Cybersec Feeds Overview, Jan 20 - Jan 26, 2025 #

This brief consolidates key updates from 80+ sources, including government organizations, cybersecurity vendors, threat intelligence teams, security research labs, and blogs from cybersecurity communities and professionals. It highlights the most significant threats, vulnerabilities, and developments from the past week to keep you informed.

Gov Feeds #

CISA has added two new known exploited vulnerabilities to its catalog: SonicWall SMA1000 (CVE-2025-23006) and JQuery Cross-Site Scripting (CVE-2020-11023). These vulnerabilities pose significant risks and require remediation to protect against threats (CISA Adds One Known Exploited Vulnerability to Catalog, CISA Adds One Known Exploited Vulnerability to Catalog).
Oracle has released its quarterly critical patch update, addressing multiple vulnerabilities, including those that could allow remote code execution across various Oracle products (Oracle Quarterly Critical Patches Issued January 21, 2025).
Multiple Industrial Control Systems (ICS) vulnerabilities were disclosed by CISA, affecting products from mySCADA, Schneider Electric, and Hitachi Energy among others. These include critical vulnerabilities that could allow remote code execution, unauthorized access, and privilege escalation (CISA Releases Six Industrial Control Systems Advisories, CISA Releases Three Industrial Control Systems Advisories).
CISA and the FBI issued a joint advisory on the chaining of vulnerabilities in Ivanti Cloud Service Applications, highlighting exploits in administrative bypass, SQL injection, and remote code execution vulnerabilities. Network defenders are advised to monitor for malicious activity and upgrade to the latest versions (Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications, CISA and FBI Release Advisory on How Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications).
The National Cyber Security Centre’s recent update emphasizes a significant increase in edge device vulnerabilities and exploitation. Upcoming guidance will be released for improved telemetry and forensics in early February (CTO at NCSC Summary: week ending January 26th).
Health-ISAC has emphasized the importance of improved cybersecurity measures for the healthcare sector, amidst rising challenges posed by AI, ransomware, and the necessity of securing medical devices and patient data (Securing Health Data in 2025: The Rising Cybersecurity Challenges, AI, Ransomware, and Medical Devices: Safeguarding Healthcare).
The European Data Protection Board has released guidelines on pseudonymization and its role in managing data protection risks, stressing the need for clear objectives and integration with competition law (Guidelines 01/2025 on Pseudonymisation, Position paper on Interplay between data protection and competition law).

Articles (26)

Josh Poster Appointed Director of Intelligence & Analysis by Press & News - Automotive ISAC on Wed, 22 Jan 2025 16:24:53 +0000
Oracle Quarterly Critical Patches Issued January 21, 2025 by Cyber Security Advisories - MS-ISAC on Tue, 21 Jan 2025 16:47:55 -0500
CISA Adds One Known Exploited Vulnerability to Catalog by All CISA Advisories on Fri, 24 Jan 25 12:00:00 +0000
mySCADA myPRO Manager by All CISA Advisories on Thu, 23 Jan 25 12:00:00 +0000
Schneider Electric EcoStruxure Power Build Rapsody by All CISA Advisories on Thu, 23 Jan 25 12:00:00 +0000
CISA Adds One Known Exploited Vulnerability to Catalog by All CISA Advisories on Thu, 23 Jan 25 12:00:00 +0000
Schneider Electric Easergy Studio by All CISA Advisories on Thu, 23 Jan 25 12:00:00 +0000
Schneider Electric EVlink Home Smart and Schneider Charge by All CISA Advisories on Thu, 23 Jan 25 12:00:00 +0000
HMS Networks Ewon Flexy 202 by All CISA Advisories on Thu, 23 Jan 25 12:00:00 +0000
Hitachi Energy RTU500 Series Product by All CISA Advisories on Thu, 23 Jan 25 12:00:00 +0000
CISA Releases Six Industrial Control Systems Advisories by All CISA Advisories on Thu, 23 Jan 25 12:00:00 +0000
Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications by All CISA Advisories on Wed, 22 Jan 25 12:00:00 +0000
CISA and FBI Release Advisory on How Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications by All CISA Advisories on Wed, 22 Jan 25 12:00:00 +0000
ZF Roll Stability Support Plus (RSSPlus) by All CISA Advisories on Tue, 21 Jan 25 12:00:00 +0000
Siemens SIMATIC S7-1200 CPUs by All CISA Advisories on Tue, 21 Jan 25 12:00:00 +0000
CISA Releases Three Industrial Control Systems Advisories by All CISA Advisories on Tue, 21 Jan 25 12:00:00 +0000
Traffic Alert and Collision Avoidance System (TCAS) II by All CISA Advisories on Tue, 21 Jan 25 12:00:00 +0000
CTO at NCSC Summary: week ending January 26th by CTO at NCSC - Cyber Defence Analysis on Sat, 25 Jan 2025 09:50:26 GMT
Health-ISAC Hacking Healthcare 1-24-2025 by Health-ISAC – Health Information Sharing and Analysis Center on Fri, 24 Jan 2025 20:30:43 +0000
Behavioral Incident Response Strategies in Clinical Settings by Health-ISAC – Health Information Sharing and Analysis Center on Fri, 24 Jan 2025 17:43:59 +0000
Cyber Threat Alliance Publishes 2025 Cybersecurity in the Age of AI by Health-ISAC – Health Information Sharing and Analysis Center on Thu, 23 Jan 2025 22:16:44 +0000
AI, Ransomware, and Medical Devices: Safeguarding Healthcare by Health-ISAC – Health Information Sharing and Analysis Center on Thu, 23 Jan 2025 15:24:00 +0000
Securing Health Data in 2025: The Rising Cybersecurity Challenges by Health-ISAC – Health Information Sharing and Analysis Center on Tue, 21 Jan 2025 21:09:06 +0000
Software Supply Chains and ISACs – The Inevitability Curve Podcast EP14 by Health-ISAC – Health Information Sharing and Analysis Center on Tue, 21 Jan 2025 19:12:03 +0000
Health-ISAC Hacking Healthcare 1-17-2025 by Health-ISAC – Health Information Sharing and Analysis Center on Tue, 21 Jan 2025 15:53:41 +0000
Oracle Quarterly Critical Patches Issued January 21, 2025 by Cyber Security Advisories - MS-ISAC on Tue, 21 Jan 2025 16:47:55 -0500

Vendor Feeds #

SonicWall’s Secure Mobile Access (SMA) 1000 product has a critical zero-day vulnerability (CVE-2025-23006) exploited in the wild. This flaw has a severity rating of 9.8 out of 10 and allows unauthenticated remote attackers to execute arbitrary commands (CVE-2025-23006: SonicWall Secure Mobile Access (SMA) 1000 Zero-Day Reportedly Exploited, More than 2,000 SonicWall devices vulnerable to critical zero-day).
A ransomware attack on Change Healthcare, now owned by UnitedHealth, affected approximately 190 million individuals, with hackers accessing extensive personal health data including insurance, medical, and financial information (UnitedHealth updates number of data breach victims to 190 million).
Check Point Research reported a massive data breach involving the hotel management platform Otelier, where threat actors stole almost eight terabytes of data from Amazon S3 cloud storage containing personal and reservation details for major hotel brands (20th January– Threat Intelligence Report).
The Andariel attack group is performing RID Hijacking attacks, a method involving modifications of the Relative Identifier of user accounts to bypass restrictions and gain privileges (RID Hijacking Technique Utilized by Andariel Attack Group).
The Federal Trade Commission (FTC) is investigating surveillance pricing practices where personal data including location and browser history are used to set individualized consumer prices, raising concerns over privacy and fairness (Your location or browsing habits could lead to price increases when buying online).
The World Economic Forum released AI security best practices, highlighting the need for risk management teams and robust cybersecurity controls for AI systems (Cybersecurity Snapshot: WEF Offers AI Security Best Practices).
Android devices have improved theft protection features with the introduction of Identity Check and Theft Detection Lock to enhance device security by requiring biometric authentication and locking screens during theft attempts (Android enhances theft protection with Identity Check and expanded features).

Articles (46)

Android Malware & Security Issue 4st Week of January, 2025 by ASEC on Thu, 23 Jan 2025 15:00:00 +0000
RID Hijacking Technique Utilized by Andariel Attack Group by ASEC on Wed, 22 Jan 2025 15:00:00 +0000
Ransom & Dark Web Issues Week 4, January 2025 by ASEC on Wed, 22 Jan 2025 15:00:00 +0000
Weekly Detection Rule (YARA and Snort) Information – Week 4, January 2025 by ASEC on Tue, 21 Jan 2025 15:00:00 +0000
The EDR That Became Legend by Broadcom Software Blogs on Wed, 22 Jan 2025 16:37:05 +0000
Some Legends Are True by Broadcom Software Blogs on Tue, 21 Jan 2025 16:16:17 +0000
20th January– Threat Intelligence Report by Check Point Research on Mon, 20 Jan 2025 15:03:57 +0000
From Chaos to Clarity: Navigating Threats With Cisco XDR by Security @ Cisco Blogs on Thu, 23 Jan 2025 13:00:00 +0000
Simplifying Zero Trust Security for the Modern Workplace by Security @ Cisco Blogs on Wed, 22 Jan 2025 13:00:00 +0000
CTI Developers: We Built an API for MITRE ATT&CK, CWE, CAPEC, ATLAS… and more! by dogesec on 2025-01-20T00:00:00+00:00
Android enhances theft protection with Identity Check and expanded features by Google Online Security Blog on 2025-01-23T13:00:00.003-05:00
Are successful deepfake scams more common than we realize? by Security Intelligence on Fri, 24 Jan 2025 17:00:00 +0000
How cyberattacks on grocery stores could threaten food security by Security Intelligence on Fri, 24 Jan 2025 14:00:00 +0000
Taking the fight to the enemy: Cyber persistence strategy gains momentum by Security Intelligence on Thu, 23 Jan 2025 14:00:00 +0000
2024 Cloud Threat Landscape Report: How does cloud security fail? by Security Intelligence on Wed, 22 Jan 2025 14:00:00 +0000
Why maintaining data cleanliness is essential to cybersecurity by Security Intelligence on Tue, 21 Jan 2025 17:00:00 +0000
Are attackers already embedded in U.S. critical infrastructure networks? by Security Intelligence on Tue, 21 Jan 2025 14:00:00 +0000
The Rise of Service-as-Software: How Autonomy is Redefining Cybersecurity by The SecOps Automation Blog from Intezer on Thu, 23 Jan 2025 10:00:00 +0000
Zero to Action: How AI Transforms Incident Response from Reactive to Proactive by The SecOps Automation Blog from Intezer on Tue, 21 Jan 2025 18:29:32 +0000
Texas scrutinizes four more car manufacturers on privacy issues by Malwarebytes on Fri, 24 Jan 2025 16:18:42 GMT
Warning: Don’t sell or buy a second hand iPhone with TikTok already installed by Malwarebytes on Thu, 23 Jan 2025 14:35:46 GMT
7-Zip bug could allow a bypass of a Windows security feature. Update now by Malwarebytes on Wed, 22 Jan 2025 13:33:13 GMT
AI tool GeoSpy analyzes images and identifies locations in seconds by Malwarebytes on Tue, 21 Jan 2025 14:10:04 GMT
Your location or browsing habits could lead to price increases when buying online by Malwarebytes on Mon, 20 Jan 2025 14:50:24 GMT
A week in security (January 13 – January 19) by Malwarebytes on Mon, 20 Jan 2025 08:02:57 GMT
AI-Driven Security by Palo Alto Networks and IBM by Palo Alto Networks Blog on Thu, 23 Jan 2025 19:56:12 +0000
A New Era of Protection — Multicloud Security by Palo Alto Networks Blog on Wed, 22 Jan 2025 17:23:57 +0000
Proofpoint and Ingram Micro Team to Radically Simplify and Accelerate Sales Cycles for Partners by Proofpoint News Feed on 23 Jan 2025 07:05:33
Cyber diplomacy funding halted as US issues broad freeze on foreign aid by The Record from Recorded Future News on Sat, 25 Jan 2025 19:05:44 GMT
UnitedHealth updates number of data breach victims to 190 million by The Record from Recorded Future News on Sat, 25 Jan 2025 12:52:12 GMT
More than 2,000 SonicWall devices vulnerable to critical zero-day by The Record from Recorded Future News on Fri, 24 Jan 2025 21:36:27 GMT
Politicization of intel oversight board could threaten key US-EU data transfer agreement by The Record from Recorded Future News on Fri, 24 Jan 2025 20:36:51 GMT
At least $69 million stolen from crypto platform Phemex in suspected cyberattack by The Record from Recorded Future News on Fri, 24 Jan 2025 17:45:59 GMT
RST TI Report Digest: 20 Jan 2025 by Stories by RST Cloud on Medium on Mon, 20 Jan 2025 02:46:34 GMT
Insurance companies can reduce risk with Attack Path Management by Posts By SpecterOps Team Members - Medium on Thu, 23 Jan 2025 20:36:51 GMT
Entra Connect Attacker Tradecraft: Part 2 by Posts By SpecterOps Team Members - Medium on Wed, 22 Jan 2025 17:32:02 GMT
Life at SpecterOps Part II: From Dream to Reality by Posts By SpecterOps Team Members - Medium on Tue, 21 Jan 2025 16:56:13 GMT
Cybersecurity Snapshot: WEF Offers AI Security Best Practices, as DORA Regulation Places Strict Cyber Rules on Banks by Tenable Blog on Fri, 24 Jan 2025 09:00:00 -0500
CVE-2025-23006: SonicWall Secure Mobile Access (SMA) 1000 Zero-Day Reportedly Exploited by Tenable Blog on Thu, 23 Jan 2025 12:54:00 -0500
Salt Typhoon: An Analysis of Vulnerabilities Exploited by this State-Sponsored Actor by Tenable Blog on Thu, 23 Jan 2025 09:00:00 -0500
Oracle January 2025 Critical Patch Update Addresses 186 CVEs by Tenable Blog on Wed, 22 Jan 2025 12:52:40 -0500
Pwn2Own Automotive 2025 - Day Three and Final Results by Zero Day Initiative - Blog on Fri, 24 Jan 2025 03:17:16 +0000
Pwn2Own Automotive 2025 - Day Two Results by Zero Day Initiative - Blog on Thu, 23 Jan 2025 03:41:34 +0000
Pwn2Own Automotive 2025 - Day One Results by Zero Day Initiative - Blog on Wed, 22 Jan 2025 03:23:23 +0000
Pwn2Own Automotive 2025: The Full Schedule by Zero Day Initiative - Blog on Tue, 21 Jan 2025 08:49:24 +0000
Looking at the Attack Surfaces of the Pioneer DMH-WT7600NEX IVI by Zero Day Initiative - Blog on Mon, 20 Jan 2025 16:00:00 +0000

News Feeds #

A major cybersecurity incident has affected 190 million Americans due to a ransomware attack on UnitedHealth’s subsidiary, Change Healthcare. This breach highlights significant vulnerabilities in healthcare data handling (UnitedHealth now says 190 million impacted by 2024 data breach, UnitedHealth Group’s Massive Data Breach Impacts 190 Million Americans).
Sony’s SMA appliance vulnerability allows remote code execution with a severity score of 9.8. It’s crucial for users to apply the latest patch to prevent exploitation (SonicWall pushes urgent patch for its SMA appliance, CISA Warns of SonicWall 0-day RCE Vulnerability Exploited in Wild).
A new backdoor targeting Juniper routers, dubbed “J-Magic,” exploits devices configured as VPN gateways, emphasizing the need for enhanced security monitoring on network infrastructure (New backdoor discovered that specifically targets Juniper routers, Black ‘Magic’ Targets Enterprise Juniper Routers With Backdoor).
North Korea’s fraudulent IT worker scheme led to the indictment of five individuals by the DOJ. This scheme highlights vulnerabilities in hiring processes for remote positions in the IT sector (DOJ indicts five in North Korean fake IT worker scheme, North Korean Cyber Fraud Scheme Targets U.S. Firms, DOJ Indicts Five Individuals).
Experts warned of a significant ChatGPT API vulnerability that could be exploited for DDoS attacks, though the issue has been addressed. This points to the importance of rigorous security protocols for emerging AI technologies (‘Severe’ bug in ChatGPT’s API could be used to DDoS websites).
New ransomware campaigns are utilizing Microsoft Teams for fake tech support scams, targeting multiple organizations, which could pose new risks for companies using collaborative platforms (Ransomware groups pose as fake tech support over Teams).
Cyble research discovered security vendor credentials available on the dark web, raising concerns over the protection of sensitive information by cybersecurity companies and the strength of existing authentication mechanisms (Account Credentials for Security Vendors Found on Dark Web).
Cloudflare detected a record-breaking 5.6 Tbps DDoS attack using Mirai botnet variants, illustrating the need for robust automated defenses against increasingly large and complex DDoS threats (Cloudflare detected (and blocked) the biggest DDoS attack on record).

Articles (124)

UnitedHealth now says 190 million impacted by 2024 data breach by BleepingComputer on Sun, 26 Jan 2025 11:29:17 -0500
Ransomware gang uses SSH tunnels for stealthy VMware ESXi access by BleepingComputer on Sun, 26 Jan 2025 10:19:29 -0500
TalkTalk investigates breach after data for sale on hacking forum by BleepingComputer on Sat, 25 Jan 2025 16:23:24 -0500
PayPal to pay $2 million settlement over 2022 data breach by BleepingComputer on Sat, 25 Jan 2025 10:15:25 -0500
Zyxel warns of bad signature update causing firewall boot loops by BleepingComputer on Fri, 24 Jan 2025 15:39:00 -0500
Microsoft to deprecate WSUS driver synchronization in 90 days by BleepingComputer on Fri, 24 Jan 2025 15:13:28 -0500
Subaru Starlink flaw let hackers hijack cars in US and Canada by BleepingComputer on Fri, 24 Jan 2025 12:35:36 -0500
Hackers use Windows RID hijacking to create hidden admin account by BleepingComputer on Fri, 24 Jan 2025 12:25:38 -0500
Hacker infects 18,000 “script kiddies” with fake malware builder by BleepingComputer on Fri, 24 Jan 2025 11:34:40 -0500
Microsoft: Outdated Exchange servers fail to auto-mitigate security bugs by BleepingComputer on Fri, 24 Jan 2025 10:26:27 -0500
Managed Detection and Response – How are you monitoring? by BleepingComputer on Fri, 24 Jan 2025 09:02:11 -0500
Hackers get $886,250 for 49 zero-days at Pwn2Own Automotive 2025 by BleepingComputer on Fri, 24 Jan 2025 08:00:37 -0500
Modernizing bp’s application landscape with AI by Modernizing bp’s application landscape with AI | CIO on Fri, 24 Jan 2025 21:05:03 +0000
El Hospital Sant Joan de Déu mejora la atención al paciente a través de un nuevo modelo de gestión de datos by Modernizing bp’s application landscape with AI | CIO on Fri, 24 Jan 2025 12:11:08 +0000
El 29% de los CDO no ven futuro en el puesto by Modernizing bp’s application landscape with AI | CIO on Fri, 24 Jan 2025 10:52:47 +0000
EUSPA adjudica a GMV la nueva versión del generador de datos del servicio HAS de Galileo by Modernizing bp’s application landscape with AI | CIO on Fri, 24 Jan 2025 10:03:20 +0000
29% of CDOs don’t see a future in the position by Modernizing bp’s application landscape with AI | CIO on Fri, 24 Jan 2025 10:01:00 +0000
Corporate One enables immediate payments with data orchestration hub by Modernizing bp’s application landscape with AI | CIO on Fri, 24 Jan 2025 10:00:00 +0000
Los líderes empresariales prevén centrar la inversión en innovación, eficiencia y resiliencia by Modernizing bp’s application landscape with AI | CIO on Fri, 24 Jan 2025 08:49:01 +0000
“AI 답변 근거 추가 더 쉽게”··· 앤트로픽, 출처 검증 기능 ‘사이테이션’ 출시 by Modernizing bp’s application landscape with AI | CIO on Fri, 24 Jan 2025 08:06:10 +0000
칼럼 | EU서 사업 중인 조직, 지금 바로 DORA 규정을 살펴야 하는 이유 by Modernizing bp’s application landscape with AI | CIO on Fri, 24 Jan 2025 08:00:48 +0000
World2Meet redefine la asistencia al viajero con un innovador avatar hiperrealista by Modernizing bp’s application landscape with AI | CIO on Fri, 24 Jan 2025 07:52:07 +0000
中 AI 스타트업 딥시크, ‘오픈AI o1’ 겨냥한 오픈소스 모델 공개 by Modernizing bp’s application landscape with AI | CIO on Fri, 24 Jan 2025 07:36:59 +0000
계속되는 변화 속, IT 리더가 새롭게 갖춰야 할 역량은? by Modernizing bp’s application landscape with AI | CIO on Fri, 24 Jan 2025 06:49:12 +0000
기고 | ‘개발자 친화를 지향하는’ 기업이 감안할 3가지 기둥 by Modernizing bp’s application landscape with AI | CIO on Fri, 24 Jan 2025 05:48:27 +0000
“클릭부터 결제까지 알아서 척척”··· 오픈AI, 웹서핑하는 AI ‘오퍼레이터’ 공개 by Modernizing bp’s application landscape with AI | CIO on Fri, 24 Jan 2025 03:31:05 +0000
한국레노버, AI 지원 ‘씽크패드 X9’ 시리즈 2종 국내 출시 by Modernizing bp’s application landscape with AI | CIO on Fri, 24 Jan 2025 03:30:02 +0000
최형광 칼럼 | 미국 우선주의의 황금시대란? by Modernizing bp’s application landscape with AI | CIO on Fri, 24 Jan 2025 03:09:19 +0000
BMC Software survey: IT leaders bullish on generative and agentic AI by Modernizing bp’s application landscape with AI | CIO on Thu, 23 Jan 2025 16:01:00 +0000
Revolutionizing procurement: How AI drives efficiency & profitability by Modernizing bp’s application landscape with AI | CIO on Thu, 23 Jan 2025 15:05:09 +0000
FinOps automation: Raising the bar on lowering cloud costs by Modernizing bp’s application landscape with AI | CIO on Thu, 23 Jan 2025 14:42:52 +0000
Oracle’s growing impact in the Middle East: Driving AI and cloud innovation by Modernizing bp’s application landscape with AI | CIO on Thu, 23 Jan 2025 13:43:03 +0000
SonicWall pushes urgent patch for its SMA appliance by CyberScoop on Thu, 23 Jan 2025 22:14:21 +0000
DOJ indicts five in North Korean fake IT worker scheme by CyberScoop on Thu, 23 Jan 2025 20:59:08 +0000
New backdoor discovered that specifically targets Juniper routers by CyberScoop on Thu, 23 Jan 2025 15:00:00 +0000
Removal of Cyber Safety Review Board members sparks alarm from cyber pros, key lawmaker by CyberScoop on Wed, 22 Jan 2025 21:26:44 +0000
BreachForums founder to be resentenced after court vacates previous punishment by CyberScoop on Wed, 22 Jan 2025 20:56:53 +0000
‘Severe’ bug in ChatGPT’s API could be used to DDoS websites by CyberScoop on Wed, 22 Jan 2025 19:45:29 +0000
Cloudflare detected (and blocked) the biggest DDoS attack on record by CyberScoop on Wed, 22 Jan 2025 16:13:29 +0000
Government battles against tech could leave consumers less secure by CyberScoop on Wed, 22 Jan 2025 11:00:00 +0000
Ransomware groups pose as fake tech support over Teams by CyberScoop on Tue, 21 Jan 2025 22:50:57 +0000
From qualitative to quantifiable: Transforming cyber risk management for critical infrastructure by CyberScoop on Tue, 21 Jan 2025 14:00:00 +0000
Weekly Cybersecurity Update: Recent Cyber Attacks, Vulnerabilities, and Data Breaches by Cyber Security News on Sun, 26 Jan 2025 16:12:27 +0000
INE Security Alert: Expediting CMMC 2.0 Compliance by Cyber Security News on Sun, 26 Jan 2025 15:24:59 +0000
10 Best Vulnerability Assessment and Penetration Testing (VAPT) Tools in 2025 by Cyber Security News on Sat, 25 Jan 2025 11:28:41 +0000
Microsoft Entra ID Bug Allow Unprivileged Users to Change Their User Principal Names by Cyber Security News on Sat, 25 Jan 2025 05:39:01 +0000
IntelBroker Resigned as a BreachForums Owner by Cyber Security News on Sat, 25 Jan 2025 05:01:21 +0000
Kubernetes Cluster RCE Vulnerability Let Attacker Takeover All Windows Nodes by Cyber Security News on Fri, 24 Jan 2025 18:57:55 +0000
CISA Warns of SonicWall 0-day RCE Vulnerability Exploited in Wild by Cyber Security News on Fri, 24 Jan 2025 18:42:42 +0000
100+ Vulnerabilities in LTE & 5G Infrastructure Enable Remote Core Compromise by Cyber Security News on Fri, 24 Jan 2025 15:43:08 +0000
CISA Releases Six ICS Advisories Highlighting Critical Security Vulnerabilities by Cyber Security News on Fri, 24 Jan 2025 15:15:58 +0000
PayPal Hit With $2 Million Fine For Cybersecurity Failures by Cyber Security News on Fri, 24 Jan 2025 14:53:49 +0000
CISOs Are Gaining C-Suite Swagger, but Has It Come With a Cost? by darkreading on Fri, 24 Jan 2025 22:45:57 GMT
DoJ Busts Up Another Multinational DPRK IT Worker Scam by darkreading on Fri, 24 Jan 2025 21:51:44 GMT
MITRE’s Latest ATT&CK Simulations Tackle Cloud Defenses by darkreading on Fri, 24 Jan 2025 19:47:37 GMT
Cisco: Critical Meeting Management Bug Requires Urgent Patch by darkreading on Fri, 24 Jan 2025 19:38:35 GMT
3 Use Cases for Third-Party API Security by darkreading on Fri, 24 Jan 2025 19:14:06 GMT
Strengthening Our National Security in the AI Era by darkreading on Fri, 24 Jan 2025 15:00:00 GMT
War Game Pits China Against Taiwan in All-Out Cyberwar by darkreading on Fri, 24 Jan 2025 02:00:00 GMT
Tesla Gear Gets Hacked Multiple Times in Pwn2Own Contests by darkreading on Thu, 23 Jan 2025 22:24:16 GMT
CISA Calls For Action to Close the Software Understanding Gap by darkreading on Thu, 23 Jan 2025 22:14:18 GMT
Omdia Finds Phishing Attacks Top Smartphone Security Concern for Consumers by darkreading on Thu, 23 Jan 2025 22:10:47 GMT
Automox Releases Endpoint Management With FastAgent by darkreading on Thu, 23 Jan 2025 22:02:12 GMT
84% of Healthcare Organizations Spotted a Cyberattack in the Late Year by darkreading on Thu, 23 Jan 2025 21:56:16 GMT
Cloudflare CDN Bug Outs User Locations on Signal, Discord by darkreading on Thu, 23 Jan 2025 20:37:53 GMT
CISA: Ivanti Vulns Chained Together in Cyberattack Onslaught by darkreading on Thu, 23 Jan 2025 17:57:23 GMT
The Security Risk of Rampant Shadow AI by darkreading on Thu, 23 Jan 2025 15:00:00 GMT
Black ‘Magic’ Targets Enterprise Juniper Routers With Backdoor by darkreading on Thu, 23 Jan 2025 15:00:00 GMT
Doti AI Launches Platform to Securely Find Enterprise Data by darkreading on Wed, 22 Jan 2025 23:26:53 GMT
Security Needs to Start Saying ‘No’ Again by darkreading on Wed, 22 Jan 2025 22:30:05 GMT
Trump Overturns Biden Rules on AI Development, Security by darkreading on Wed, 22 Jan 2025 22:17:08 GMT
Chinese Cyberspies Target South Korean VPN in Supply Chain Attack by darkreading on Wed, 22 Jan 2025 20:49:41 GMT
Trump Pardons ‘Silk Road’ Dark Web Drug Market Creator by darkreading on Wed, 22 Jan 2025 20:24:12 GMT
Will 2025 See a Rise of NHI Attacks? by darkreading on Wed, 22 Jan 2025 15:00:00 GMT
Mandatory MFA, Biometrics Make Headway in Middle East, Africa by darkreading on Wed, 22 Jan 2025 07:00:00 GMT
[Virtual Event]: Cybersecurity’s Most Promising New and Emerging Technologies by darkreading on Tue, 21 Jan 2025 23:02:17 GMT
Trump Fires Cyber Safety Board Investigating Salt Typhoon Hackers by darkreading on Tue, 21 Jan 2025 22:21:50 GMT
Email Bombing, ‘Vishing’ Tactics Abound in Microsoft 365 Attacks by darkreading on Tue, 21 Jan 2025 21:50:25 GMT
DONOT Group Deploys Malicious Android Apps in India by darkreading on Tue, 21 Jan 2025 21:15:18 GMT
HPE Investigates After Alleged Data Breach by darkreading on Tue, 21 Jan 2025 20:30:38 GMT
Mirai Botnet Spinoffs Unleash Global Wave of DDoS Attacks by darkreading on Tue, 21 Jan 2025 18:09:18 GMT
Cisco Previews AI Defenses to Cloud Security Platform by darkreading on Tue, 21 Jan 2025 15:07:41 GMT
Why CISOs Must Think Clearly Amid Regulatory Chaos by darkreading on Tue, 21 Jan 2025 15:00:00 GMT
Name That Toon: Incentives by darkreading on Mon, 20 Jan 2025 17:04:13 GMT
US Ban on Automotive Components Could Curb Supply Chain by darkreading on Mon, 20 Jan 2025 14:30:00 GMT
Phishing Attacks Are the Most Common Smartphone Security Issue for Consumers by darkreading on Mon, 20 Jan 2025 14:00:00 GMT
INE Security Alert: Expediting CMMC 2.0 Compliance by GBHackers Security | #1 Globally Trusted Cyber Security News Platform on Sun, 26 Jan 2025 15:25:06 +0000
Subaru’s STARLINK Connected Car’s Vulnerability Let Attackers Gain Restricted Access by GBHackers Security | #1 Globally Trusted Cyber Security News Platform on Fri, 24 Jan 2025 14:24:00 +0000
Android Kiosk Tablets Vulnerability Let Attackers Control AC & Lights by GBHackers Security | #1 Globally Trusted Cyber Security News Platform on Fri, 24 Jan 2025 12:48:34 +0000
CISA Releases Six ICS Advisories Details Security Issues by GBHackers Security | #1 Globally Trusted Cyber Security News Platform on Fri, 24 Jan 2025 11:40:37 +0000
Juniper Routers Exploited via Magic Packet Vulnerability to Deploy Custom Backdoor by GBHackers Security | #1 Globally Trusted Cyber Security News Platform on Fri, 24 Jan 2025 10:44:08 +0000
Beware of Fake Captcha Verifications Spreading Lumma Malware by GBHackers Security | #1 Globally Trusted Cyber Security News Platform on Fri, 24 Jan 2025 10:43:14 +0000
KEYPLUG Infrastructure Exposed: Server Configurations and TLS Certificates Revealed by GBHackers Security | #1 Globally Trusted Cyber Security News Platform on Fri, 24 Jan 2025 10:41:48 +0000
PayPal Fined $2 Million Fine For Violating Cybersecurity Regulations by GBHackers Security | #1 Globally Trusted Cyber Security News Platform on Fri, 24 Jan 2025 10:37:56 +0000
Salt Typhoon Hacked Nine U.S. Telecoms, Tactics and Techniques Revealed by GBHackers Security | #1 Globally Trusted Cyber Security News Platform on Fri, 24 Jan 2025 10:11:39 +0000
HellCat and Morpheus Ransomware Share Identical Payloads for Attacks by GBHackers Security | #1 Globally Trusted Cyber Security News Platform on Fri, 24 Jan 2025 09:35:04 +0000
INE Security Alert: Expediting CMMC 2.0 Compliance by Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News on Sun, 26 Jan 2025 14:00:26 +0000
UnitedHealth Group’s Massive Data Breach Impacts 190 Million Americans by Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News on Sat, 25 Jan 2025 17:05:12 +0000
American National Insurance Company (ANICO) Data Leaked in MOVEit Breach by Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News on Sat, 25 Jan 2025 13:03:55 +0000
US Charges Five in North Korean IT Worker Hiring Scam by Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News on Fri, 24 Jan 2025 18:13:07 +0000
Hackers Use XWorm RAT to Exploit Script Kiddies, Pwning 18,000 Devices by Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News on Fri, 24 Jan 2025 16:19:52 +0000
Chinese PlushDaemon APT Targets S. Korean IPany VPN with Backdoor by Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News on Thu, 23 Jan 2025 20:36:19 +0000
Meet GhostGPT: The Malicious AI Chatbot Fueling Cybercrime and Scams by Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News on Thu, 23 Jan 2025 19:20:34 +0000
Memcyco Announces Next-Gen, AI Solution to Combat Fraud and Impersonation Attacks in Real Time by Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News on Thu, 23 Jan 2025 15:40:24 +0000
You are Not Alone, ChatGPT is Down by Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News on Thu, 23 Jan 2025 13:01:29 +0000
Zendesk’s Subdomain Registration Exposed to Phishing, Pig Butchering Scams by Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News on Wed, 22 Jan 2025 20:35:23 +0000
North Korean Cyber Fraud Scheme Targets U.S. Firms, DOJ Indicts Five Individuals by The Cyber Express on Fri, 24 Jan 2025 09:09:10 +0000
FalconFeedsio X Account Hacked, Promoting Fraudulent Crypto Scams by The Cyber Express on Fri, 24 Jan 2025 08:04:55 +0000
Harrison County Schools Hit by Cyberattack, Investigation Underway by The Cyber Express on Fri, 24 Jan 2025 06:24:47 +0000
Cisco Warns of Critical Privilege Escalation Vulnerability in Meeting Management Platform by The Cyber Express on Thu, 23 Jan 2025 11:37:43 +0000
Why AWS S3 Buckets Are the New Target for Ransomware Campaigns by The Cyber Express on Thu, 23 Jan 2025 11:05:59 +0000
What Makes Bulletproof Hosting Providers a Growing Danger in Australia by The Cyber Express on Thu, 23 Jan 2025 10:38:19 +0000
Zero Day: Robert De Niro Tackles a Devastating Cyberattack in Netflix’s Thrilling New Series by The Cyber Express on Thu, 23 Jan 2025 07:07:29 +0000
Four Critical Ivanti CSA Vulnerabilities Exploited—CISA and FBI Urge Mitigation by The Cyber Express on Thu, 23 Jan 2025 05:42:42 +0000
Account Credentials for Security Vendors Found on Dark Web by The Cyber Express on Wed, 22 Jan 2025 18:54:55 +0000
Australia’s 2025 Federal Election: EIAT Highlights Key Threats to Electoral Integrity by The Cyber Express on Wed, 22 Jan 2025 11:04:52 +0000
The top 10 brands exploited in phishing attacks - and how to protect yourself by Latest stories for ZDNET in Security on Fri, 24 Jan 2025 16:31:04 GMT
The best password managers for businesses in 2025: Expert tested by Latest stories for ZDNET in Security on Fri, 24 Jan 2025 15:33:00 GMT
For anonymous browsing, these extensions are the next best thing to Tor by Latest stories for ZDNET in Security on Thu, 23 Jan 2025 18:49:00 GMT
The best secure browsers for privacy in 2025: Expert tested by Latest stories for ZDNET in Security on Thu, 23 Jan 2025 15:35:00 GMT
The best security keys of 2025: Expert tested by Latest stories for ZDNET in Security on Thu, 23 Jan 2025 12:00:17 GMT
The best travel VPNs of 2025: Expert tested and reviewed by Latest stories for ZDNET in Security on Wed, 22 Jan 2025 19:00:20 GMT
Is classic Outlook crashing when you start or reply to an email? A fix is on the way by Latest stories for ZDNET in Security on Wed, 22 Jan 2025 14:54:06 GMT
How to tell if an AirTag is secretly tracking you - and what to do about it by Latest stories for ZDNET in Security on Tue, 21 Jan 2025 17:02:00 GMT

Personal Feeds #

Nearly half of observed security alerts are due to overprivileged service accounts in cloud environments. Credential weaknesses and misconfigured cloud services remain major attack vectors (Google Cloud Security Threat Horizons Report #11 Is Out!).
A sharp increase in API and UI compromises accounted for 17.1% of incidents, with threat actors exploiting insecure private keys. Lateral movement by attackers accounted for 62.2% of penetrated environments (Google Cloud Security Threat Horizons Report #11 Is Out!).
The BSC blockchain is a prime target for on-chain exploitation, with smaller projects frequently compromised. Ethereum remains vulnerable with significant financial losses from breaches such as the $200K UniLend hack (BlockThreat - Week 3, 2025).
Koi Loader and Koi Stealer malware campaigns are active, utilizing social engineering and insecure downloads to compromise systems (2025-01-22: Traffic Analysis Exercise, 2025-01-21: Quick post for Koi Loader/Koi Stealer activity).
A DNS misconfiguration at MasterCard persisted for nearly five years, exposing the company to potential traffic interception or redirection (MasterCard DNS Error Went Unnoticed for Years).
Change Healthcare reported a data breach impacting 190 million individuals, with increased ransom activities from groups like Alphv/BlackCat (Change Healthcare data breach exposed the private data of over half the U.S.).
SonicWall SMA1000 zero-day vulnerability, CVE-2025-23006, was added to CISA’s Known Exploited Vulnerabilities catalog, evidencing exploitation in the wild (U.S. CISA adds SonicWall SMA1000 flaw to its Known Exploited Vulnerabilities catalog, SonicWall warns of a critical CVE-2025-23006 zero-day likely exploited in the wild).
A new executive order signed by President Biden strengthens cybersecurity measures by mandating secure software development practices from contractors, enforced through government procurement processes (Biden Signs New Cybersecurity Order).

Articles (33)

Google Cloud Security Threat Horizons Report #11 Is Out! by Anton on Security - Medium on Wed, 22 Jan 2025 19:00:50 GMT
BlockThreat - Week 3, 2025 by Blockchain Threat Intelligence on Wed, 22 Jan 2025 20:01:47 GMT
2025-01-22: Traffic Analysis Exercise - Download from fake software site by Malware-Traffic-Analysis.net - Blog Entries on Thu, 23 Jan 2025 18:18 +0000
2025-01-21: Quick post for Koi Loader/Koi Stealer activity by Malware-Traffic-Analysis.net - Blog Entries on Thu, 23 Jan 2025 05:48 +0000
A CISO’s Guide to Building a World-Class Security Champion Program by CISO Tradecraft® Newsletter on Wed, 22 Jan 2025 02:42:24 GMT
World Economic Forum 2025: Navigating Cybersecurity in an Era of Complexity by Lohrmann on Cybersecurity on Sun, 26 Jan 2025 10:37:00 GMT
The Agentic SIEM by Detection at Scale on Tue, 21 Jan 2025 14:06:49 GMT
Be careful what you say about data leaks in Turkey, new law could mean prison for reporting hacks by Graham Cluley on Fri, 24 Jan 2025 09:34:19 +0000
Smashing Security podcast #401: Hacks on the high seas, and how your home can be stolen under your nose by Graham Cluley on Thu, 23 Jan 2025 00:00:09 +0000
Half a million hotel guests at risk after hackers accessed sensitive data by Graham Cluley on Wed, 22 Jan 2025 10:06:03 +0000
The AI Fix #34: Fake Brad Pitt and why AI means we will lose our jobs by Graham Cluley on Tue, 21 Jan 2025 18:34:34 +0000
Medusa ransomware: what you need to know by Graham Cluley on Tue, 21 Jan 2025 13:06:22 +0000
MasterCard DNS Error Went Unnoticed for Years by Krebs on Security on Wed, 22 Jan 2025 15:24:41 +0000
Change Healthcare data breach exposed the private data of over half the U.S. by Security Affairs on Sun, 26 Jan 2025 16:09:46 +0000
SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 30 by Security Affairs on Sun, 26 Jan 2025 14:43:24 +0000
Security Affairs newsletter Round 508 by Pierluigi Paganini – INTERNATIONAL EDITION by Security Affairs on Sun, 26 Jan 2025 14:30:13 +0000
Cisco warns of a ClamAV bug with PoC exploit by Security Affairs on Sun, 26 Jan 2025 06:58:23 +0000
Subaru Starlink flaw allowed experts to remotely hack cars by Security Affairs on Sat, 25 Jan 2025 19:26:30 +0000
Participants in the Pwn2Own Automotive 2025 earned $886,250 by Security Affairs on Sat, 25 Jan 2025 15:58:59 +0000
U.S. CISA adds SonicWall SMA1000 flaw to its Known Exploited Vulnerabilities catalog by Security Affairs on Fri, 24 Jan 2025 20:01:38 +0000
J-magic malware campaign targets Juniper routers by Security Affairs on Fri, 24 Jan 2025 19:35:51 +0000
SonicWall warns of a critical CVE-2025-23006 zero-day likely exploited in the wild by Security Affairs on Fri, 24 Jan 2025 09:36:35 +0000
U.S. CISA adds JQuery flaw to its Known Exploited Vulnerabilities catalog by Security Affairs on Thu, 23 Jan 2025 23:06:29 +0000
Friday Squid Blogging: Beaked Whales Feed on Squid by Schneier on Security on Fri, 24 Jan 2025 22:01:29 +0000
Third Interdisciplinary Workshop on Reimagining Democracy (IWORD 2024) by Schneier on Security on Thu, 23 Jan 2025 14:58:39 +0000
AI Will Write Complex Laws by Schneier on Security on Wed, 22 Jan 2025 12:04:19 +0000
AI Mistakes Are Very Different from Human Mistakes by Schneier on Security on Tue, 21 Jan 2025 12:02:47 +0000
Biden Signs New Cybersecurity Order by Schneier on Security on Mon, 20 Jan 2025 12:06:19 +0000
Battle Cards! by The Security Industry on Fri, 24 Jan 2025 15:59:51 GMT
Create a SWOT in 2 Minutes by The Security Industry on Wed, 22 Jan 2025 16:02:58 GMT
Weekly Update 436 by Troy Hunt on Sat, 25 Jan 2025 04:42:04 GMT
You Can’t Trust Hackers, and Other Data Breach Verification Tales by Troy Hunt on Thu, 23 Jan 2025 03:14:52 GMT
Weekly Update 435 by Troy Hunt on Tue, 21 Jan 2025 02:14:07 GMT

Community Feeds #

A critical Windows OLE Remote Code Execution vulnerability, CVE-2025-21298, has been identified with a CVSS score of 9.8. This highlights a significant risk requiring immediate attention (Proof-of-concept for CVE-2025-21298 - Windows OLE Remote Code Execution Vulnerability (CVSS 9.8)).
A ransomware gang is exploiting SSH tunnels to gain stealthy access to VMware ESXi servers, emphasizing a pivot towards more covert lateral movement tactics (Ransomware gang uses SSH tunnels for stealthy VMware ESXi access).
UnitedHealth reported a massive data breach affecting 190 million individuals, marking a significant escalation in the impact of healthcare sector breaches this year (UnitedHealth now says 190 million impacted by 2024 data breach, UnitedHealth confirms 190 million Americans affected by Change Healthcare data breach).
Access broker groups continue to pose significant threats by maintaining persistence in compromised environments, often using bots like SystemBC as a SOCKS5 proxy for anonymity (Guest Diary How Access Brokers Maintain Persistence).
Major Chamber of Commerce software platforms contain API security gaps that could expose data of approximately 1.35 million businesses, underlining the importance of API security (Major Chamber of Commerce software platforms have API security gaps exposing member data).
Clone2Leak demonstrates a new threat to Git repositories by risking credential exposure, highlighting a pressing need for securing these systems (Clone2Leak: Your Git Credentials Belong To Us).
Blackhat SEO attacks have exploited JavaScript code to target 500 government and university websites, demonstrating the extended reach of such tactics (Blackhat SEO JavaScript attack on 500 Gov and Uni websites).
An increase in phishing efforts via cross-site scripting (XSS) vulnerabilities within email services is being reported, evidencing a shift in tactics to leverage unsecured webmail implementations (XSS Attempts via E-Mail).
A security advisory has been issued for the meta-llama/llama-stack due to CVE-2024-50050, emphasizing vulnerabilities affecting AI infrastructure (CVE-2024-50050: Critical Vulnerability in meta-llama/llama-stack).

Articles (60)

I’m a CISO who has built a successful security metrics and reporting program - Ask Me Anything about demonstrating security’s value to the business. by cybersecurity on 2025-01-26T15:20:05+00:00
Mentorship Monday - Post All Career, Education and Job questions here! by cybersecurity on 2025-01-20T00:00:39+00:00
What’s next after CISSP by cybersecurity on 2025-01-26T14:06:03+00:00
Outside of Work, How Many Hours per Week Do You Study? by cybersecurity on 2025-01-25T23:54:16+00:00
2024 End of Year Salary Sharing Thread by cybersecurity on 2025-01-26T00:34:22+00:00
How do you keep up with the latest trends/ news/ threats? by cybersecurity on 2025-01-26T15:52:00+00:00
What made the biggest difference to your career at the early/mid stage? by cybersecurity on 2025-01-26T08:11:08+00:00
Ransomware gang uses SSH tunnels for stealthy VMware ESXi access by cybersecurity on 2025-01-26T16:16:03+00:00
UnitedHealth now says 190 million impacted by 2024 data breach by cybersecurity on 2025-01-26T17:10:04+00:00
Join me for an AMA with the CTO of Container Security at Wiz - Tomorrow @ 9:00am ET by cybersecurity on 2025-01-26T17:04:01+00:00
Cloud Flare Flexible SSL (How much web traffic isn’t fully encrypted) by cybersecurity on 2025-01-26T01:42:22+00:00
Major Chamber of Commerce software platforms have API security gaps exposing member data. Affecting approximately 4,500 chambers and potentially 1.35 million businesses. by cybersecurity on 2025-01-25T16:52:18+00:00
Infosec Events and Networking (social) by cybersecurity on 2025-01-26T11:21:28+00:00
McAfee/Skyhigh web gateway on prem course and lab by cybersecurity on 2025-01-26T09:29:36+00:00
FQDNs to block on your network by cybersecurity on 2025-01-26T15:55:26+00:00
Corporate only by cybersecurity on 2025-01-25T18:25:15+00:00
Weekly “trick” - Tight a security of a a Web Server. Effective method against privilege escalations using immutable bit. by cybersecurity on 2025-01-26T12:44:35+00:00
97% of Google’s security events are automated - human analysts only see 3% by cybersecurity on 2025-01-24T23:13:26+00:00
UnitedHealth confirms 190 million Americans affected by Change Healthcare data breach by cybersecurity on 2025-01-25T00:26:52+00:00
What Learnings Can I Present from the PowerSchool Breach? by cybersecurity on 2025-01-26T14:12:33+00:00
Open Source tool for Malware Detection by cybersecurity on 2025-01-25T18:09:48+00:00
This is a proof-of-concept for CVE-2025-21298 - Windows OLE Remote Code Execution Vulnerability (CVSS 9.8) by cybersecurity on 2025-01-25T18:06:56+00:00
How to begin a career in cyber security? by cybersecurity on 2025-01-26T14:54:05+00:00
Should I pursue ms in cyber security from by cybersecurity on 2025-01-26T16:53:49+00:00
Recommended scorm phishing/general training programs for end users besides KnowBe4? by cybersecurity on 2025-01-26T07:54:03+00:00
Anyone Else Drowning in SaaS Tools? by cybersecurity on 2025-01-26T07:47:24+00:00
Need Interviewee by cybersecurity on 2025-01-26T07:43:14+00:00
Clone2Leak: Your Git Credentials Belong To Us by Technical Information Security Content & Discussion on 2025-01-26T15:03:10+00:00
Someone wrote an Anti-Crawler/Scraper Trap by Technical Information Security Content & Discussion on 2025-01-24T19:28:27+00:00
USB Army Knife: Close Access Pentest Tool with VNC, Marauder, network adapter etc. by Technical Information Security Content & Discussion on 2025-01-24T09:06:52+00:00
Hacking Subaru: Tracking and Controlling Cars via the STARLINK Admin Panel by Technical Information Security Content & Discussion on 2025-01-23T13:53:54+00:00
WinVisor: A proof-of-concept hypervisor-based emulator for Windows x64 binaries by Technical Information Security Content & Discussion on 2025-01-24T04:48:58+00:00
Introduction to Fuzzing Android Native Components: Strategies for Harness Creation by Technical Information Security Content & Discussion on 2025-01-23T21:21:54+00:00
Blackhat SEO JavaScript attack on 500 Gov and Uni websites by Technical Information Security Content & Discussion on 2025-01-23T17:26:18+00:00
CVE-2024-50050: Critical Vulnerability in meta-llama/llama-stack | Oligo Security by Technical Information Security Content & Discussion on 2025-01-23T13:10:57+00:00
Static Source Code Security Scanning Tools Evaluation Benchmark by Technical Information Security Content & Discussion on 2025-01-24T07:32:37+00:00
Stealing HttpOnly cookies with the cookie sandwich technique by Technical Information Security Content & Discussion on 2025-01-22T18:33:40+00:00
Attacks on Maven proxy repositories by Technical Information Security Content & Discussion on 2025-01-22T18:03:02+00:00
Pivot into Azure DevOps using stolen sessions by Technical Information Security Content & Discussion on 2025-01-22T14:36:34+00:00
Next.js, cache, and chains: the stale elixir by Technical Information Security Content & Discussion on 2025-01-22T09:20:21+00:00
Role of cryptography in protecting personal data by Technical Information Security Content & Discussion on 2025-01-23T00:58:00+00:00
Testing Prompt Injection Attacks with promptmap2 by Technical Information Security Content & Discussion on 2025-01-22T15:15:52+00:00
Reverse Engineering Call Of Duty Anti-Cheat by Technical Information Security Content & Discussion on 2025-01-21T10:03:55+00:00
NaN Of Your Business - My Favorite Unintended CTF Solution by Technical Information Security Content & Discussion on 2025-01-21T15:20:07+00:00
Vulnerability Archeology: Stealing Passwords with IBM i Access Client Solutions by Technical Information Security Content & Discussion on 2025-01-21T12:14:55+00:00
Malware Analysis of Fake Banking Reward APK Targeting WhatsApp Users by Technical Information Security Content & Discussion on 2025-01-20T15:34:18+00:00
v0.1.0 released - Analyze IoC with OpenCTI, Threat fox and more #FOSS by Technical Information Security Content & Discussion on 2025-01-20T18:04:11+00:00
The cost of false positives - how we became a target by Technical Information Security Content & Discussion on 2025-01-20T16:02:31+00:00
Tear Down The Castle - Part 1 | dfir.ch by Technical Information Security Content & Discussion on 2025-01-20T12:39:04+00:00
Infocon: green by SANS Internet Storm Center, InfoCON: green on Sun, 26 Jan 2025 16:45:02 +0000
[Guest Diary] How Access Brokers Maintain Persistence, (Fri, Jan 24th) by SANS Internet Storm Center, InfoCON: green on Fri, 24 Jan 2025 00:42:06 GMT
ISC Stormcast For Friday, January 24th, 2025 https://isc.sans.edu/podcastdetail/9294, (Fri, Jan 24th) by SANS Internet Storm Center, InfoCON: green on Fri, 24 Jan 2025 00:13:40 GMT
XSS Attempts via E-Mail, (Thu, Jan 23rd) by SANS Internet Storm Center, InfoCON: green on Thu, 23 Jan 2025 13:49:01 GMT
ISC Stormcast For Thursday, January 23rd, 2025 https://isc.sans.edu/podcastdetail/9292, (Wed, Jan 22nd) by SANS Internet Storm Center, InfoCON: green on Wed, 22 Jan 2025 23:45:03 GMT
Catching CARP: Fishing for Firewall States in PFSync Traffic, (Wed, Jan 22nd) by SANS Internet Storm Center, InfoCON: green on Wed, 22 Jan 2025 18:14:30 GMT
ISC Stormcast For Wednesday, January 22nd, 2025 https://isc.sans.edu/podcastdetail/9290, (Wed, Jan 22nd) by SANS Internet Storm Center, InfoCON: green on Wed, 22 Jan 2025 02:15:02 GMT
Geolocation and Starlink, (Tue, Jan 21st) by SANS Internet Storm Center, InfoCON: green on Tue, 21 Jan 2025 15:40:20 GMT
ISC Stormcast For Tuesday, January 21st, 2025 https://isc.sans.edu/podcastdetail/9288, (Tue, Jan 21st) by SANS Internet Storm Center, InfoCON: green on Tue, 21 Jan 2025 01:47:05 GMT
Partial ZIP File Downloads, (Mon, Jan 20th) by SANS Internet Storm Center, InfoCON: green on Mon, 20 Jan 2025 07:27:48 GMT
ISC Stormcast For Monday, January 20th, 2025 https://isc.sans.edu/podcastdetail/9286, (Mon, Jan 20th) by SANS Internet Storm Center, InfoCON: green on Mon, 20 Jan 2025 00:48:15 GMT

Disclaimer #

The summaries in this brief are generated autonomously by the OpenAI LLM model based on the provided system and user prompts. While every effort is made to consolidate accurate and relevant insights, the model may occasionally misinterpret, misrepresent, or hallucinate information. Readers are strongly advised to verify all key points by consulting the original sources linked in the brief for complete context and accuracy.

This document is created with BlackStork and is based on the template available on GitHub.

Reach out if you have questions or suggestions.

January 26, 2025