresses or domains that have been linked to 69 information-stealing malware variants. The joint action, codenamed Operation Secure, took place between January and April 2025, and involved law enforcement agencies from 26 countries to identify servers, map physical networks, and execute targeted takedowns.

Malware 135
article thumbnail

Understanding Indirect Prompt Injection Attacks in LLM-Integrated Workflows

NetSpi Executives

TL;DR Indirect prompt injection is a security threat where attackers hide malicious instructions in content that AI systems will later read such as email footers, PDFs, or web pages. Unlike direct attacks, these require no user interaction and are hard to detect. When AI tools like Microsoft 365 Copilot process this poisoned content, they treat the hidden commands as legitimate instructions, potentially leaking sensitive data or performing unauthorized actions.

LifeWorks

More Trending

article thumbnail

'SIEM Sprawl' Makes It Tough for Security Teams to Detect What Matters

SecureWorld News

In its 2025 State of SIEM report, CardinalOps delivers a stark message to cybersecurity professionals: despite massive investments in Security Information and Event Management (SIEM) platforms, most organizations are blind to a majority of known MITRE ATT&CK techniques. And the situation isn't improving fast enough. With data pulled from real-world production SIEM environments, the report exposes persistent detection gaps, redundant rules, and "SIEM sprawl" that undermines both threat visibi

article thumbnail

Russia-linked APT28 use Signal chats to target Ukraine official with malware

Security Affairs

Russia-linked group APT28 uses Signal chats as an attack vector to phish Ukrainian officials with new malware strains. Russia-linked cyberespionage group APT28 is targeting Ukrainian government officials using Signal chats to deliver two new types of malware, tracked as BeardShell and SlimAgent. While Signal itself remains secure, attackers are exploiting its growing popularity in official communications to make their phishing attempts more convincing.

Malware 90
article thumbnail

CISA, FBI, NSA Urge Software Industry: Adopt Memory-Safe Languages to Drastically Cut Vulnerabilities

Penetration Testing

CISA, FBI, and NSA call for adopting memory-safe languages (Rust, Go, Java, Swift) to slash software vulnerabilities. Android saw a 52% drop in memory bugs after embracing MSLs.

article thumbnail

NIST Launches Updated Incident Response Guide

Security Boulevard

The National Institute of Standards and Technology (NIST) has released a long-awaited update to its incident response guidance: Special Publication 800-61 Revision 3 (SP 800-61r3). This new version, titled “Incident Response Recommendations and Considerations for Cybersecurity Risk Management,” aligns closely with the latest Cybersecurity Framework (CSF) 2.0, marking a significant evolution in how organizations should […] The post NIST Launches Updated Incident Response Guide appeared first on K

Risk 74
article thumbnail

Why Giant Content Libraries Do Nothing for Your Employees’ Cyber Resilience

Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.

article thumbnail

Largest DDoS Attack to Date

Schneier on Security

It was a recently unimaginable 7.3 Tbps : The vast majority of the attack was delivered in the form of User Datagram Protocol packets. Legitimate UDP-based transmissions are used in especially time-sensitive communications, such as those for video playback, gaming applications, and DNS lookups. It speeds up communications by not formally establishing a connection before data is transferred.

DDOS 245
article thumbnail

SparkKitty, SparkCat’s little brother: A new Trojan spy found in the App Store and Google Play

SecureList

In January 2025, we uncovered the SparkCat spyware campaign , which was aimed at gaining access to victims’ crypto wallets. The threat actor distributed apps containing a malicious SDK/framework. This component would wait for a user to open a specific screen (typically a support chat), then request access to the device’s gallery. It would then use an OCR model to select and exfiltrate images of interest.

Spyware 125
article thumbnail

AI and Data Security: Takeaways from Latest Cybersecurity Info Sheet

SecureWorld News

The 2025 Cybersecurity Information Sheet (CSI) on AI and Data Security offers critical guidance for organizations navigating the intersection of artificial intelligence and cybersecurity. The U.S. National Security Agency (NSA), in coordination with the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and cybersecurity agencies from Australia, New Zealand, and the United Kingdom, released the guidance— AI Data Security: Best Practices for Securi

article thumbnail

Malicious Minecraft mods distributed by the Stargazers DaaS target Minecraft gamers

Security Affairs

Java-based malware targets Minecraft users via fake cheat tools, utilizing the Stargazers Ghost Network distribution-as-a-service (DaaS). Check Point researchers found a multi-stage malware on GitHub targeting Minecraft users via Stargazers DaaS , using Java/.NET stealers disguised as cheat tools. Minecraft, one of the world’s most popular games with over 200 million monthly players and 300 million copies sold, has a vibrant modding community.

Malware 91
article thumbnail

Zero Trust Mandate: The Realities, Requirements and Roadmap

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

article thumbnail

Urgent Citrix NetScaler Alert: Critical Memory Overflow Flaw (CVE-2025-6543, CVSS 9.2) Actively Exploited on 2,100+ Unpatched Appliances

Penetration Testing

The post Urgent Citrix NetScaler Alert: Critical Memory Overflow Flaw (CVE-2025-6543, CVSS 9.2) Actively Exploited on 2,100+ Unpatched Appliances appeared first on Daily CyberSecurity.

article thumbnail

An Investigation of AWS Credential Exposure via Overprivileged Containers

Trend Micro

Overprivileged or misconfigured containers in Amazon EKS can expose sensitive AWS credentials to threats like packet sniffing and API spoofing, highlighting the need for least privilege and proactive security to detect and reduce these risks.

Risk 75
article thumbnail

How Cybersecurity Fears Affect Confidence in Voting Systems

Schneier on Security

American democracy runs on trust, and that trust is cracking. Nearly half of Americans, both Democrats and Republicans, question whether elections are conducted fairly. Some voters accept election results only when their side wins. The problem isn’t just political polarization—it’s a creeping erosion of trust in the machinery of democracy itself.

article thumbnail

Backups Are Under Attack: How to Protect Your Backups

The Hacker News

Ransomware has become a highly coordinated and pervasive threat, and traditional defenses are increasingly struggling to neutralize it. Today’s ransomware attacks initially target your last line of defense — your backup infrastructure. Before locking up your production environment, cybercriminals go after your backups to cripple your ability to recover, increasing the odds of a ransom payout.

Backups 105
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Best Secure Tools for Protecting Remote Teams in 2025

eSecurity Planet

Secure cybersecurity tools help businesses work more efficiently by safeguarding conversations, protecting sensitive files, and ensuring compliance. For remote teams, secure tools are even more essential. When employees are located across different regions, the risk of data breaches, unauthorized access, and miscommunication increases significantly.

article thumbnail

Roundcube Webmail under fire: critical exploit found after a decade

Security Affairs

A critical flaw in Roundcube webmail, undetected for 10 years, allows attackers to take over systems and execute arbitrary code. A critical flaw, tracked as CVE-2025-49113 (CVSS score of 9.9) has been discovered in the Roundcube webmail software. The vulnerability went unnoticed for over a decade, an attacker can exploit the flaw to take control of affected systems and run malicious code, putting users and organizations at significant risk.

article thumbnail

Critical Key Derivation Flaws in pbkdf2 Affect Millions of JavaScript Projects, PoC Available

Penetration Testing

Two critical flaws (CVE-2025-6545, CVE-2025-6547, CVSS 9.1) in pbkdf2 npm package allow silent compromise of cryptographic keys. Update to 3.1.3+ immediately!

article thumbnail

How Cisco plans to stop rogue AI agent attacks inside your network

Zero Day

As AI agents grow more powerful and unpredictable, Cisco unveils tools to lock down networks, track agent behavior, and prevent chaos before it spreads through your infrastructure.

99
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

News alert: $198K in Grants Awarded to Boost Cybersecurity Workforce in Massachusetts

The Last Watchdog

Boston, MA, Jun. 4, 2025, The Healey-Driscoll administration and Massachusetts Technology Collaboratives (MassTech) MassCyberCenter awarded $198,542 to four Massachusetts-based programs focused on preparing professionals for the cybersecurity workforce.MassTech provided the funds through the Alternative Cyber Career Education (ACE) Grant Program , a statewide effort to support young adults and retrain existing professionals with alternative options to traditional cybersecurity degree programs.

article thumbnail

Microsoft’s June 2025 Patch Tuesday Addresses 65 CVEs (CVE-2025-33053)

Security Boulevard

9 Critical 56 Important 0 Moderate 0 Low Microsoft addresses 65 CVEs, including two zero-day vulnerabilities, with one being exploited in the wild. Microsoft addresses 65 CVEs in its June 2025 Patch Tuesday release, with nine rated critical, and 56 rated as important. Our counts omitted one vulnerability reported by CERT CC. This month’s update includes patches for: NET and Visual Studio App Control for Business (WDAC) Microsoft AutoUpdate (MAU) Microsoft Local Security Authority Server (lsasrv)

article thumbnail

The Penetration Testing Life Cycle Explained

NetSpi Executives

TL;DR Penetration testing simulates real-world cyberattacks to uncover vulnerabilities before they’re exploited. Each phase of the penetration testing life cycle—planning, scanning, exploitation, persistence, and reporting—drives a successful pentest, but also comes with pain points and challenges. Understanding this process, and working it into your company’s practices, is essential for improving security posture and position.

article thumbnail

Qilin ransomware gang now offers a “Call Lawyer” feature to pressure victims

Security Affairs

Qilin ransomware gang now offers a “Call Lawyer” feature to help affiliates pressure victims into paying, per Cybereason. The Qilin ransomware group is now offering legal support to its affiliates through a “Call Lawyer” feature to pressure victims into paying. This move, reported by cybersecurity firm Cybereason, shows Qilin stepping up its operations and trying to take over space left by rival cybercrime groups.

article thumbnail

Next-Level Fraud Prevention: Strategies for Today’s Threat Landscape

Speaker: Sierre Lindgren

Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.

article thumbnail

CVE-2025-20271: Cisco Meraki VPN Bug Exposes MX and Z Series Devices to Remote DoS Attacks

Penetration Testing

Cisco warns of a critical flaw (CVE-2025-20271, CVSS 8.6) in Meraki MX/Z Series devices, allowing unauthenticated remote DoS on AnyConnect VPN. Update firmware now!

VPN 67
article thumbnail

86 million AT&T customer records reportedly up for sale on the dark web

Zero Day

X Trending Memorial Day tech sales 2025 Memorial Day TV sales 2025 Memorial Day lawn & outdoor sales 2025 Memorial Day phone sales 2025 Memorial Day health tracker sales 2025 Memorial Day headphone sales 2025 Memorial Day laptop sales 2025 Best CRM software of 2025 Best small business CRM software of 2025 Best free website builders of 2025 Best website builders of 2025 Best free web hosting services of 2025 Best malware removal software of 2025 Best remote access software of 2025 Best passwo

article thumbnail

News alert: Seraphic launches BrowserTotal™ — a free AI-powered tool to stress test browser security

The Last Watchdog

Tel Aviv, Israel, June 9, 2025, CyberNewswire — Seraphic Security , a leader in enterprise browser security, today announced the launch of Browser Total , a unique and proprietary public service enabling enterprises to assess their browser security posture in real-time. The launch coincides with the Gartner Security & Risk Management Summit 2025, where Seraphic will be showcasing the new platform with live demos at booth #1257.

Marketing 130
article thumbnail

Why Threat Agents Must be Included in Cybersecurity Risk Assessments

Security Boulevard

In the ever-evolving landscape of cybersecurity, organizations face a constant struggle: how to best allocate limited resources to maximize their defensive posture. No one has enough budget, personnel, or tools to defend against every conceivable threat. When effort is misapplied to low-risk areas, higher-risk areas are left exposed. This inefficiency can prove disastrous.

Risk 52
article thumbnail

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.