Sat.Jan 11, 2025 - Fri.Jan 17, 2025

article thumbnail

Social Engineering to Disable iMessage Protections

Schneier on Security

I am always interested in new phishing tricks, and watching them spread across the ecosystem. A few days ago I started getting phishing SMS messages with a new twist. They were standard messages about delayed packages or somesuch, with the goal of getting me to click on a link and entering some personal information into a website. But because they came from unknown phone numbers, the links did not work.

article thumbnail

Chinese Innovations Spawn Wave of Toll Phishing Via SMS

Krebs on Security

Residents across the United States are being inundated with text messages purporting to come from toll road operators like E-ZPass , warning that recipients face fines if a delinquent toll fee remains unpaid. Researchers say the surge in SMS spam coincides with new features added to a popular commercial phishing kit sold in China that makes it simple to set up convincing lures spoofing toll road operators in multiple U.S. states.

Phishing 290
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

The great Google Ads heist: criminals ransack advertiser accounts via fake Google ads

Malwarebytes

Table of contents Overview Criminals impersonate Google Ads Lures hosted on Google Sites Phishing for Google account credentials Victimology Who is behind these campaigns? Fuel for other malware and scam campaigns Indicators of Compromise Overview Online criminals are targeting individuals and businesses that advertise via Google Ads by phishing them for their credentials ironically via fraudulent Google ads.

article thumbnail

MikroTik botnet relies on DNS misconfiguration to spread malware

Security Affairs

Researchers discovered a 13,000-device MikroTik botnet exploiting DNS flaws to spoof 20,000 domains and deliver malware. Infoblox researchers discovered a botnet of 13,000 MikroTik devices that exploits DNS misconfigurations to bypass email protections, spoof approximately 20,000 domains, and deliver malware. In late November, the experts spotted a malspam campaign impersonating DHL which used emails about freight invoices, attaching zip files named “Invoice###.zip” or “Trackin

DNS 138
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

FBI Deletes PlugX Malware from Thousands of Computers

Schneier on Security

According to a DOJ press release , the FBI was able to delete the Chinese-used PlugX malware from “approximately 4,258 U.S.-based computers and networks.” Details : To retrieve information from and send commands to the hacked machines, the malware connects to a command-and-control server that is operated by the hacking group. According to the FBI , at least 45,000 IP addresses in the US had back-and-forths with the command-and-control server since September 2023.

Malware 236
article thumbnail

Microsoft: Happy 2025. Here’s 161 Security Updates

Krebs on Security

Microsoft today unleashed updates to plug a whopping 161 security vulnerabilities in Windows and related software, including three “zero-day” weaknesses that are already under active attack. Redmond’s inaugural Patch Tuesday of 2025 bundles more fixes than the company has shipped in one go since 2017. Rapid7 ‘s Adam Barnett says January marks the fourth consecutive month where Microsoft has published zero-day vulnerabilities on Patch Tuesday without evaluating any of them

More Trending

article thumbnail

Australian Government Agencies Failing to Keep Up With Cyber Security Change

Tech Republic Security

Cyber security maturity declines among Australian government agencies in 2024, as legacy IT systems hinder progress under the Essential Eight framework.

article thumbnail

Microsoft Takes Legal Action Against AI “Hacking as a Service” Scheme

Schneier on Security

Not sure this will matter in the end, but it’s a positive move : Microsoft is accusing three individuals of running a “hacking-as-a-service” scheme that was designed to allow the creation of harmful and illicit content using the company’s platform for AI-generated content. The foreign-based defendants developed tools specifically designed to bypass safety guardrails Microsoft has erected to prevent the creation of harmful content through its generative AI services, said S

Hacking 268
article thumbnail

iMessage text gets recipient to disable phishing protection so they can be phished

Malwarebytes

A smishing (SMS phishing) campaign is targeting iMessage users, attempting to socially engineer them into bypassing Apple’s built in phishing protection. For months, iMessage users have been posting examples online of how phishers are trying to get around this protection. And, now, the campign is gaining traction, according to our friends at BleepingComputer.

Phishing 138
article thumbnail

News alert: Sweet Security’s LLM-powered detection engine reduces cloud noise to 0.04%

The Last Watchdog

Tel Aviv, Israel, Jan. 15, 2025, CyberNewswire — Sweet Security , a leader in cloud runtime detection and response, today announced the launch of its groundbreaking patent-pending Large Language Model (LLM)-powered cloud detection engine. This innovation enhances Sweet’s unified detection and response solution, enabling it to reduce cloud detection noise to an unprecedented 0.04%.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Enhancing Health Care Cybersecurity: Bridging HIPAA Gaps with Innovation

Tech Republic Security

The proposed HIPAA Security Rule introduces mandatory measures that reflect the growing sophistication of cyber threats in health care.

article thumbnail

Phishing False Alarm

Schneier on Security

A very security-conscious company was hit with a (presumed) massive state-actor phishing attack with gift cards, and everyone rallied to combat it—until it turned out it was company management sending the gift cards.

Phishing 261
article thumbnail

Threat actor leaked config files and VPN passwords for over Fortinet Fortigate devices

Security Affairs

A previously unknown threat actor released config files and VPN passwords for Fortinet FortiGate devices on a popular cybercrime forum. A previously unknown threat actor named Belsen Group published configuration files and VPN passwords for over 15,000 Fortinet FortiGate appliances. “2025 will be a fortunate year for the world. At the beginning of the year, and as a positive start for us, and in order to solidify the name of our group in your memory, we are proud to announce our first offi

VPN 127
article thumbnail

Most Popular Cyber Blogs from 2024

Lohrman on Security

What were the top government technology and cybersecurity blog posts in 2024? The metrics tell us what cybersecurity and technology infrastructure topics were most popular.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

UK Considers Banning Ransomware Payments

Tech Republic Security

The proposed mandate intends to discourage criminals from targeting critical national infrastructure and public services, as there will be no financial motivation.

article thumbnail

WhatsApp spear phishing campaign uses QR codes to add device

Malwarebytes

A cybercriminal campaign linked to Russia is deploying QR codes to access the WhatsApp accounts of high-profile targets like journalists, members of think tanks, and employees of non-governmental organizations (NGOs), according to new details revealed by Microsoft. The group, which Microsoft tracks by the name “Star Blizzard,” is also referred to as Coldriver by other researchers.

Phishing 142
article thumbnail

FBI deleted China-linked PlugX malware from over 4,200 US computers

Security Affairs

The FBI has removed Chinese PlugX malware from over 4,200 computers in networks across the United States, the U.S. Department of Justice reported. The Justice Department and FBI, along with international partners, announced they deleted PlugX malware from thousands of infected computers worldwide as part of a multi-month law enforcement operation. The malware was operated by a China-linked threat actor, known as Mustang Panda (aka Twill Typhoon, to steal sensitive information from victim compute

Malware 118
article thumbnail

CVE-2024-53691: PoC Exploit Released for Severe QNAP RCE Flaw

Penetration Testing

Security researcher c411e published a proof-of-concept (PoC) exploit code for a severe vulnerability in QNAP NAS devices, identified The post CVE-2024-53691: PoC Exploit Released for Severe QNAP RCE Flaw appeared first on Cybersecurity News.

article thumbnail

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

article thumbnail

5 Emerging AI Threats Australian Cyber Pros Must Watch in 2025

Tech Republic Security

AI cloning and deepfakes rank among the top challenges for Australian cybersecurity professionals in 2025.

article thumbnail

New UEFI Secure Boot Vulnerability Could Allow Attackers to Load Malicious Bootkits

The Hacker News

Details have emerged about a now-patched security vulnerability that could allow a bypass of the Secure Boot mechanism in Unified Extensible Firmware Interface (UEFI) systems. The vulnerability, assigned the CVE identifier CVE-2024-7344 (CVSS score: 6.

Firmware 145
article thumbnail

IoT Botnet Linked to Large-scale DDoS Attacks Since the End of 2024

Trend Micro

Since the end of 2024, we have been continuously monitoring large-scale DDoS attacks orchestrated by an IoT botnet exploiting vulnerable IoT devices such as wireless routers and IP cameras.

IoT 143
article thumbnail

I spent hours testing ChatGPT Tasks - and its refusal to follow directions was mildly terrifying

Zero Day

ChatGPT tasks offers AI prompt scheduling and automation, but what happens when things go wrong?

article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Patch Tuesday: January 2025 Security Update Patches Exploited Elevation of Privilege Attacks

Tech Republic Security

Microsofts monthly patches cover Hyper-V NT Kernel Integration VSPs, Git in Visual Studio, and more.

Software 143
article thumbnail

Russia-linked APT Star Blizzard targets WhatsApp accounts

Security Affairs

The Russian group Star Blizzard targets WhatsApp accounts in a new spear-phishing campaign, shifting tactics to avoid detection. In November 2024, Microsoft researchers observed the Russia-linked APT group Star Blizzard targeting WhatsApp accounts via spear-phishing, shifting tactics to avoid detection. The Star Blizzard group, aka “ Callisto “, Seaborgium , ColdRiver , and TA446, targeted government officials, military personnel,journalists and think tanks since at least 2015.

article thumbnail

Zero-Day Vulnerability Suspected in Attacks on Fortinet Firewalls with Exposed Interfaces

The Hacker News

Threat hunters are calling attention to a new campaign that has targeted Fortinet FortiGate firewall devices with management interfaces exposed on the public internet.

Firewall 144
article thumbnail

New macOS Exploit Revealed: PoC for CVE-2024-54498 Breaks Sandbox Security

Penetration Testing

Recently, security researcher @wh1te4ever has revealed a proof of concept (PoC) exploit for CVE-2024-54498, a vulnerability that allows The post New macOS Exploit Revealed: PoC for CVE-2024-54498 Breaks Sandbox Security appeared first on Cybersecurity News.

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

The five biggest mistakes people make when prompting an AI

Zero Day

Ready to transform how you use AI tools?

article thumbnail

Sweet Security Leverages LLM to Improve Cloud Security

Security Boulevard

Sweet Security today added a cloud detection engine to its cybersecurity portfolio that makes use of a large language model (LLM) to identify potential threats in real-time. The post Sweet Security Leverages LLM to Improve Cloud Security appeared first on Security Boulevard.

article thumbnail

New 'Sneaky 2FA' Phishing Kit Targets Microsoft 365 Accounts with 2FA Code Bypass

The Hacker News

Cybersecurity researchers have detailed a new adversary-in-the-middle (AitM) phishing kit that's capable of Microsoft 365 accounts with an aim to steal credentials and two-factor authentication (2FA) codes since at least October 2024. The nascent phishing kit has been dubbed Sneaky 2FA by French cybersecurity company Sekoia, which detected it in the wild in December.

Phishing 141
article thumbnail

Pro-Russia hackers NoName057 targets Italy again after Zelensky’s visit to the country

Security Affairs

Over the weekend, Italy faced new waves of DDoS attacks carried out by pro-Russia group NoName057(16). Pro-Russia hackers Noname057(16) targeted Italian ministries, institutions, critical infrastructure’s websites and private organizations over the weekend. The new wave of attacks coincides with the visit of Ukrainian President Volodymyr Zelensky to Italy.

DDOS 118
article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!