Sat.Feb 01, 2025 - Fri.Feb 07, 2025

article thumbnail

How to Root Out Malicious Employees

Security Boulevard

Malicious employees and insider threats pose one of the biggest security risks to organizations, as these users have more access and permissions than cybercriminals attacking the organization externally. The post How to Root Out Malicious Employees appeared first on Security Boulevard.

Risk 119
article thumbnail

Experts Flag Security, Privacy Risks in DeepSeek AI App

Krebs on Security

New mobile apps from the Chinese artificial intelligence (AI) company DeepSeek have remained among the top three “free” downloads for Apple and Google devices since their debut on Jan. 25, 2025. But experts caution that many of DeepSeek’s design choices — such as using hard-coded encryption keys, and sending unencrypted user and device data to Chinese companies — introduce a number of glaring security and privacy risks.

Risk 301
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

AIs and Robots Should Sound Robotic

Schneier on Security

Most people know that robots no longer sound like tinny trash cans. They sound like Siri , Alexa , and Gemini. They sound like the voices in labyrinthine customer support phone trees. And even those robot voices are being made obsolete by new AI-generated voices that can mimic every vocal nuance and tic of human speech, down to specific regional accents.

article thumbnail

Take my money: OCR crypto stealers in Google Play and App Store

SecureList

In March 2023, researchers at ESET discovered malware implants embedded into various messaging app mods. Some of these scanned users’ image galleries in search of crypto wallet access recovery phrases. The search employed an OCR model which selected images on the victim’s device to exfiltrate and send to the C2 server. The campaign, which targeted Android and Windows users, saw the malware spread through unofficial sources.

Malware 143
article thumbnail

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

Speaker: Erroll Amacker

Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.

article thumbnail

New AI “agents” could hold people for ransom in 2025

Malwarebytes

A paradigm shift in technology is hurtling towards us, and it could change everything we know about cybersecurity. Uhh, again, that is. When ChatGPT was unveiled to the public in late 2022, security experts looked on with cautious optimism, excited about the new technology but concerned about its use in cyberattacks. But two years on, much of what ChatGPT and other generative AI chat tools offer attackers is a way to improve what already works, not new ways to deliver attacks themselves.

article thumbnail

Who’s Behind the Seized Forums ‘Cracked’ & ‘Nulled’?

Krebs on Security

The FBI joined authorities across Europe last week in seizing domain names for Cracked and Nulled , English-language cybercrime forums with millions of users that trafficked in stolen data, hacking tools and malware. An investigation into the history of these communities shows their apparent co-founders quite openly operate an Internet service provider and a pair of e-commerce platforms catering to buyers and sellers on both forums.

eCommerce 216

LifeWorks

More Trending

article thumbnail

News alert: SpyCloud operationalizes darknet data, pioneers shift to holistic identity threat protection

The Last Watchdog

Austin, TX, Feb. 4, 2025, CyberNewswire — SpyClouds Identity Threat Protection solutions spearhead a holistic identity approach to security, illuminating correlated hidden identity exposures and facilitating fast, automated remediation. SpyCloud , a leading identity threat protection company, announced key innovations in its portfolio, pioneering the shift to holistic identity threat protection.

article thumbnail

20 Million OpenAI accounts offered for sale

Malwarebytes

A cybercriminal acting under the monicker emirking offered 20 million OpenAI user login credentials this week, sharing what appeared to be samples of the stolen data itself. Post by emirking A translation of the Russian statement by the poster says: When I realized that OpenAI might have to verify accounts in bulk, I understood that my password wouldnt stay hidden.

article thumbnail

U.S. CISA adds Microsoft Outlook, Sophos XG Firewall, and other flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Outlook, Sophos XG Firewall, and other flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog : CVE-2025-0411 7-Zip Mark of the Web Bypass Vulnerability CVE-2022-23748 Dante Discovery Process Control Vulnerability CVE-2024-21413 Microsoft Outlook Improper Input Validatio

Firewall 120
article thumbnail

Journalists and Civil Society Members Using WhatsApp Targeted by Paragon Spyware

Schneier on Security

This is yet another story of commercial spyware being used against journalists and civil society members. The journalists and other civil society members were being alerted of a possible breach of their devices, with WhatsApp telling the Guardian it had “high confidence” that the 90 users in question had been targeted and “possibly compromised.” It is not clear who was behind the attack.

Spyware 272
article thumbnail

Why Giant Content Libraries Do Nothing for Your Employees’ Cyber Resilience

Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.

article thumbnail

Operation Heart Blocker: International Police Disrupt Phishing Network

SecureWorld News

In a significant victory against cybercrime, U.S. and Dutch law enforcement agencies have dismantled 39 domains and their associated servers in an effort to disrupt a Pakistan-based network of online marketplaces selling phishing and fraud-enabling tools. Dubbed Operation Heart Blocker, the coordinated effort targeted a cybercriminal group known as Saim Raza, also operating under the name HeartSender.

Phishing 112
article thumbnail

15+ Years of Loading Threat Intel into SIEM: Why Does This Still Suck?

Anton on Security

Unfortunately, I am old enough to remember how SIEM was done before the arrival of threat intelligence feeds. We had to write broad behavioral (well, behavioral-ish, if I am totally honest) rules without relying on any precise knowledge of attacker infrastructure and details of their operations ( IF event_type=exploit FOLLOWED BY event_type=config_change ON the same machine THENalert ).

article thumbnail

Coyote Banking Trojan targets Brazilian users, stealing data from 70+ financial apps and websites

Security Affairs

Coyote Banking Trojan targets Brazilian users, stealing data from over 70 financial applications and websites. FortiGuard Labs researchers detected a campaign using LNK files executing PowerShell commands to deploy the Coyote Banking Trojan. Threat actors target Brazilian users by stealing financial data, the malware can harvest sensitive information from over 70 financial applications and numerous websites.

Banking 115
article thumbnail

On Generative AI Security

Schneier on Security

Microsoft’s AI Red Team just published “ Lessons from Red Teaming 100 Generative AI Products.” Their blog post lists “three takeaways,” but the eight lessons in the report itself are more useful: Understand what the system can do and where it is applied. You don’t have to compute gradients to break an AI system. AI red teaming is not safety benchmarking.

Risk 251
article thumbnail

Zero Trust Mandate: The Realities, Requirements and Roadmap

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

article thumbnail

AI Disruption: The DeepSeek Effect on Wall Street, Governments and Beyond

Lohrman on Security

The past week has been full of headlines regarding DeepSeek AI. So what lessons can we learn from this whirlwind of media stories and the corresponding reactions from governments and Wall Street?

article thumbnail

FINALLY! FCC Gets Tough on Robocall Fraud

Security Boulevard

KYC isnt a Thing, claims telco: Commissioner Brendan Carr (pictured) wants $4.5 million fine on Telnyx, for enabling illegal robocall scheme. The post FINALLY! FCC Gets Tough on Robocall Fraud appeared first on Security Boulevard.

article thumbnail

Google fixed actively exploited kernel zero-day flaw

Security Affairs

The February 2025 Android security updates addressed 48 vulnerabilities, including a kernel zero-day flaw exploited in the wild. The February 2025 Android security updates addressed 48 vulnerabilities, including a zero-day flaw, tracked as CVE-2024-53104 , which is actively exploited in attacks in the wild. “There are indications that CVE-2024-53104 may be under limited, targeted exploitation.” reads Google’s bulletin.

Media 112
article thumbnail

Screenshot-Reading Malware

Schneier on Security

Kaspersky is reporting on a new type of smartphone malware. The malware in question uses optical character recognition (OCR) to review a device’s photo library, seeking screenshots of recovery phrases for crypto wallets. Based on their assessment, infected Google Play apps have been downloaded more than 242,000 times. Kaspersky says: “This is the first known case of an app infected with OCR spyware being found in Apple’s official app marketplace.” That’s a tactic I

Malware 253
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Secure Communications: Relevant or a Nice to Have?

Jane Frankland

When data breaches escalate, cyber-attacks grow more sophisticated, nation states ramp up their digital warfare, and regulations tighten the noose, staying ahead isnt just an optionits your only line of defence. But as a CISO or cyber risk owner, it’s not just about locking down sensitive informationits about doing it without slowing down your people.

article thumbnail

Ransom Payments Fell 35% in 2024 After LockBit, BlackCat Takedowns

Security Boulevard

Law enforcement actions, better defenses, and a refusal by victims to pay helped to reduce the amount of ransoms paid in 2024 by $35%, a sharp decline from the record $1.25 billion shelled out in 2023, according to researchers with Chainalysis. The post Ransom Payments Fell 35% in 2024 After LockBit, BlackCat Takedowns appeared first on Security Boulevard.

Mobile 113
article thumbnail

WhatsApp disrupted a hacking campaign targeting journalists with Paragon spyware

Security Affairs

Meta announced the disruption of a malware campaign via WhatsApp that targeted journalists with the Paragon spyware. Meta announced that discovered and dismantled a malware campaign via WhatsApp that targeted journalists and civil society members with the Paragon spyware (aka Graphite). The hacking campaign targeted 90 users and was disrupted in December, WhatsApp already alerted them of a possible compromise of their devices.

Spyware 106
article thumbnail

Grubhub Suffers Data Breach in Third-Party Vendor Incident

SecureWorld News

Grubhub recently confirmed a data breach stemming from a third-party vendor, exposing the ongoing risks associated with supply chain security. While the company assures that sensitive information like full payment details and Social Security numbers were not compromised, the incident serves as another reminder of the vulnerabilities that can arise from external partnerships.

article thumbnail

Next-Level Fraud Prevention: Strategies for Today’s Threat Landscape

Speaker: Sierre Lindgren

Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.

article thumbnail

WhatsApp says Paragon is spying on specific users

Malwarebytes

WhatsApp has accused the professional spyware company Paragon of spying on a select group of users. WhatsApp, the Meta-owned, end-to-end encrypted messaging platform, said it has reliable information that nearly 100 journalists and other members of civil society were targets of a spyware campaign conducted by the Israeli spyware company. “Members of civil society” usually refers to individuals and organizations that operate independently from government and business sectors, often th

Spyware 109
article thumbnail

DOJ, Allies Seize Cybercrime Forums Affecting 17 Million-Plus Americans

Security Boulevard

Investigators from the United States and other countries seized and shut down two online cybercriminal marketplaces, Cracked and Nulled, that they said affected more than 17 million Americans by selling hacking tools and stolen information to bad actors. The post DOJ, Allies Seize Cybercrime Forums Affecting 17 Million-Plus Americans appeared first on Security Boulevard.

article thumbnail

Elon Musk ’s DOGE team granted ‘full access’ to sensitive Treasury systems. What are the risks?

Security Affairs

US Sen. Ron Wyden warns of national security risks after Elon Musk s DOGE was given full access to sensitive Treasury systems. Sen. Ron Wyden warned of national security risks after Elon Musk s team, Department of Government Efficiency (DOGE), was granted full access to a sensitive U.S. Treasury payments system. Sen. Ron Wyden stated that Treasury Secretary Scott Bessent granted Elon Musks team, DOGE, access to the sensitive Treasury system.

Risk 114
article thumbnail

How Website Localization Strengthens Cybersecurity in Global Markets

SecureWorld News

Cybercrime has been steadily on the rise for the past years. Notably, 2024 was unprecedentedly precarious with the second largest in history National Public Data breach and the biggest healthcare data breach to date with the massive attack on Change Healthcare. Nearly 3 billion records were stolen in the U.S., Canada, and the U.K., including such sensitive information as people's full names, Social Security numbers, addresses, phone numbers, and dates of birth.

Marketing 101
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

MDR for MSPs: Navigating EDR compatibility

Webroot

When it comes to endpoint detection and response (EDR) compatibility within an MDR offering, managed service providers (MSPs) are weighing two key priorities: native EDR integration or the flexibility to support multiple solutions. According to a recent OpenText survey, opinions are split almost evenly. While 52% of MSPs view native compatibility as moderately or very important, 48% place greater value on flexibility.

article thumbnail

DeepSeek AI Model Riddled With Security Vulnerabilities

Security Boulevard

Security researchers have uncovered serious vulnerabilities in DeepSeek-R1, the controversial Chinese large language model (LLM) that has drawn widespread attention for its advanced reasoning capabilities. The post DeepSeek AI Model Riddled With Security Vulnerabilities appeared first on Security Boulevard.

article thumbnail

Ransomware attack hit Indian multinational Tata Technologies

Security Affairs

Indian multinational technology company Tata Technologies suspended some IT services following a ransomware attack. Indian multinational Tata Technologies , a Tata Motors subsidiary, suspended some IT services following a ransomware attack. The company, which is engaged in product engineering, provides services to automotive and aerospace original equipment manufacturers as well as industrial machinery companies.

article thumbnail

U.S. Lawmakers Push to Ban DeepSeek from Government Devices

SecureWorld News

The United States is taking a firm stance against potential cybersecurity threats from artificial intelligence (AI) applications with direct ties to foreign adversaries. On February 6, 2025, U.S. Representatives Josh Gottheimer (D-NJ) and Darin LaHood (R-IL) introduced the bipartisan No DeepSeek on Government Devices Act, seeking to prohibit federal employees from using the AI-powered application DeepSeek on government-issued devices.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!