Sat.Jan 25, 2025 - Fri.Jan 31, 2025

article thumbnail

New VPN Backdoor

Schneier on Security

A newly discovered VPN backdoor uses some interesting tactics to avoid detection: When threat actors use backdoor malware to gain access to a network, they want to make sure all their hard work can’t be leveraged by competing groups or detected by defenders. One countermeasure is to equip the backdoor with a passive agent that remains dormant until it receives what’s known in the business as a “magic packet.” On Thursday, researchers revealed that a never-before-seen back

VPN 329
article thumbnail

FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang

Krebs on Security

The FBI and authorities in The Netherlands this week seized dozens of servers and domains for a hugely popular spam and malware dissemination service operating out of Pakistan. The proprietors of the service, who use the collective nickname “ The Manipulaters ,” have been the subject of three stories published here since 2015. The FBI said the main clientele are organized crime groups that try to trick victim companies into making payments to a third party.

Phishing 232
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

BEWARE: Criminals Are Selling Fraudulent Expert Opinion Letters From “Me” In Support of CyberSecurity Professionals Seeking Immigration Visas to The United States

Joseph Steinberg

I have been made aware that one or more criminals are offering in exchange for payment, of course custom-written letters allegedly written and signed by me supporting applicants petitions for Alien of Extraordinary Ability visas to the United States. I have been sent a copy of one such letter it was well written, and, at least at first glance, highly convincing.

article thumbnail

Spatial Reasoning and Threat Modeling

Adam Shostack

Do diagrams leverage the brain in a different way? Creating, refining, communicating, and working with models are all important parts of how I think about answering what are we working on? People often want to eliminate the diagramming or modeling step as not required, and thats a mistake. The act of engaging with the higher order question of what are we building working on is important, and diagramming acts as a forcing function.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Fake Reddit and WeTransfer Sites are Pushing Malware

Schneier on Security

There are thousands of fake Reddit and WeTransfer webpages that are pushing malware. They exploit people who are using search engines to search sites like Reddit. Unsuspecting victims clicking on the link are taken to a fake WeTransfer site that mimicks the interface of the popular file-sharing service. The ‘Download’ button leads to the Lumma Stealer payload hosted on “weighcobbweo[.]top.” Boingboing post.

Malware 231
article thumbnail

DeepSeek Chatbot Beats OpenAI on App Store Leaderboard

Tech Republic Security

Competing with OpenAIs o1, DeepSeeks models scored higher on benchmarks and disrupted the AI market, sparking debates on U.S.-China tech dynamics.

Marketing 168

More Trending

article thumbnail

Hoarding, Debt and Threat Modeling

Adam Shostack

The psychology of getting started threat modeling During a recent threat modeling course, one of our students, Aleksei*, made a striking comparison that resonated with a lot of us: starting security analysis is like tackling a hoarders house. That visceral image of looking at mountains of accumulated issues, feeling overwhelmed by where to begin, captures a challenge many engineering leaders face when they first attempt to systematically assess their systems security.

article thumbnail

DeepSeek AI Database Exposed: Over 1 Million Log Lines, Secret Keys Leaked

The Hacker News

Buzzy Chinese artificial intelligence (AI) startup DeepSeek, which has had a meteoric rise in popularity in recent days, left one of its databases exposed on the internet, which could have allowed malicious actors to gain access to sensitive data.

article thumbnail

DeepSeek Locked Down Public Database Access That Exposed Chat History

Tech Republic Security

Research Firm Wiz Research began investigating DeepSeek soon after its generative AI took the tech world by storm.

article thumbnail

UnitedHealth almost doubles victim numbers from massive Change Healthcare data breach

Malwarebytes

UnitedHealth says it now estimates that the data breach on its subsidiary Change Healthcare affected 190 million people, nearly doubling its previous estimate from October. In May, UnitedHealth CEO Andrew Witty estimated that the ransomware attack compromised the data of a third of US individuals when he testified before the Senate Finance Committee on Capitol Hill.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

News alert: SquareX discloses ‘Browser Syncjacking’ – a new attack to hijack browser

The Last Watchdog

Palo Alto, Calif., Jan. 30, 2025, CyberNewswire — Browser extensions have been under the spotlight in enterprise security news recently due to the wave of OAuth attacks on Chrome extension developers and data exfiltration attacks. However, until now, due to the limitations browser vendors place on the extension subsystem and extensions, it was thought to be impossible for extensions to gain full control of the browser, much less the device.

article thumbnail

Meta Confirms Zero-Click WhatsApp Spyware Attack Targeting 90 Journalists, Activists

The Hacker News

Meta-owned WhatsApp on Friday said it disrupted a campaign that involved the use of spyware to target journalists and civil society members. The campaign, which targeted around 90 members, involved the use of spyware from an Israeli company known as Paragon Solutions. The attackers were neutralized in December 2024.

Spyware 143
article thumbnail

Apple researchers reveal the secret sauce behind DeepSeek AI

Zero Day

The AI model that shook the world is part of a broad trend to squeeze more out of chips using what's called sparsity.

145
145
article thumbnail

Apple users: Update your devices now to patch zero-day vulnerability

Malwarebytes

Apple has released a host of security updates across many devices, including for a zero-day bug which is being actively exploited in iOS. Apple said: “A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 17.2.” Devices affected are those that run: iPhone XS and later iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and late

Media 142
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

National Cyber Incident Response Plan comments

Adam Shostack

Our comments on the National Cyber Incident Plan Josiah Dykstra and I have some comments on the National Cyber Incident Response Plan updates. Building on our recent paper about pandemic-scale cyber events , we submitted 14 recommendations to further improve the plan. We share the desire for proactive plans that adequately prepare the Nation for cyber incidents.

article thumbnail

Italy Bans Chinese DeepSeek AI Over Data Privacy and Ethical Concerns

The Hacker News

Italy's data protection watchdog has blocked Chinese artificial intelligence (AI) firm DeepSeek's service within the country, citing a lack of information on its use of users' personal data. The development comes days after the authority, the Garante, sent a series of questions to DeepSeek, asking about its data handling practices and where it obtained its training data.

article thumbnail

PoC for 7-Zip CVE-2025-0411 Lets Attackers Bypass MotW and Run Malicious Code

Penetration Testing

Security researcher Dhmos Funk has released a proof-of-concept (PoC) exploit for CVE-2025-0411 (CVSS 7.0), a high-severity vulnerability in The post PoC for 7-Zip CVE-2025-0411 Lets Attackers Bypass MotW and Run Malicious Code appeared first on Cybersecurity News.

article thumbnail

Cisco warns of a ClamAV bug with PoC exploit

Security Affairs

Cisco addressed a ClamAV denial-of-service (DoS) vulnerability, and experts warn of the availability of a proof-of-concept (PoC) exploit code. Cisco has released security updates to address a ClamAV denial-of-service (DoS) vulnerability tracked as CVE-2025-20128. The Cisco PSIRT experts warn of the availability of a proof-of-concept (PoC) exploit code for this flaw.

Antivirus 130
article thumbnail

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

article thumbnail

DeepSeek’s Popular AI App Is Explicitly Sending US Data to China

WIRED Threat Level

Amid ongoing fears over TikTok, Chinese generative AI platform DeepSeek says its sending heaps of US user data straight to its home country, potentially setting the stage for greater scrutiny.

article thumbnail

Apple Patches Actively Exploited Zero-Day Affecting iPhones, Macs, and More

The Hacker News

Apple has released software updates to address several security flaws across its portfolio, including a zero-day vulnerability that it said has been exploited in the wild. The vulnerability, tracked as CVE-2025-24085, has been described as a use-after-free bug in the Core Media component that could permit a malicious application already installed on a device to elevate privileges.

Media 144
article thumbnail

72 hours later with Galaxy S25 Ultra - the AI hype is getting real for me

Zero Day

The lighter and thinner design, upgraded processor, and swath of Galaxy AI tools are top-notch, but has Samsung done enough to win you over?

142
142
article thumbnail

Apple fixed the first actively exploited zero-day of 2025

Security Affairs

Apple addressed the first zero-day vulnerability of 2025, which is actively exploited in attacks in the wild aimed at iPhone users. Apple released security updates to address 2025’s first zero-day vulnerability, tracked as CVE-2025-24085 , actively exploited in attacks targeting iPhone users. The vulnerability is a privilege escalation vulnerability that impacts the Core Media framework. “A malicious application may be able to elevate privileges.

Spyware 116
article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Exposed DeepSeek Database Revealed Chat Prompts and Internal Data

WIRED Threat Level

China-based DeepSeek has exploded in popularity, drawing greater scrutiny. Case in point: Security researchers found more than 1 million records, including user data and API keys, in an open database.

article thumbnail

Meta's Llama Framework Flaw Exposes AI Systems to Remote Code Execution Risks

The Hacker News

A high-severity security flaw has been disclosed in Meta's Llama large language model (LLM) framework that, if successfully exploited, could allow an attacker to execute arbitrary code on the llama-stack inference server. The vulnerability, tracked as CVE-2024-50050, has been assigned a CVSS score of 6.3 out of 10.0.

Risk 142
article thumbnail

Finally, Bluetooth trackers for Android users that function even better than AirTags

Zero Day

Chipolo's One and Card trackers are perfect for people who often lose their keys and wallet. You can buy them in either single units or multipacks.

140
140
article thumbnail

Change Healthcare data breach exposed the private data of over half the U.S.

Security Affairs

The Change Healthcare data breach is worse than initially estimated: approximately 190 million people have been affected. The Change Healthcare data breach is worse than initially estimated, the incident has impacted 190 million people. In October 2024, UnitedHealth Group announced that the data breach suffered by Change Healthcare in February 2024 impacted more than 100 million individuals.

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

DeepSeek’s Safety Guardrails Failed Every Test Researchers Threw at Its AI Chatbot

WIRED Threat Level

Security researchers tested 50 well-known jailbreaks against DeepSeeks popular new AI chatbot. It didnt stop a single one.

article thumbnail

Top-Rated Chinese AI App DeepSeek Limits Registrations Amid Cyberattacks

The Hacker News

DeepSeek, the Chinese AI startup that has captured much of the artificial intelligence (AI) buzz in recent days, said it's restricting registrations on the service, citing malicious attacks. "Due to large-scale malicious attacks on DeepSeek's services, we are temporarily limiting registrations to ensure continued service," the company said in an incident report page.

article thumbnail

How to clear the cache on your Windows 11 PC (and why it makes such a big difference)

Zero Day

Clearing the cache and removing temporary files can speed up your PC. Even better: all of these utilities are already on your computer.

130
130
article thumbnail

DeepSeek database exposed highly sensitive information

Security Affairs

Chinese AI platform DeepSeek has publicly exposed two databases containing highly sensitive user and backend details. Wiz Research discovered a publicly accessible ClickHouse database belonging to DeepSeek, exposing chat history, secret keys, and backend details. After responsible disclosure, DeepSeek promptly secured the issue. “Within minutes, we found a publicly accessible ClickHouse database linked to DeepSeek, completely open and unauthenticated, exposing sensitive data.

article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!