March, 2025

article thumbnail

When Getting Phished Puts You in Mortal Danger

Krebs on Security

Many successful phishing attacks result in a financial loss or malware infection. But falling for some phishing scams, like those currently targeting Russians searching online for organizations that are fighting the Kremlin war machine, can cost you your freedom or your life. The real website of the Ukrainian paramilitary group “Freedom of Russia” legion.

article thumbnail

AI Data Poisoning

Schneier on Security

Cloudflare has a new feature —available to free users as well—that uses AI to generate random pages to feed to AI web crawlers: Instead of simply blocking bots, Cloudflare’s new system lures them into a “maze” of realistic-looking but irrelevant pages, wasting the crawler’s computing resources. The approach is a notable shift from the standard block-and-defend strategy used by most website protection services.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Microsoft: 6 Zero-Days in March 2025 Patch Tuesday

Krebs on Security

Microsoft today issued more than 50 security updates for its various Windows operating systems, including fixes for a whopping six zero-day vulnerabilities that are already seeing active exploitation. Two of the zero-day flaws include CVE-2025-24991 and CVE-2025-24993 , both vulnerabilities in NTFS , the default file system for Windows and Windows Server.

article thumbnail

FBI warns of malicious free online document converters spreading malware

Security Affairs

The FBI warns of a significant increase in scams involving free online document converters to infect users with malware. The FBI warns that threat actors use malicious online document converters to steal users sensitive information and infect their systems with malware. “The FBI Denver Field Office is warning that agents are increasingly seeing a scam involving free online document converter tools, and we want to encourage victims to report instances of this scam.” reads the alert. &

article thumbnail

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

Speaker: Erroll Amacker

Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.

article thumbnail

The “free money” trap: How scammers exploit financial anxiety 

Malwarebytes

With financial stress at an all-time high, and many Americans grappling with confusion about social security, Medicaid, and Medicare, people are desperately seeking relief. Scammers know this all too well and have tailored their tactics to exploit these fears, preying on vulnerable individuals with promises of “free money.” Whether it’s a so-called “subsidy program,” a “government grant,” or a “relief card,” these scams all share the same und

article thumbnail

Federal Contractor Cybersecurity Vulnerability Reduction Act Passes in U.S. House

SecureWorld News

Cybersecurity threats against federal contractors are escalating, with adversaries continuously seeking vulnerabilities within governmental supply chains. To address this challenge, the Federal Contractor Cybersecurity Vulnerability Reduction Act of 2025 (HR 872) is poised to mandate stronger security measures across contractors working with the U.S. government.

LifeWorks

More Trending

article thumbnail

Critical GitHub Attack

Schneier on Security

This is serious : A sophisticated cascading supply chain attack has compromised multiple GitHub Actions, exposing critical CI/CD secrets across tens of thousands of repositories. The attack, which originally targeted the widely used tj-actions/changed-files utility, is now believed to have originated from an earlier breach of the reviewdog/action-setup@v1 GitHub Action, according to a report. […] CISA confirmed the vulnerability has been patched in version 46.0.1.

article thumbnail

ClickFix: How to Infect Your PC in Three Easy Steps

Krebs on Security

A clever malware deployment scheme first spotted in targeted attacks last year has now gone mainstream. In this scam, dubbed “ ClickFix ,” the visitor to a hacked or malicious website is asked to distinguish themselves from bots by pressing a combination of keyboard keys that causes Microsoft Windows to download password-stealing malware.

article thumbnail

Experts warn of mass exploitation of critical PHP flaw CVE-2024-4577

Security Affairs

Threat actors exploit PHP flaw CVE-2024-4577 for remote code execution. Over 1,000 attacks detected globally. GreyNoise researchers warn of a large-scale exploitation of a critical vulnerability, tracked as CVE-2024-4577 (CVSS 9.8), in PHP. An attacker could exploit the vulnerability to achieve remote code execution on vulnerable servers using Apache and PHP-CGI.

article thumbnail

Security Researcher Comments on HIPAA Security Rule

Adam Shostack

A group of us have urged HHS to require better handling of security reports A group of us have urged HHS to require that health care providers to act on (and facilitate reporting of) security issues by good faith cybersecurity researchers. The core of what we recommend is that HHS should require cooperation with Good Faith researchers. All regulated entities should be required to enable people to report security issues in a way thats easy to discover and aligned with standards.

article thumbnail

Why Giant Content Libraries Do Nothing for Your Employees’ Cyber Resilience

Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.

article thumbnail

World Backup Day: A Clarion Call for Cyber Resilience

SecureWorld News

Each year on March 31st, just before April Fool's Day, cybersecurity professionals, IT teams, and business leaders alike are reminded of a simple truth: data loss isn't a matter of if, but when. World Backup Day is more than a calendar curiosityit's a call to action. In a digital world defined by ransomware, cloud sprawl, and hybrid infrastructures, the ability to recover data quickly and securely is one of the most important indicators of an organization's cyber resilience.

article thumbnail

Scammers Target Netflix Users: Expert Issues Urgent Warning

eSecurity Planet

Streaming giant Netflix is at the center of a rising wave of online scams, cybersecurity experts warn. Fraudsters use increasingly sophisticated tactics from fake texts to deceptive emails and websites to steal Netflix users personal and financial information. With over 230 million subscribers worldwide, Netflix has become one of the most impersonated brands by cybercriminals.

article thumbnail

Is Security Human Factors Research Skewed Towards Western Ideas and Habits?

Schneier on Security

Really interesting research: “ How WEIRD is Usable Privacy and Security Research? ” by Ayako A. Hasegawa Daisuke Inoue, and Mitsuaki Akiyama: Abstract : In human factor fields such as human-computer interaction (HCI) and psychology, researchers have been concerned that participants mostly come from WEIRD (Western, Educated, Industrialized, Rich, and Democratic) countries.

article thumbnail

Security expert Troy Hunt hit by phishing attack

Malwarebytes

Internet security expert and educator Troy Hunt disclosed this week that he had been hit by one of the oldestand most provenscams in the online world: A phishing attack. Through an automated attack disguised as a notice from Hunts chosen newsletter provider Mailchimp, scammers stole roughly 16,000 records belonging to current and past subscribers of Hunts blog.

article thumbnail

Zero Trust Mandate: The Realities, Requirements and Roadmap

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

article thumbnail

U.S. CISA adds Google Chromium Mojo flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium Mojo flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Google Chromium Mojo sandbox escape vulnerability, tracked as CVE-2025-2783 , to its Known Exploited Vulnerabilities (KEV) catalog. This week Google has released out-of-band fixes to address a high-severity security vulnerability , tracked as CVE-2025-2783 , in Chrome browser for Window

article thumbnail

Cold Wallets vs. Hot Wallets: Which Offers Better Security?

IT Security Guru

Cryptocurrency isnt just a buzzword anymore. By December 2024, the number of global cryptocurrency owners reached approximately 659 million, marking a 13% increase from January 2024. That might not sound like a massive chunk, but it still represents millions of individuals who want to protect their virtual holdings. Where regular banking once ruled, self-managed wallets are now front and center for those who prefer having full control of their tokens.

article thumbnail

March Madness Meets Cyber Mayhem: How Cybercriminals Are Playing Offense this Season

SecureWorld News

March Madness is here, and while fans are busy filling out brackets and making last-minute bets, cybercriminals are running their own full-court presstargeting unsuspecting fans with phishing scams, fake betting apps, and credential-harvesting schemes. This annual college basketball bonanza presents a prime opportunity for scammers to capitalize on excitement, urgency, and, of course, the lure of easy money.

article thumbnail

Massive Oracle Cloud Breach: 6M Records Exposed, 140k+ Tenants Risked

eSecurity Planet

A sophisticated supply chain hack targeting Oracle Cloud has exfiltrated a staggering 6 million records. CloudSEKs XVigil uncovered that threat actor rose87168 began selling the stolen data on March 21. The breach, exploiting a vulnerability in Oracles cloud infrastructure, now endangers over 140,000 tenants and has raised serious questions about cloud security practices.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Improvements in Brute Force Attacks

Schneier on Security

New paper: “ GPU Assisted Brute Force Cryptanalysis of GPRS, GSM, RFID, and TETRA: Brute Force Cryptanalysis of KASUMI, SPECK, and TEA3.” Abstract: Key lengths in symmetric cryptography are determined with respect to the brute force attacks with current technology. While nowadays at least 128-bit keys are recommended, there are many standards and real-world applications that use shorter keys.

article thumbnail

Vulnerability Reward Program: 2024 in Review

Google Security

Posted by Dirk Ghmann In 2024, our Vulnerability Reward Program confirmed the ongoing value of engaging with the security research community to make Google and its products safer. This was evident as we awarded just shy of $12 million to over 600 researchers based in countries around the globe across all of our programs. Vulnerability Reward Program 2024 in Numbers You can learn about whos reporting to the Vulnerability Reward Program via our Leaderboard and find out more about our youngest sec

article thumbnail

VMware fixed three actively exploited zero-days in ESX products

Security Affairs

Broadcom has addressed three VMware zero-day vulnerabilities in ESX products that are actively exploited in the wild. Broadcom released security updates to address three VMware zero-day vulnerabilities in ESX products that are actively exploited in the wild. The flaws, respectively tracked as CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226, impact multiple VMware ESX products, including VMware ESXi, vSphere, Workstation, Fusion, Cloud Foundation, and Telco Cloud Platform.

article thumbnail

TikTok: Major investigation launched into platform’s use of children’s data

Malwarebytes

TikTok is the subject of yet another major investigation, reports BBC News. This time around, the UKs Information Commissioner’s Office (ICO) is going to look at how the data of 13 to 17-year-olds feeds the algorithm that decides what further content to show. The ICO introduced a childrens code for online privacy in 2021, which requires companies to take steps to protect childrens personal information online.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

The Rise of Insider Threat Automation: When Employees Weaponize AI

SecureWorld News

Insider threats have always been a top concern for organizations. A trusted employee with access to sensitive data can do more damage than an external hacker. But the rise of AI-driven automation has fundamentally changed the game, with 83% of all organizations experiencing insider attacks in 2024. What gives? Well, this means that now, with minimal technical skills, a malicious insider can unleash devastating attacks, automate data theft, manipulate systems, or sabotage operations on a scale pr

article thumbnail

Threat Spotlight: Credential Theft vs. Admin Control—Two Devastating Paths to VPN Exploitation

Digital Shadows

Editors note: This report was authored by Gautham Ashok & Alexa Feminella. Key Findings Even years after their disclosure, VPN-related vulnerabilities like CVE-2018-13379 and CVE-2022-40684 remain essential tools for attackers, driving large-scale campaigns of credential theft and administrative control. VPN infrastructure has become an adversary focal point, blending cybercriminal tactics with state-sponsored espionage in hybrid operations.

VPN
article thumbnail

TP-Link Router Botnet

Schneier on Security

There is a new botnet that is infecting TP-Link routers: The botnet can lead to command injection which then makes remote code execution (RCE) possible so that the malware can spread itself across the internet automatically. This high severity security flaw (tracked as CVE-2023-1389 ) has also been used to spread other malware families as far back as April 2023 when it was used in the Mirai botnet malware attacks.

article thumbnail

SHARED INTEL Q&A: Forrester highlights why companies need to strive for ‘cryptoagility’– today

The Last Watchdog

Quantum computings ability to break todays encryption may still be years awaybut security leaders cant afford to wait. Forresters The Future of Quantum Security makes it clear: the transition to quantum-safe cryptography must start now. Related: Quantum standards come of age The real threat isnt just the eventual arrival of quantum decryptionits that nation-state actors are already stockpiling encrypted data in harvest now, decrypt later attacks.

article thumbnail

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

article thumbnail

Akira ransomware gang used an unsecured webcam to bypass EDR

Security Affairs

The Akira ransomware gang exploited an unsecured webcam to bypass EDR and launch encryption attacks on a victim’s network. Cybersecurity researchers at S-RM team discovered a novel attack technique used by the Akira ransomware gang. The ransomware group used an unsecured webcam to encrypt systems within atarget’s network, bypassing Endpoint Detection and Response (EDR).

article thumbnail

23andMe bankruptcy: How to delete your data and stay safe from the 2023 breach

Malwarebytes

The genetic testing company 23andMe filed for bankruptcy on Sunday, announcing that, in searching for financial stability through its sale to a new owner, the business will continue operating as normal, including in how customer data is handled. The company intends to continue operating its business in the ordinary course throughout the sale process, 23andMe wrote in a news statement.

article thumbnail

The first 24 hours After a cyber incident. A practical playbook 

Pen Test Partners

TL;DR The first 24 hours after a cyber incident are critical for containment and recovery. Small and medium-sized businesses (SMBs) often lack resources, but swift action is still possible. This playbook provides clear steps to follow in the heat of a breach: who to contact, what to do, and how to communicate. Preparation ahead of time will make or break your response.

article thumbnail

Arrests in Tap-to-Pay Scheme Powered by Phishing

Krebs on Security

Authorities in at least two U.S. states last week independently announced arrests of Chinese nationals accused of perpetrating a novel form of tap-to-pay fraud using mobile devices. Details released by authorities so far indicate the mobile wallets being used by the scammers were created through online phishing scams, and that the accused were relying on a custom Android app to relay tap-to-pay transactions from mobile devices located in China.

article thumbnail

Next-Level Fraud Prevention: Strategies for Today’s Threat Landscape

Speaker: Sierre Lindgren

Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.