Schneier on Security

FEBRUARY 13, 2025

In the span of just weeks, the US government has experienced what may be the most consequential security breach in its history—not through a sophisticated cyberattack or an act of foreign espionage, but through official orders by a billionaire with a poorly defined government role. And the implications for national security are profound. First, it was reported that people associated with the newly created Department of Government Efficiency (DOGE) had accessed the US Treasury computer syst

Government 363

Government Artificial Intelligence Banking Software 363

Krebs on Security

JANUARY 22, 2025

The payment card giant MasterCard just fixed a glaring error in its domain name server settings that could have allowed anyone to intercept or divert Internet traffic for the company by registering an unused domain name. The misconfiguration persisted for nearly five years until a security researcher spent $300 to register the domain and prevent it from being grabbed by cybercriminals.

DNS 362

DNS Internet Internet Risk 362

Troy Hunt

FEBRUARY 25, 2025

I like to start long blog posts with a tl;dr, so here it is: We've ingested a corpus of 1.5TB worth of stealer logs known as "ALIEN TXTBASE" into Have I Been Pwned. They contain 23 billion rows with 493 million unique website and email address pairs, affecting 284M unique email addresses. We've also added 244M passwords we've never seen before to Pwned Passwords and updated the counts against another 199M that were already in there.

Passwords 362

Passwords Accountability VPN Malware 362

Adam Shostack

JANUARY 2, 2025

My latest at Dark Reading draws attention to how Microsoft can fix ransomware tomorrow. My latest article at Dark Reading is Microsoft Can Fix Ransomware Tomorrow. It starts: Recently, I was at a private event on security by design. I explained that Microsoft could fix ransomware tomorrow, and was surprised that the otherwise well-informed people I was speaking to hadn't heard about this approach.

Ransomware 246

Ransomware Encryption Software 246

Speaker: Erroll Amacker

Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.

Risk

The Last Watchdog

FEBRUARY 25, 2025

The rise of AI co-pilots is exposing a critical security gap: sensitive data sprawl and excessive access permissions. Related: Weaponizing Microsoft’s co-pilot Until now, lackluster enterprise search capabilities kept many security risks in checkemployees simply couldnt find much of the data they were authorized to access. But Microsoft Copilot changes the game, turbocharging enterprise search and surfacing sensitive information that organizations didnt realize was exposed.

Risk 219

Risk CISO Engineering 219

Lohrman on Security

MAY 25, 2025

What is the current situation with nation-state cyber attacks in the middle of 2025? Heres a look at some of the biggest cyber threats from Russia, China, Iran and North Korea.

Cyber threats 216

Cyber threats Cyber Attacks 216

The Hacker News

JUNE 11, 2025

INTERPOL on Wednesday announced the dismantling of more than 20,000 malicious IP addresses or domains that have been linked to 69 information-stealing malware variants. The joint action, codenamed Operation Secure, took place between January and April 2025, and involved law enforcement agencies from 26 countries to identify servers, map physical networks, and execute targeted takedowns.

Malware 137

Malware 137

Malwarebytes

JUNE 23, 2025

Russian hackers have bypassed Google’s multi-factor authentication (MFA) in Gmail to pull off targeted attacks, according to security researchers at Google Threat Intelligence Group (GTIG). The hackers pulled this off by posing as US Department of State officials in advanced social engineering attacks, building a rapport with the target and then persuading them into creating app-specific passwords (app passwords).

Authentication 130

Authentication Passwords Social Engineering Accountability 130

Penetration Testing

JUNE 20, 2025

A critical flaw (CVE-2025-4981, CVSS 9.9) in Mattermost allows authenticated users to achieve RCE via path traversal during archive uploads. Update immediately!

Authentication 131

Authentication Cybersecurity 131

Security Affairs

APRIL 7, 2025

Cybercriminals exploit compromised accounts for EDR-as-a-Service (Emergency Data Requests – EDR), targeting major platforms According to a detailed analysis conducted by Meridian Group, an increasingly complex and structured phenomenon, commonly referred to as EDR-as-a-Service, is taking hold in the cybersecurity landscape. In a nutshell, some criminal groups are exploiting compromised accounts belonging to law enforcement and other government agencies to illicitly forward Emergency Data R

Cybercrime 140

Cybercrime Social Engineering Accountability Government 140

Advertisement

Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.

Cyber threats

Schneier on Security

MARCH 26, 2025

Cloudflare has a new feature —available to free users as well—that uses AI to generate random pages to feed to AI web crawlers: Instead of simply blocking bots, Cloudflare’s new system lures them into a “maze” of realistic-looking but irrelevant pages, wasting the crawler’s computing resources. The approach is a notable shift from the standard block-and-defend strategy used by most website protection services.

322

322

Krebs on Security

JANUARY 7, 2025

Besieged by scammers seeking to phish user accounts over the telephone, Apple and Google frequently caution that they will never reach out unbidden to users this way. However, new details about the internal operations of a prolific voice phishing gang show the group routinely abuses legitimate services at Apple and Google to force a variety of outbound communications to their users, including emails, automated phone calls and system-level messages sent to all signed-in devices.

Phishing 338

Phishing Cryptocurrency Accountability Social Engineering 338

Troy Hunt

MAY 15, 2025

Today, we welcome the 40th government onboarded to Have I Been Pwned's free gov service, Malaysia. The NC4 NACSA (National Cyber Coordination and Command Centre of the National Cyber Security Agency) in Malaysia now has full access to query all their government domains via API, and monitor them against future breaches. Malaysia is the first Asian nation to make use of this service, and we look forward to seeing many more from this corner of the world in the future.

Government 344

Government 344

Adam Shostack

JANUARY 2, 2025

NCC has released a threat model for Google Cloud Platform. What can it teach us? In Threat Modelling Cloud Platform Services by Example: Google Cloud Storage Ken Wolstencroft of NCC presents a threat model for Google Cloud Storage, and Id like to take a look at it to see what we can learn. As always, and especially in these Threat Model Thursday posts, my goal is to point out interesting work in a constructive way.

Authentication 246

Authentication Engineering 246

Advertisement

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

Cybersecurity

The Last Watchdog

MAY 1, 2025

SAN FRANCISCO Sometimes, the best insights come not from the keynote stage, but from the hotel lobby. Related: RSAC 2025 top takeaways In between sessions at RSAC 2025 , I slipped over to the Marriott lobby and held quick, off-the-cuff interviews with a handful of cybersecurity vendors each doing something genuinely different, often radical, to help organizations shore up digital defenses.

Mobile 189

Mobile Government CISO Technology 189

Lohrman on Security

JUNE 15, 2025

From vibe hacking to malware development to deepfakes, bad actors are discovering more vulnerabilities to attack generative AI tools while also using AI to launch cyber attacks.

Cyber Attacks 161

Cyber Attacks Hacking Malware 161

Joseph Steinberg

APRIL 7, 2025

The third edition of Cybersecurity For Dummies , Joseph Steinberg ‘s best-selling introductory-level book about cybersecurity, is now available in both print and e-book format. Like its prior two counterparts, Cybersecurity For Dummies: Third Edition is written for general audiences, and can help people of all backgrounds stay cyber-secure, regardless of their technical and business skillsets.

Cybersecurity 187

Cybersecurity Artificial Intelligence Backups Encryption 187

The Hacker News

JUNE 17, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity security flaw in TP-Link wireless routers to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability in question is CVE-2023-33538 (CVSS score: 8.

Wireless 138

Wireless Cybersecurity 138

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Malwarebytes

JUNE 19, 2025

When organizations, good or bad, start hoarding collections of login credentials the numbers quickly add up. Take the 184 million logins for social media accounts we reported about recently. Now try to imagine 16 billion! Researchers at Cybernews have discovered 30 exposed datasets containing from several millions to over 3.5 billion records each. In total, the researchers uncovered an unimaginable 16 billion records.

Identity Theft 139

Identity Theft Passwords Phishing Accountability 139

Javvad Malik

APRIL 15, 2025

You’re so busy climbing the corporate ladder that you can’t spare five minutes to ring mum and dad. But fear not! For a mere 24.90 a month, you can now hire a silicon-based impersonator to pretend it cares about your parents’ day. Welcome to inTouch Family, the service that lets you tick “filial piety” off your to-do list without all that pesky human interaction.

Technology 165

Technology Media Authentication 165

Security Affairs

JUNE 9, 2025

BadBox 2.0 malware has infected millions of IoT devices globally, creating a botnet used for cyber criminal activities, the FBI warns. The FBI published a Public Service Announcement (PSA) to warn that cybercriminals are using the BADBOX 2.0 botnet to exploit IoT devices on home networks, like streaming devices, projectors, and infotainment systems, mostly made in China.

IoT 145

IoT Internet Internet Advertising 145

Schneier on Security

APRIL 16, 2025

Mitre’s CVE’s program—which provides common naming and other informational resources about cybersecurity vulnerabilities—was about to be cancelled , as the US Department of Homeland Security failed to renew the contact. It was funded for eleven more months at the last minute. This is a big deal. The CVE program is one of those pieces of common infrastructure that everyone benefits from.

CSO 315

CSO Government Software Cybersecurity 315

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Krebs on Security

FEBRUARY 6, 2025

New mobile apps from the Chinese artificial intelligence (AI) company DeepSeek have remained among the top three “free” downloads for Apple and Google devices since their debut on Jan. 25, 2025. But experts caution that many of DeepSeek’s design choices — such as using hard-coded encryption keys, and sending unencrypted user and device data to Chinese companies — introduce a number of glaring security and privacy risks.

Risk 303

Risk Artificial Intelligence Mobile Encryption 303

Troy Hunt

JANUARY 22, 2025

It's hard to find a good criminal these days. I mean a really trustworthy one you can be confident won't lead you up the garden path with false promises of data breaches. Like this guy yesterday: For my international friends, JB Hi-Fi is a massive electronics retailer down under and they have my data! I mean by design because I've bought a bunch of stuff from them, so I was curious not just about my own data but because a breach of 12 million plus people would be massive in a coun

Data breaches 355

Data breaches Scams Retail 355

Adam Shostack

JUNE 2, 2025

Andor teaches us about insider threats This post has spoilers for Season 2 of Andor, some lessons we can take for cybersecurity, and some thoughts on the writing process and drama. In Episode 10, we learn that Lonni has had Dedras access cert for a year, and in Episode 11, we learn about how hes been using it. We dont learn how he got it, but when questioned, Dedra denies having given it to him (and theres little reason to think she would have).

Risk 230

Risk Accountability Cybersecurity 230

The Last Watchdog

APRIL 10, 2025

SAN FRANCISCO If large language AI models are shaping our digital reality, then whoexactlyis shaping those models? And how the heck are they doing it? Related: What exactly is GenAI? Those are the questions Dr. Hidenori Tanaka wants to answer in an effort to put GenAI on solid scientific footing. And its the guiding ethos behind NTT Researchs launch of its newly spun-out Physics of Artificial Intelligence Group , which Tanaka will lead as founding director.

Architecture 162

Architecture Artificial Intelligence Media Internet 162

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Anton on Security

JUNE 24, 2025

Amazingly, Medium has fixed the stats so my blog/podcast quarterly is back to life. As before , this covers both Anton on Security and my posts from Google Cloud blog , and our Cloud Security Podcast ( subscribe ). Top 10 posts with the most lifetime views (excluding paper announcement blogs): Anton’s Alert Fatigue: The Study [ A.C. — wow, this is #1 now!

Threat Detection 130

Threat Detection CISO Cloud Migration Digital transformation 130

Tech Republic Security

MAY 23, 2025

The databases exposure duration is unknown. Signs of infostealer malware were found, but no confirmed breach or misuse of user data, says cybersecurity researcher.

Malware 154

Malware Cybersecurity Big data 154

The Hacker News

JUNE 18, 2025

Cybersecurity researchers have uncovered two local privilege escalation (LPE) flaws that could be exploited to gain root privileges on machines running major Linux distributions.

Authentication 139

Authentication Cybersecurity 139

Malwarebytes

APRIL 22, 2025

Cybercriminals are abusing Googles infrastructure, creating emails that appear to come from Google in order to persuade people into handing over their Google account credentials. This attack, first flagged by Nick Johnson , the lead developer of the Ethereum Name Service (ENS), a blockchain equivalent of the popular internet naming convention known as the Domain Name System (DNS).

Risk 145

Risk Scams Accountability Phishing 145

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk