Cybersec Feeds Overview, Feb 3 - Feb 9, 2025 #

This brief consolidates key updates from 80+ sources, including government organizations, cybersecurity vendors, threat intelligence teams, security research labs, and blogs from cybersecurity communities and professionals. It highlights the most significant threats, vulnerabilities, and developments from the past week to keep you informed.

Gov Feeds #

Recent exploitation of CVE-2025-0994 in Trimble Cityworks allows remote code execution. The deserialization vulnerability has been actively exploited, with updates now available to mitigate the threat (Trimble Releases Security Updates, A Vulnerability in Trimble Cityworks).
Multiple vulnerabilities in Google Android OS enable privilege escalation, potentially allowing an attacker to install programs or manipulate system data (Multiple Vulnerabilities in Google Android OS).
CISA added several known exploited vulnerabilities to its catalog, highlighting threats in products like 7-Zip, Dante, Microsoft Outlook, CyberoamOS, and Sophos XG Firewall. This catalog serves as a guidance for prioritizing vulnerability remediation (CISA Adds Five Known Exploited Vulnerabilities to Catalog).
Schneider Electric’s EcoStruxure products have several vulnerabilities, with potential for remote code execution and local privilege escalation being concerns. Affected users should update to patched versions (Schneider Electric EcoStruxure Power Monitoring Expert, Schneider Electric EcoStruxure).
Advisories for industrial control systems (ICS) released, noting varied vulnerabilities like path traversal in ABB Drive Composer and a denial-of-service flaw in Rockwell Automation controllers, requiring updated defenses (CISA Releases Six Industrial Control Systems Advisories).
Guidance from international entities addresses security for edge devices, stressing importance due to foreign exploitations and offering mitigation strategies (CISA Partners with ASD’s ACSC, CCCS, NCSC-UK).
New security considerations for the cybersecurity lifecycle of medical devices underscore shifting roles between manufacturers and healthcare providers to bolster resilience (Health-ISAC whitepaper).

Articles (34)

A Vulnerability in Trimble Cityworks Could Allow for Remote Code Execution by Cyber Security Advisories - MS-ISAC on Thu, 06 Feb 2025 16:05:40 -0500
Multiple Vulnerabilities in Google Android OS Could Allow for Privilege Escalation by Cyber Security Advisories - MS-ISAC on Tue, 04 Feb 2025 09:31:16 -0500
Trimble Releases Security Updates to Address a Vulnerability in Cityworks Software by All CISA Advisories on Fri, 07 Feb 25 12:00:00 +0000
CISA Adds One Known Exploited Vulnerability to Catalog by All CISA Advisories on Fri, 07 Feb 25 12:00:00 +0000
Schneider Electric EcoStruxure Power Monitoring Expert (PME) by All CISA Advisories on Thu, 06 Feb 25 12:00:00 +0000
Trimble Cityworks by All CISA Advisories on Thu, 06 Feb 25 12:00:00 +0000
CISA Releases Six Industrial Control Systems Advisories by All CISA Advisories on Thu, 06 Feb 25 12:00:00 +0000
Schneider Electric EcoStruxure by All CISA Advisories on Thu, 06 Feb 25 12:00:00 +0000
MicroDicom DICOM Viewer by All CISA Advisories on Thu, 06 Feb 25 12:00:00 +0000
CISA Adds Five Known Exploited Vulnerabilities to Catalog by All CISA Advisories on Thu, 06 Feb 25 12:00:00 +0000
ABB Drive Composer by All CISA Advisories on Thu, 06 Feb 25 12:00:00 +0000
Orthanc Server by All CISA Advisories on Thu, 06 Feb 25 12:00:00 +0000
CISA Adds One Known Exploited Vulnerability to Catalog by All CISA Advisories on Wed, 05 Feb 25 12:00:00 +0000
AutomationDirect C-more EA9 HMI by All CISA Advisories on Tue, 04 Feb 25 12:00:00 +0000
Western Telematic Inc NPS Series, DSM Series, CPM Series by All CISA Advisories on Tue, 04 Feb 25 12:00:00 +0000
Schneider Electric Pro-face GP-Pro EX and Remote HMI by All CISA Advisories on Tue, 04 Feb 25 12:00:00 +0000
Elber Communications Equipment by All CISA Advisories on Tue, 04 Feb 25 12:00:00 +0000
CISA Releases Nine Industrial Control Systems Advisories by All CISA Advisories on Tue, 04 Feb 25 12:00:00 +0000
Schneider Electric Web Designer for Modicon by All CISA Advisories on Tue, 04 Feb 25 12:00:00 +0000
CISA Adds Four Known Exploited Vulnerabilities to Catalog by All CISA Advisories on Tue, 04 Feb 25 12:00:00 +0000
Rockwell Automation 1756-L8zS3 and 1756-L3zS3 by All CISA Advisories on Tue, 04 Feb 25 12:00:00 +0000
CISA Partners with ASD’s ACSC, CCCS, NCSC-UK, and Other International and US Organizations to Release Guidance on Edge Devices by All CISA Advisories on Tue, 04 Feb 25 12:00:00 +0000
Schneider Electric Modicon M340 and BMXNOE0100/0110, BMXNOR0200H by All CISA Advisories on Tue, 04 Feb 25 12:00:00 +0000
Schneider Electric Modicon M580 PLCs, BMENOR2200H and EVLink Pro AC by All CISA Advisories on Tue, 04 Feb 25 12:00:00 +0000
CTO at NCSC Summary: week ending February 9th by CTO at NCSC - Cyber Defence Analysis on Fri, 07 Feb 2025 14:57:13 GMT
Health-ISAC whitepaper highlights cybersecurity responsibilities in medical device lifecycle, focuses on resilience by Health-ISAC – Health Information Sharing and Analysis Center on Fri, 07 Feb 2025 22:20:55 +0000
Health-ISAC Hacking Healthcare 2-3-2025 by Health-ISAC – Health Information Sharing and Analysis Center on Tue, 04 Feb 2025 20:04:42 +0000
Exploring the Cybersecurity Roles of Manufacturers and Healthcare Organizations During the Medical Device Lifecycle by Health-ISAC – Health Information Sharing and Analysis Center on Tue, 04 Feb 2025 17:00:24 +0000
Impacts of Proposed US Import Tariffs on the Global Health Sector by Health-ISAC – Health Information Sharing and Analysis Center on Mon, 03 Feb 2025 21:54:42 +0000
NY Blood Center Attack Disrupts Suppliers in Several States by Health-ISAC – Health Information Sharing and Analysis Center on Mon, 03 Feb 2025 20:43:50 +0000
2025 Newsletter – February by Health-ISAC – Health Information Sharing and Analysis Center on Mon, 03 Feb 2025 17:20:17 +0000
DeepSeek’s Security Risk Is A Critical Reminder For CIOs by Health-ISAC – Health Information Sharing and Analysis Center on Mon, 03 Feb 2025 11:33:04 +0000
A Vulnerability in Trimble Cityworks Could Allow for Remote Code Execution by Cyber Security Advisories - MS-ISAC on Thu, 06 Feb 2025 16:05:40 -0500
Multiple Vulnerabilities in Google Android OS Could Allow for Privilege Escalation by Cyber Security Advisories - MS-ISAC on Tue, 04 Feb 2025 09:31:16 -0500

Vendor Feeds #

CVE-2024-49019 is a privilege escalation vulnerability in Active Directory Certificate Services. It allows domain users to create certificates for others, potentially causing impersonation as domain administrators. Microsoft has patched it, and 0patch has released additional micropatches for outdated Windows versions (Micropatches Released for Active Directory Certificate Services Elevation of Privilege Vulnerability).
CVE-2025-21298 is a Windows OLE memory corruption vulnerability that can be exploited by malicious files to execute arbitrary code. This vulnerability has prompted Microsoft to release patches, while 0patch released micropatches for legacy Windows systems (Micropatches Released for Windows OLE Remote Code Execution).
The Lazarus Group is using LinkedIn to exploit job seekers. They offer fake job opportunities to capture credentials and deploy malware. This campaign highlights the increasing use of social networking platforms for sophisticated phishing attempts (Lazarus Group Targets Organizations with Sophisticated LinkedIn Recruiting Scam).
Mizuno USA experienced a ransomware attack by BianLian, resulting in stolen personal data. Similarly, El Cruce Hospital in Argentina faced a ransomware breach threatening to expose 760GB of data. These incidents are indicative of a prevailing trend of ransomware targeting diverse industries globally (3rd February – Threat Intelligence Report).
A vulnerability in Trimble’s Cityworks software, used by public infrastructure agencies, is being actively exploited. CISA has issued a directive for federal agencies to patch this vulnerability immediately (Hackers exploiting bug in popular Trimble Cityworks tool used by local gov’ts).
CISA has mandated enhanced cybersecurity measures for federal agencies through the FOCAL Plan, focusing on asset management, vulnerability management, and incident detection. This plan represents an advancement in federal efforts to standardize cybersecurity practices and reduce risks (CISA Releases FOCAL Plan to Help Federal Agencies Reduce Cyber Risk).
The Kimsuky group continues to utilize RDP Wrapper and other tools for persistent attacks. This North Korean threat actor remains active, adapting its methods for espionage and information theft (Persistent Threats from the Kimsuky Group Using RDP Wrapper).
Android and iOS apps infected with SparkCat’s crypto stealer have been found in official app stores, highlighting the continuing threat of mobile malware for cryptocurrency theft. Both Google and Apple have removed the malicious apps (Take my money: OCR crypto stealers in Google Play and App Store).

Articles (54)

Micropatches Released for Active Directory Certificate Services Elevation of Privilege Vulnerability (CVE-2024-49019) by 0patch Blog on Fri, 07 Feb 2025 17:30:00 +0000
Micropatches Released for Windows OLE Remote Code Execution (CVE-2025-21298) by 0patch Blog on Fri, 07 Feb 2025 14:03:00 +0000
Micropatches Released for Windows Task Scheduler Elevation of Privilege Vulnerability (CVE-2024-49039) by 0patch Blog on Tue, 04 Feb 2025 13:56:00 +0000
Micropatches Released for NTLM Hash Disclosure Spoofing Vulnerability (CVE-2024-43451) by 0patch Blog on Mon, 03 Feb 2025 23:40:00 +0000
Android Malware & Security Issue 1st Week of February, 2025 by ASEC on Thu, 06 Feb 2025 15:00:00 +0000
Ransom & Dark Web Issues Week 1, February 2025 by ASEC on Wed, 05 Feb 2025 15:00:00 +0000
Weekly Detection Rule (YARA and Snort) Information – Week 1, February 2025 by ASEC on Tue, 04 Feb 2025 15:00:00 +0000
Persistent Threats from the Kimsuky Group Using RDP Wrapper by ASEC on Mon, 03 Feb 2025 15:00:00 +0000
Lazarus Group Targets Organizations with Sophisticated LinkedIn Recruiting Scam by Bitdefender Labs on Wed, 05 Feb 2025 13:59:47 GMT
When AI Plays Both Sides of The Field by Broadcom Software Blogs on Wed, 05 Feb 2025 14:56:15 +0000
3rd February – Threat Intelligence Report by Check Point Research on Mon, 03 Feb 2025 14:06:14 +0000
Quantum Key Distribution and the Path to Post-Quantum Computing by Security @ Cisco Blogs on Thu, 06 Feb 2025 13:00:00 +0000
Cybersecurity for Businesses of All Sizes: A Blueprint for Protection by Security @ Cisco Blogs on Tue, 04 Feb 2025 13:00:10 +0000
Beyond the ATT&CK Matrix: How to Build Dynamic Attack Flows with STIX by dogesec on 2025-02-03T00:00:00+00:00
Analyzing ELF/Sshdinjector.A!tr with a Human and Artificial Analyst by Fortinet Threat Research Blog on Tue, 4 Feb 2025 14:00:00 +0000
Will AI threaten the role of human creativity in cyber threat detection? by Security Intelligence on Fri, 07 Feb 2025 14:00:00 +0000
Hacking the mind: Why psychology matters to cybersecurity by Security Intelligence on Thu, 06 Feb 2025 14:00:00 +0000
Stress-testing multimodal AI applications is a new frontier for red teams by Security Intelligence on Wed, 05 Feb 2025 17:00:00 +0000
Cybersecurity awareness: Apple’s cloud-based AI security system by Security Intelligence on Wed, 05 Feb 2025 14:00:00 +0000
How AI-driven SOC co-pilots will change security center operations by Security Intelligence on Tue, 04 Feb 2025 14:00:00 +0000
CISOs drive the intersection between cyber maturity and business continuity by Security Intelligence on Mon, 03 Feb 2025 14:00:00 +0000
XE Group: From Credit Card Skimming to Exploiting Zero-Days by The SecOps Automation Blog from Intezer on Mon, 03 Feb 2025 13:00:00 +0000
Investors, Trump and the Illuminati: What the “Nigerian prince” scams became in 2024 by Securelist on Wed, 05 Feb 2025 12:00:05 +0000
Take my money: OCR crypto stealers in Google Play and App Store by Securelist on Wed, 05 Feb 2025 08:00:16 +0000
LevelBlue Earns Prestigious MSS Award from Frost & Sullivan by LevelBlue Blogs on 2025-02-09T07:00:00+00:00
A Rose by Any Other Name: Exposure Management, a Category that Evolved from Vulnerability Management by LevelBlue Blogs on 2025-02-07T07:00:00+00:00
LevelBlue Expands Its Partner Program Globally by LevelBlue Blogs on 2025-02-06T07:00:00+00:00
New LevelBlue Threat Trends Report gives Critical Insights into Threats by LevelBlue Blogs on 2025-02-05T15:17:00+00:00
What Is Zero Trust? by LevelBlue Blogs on 2025-02-04T07:00:00+00:00
20 Million OpenAI accounts offered for sale by Malwarebytes on Fri, 07 Feb 2025 16:32:41 GMT
New scams could abuse brief USPS suspension of inbound packages from China, Hong Kong by Malwarebytes on Thu, 06 Feb 2025 17:28:03 GMT
University site cloned to evade ad detection distributes fake Cisco installer by Malwarebytes on Thu, 06 Feb 2025 06:21:45 GMT
Small business owners, secure your web shop by Malwarebytes on Wed, 05 Feb 2025 16:09:12 GMT
Valley News Live exposed more than a million job seeker’s resumes by Malwarebytes on Tue, 04 Feb 2025 16:03:43 GMT
New AI “agents” could hold people for ransom in 2025 by Malwarebytes on Tue, 04 Feb 2025 16:00:00 GMT
WhatsApp says Paragon is spying on specific users by Malwarebytes on Mon, 03 Feb 2025 15:55:31 GMT
A week in security (January 27 – February 2) by Malwarebytes on Mon, 03 Feb 2025 08:10:16 GMT
Code injection attacks using publicly disclosed ASP.NET machine keys by Microsoft Security Blog on Thu, 06 Feb 2025 18:00:00 +0000
Hear from Microsoft Security experts at these top cybersecurity events in 2025 by Microsoft Security Blog on Mon, 03 Feb 2025 17:00:00 +0000
Driving Innovation Together — Palo Alto Networks 2024 Partner Awards by Palo Alto Networks Blog on Thu, 06 Feb 2025 17:00:48 +0000
10 Cyber Recommendations for the Trump Administration by Palo Alto Networks Blog on Mon, 03 Feb 2025 14:00:23 +0000
Stealers on the Rise: A Closer Look at a Growing macOS Threat by Unit 42 on Tue, 04 Feb 2025 11:00:12 +0000
Hackers exploiting bug in popular Trimble Cityworks tool used by local gov’ts by The Record from Recorded Future News on Fri, 07 Feb 2025 22:17:56 GMT
Label maker Avery says ransomware investigation also found credit-card scraper by The Record from Recorded Future News on Fri, 07 Feb 2025 20:43:54 GMT
Student group sues Education Department over reported DOGE access to financial aid databases by The Record from Recorded Future News on Fri, 07 Feb 2025 20:06:32 GMT
Phones, email, classes disrupted in University of The Bahamas ransomware attack by The Record from Recorded Future News on Fri, 07 Feb 2025 19:23:52 GMT
States prepare privacy lawsuit against DOGE over access to federal data by The Record from Recorded Future News on Fri, 07 Feb 2025 15:32:25 GMT
RST TI Report Digest: 03 Feb 2025 by Stories by RST Cloud on Medium on Mon, 03 Feb 2025 03:48:52 GMT
Forging a Better Operator Quality of Life by Posts By SpecterOps Team Members - Medium on Wed, 05 Feb 2025 15:05:14 GMT
Further Adventures With CMPivot — Client Coercion by Posts By SpecterOps Team Members - Medium on Mon, 03 Feb 2025 15:57:43 GMT
Cybersecurity Snapshot: Cyber Agencies Offer Best Practices for Network Edge Security, While OWASP Ranks Top Risks of Non-Human Identities by Tenable Blog on Fri, 07 Feb 2025 10:00:00 -0500
Tenable Supercharges Exposure Management with Acquisition of Vulcan Cyber by Tenable Blog on Fri, 07 Feb 2025 09:19:00 -0500
CISA Releases FOCAL Plan to Help Federal Agencies Reduce Cyber Risk by Tenable Blog on Tue, 04 Feb 2025 09:00:00 -0500
Looking Back at the Trend ZDI Activities from 2024 by Zero Day Initiative - Blog on Fri, 07 Feb 2025 17:11:04 +0000

News Feeds #

The DeepSeek iOS app, highly popular on the App Store, sends unencrypted data to ByteDance-controlled servers, bypassing Apple’s App Transport Security. This poses risks of data interception and potential user tracking when combined with other data sources. (DeepSeek iOS app sends data unencrypted to ByteDance-controlled servers)
A massive brute force campaign is ongoing, using 2.8 million IP addresses to target VPN devices from manufacturers like Palo Alto Networks, Ivanti, and SonicWall. Attackers use known vulnerabilities and weak credentials to gain unauthorized access. (Massive brute force attack uses 2.8 million IPs to target VPN devices, Hackers Attacking Web Login Pages of Popular Firewalls for Brute-Force Attacks)
Ransomware payments decreased by 35% in 2024 to $813 million, despite an increase in attack frequency. This decline is attributed to improved defenses, law enforcement actions, and victims’ refusal to pay ransoms. (Ransomware payments dropped 35% in 2024, Global ransomware payments plunge by a third amid crackdown)
Homeland Security scrutiny intensifies over Elon Musk’s Department of Government Efficiency’s unauthorized access to federal systems, raising privacy and security concerns. This situation is likened to a data breach due to potential exposure of sensitive information. (Lawmakers fear Elon Musk, DOGE not adhering to privacy rules, Cybersecurity, government experts are aghast at security failures in DOGE takeover)
Android’s February security update addresses 47 vulnerabilities, including an actively exploited flaw in the Linux kernel’s USB Video Class driver, known to allow privilege escalation and arbitrary code execution. (Android security update includes patch for actively exploited vulnerability)
Hackers exploit ASP.NET keys found online to perform code injection attacks, compromising web server environments for remote code execution. Microsoft warns against using publicly disclosed keys without modification. (Microsoft says attackers use exposed ASP.NET keys to deploy malware, Microsoft: Thousands of Public ASP.NET Keys Allow Web Server RCE)
Hackers continue to abuse Hugging Face’s machine learning platform with vulnerable ‘pickle’ files, capable of executing malicious code by directing to remote web shells, highlighting ongoing risks to AI developers. (Hugging Face platform continues to be plagued by vulnerable ‘pickles’)
Hackers are exploiting servers with the Cityworks RCE vulnerability to breach Microsoft IIS environments and deploy malware. This vulnerability allows unauthorized remote code execution through deserialization attacks. (Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers, CISA Warns of Trimble Cityworks RCE Vulnerability Exploited to Hack IIS Servers)

Articles (137)

DeepSeek iOS app sends data unencrypted to ByteDance-controlled servers by security – Ars Technica on Thu, 06 Feb 2025 22:06:17 +0000
Massive brute force attack uses 2.8 million IPs to target VPN devices by BleepingComputer on Sat, 08 Feb 2025 10:15:25 -0500
HPE notifies employees of data breach after Russian Office 365 hack by BleepingComputer on Fri, 07 Feb 2025 14:21:16 -0500
Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers by BleepingComputer on Fri, 07 Feb 2025 13:42:44 -0500
US health system notifies 882,000 patients of August 2023 breach by BleepingComputer on Fri, 07 Feb 2025 11:44:32 -0500
Cloudflare outage caused by botched blocking of phishing URL by BleepingComputer on Fri, 07 Feb 2025 10:44:59 -0500
Microsoft shares workaround for Windows security update issues by BleepingComputer on Fri, 07 Feb 2025 08:53:25 -0500
Microsoft has finally fixed Date & Time bug in Windows 11 by BleepingComputer on Fri, 07 Feb 2025 06:40:05 -0500
Microsoft Edge update adds AI-powered Scareware Blocker by BleepingComputer on Fri, 07 Feb 2025 06:15:26 -0500
Microsoft says attackers use exposed ASP.NET keys to deploy malware by BleepingComputer on Thu, 06 Feb 2025 15:59:41 -0500
Kimsuky hackers use new custom RDP Wrapper for remote access by BleepingComputer on Thu, 06 Feb 2025 13:55:22 -0500
Critical RCE bug in Microsoft Outlook now exploited in attacks by BleepingComputer on Thu, 06 Feb 2025 13:17:57 -0500
Hackers exploit SimpleHelp RMM flaws to deploy Sliver malware by BleepingComputer on Thu, 06 Feb 2025 12:50:54 -0500
AI lifts workforces to new heights of efficiency and innovation by AI lifts workforces to new heights of efficiency and innovation | CIO on Fri, 07 Feb 2025 19:50:08 +0000
Clínica Universidad de Navarra apuesta por la IA y la computación cuántica en el ámbito sanitario by AI lifts workforces to new heights of efficiency and innovation | CIO on Fri, 07 Feb 2025 11:48:43 +0000
Honeywell se transforma a partir de la IA generativa by AI lifts workforces to new heights of efficiency and innovation | CIO on Fri, 07 Feb 2025 11:14:42 +0000
Bridgestone mejora las capacidades de desarrollo virtual de neumáticos con su propio simulador by AI lifts workforces to new heights of efficiency and innovation | CIO on Fri, 07 Feb 2025 10:36:15 +0000
Honeywell transforms with gen AI by AI lifts workforces to new heights of efficiency and innovation | CIO on Fri, 07 Feb 2025 10:01:00 +0000
Iberdrola y AWS estrechan lazos: de la compra de energía verde a la nube by AI lifts workforces to new heights of efficiency and innovation | CIO on Fri, 07 Feb 2025 09:33:24 +0000
Does it matter how we brand IT, or are bigger questions afoot? by AI lifts workforces to new heights of efficiency and innovation | CIO on Fri, 07 Feb 2025 09:30:00 +0000
Repsol impulsa su estrategia digital con la incorporación de agentes de IA by AI lifts workforces to new heights of efficiency and innovation | CIO on Fri, 07 Feb 2025 09:08:02 +0000
다가오는 윈도우10 지원 종료··· AI PC 도입 물결에 순풍 될까? by AI lifts workforces to new heights of efficiency and innovation | CIO on Fri, 07 Feb 2025 07:59:20 +0000
“개발자는 제다이, 코파일럿은 파다완”··· 깃허브, 스스로 코드 개선하는 AI 에이전트 공개 by AI lifts workforces to new heights of efficiency and innovation | CIO on Fri, 07 Feb 2025 07:45:27 +0000
C레벨 임원 이탈 가능성 “매우 높다” · · · 27%가 ‘6개월 내 퇴사’ 계획 보유 by AI lifts workforces to new heights of efficiency and innovation | CIO on Fri, 07 Feb 2025 07:05:23 +0000
칼럼 | (그 업무에) LLM이 꼭 필요할까? by AI lifts workforces to new heights of efficiency and innovation | CIO on Fri, 07 Feb 2025 05:41:46 +0000
“외부 보고하지 마세요”··· 글로벌 CISO 21%, 보안 규정 위반 은폐 압력 받아 by AI lifts workforces to new heights of efficiency and innovation | CIO on Fri, 07 Feb 2025 04:48:19 +0000
구글, ‘가성비’ AI 모델 플래시라이트 공개··· 딥시크 견제 by AI lifts workforces to new heights of efficiency and innovation | CIO on Fri, 07 Feb 2025 02:44:52 +0000
비트코인 큰손 마이크로스트래지, 회사명까지 바꾼다 by AI lifts workforces to new heights of efficiency and innovation | CIO on Fri, 07 Feb 2025 02:29:30 +0000
스노우플레이크, ‘2025 데이터 슈퍼히어로’에 국내 데이터 전문가 2명 선정 by AI lifts workforces to new heights of efficiency and innovation | CIO on Fri, 07 Feb 2025 02:09:23 +0000
“재무 넘어 데이터, 위험 분석, 기업 전략까지··· CFO 역할 확장 중” 가트너 by AI lifts workforces to new heights of efficiency and innovation | CIO on Fri, 07 Feb 2025 01:54:40 +0000
MicroStrategy goes big on BI and Bitcoin as rebranding drops ‘Micro’ by AI lifts workforces to new heights of efficiency and innovation | CIO on Fri, 07 Feb 2025 01:03:09 +0000
Contract intelligence comes to PDF by AI lifts workforces to new heights of efficiency and innovation | CIO on Thu, 06 Feb 2025 20:55:10 +0000
La falta de formación no merma la concepción estratégica de la IA by AI lifts workforces to new heights of efficiency and innovation | CIO on Thu, 06 Feb 2025 14:56:07 +0000
DOJ disbands foreign influence task force, limits scope of FARA prosecutions by CyberScoop on Thu, 06 Feb 2025 22:10:04 +0000
Hugging Face platform continues to be plagued by vulnerable ‘pickles’ by CyberScoop on Thu, 06 Feb 2025 16:00:00 +0000
Ransomware payments dropped 35% in 2024 by CyberScoop on Wed, 05 Feb 2025 21:44:05 +0000
Lawmakers fear Elon Musk, DOGE not adhering to privacy rules by CyberScoop on Wed, 05 Feb 2025 20:14:41 +0000
Infosec pros: We need CVSS, warts and all by CyberScoop on Wed, 05 Feb 2025 16:04:59 +0000
Cybersecurity, government experts are aghast at security failures in DOGE takeover by CyberScoop on Tue, 04 Feb 2025 17:12:32 +0000
Android security update includes patch for actively exploited vulnerability by CyberScoop on Tue, 04 Feb 2025 16:13:14 +0000
Here’s all the ways an abandoned cloud instance can cause security issues by CyberScoop on Tue, 04 Feb 2025 11:00:00 +0000
From credit card fraud to zero-day exploits: Xe Group expanding cybercriminal efforts by CyberScoop on Mon, 03 Feb 2025 13:00:00 +0000
Cybersecurity Weekly Brief: Latest on Attacks, Vulnerabilities, & Data Breaches by Cyber Security News on Sun, 09 Feb 2025 15:20:51 +0000
10 Best UTM (Unified Threat Management) Firewalls – 2025 by Cyber Security News on Sun, 09 Feb 2025 07:02:55 +0000
Hackers Compromising IIS Servers to Deploy BadIIS Malware by Cyber Security News on Sun, 09 Feb 2025 05:33:00 +0000
CISA Warns of Trimble Cityworks RCE Vulnerability Exploited to Hack IIS Servers by Cyber Security News on Sat, 08 Feb 2025 02:57:21 +0000
HPE Alerts Employees of Data Breach After Russian Cyberattack on Office 365 by Cyber Security News on Sat, 08 Feb 2025 02:29:46 +0000
Meta Trained Its Llama AI Models Using 81.7 TB of Books Stolen From Torrent Shadow Libraries by Cyber Security News on Fri, 07 Feb 2025 18:48:09 +0000
Hackers Attacking Web Login Pages of Popular Firewalls for Brute-Force Attacks by Cyber Security News on Fri, 07 Feb 2025 15:46:33 +0000
Hackers Leveraging Image & Video Attachments to Deliver Malware by Cyber Security News on Fri, 07 Feb 2025 13:18:44 +0000
UK Govt Orders Apple to Create Backdoor Access for Encrypted iCloud Backups by Cyber Security News on Fri, 07 Feb 2025 12:39:55 +0000
New Scareware Attack Targeting Mobile Users to Deploy Malicious Antivirus Apps by Cyber Security News on Fri, 07 Feb 2025 12:39:06 +0000
LLM Hijackers Quickly Incorporate DeepSeek API Keys by darkreading on Fri, 07 Feb 2025 20:27:54 GMT
SolarWinds to Go Private for $4.4B by darkreading on Fri, 07 Feb 2025 19:49:48 GMT
Microsoft: Thousands of Public ASP.NET Keys Allow Web Server RCE by darkreading on Fri, 07 Feb 2025 19:39:55 GMT
Canadian Man Charged in $65M Cryptocurrency Hacking Schemes by darkreading on Fri, 07 Feb 2025 18:09:42 GMT
2024 Breaks Records With Highest Ever Ransomware Attacks by darkreading on Fri, 07 Feb 2025 18:06:24 GMT
Databarracks Launches Air Gap Recover by darkreading on Fri, 07 Feb 2025 17:57:45 GMT
Google’s DMARC Push Pays Off, but Email Security Challenges Remain by darkreading on Fri, 07 Feb 2025 17:00:04 GMT
Behavioral Analytics in Cybersecurity: Who Benefits Most? by darkreading on Fri, 07 Feb 2025 15:00:00 GMT
Cybercrime Forces Local Law Enforcement to Shift Focus by darkreading on Thu, 06 Feb 2025 23:29:34 GMT
7AI Streamlines Security Operations With Autonomous AI Agents by darkreading on Thu, 06 Feb 2025 22:36:16 GMT
Researcher Outsmarts, Jailbreaks OpenAI’s New o3-mini by darkreading on Thu, 06 Feb 2025 21:20:50 GMT
US Cybersecurity Efforts for Spacecraft Are Up in the Air by darkreading on Thu, 06 Feb 2025 21:15:35 GMT
DeepSeek Phishing Sites Pursue User Data, Crypto Wallets by darkreading on Thu, 06 Feb 2025 20:54:57 GMT
Agencies Sound Alarm on Patient Monitors With Hardcoded Backdoor by darkreading on Thu, 06 Feb 2025 20:53:41 GMT
The Cyber Savanna: A Rigged Race You Can’t Win, but Must Run Anyway by darkreading on Thu, 06 Feb 2025 15:00:00 GMT
Basket of Bank Trojans Defraud Citizens of East India by darkreading on Thu, 06 Feb 2025 03:30:00 GMT
Why Cybersecurity Needs Probability — Not Predictions by darkreading on Wed, 05 Feb 2025 20:17:16 GMT
Abandoned AWS Cloud Storage: A Major Cyberattack Vector by darkreading on Wed, 05 Feb 2025 17:30:04 GMT
Attackers Target Education Sector, Hijack Microsoft Accounts by darkreading on Wed, 05 Feb 2025 16:06:41 GMT
Nigeria Touts Cyber Success, Even as Cybercrime Rises in Africa by darkreading on Wed, 05 Feb 2025 08:00:09 GMT
How Are Modern Fraud Groups Using GenAI and Deepfakes? by darkreading on Tue, 04 Feb 2025 23:15:37 GMT
Backline Tackles Enterprise Security Backlogs With AI by darkreading on Tue, 04 Feb 2025 22:42:18 GMT
Credential Theft Becomes Cybercriminals’ Favorite Target by darkreading on Tue, 04 Feb 2025 22:15:59 GMT
Ferret Malware Added to ‘Contagious Interview’ Campaign by darkreading on Tue, 04 Feb 2025 21:45:12 GMT
Cybercriminals Court Traitorous Insiders via Ransom Notes by darkreading on Tue, 04 Feb 2025 19:40:10 GMT
Chinese ‘Infrastructure Laundering’ Abuses AWS, Microsoft Cloud by darkreading on Tue, 04 Feb 2025 19:26:22 GMT
Managing Software Risk in a World of Exploding Vulnerabilities by darkreading on Tue, 04 Feb 2025 15:00:00 GMT
DNSFilter’s Annual Security Report Reveals Worrisome Spike in Malicious DNS Requests by darkreading on Mon, 03 Feb 2025 23:04:37 GMT
EMEA CISOs Plan 2025 Cloud Security Investment by darkreading on Mon, 03 Feb 2025 23:01:49 GMT
Interactive Online Training for Cybersecurity Professionals; Earn CPE Credits by darkreading on Mon, 03 Feb 2025 22:54:51 GMT
‘Constitutional Classifiers’ Technique Mitigates GenAI Jailbreaks by darkreading on Mon, 03 Feb 2025 22:13:26 GMT
Name That Edge Toon: In the Cloud by darkreading on Mon, 03 Feb 2025 22:10:32 GMT
Microsoft Sets End Date for Defender VPN by darkreading on Mon, 03 Feb 2025 21:50:13 GMT
AI Malware Dressed Up as DeepSeek Packages Lurk in PyPi by darkreading on Mon, 03 Feb 2025 21:50:03 GMT
Ransomware Groups Weathered Raids, Profited in 2024 by darkreading on Mon, 03 Feb 2025 21:20:47 GMT
1-Click Phishing Campaign Targets High-Profile X Accounts by darkreading on Mon, 03 Feb 2025 15:45:46 GMT
Black Hat USA by darkreading on Mon, 03 Feb 2025 15:43:00 GMT
Proactive Vulnerability Management for Engineering Success by darkreading on Mon, 03 Feb 2025 15:00:00 GMT
UK Pressures Apple to Create Global Backdoor To Spy on Encrypted iCloud Access by GBHackers Security | #1 Globally Trusted Cyber Security News Platform on Sat, 08 Feb 2025 11:25:49 +0000
Autonomous LLMs Reshaping Pen Testing: Real-World AD Breaches and the Future of Cybersecurity by GBHackers Security | #1 Globally Trusted Cyber Security News Platform on Fri, 07 Feb 2025 16:17:47 +0000
Securing GAI-Driven Semantic Communications: A Novel Defense Against Backdoor Attacks by GBHackers Security | #1 Globally Trusted Cyber Security News Platform on Fri, 07 Feb 2025 16:15:48 +0000
Cybercriminals Target IIS Servers to Spread BadIIS Malware by GBHackers Security | #1 Globally Trusted Cyber Security News Platform on Fri, 07 Feb 2025 16:14:11 +0000
Hackers Leveraging Image & Video Attachments to Deliver Malware by GBHackers Security | #1 Globally Trusted Cyber Security News Platform on Fri, 07 Feb 2025 13:13:19 +0000
New Scareware Attack Targeting Mobile Users to Deploy Malicious Antivirus Apps by GBHackers Security | #1 Globally Trusted Cyber Security News Platform on Fri, 07 Feb 2025 13:06:31 +0000
Ghidra 11.3 Released – A Major Update to NSA’s Open-Source Tool by GBHackers Security | #1 Globally Trusted Cyber Security News Platform on Fri, 07 Feb 2025 13:04:57 +0000
Microsoft Sysinternals 0-Day Vulnerability Enables DLL Injection Attacks on Windows by GBHackers Security | #1 Globally Trusted Cyber Security News Platform on Fri, 07 Feb 2025 12:46:16 +0000
7-Zip 0-Day Flaw Added to CISA’s List of Actively Exploited Vulnerabilities by GBHackers Security | #1 Globally Trusted Cyber Security News Platform on Fri, 07 Feb 2025 11:30:28 +0000
Logsign Vulnerability Allows Remote Attackers to Bypass Authentication by GBHackers Security | #1 Globally Trusted Cyber Security News Platform on Fri, 07 Feb 2025 11:02:36 +0000
Global ransomware payments plunge by a third amid crackdown by Data and computer security | The Guardian on Wed, 05 Feb 2025 13:00:25 GMT
PlayStation Network Down; Outage Leaves Gamers Frustrated (Updated) by Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News on Sat, 08 Feb 2025 22:53:29 +0000
Hackers Monetize LLMjacking, Selling Stolen AI Access for $30 per Month by Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News on Sat, 08 Feb 2025 19:43:45 +0000
Teen Hacker “Natohub” Caught for NATO, UN, and US Army Breaches by Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News on Sat, 08 Feb 2025 12:49:10 +0000
ASP.NET Vulnerability Lets Hackers Hijack Servers, Inject Malicious Code by Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News on Fri, 07 Feb 2025 21:35:43 +0000
Best Practices for Preparing and Automating Security Questionnaires by Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News on Fri, 07 Feb 2025 18:22:20 +0000
7,000 Exposed Ollama APIs Leave DeepSeek AI Models Wide Open to Attack by Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News on Fri, 07 Feb 2025 15:50:14 +0000
S. Korea’s Notorious Sex Crime Hub Ya-moon Hacked, User Data Leaked by Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News on Thu, 06 Feb 2025 23:13:04 +0000
DeepSeek-R1 LLM Fails Over Half of Jailbreak Attacks in Security Analysis by Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News on Thu, 06 Feb 2025 16:16:29 +0000
Ukraine’s largest bank PrivatBank Targeted with SmokeLoader malware by Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News on Thu, 06 Feb 2025 13:14:40 +0000
The Impact of Cybersecurity on Game Development by Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News on Thu, 06 Feb 2025 00:31:29 +0000
Taiwan’s DeepSeek Ban Reflects Global Concerns Over AI Security by The Cyber Express on Fri, 07 Feb 2025 10:20:14 +0000
Malware Bypasses Chrome App-Bound Encryption With Dual Injection by The Cyber Express on Thu, 06 Feb 2025 21:48:38 +0000
IMI plc Confirms Cyberattack: Investigation Underway, Stock Drops 2.4% by The Cyber Express on Thu, 06 Feb 2025 12:40:10 +0000
Meet the Top 100 Cybersecurity Leaders in Australia & New Zealand by The Cyber Express on Thu, 06 Feb 2025 04:23:23 +0000
CISA Updates KEV Catalog with High-Severity Vulnerabilities—Patch Now! by The Cyber Express on Wed, 05 Feb 2025 10:57:06 +0000
What Cybersecurity Can Teach Us About the Human Body by The Cyber Express on Mon, 03 Feb 2025 10:03:50 +0000
Justice Department Disrupts Cybercrime Network Selling Hacking Tools to Organized Crime Groups by The Cyber Express on Mon, 03 Feb 2025 08:37:03 +0000
FBI and Global Task Force Dismantle Cracked and Nulled, Seizing Millions in Stolen Data by The Cyber Express on Mon, 03 Feb 2025 06:45:11 +0000
The best VPN for streaming in 2025: Expert tested and reviewed by Latest stories for ZDNET in Security on Fri, 07 Feb 2025 21:22:00 GMT
The best travel VPNs of 2025: Expert tested and reviewed by Latest stories for ZDNET in Security on Fri, 07 Feb 2025 15:15:00 GMT
How to use Tor to privately browse the web - it’s easier than you think by Latest stories for ZDNET in Security on Fri, 07 Feb 2025 13:27:00 GMT
Your Netgear Wi-Fi router could be wide open to hackers - install the fix now by Latest stories for ZDNET in Security on Thu, 06 Feb 2025 16:14:51 GMT
Anthropic offers $20,000 to whoever can jailbreak its new AI safety system by Latest stories for ZDNET in Security on Thu, 06 Feb 2025 15:54:00 GMT
Grubhub breach exposed customer data. Should you be worried? by Latest stories for ZDNET in Security on Thu, 06 Feb 2025 15:08:00 GMT
The best Bluetooth trackers of 2025: Expert tested by Latest stories for ZDNET in Security on Thu, 06 Feb 2025 14:59:00 GMT
Why rebooting your phone daily is your best defense against zero-click hackers by Latest stories for ZDNET in Security on Thu, 06 Feb 2025 13:12:00 GMT
If you’re not working on quantum-safe encryption now, it’s already too late by Latest stories for ZDNET in Security on Thu, 06 Feb 2025 13:03:08 GMT
5 great Chrome browser alternatives that put your privacy first by Latest stories for ZDNET in Security on Wed, 05 Feb 2025 21:05:00 GMT
Proton Pass vs. 1Password: Which password manager is right for you? by Latest stories for ZDNET in Security on Wed, 05 Feb 2025 20:37:00 GMT
Google releases responsible AI report while removing its anti-weapons pledge by Latest stories for ZDNET in Security on Wed, 05 Feb 2025 19:17:00 GMT
The best AirTag wallets of 2025: Expert tested by Latest stories for ZDNET in Security on Wed, 05 Feb 2025 15:55:31 GMT
The best Wyze Cam alternative I’ve tested is only $20 with this deal by Latest stories for ZDNET in Security on Wed, 05 Feb 2025 14:40:24 GMT
How to turn on Private DNS Mode on Android - and why it’s a must for security by Latest stories for ZDNET in Security on Wed, 05 Feb 2025 14:33:00 GMT
The best malware removal software of 2025: Expert tested and reviewed by Latest stories for ZDNET in Security on Tue, 04 Feb 2025 14:35:00 GMT
Microsoft 365 is dumping its VPN - try these alternatives instead by Latest stories for ZDNET in Security on Mon, 03 Feb 2025 15:41:25 GMT
Is Apple launching an AirTag 2 this year? Here’s what we know by Latest stories for ZDNET in Security on Mon, 03 Feb 2025 15:27:13 GMT

Personal Feeds #

The UK requires Apple to disable its iCloud encryption under a new “technical capability notice,” potentially setting a precedent for future demands in other countries. Apple’s response may involve disabling the service for UK users (UK Is Ordering Apple to Break Its Own Encryption).
New smartphone malware using optical character recognition targets screenshots of crypto wallet recovery phrases, with over 242,000 downloads on Google Play (Screenshot-Reading Malware).
The US CISA has added several vulnerabilities, including a Trimble Cityworks issue and flaws in Microsoft Outlook and Sophos XG Firewall, to its Known Exploited Vulnerabilities catalog, requiring federal agencies to take action by specified deadlines (U.S. CISA adds Trimble Cityworks flaw, U.S. CISA adds Microsoft Outlook, Sophos XG Firewall).
Journalists and civil society members using WhatsApp were targeted by Paragon’s commercial spyware in a widespread breach with “zero-click” attacks (Journalists and Civil Society Members Using WhatsApp Targeted by Paragon Spyware).
A cyberattack on the Hospital Sisters Health System in 2023 exposed sensitive information of 882,782 individuals, with the breach impacting internal systems for several days (Hospital Sisters Health System impacted 882,782 individuals).
North Korea’s Kimsuky APT group conducted spear-phishing attacks using a custom RDP Wrapper and the forceCopy info-stealer malware, targeting South Korea and others (Kimsuky APT group used custom RDP Wrapper version and forceCopy stealer).
New collaborative AI agents are changing SIEM operations by capturing and sharing expertise, improving detection and response to threats, and building a collective security intelligence (Agents of Change: Building Collective SIEM Intelligence).
The FBI and European authorities seized domains used by the cybercrime forums Cracked and Nulled, targeting stolen data, hacking tools, and malware sales (Who’s Behind the Seized Forums ‘Cracked’ & ‘Nulled’?).
Security concerns arise over DeepSeek AI apps due to hard-coded encryption keys and unencrypted data transmission, posing risks to user privacy (Experts Flag Security, Privacy Risks in DeepSeek AI App).

Articles (35)

15+ Years of Loading Threat Intel into SIEM: Why Does This Still Suck? by Anton on Security - Medium on Thu, 06 Feb 2025 19:57:46 GMT
BlockThreat - Week 5, 2025 by Blockchain Threat Intelligence on Mon, 03 Feb 2025 04:54:46 GMT
2025-02-07: Three days of scans and probes and web traffic hitting my web server by Malware-Traffic-Analysis.net - Blog Entries on Fri, 07 Feb 2025 03:43 +0000
Is Your Cybersecurity Talent Strategy Stuck in the Stone Age? AI is Here to Help by CISO Tradecraft® Newsletter on Tue, 04 Feb 2025 20:01:29 GMT
Exploit Development: Investigating Kernel Mode Shadow Stacks on Windows by Home on 2025-02-03T00:00:00+00:00
Agents of Change: Building Collective SIEM Intelligence by Detection at Scale on Mon, 03 Feb 2025 14:32:57 GMT
Secret Taliban records published online after hackers breach computer systems by Graham Cluley on Fri, 07 Feb 2025 15:53:58 +0000
Data breaches at UK law firms are on the rise, research reveals by Graham Cluley on Fri, 07 Feb 2025 11:08:37 +0000
Thailand cuts power and internet to areas of Myanmar to disrupt scam gangs by Graham Cluley on Thu, 06 Feb 2025 13:56:16 +0000
Smashing Security podcast #403: Coinbase crypto heists, QR codes, and ransomware in the classroom by Graham Cluley on Thu, 06 Feb 2025 00:00:34 +0000
Man sentenced to 7 years in prison for role in $50m internet scam by Graham Cluley on Wed, 05 Feb 2025 16:03:02 +0000
The AI Fix #36: A DeepSeek special by Graham Cluley on Tue, 04 Feb 2025 19:08:25 +0000
Teen on Musk’s DOGE Team Graduated from ‘The Com’ by Krebs on Security on Sat, 08 Feb 2025 00:32:53 +0000
Experts Flag Security, Privacy Risks in DeepSeek AI App by Krebs on Security on Thu, 06 Feb 2025 21:12:30 +0000
Who’s Behind the Seized Forums ‘Cracked’ & ‘Nulled’? by Krebs on Security on Tue, 04 Feb 2025 17:09:16 +0000
SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 32 by Security Affairs on Sun, 09 Feb 2025 15:36:45 +0000
Security Affairs newsletter Round 510 by Pierluigi Paganini – INTERNATIONAL EDITION by Security Affairs on Sun, 09 Feb 2025 14:20:54 +0000
PlayStation Network outage has been going on for over 24 hours by Security Affairs on Sat, 08 Feb 2025 21:48:05 +0000
Kimsuky APT group used custom RDP Wrapper version and forceCopy stealer by Security Affairs on Sat, 08 Feb 2025 18:15:22 +0000
Russia’s intelligence recruits Ukrainians for terror attacks via messaging apps by Security Affairs on Sat, 08 Feb 2025 13:25:04 +0000
U.S. CISA adds Trimble Cityworks flaw to its Known Exploited Vulnerabilities catalog by Security Affairs on Fri, 07 Feb 2025 21:54:13 +0000
Hospital Sisters Health System impacted 882,782 individuals by Security Affairs on Fri, 07 Feb 2025 18:26:55 +0000
Attackers used a public ASP.NET machine to conduct ViewState code injection attacks by Security Affairs on Fri, 07 Feb 2025 09:31:40 +0000
U.S. CISA adds Microsoft Outlook, Sophos XG Firewall, and other flaws to its Known Exploited Vulnerabilities catalog by Security Affairs on Thu, 06 Feb 2025 22:36:30 +0000
Cisco addressed two critical flaws in its Identity Services Engine (ISE) by Security Affairs on Thu, 06 Feb 2025 15:42:28 +0000
UK Is Ordering Apple to Break Its Own Encryption by Schneier on Security on Sat, 08 Feb 2025 15:56:32 +0000
Friday Squid Blogging: The Colossal Squid by Schneier on Security on Fri, 07 Feb 2025 22:02:37 +0000
Screenshot-Reading Malware by Schneier on Security on Fri, 07 Feb 2025 15:26:11 +0000
AIs and Robots Should Sound Robotic by Schneier on Security on Thu, 06 Feb 2025 12:03:22 +0000
On Generative AI Security by Schneier on Security on Wed, 05 Feb 2025 12:03:01 +0000
Deepfakes and the 2024 US Election by Schneier on Security on Tue, 04 Feb 2025 12:01:36 +0000
Journalists and Civil Society Members Using WhatsApp Targeted by Paragon Spyware by Schneier on Security on Mon, 03 Feb 2025 12:05:20 +0000
Updating HarvestIQ by The Security Industry on Mon, 03 Feb 2025 13:54:48 GMT
⚡ TCP #73: DARPA Red-C; SailPoint IPO; Palantir Security; and Product News by The Cybersecurity Pulse (TCP) on Wed, 05 Feb 2025 11:59:46 GMT
Weekly Update 438 by Troy Hunt on Sun, 09 Feb 2025 07:04:41 GMT

Community Feeds #

Hackers are exploiting a remote code execution vulnerability in the Cityworks tool to breach Microsoft IIS servers, indicating an active threat utilizing known software bugs (Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers, Hackers exploiting bug in popular Trimble Cityworks tool used by local gov’ts).
Europol recommends that financial institutions transition to quantum-safe cryptography in anticipation of future threats to existing cryptographic systems (Europol: Financial institutions should switch to quantum-safe cryptography).
There is a continued trend of high remediation times for critical security alerts with SLAs extending up to 90 days, calling for assessment of existing processes in organizations to manage vulnerabilities (Remediation takes forever, while critical alerts pile up…).
Phishing campaigns are utilizing domains with “com-” prefixes to deceive users into believing in the legitimacy of fraudulent websites. Security teams should monitor DNS logs for such domains (Phishing via “com-” prefix domains).
The Known Beacons attack continues to pose risks for users of systems with open network ESSIDs in their Preferred Network Lists, bypassing protections that prevent automatic connections without user knowledge (Known beacons attack [At the 34C3]).
Certificate Transparency is now enforced in Mozilla Firefox starting with version 135, enhancing verification against certificate issuance abuses (Certificate Transparency is now enforced in Firefox on desktop platforms starting with version 135).
NanoCore RAT continues to be a prevalent malware threat, analyzed in recent findings highlighting its capabilities and its targeting techniques (NanoCore RAT Malware Analysis).
Apple faces pressure from the UK to create an iCloud encryption backdoor, underscoring ongoing global policy challenges confronting end-to-end encryption (Apple ordered by U.K. to create global iCloud encryption backdoor).
Researchers highlight a “ghost-server” tactic where systems masquerade as having unconstrained Kerberos delegation, alerting on access attempts to catch unauthorized actions (Making Ghost-Servers that appear to have Unconstrained Kerberos Delegation (but alert on access attempts)).

Articles (58)

Megathread: Department of Government Efficiency, Elon Musk, and US Cybersecurity Policy Changes by cybersecurity on 2025-02-06T06:48:03+00:00
Mentorship Monday - Post All Career, Education and Job questions here! by cybersecurity on 2025-02-03T00:00:32+00:00
Booz Allen Removes Subcontractor Who Wrote Report on DOGE Access by cybersecurity on 2025-02-09T20:51:31+00:00
Anyone still using PGP? by cybersecurity on 2025-02-09T15:02:17+00:00
Remediation takes forever, while critical alerts pile up… by cybersecurity on 2025-02-09T13:04:27+00:00
The entire field of Cybersecurity goes on strike. What are our demands? by cybersecurity on 2025-02-08T19:21:12+00:00
Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers by cybersecurity on 2025-02-09T21:01:19+00:00
university by cybersecurity on 2025-02-09T20:11:06+00:00
Am I in the wrong career if I don’t want to study for certifications anymore? by cybersecurity on 2025-02-08T17:05:21+00:00
Known beacons attack [At the 34C3] by cybersecurity on 2025-02-09T15:02:40+00:00
Is KnowB4 still good? by cybersecurity on 2025-02-08T21:28:37+00:00
What will the next stage of security logins be in the next five to ten years? by cybersecurity on 2025-02-08T23:21:18+00:00
Should I Build an Open Core Web App Crawler & Pentesting SaaS? by cybersecurity on 2025-02-09T21:13:28+00:00
Question on Security Awareness Training. by cybersecurity on 2025-02-09T17:26:49+00:00
NIST publication links are broken. by cybersecurity on 2025-02-08T19:18:33+00:00
Need advice! by cybersecurity on 2025-02-09T17:28:54+00:00
How cybercriminals make money with cryptojacking by cybersecurity on 2025-02-08T16:33:25+00:00
Degrees and certs are not a replacement for experience by cybersecurity on 2025-02-08T01:40:11+00:00
Google’s DMARC Push Pays Off, but Challenges Remain by cybersecurity on 2025-02-08T22:07:11+00:00
What’s Making Countries Ban DeepSeek So Quickly? by cybersecurity on 2025-02-08T03:20:27+00:00
How do you handle the pressure from bug bounty hunters asking you to fix the issue immediately? by cybersecurity on 2025-02-08T14:40:12+00:00
Hackers exploiting bug in popular Trimble Cityworks tool used by local gov’ts by cybersecurity on 2025-02-08T16:15:35+00:00
Europol: Financial institutions should switch to quantum-safe cryptography by cybersecurity on 2025-02-08T07:17:34+00:00
Exposing Upscale Hacktivist DDoS Tactics by cybersecurity on 2025-02-08T09:15:35+00:00
malicious oauth/enterprise app scanner - saw on linkedin, cant find the post by cybersecurity on 2025-02-08T15:09:43+00:00
Apple ordered by U.K. to create global iCloud encryption backdoor by cybersecurity on 2025-02-07T15:20:31+00:00
Microsoft Defender for Business in small medium company by cybersecurity on 2025-02-09T02:16:38+00:00
NanoCore RAT Malware Analysis by Technical Information Security Content & Discussion on 2025-02-09T19:41:20+00:00
ROPing our way to “Yay, RCE” - follow Michaels journey of developing an ARM ROP chain to exploit a buffer overflow in uc-http. Dive into the process of reverse engineering, gadget hunting, and crafting a working exploit. by Technical Information Security Content & Discussion on 2025-02-08T16:29:08+00:00
Security analysis of the Wi-Fi Easy Connect by Technical Information Security Content & Discussion on 2025-02-08T16:20:49+00:00
Making Ghost-Servers that appear to have Unconstrained Kerberos Delegation (but alert on access attempts) by Technical Information Security Content & Discussion on 2025-02-07T14:21:12+00:00
Windows Telephony Services: 2025 Patch Diffing & Analysis by Technical Information Security Content & Discussion on 2025-02-07T13:07:37+00:00
How to prove false statements? (Part 2) by Technical Information Security Content & Discussion on 2025-02-06T22:46:32+00:00
CVE-2024-55957: Local Privilege Escalation Vulnerability in Thermo Scientific™ Xcalibur™ and Foundation software by Technical Information Security Content & Discussion on 2025-02-07T02:46:31+00:00
ArgFuscator.net - generate obfuscated command lines by Technical Information Security Content & Discussion on 2025-02-06T20:22:30+00:00
Certificate Transparency is now enforced in Firefox on desktop platforms starting with version 135 by Technical Information Security Content & Discussion on 2025-02-05T03:47:17+00:00
Soxy: A Rust-powered suite of services for Citrix, VMware Horizon, and Windows RDP that includes a SOCKS server for easy VDI pivoting by Technical Information Security Content & Discussion on 2025-02-05T11:35:40+00:00
Certificate Ripper v2.4.0 released - tool to extract server certificates by Technical Information Security Content & Discussion on 2025-02-05T23:16:39+00:00
Nosey Parker Explorer, an interactive TUI app for triaging secret exposures, is now Apache 2-licensed. It has helped on hundreds of offensive security engagements to quickly comb through thousands of potential findings. by Technical Information Security Content & Discussion on 2025-02-05T22:29:28+00:00
Replacing a Space Heater Firmware over WiFi by Technical Information Security Content & Discussion on 2025-02-04T21:58:31+00:00
8 Million Requests Later, We Made The SolarWinds Supply Chain Attack Look Amateur - watchTowr Labs by Technical Information Security Content & Discussion on 2025-02-04T11:02:12+00:00
Now live: Our Global InfoSec Salary Index for 2025 - with full dataset in the Public Domain :) by Technical Information Security Content & Discussion on 2025-02-04T16:32:08+00:00
Top 10 (new) web hacking techniques of 2024 by Technical Information Security Content & Discussion on 2025-02-04T16:02:40+00:00
Collabfiltrator 4.0.1 Plugin released! New SQLi DNS exfiltration capabilities available in BurpSuite. Download it from the BApp Store. by Technical Information Security Content & Discussion on 2025-02-04T15:01:27+00:00
Masquerade the Windows “Program Files” path with Unicode “En Quad” character. by Technical Information Security Content & Discussion on 2025-02-04T03:00:22+00:00
How Attackers Can Bypass OPA Gatekeeper in Kubernetes Due to Rego Flaws by Technical Information Security Content & Discussion on 2025-02-03T18:03:58+00:00
Analyzing the Contec Patient Monitor ‘Backdoor’ by Technical Information Security Content & Discussion on 2025-02-03T12:58:07+00:00
Infocon: green by SANS Internet Storm Center, InfoCON: green on Sun, 09 Feb 2025 20:05:04 +0000
Crypto Wallet Scam: Not For Free, (Sat, Feb 8th) by SANS Internet Storm Center, InfoCON: green on Sat, 08 Feb 2025 18:47:03 GMT
SSL 2.0 turns 30 this Sunday… Perhaps the time has come to let it die?, (Fri, Feb 7th) by SANS Internet Storm Center, InfoCON: green on Fri, 07 Feb 2025 10:41:59 GMT
ISC Stormcast For Friday, February 7th, 2025 https://isc.sans.edu/podcastdetail/9314, (Fri, Feb 7th) by SANS Internet Storm Center, InfoCON: green on Fri, 07 Feb 2025 01:28:34 GMT
The Unbreakable Multi-Layer Anti-Debugging System, (Thu, Feb 6th) by SANS Internet Storm Center, InfoCON: green on Thu, 06 Feb 2025 08:08:26 GMT
ISC Stormcast For Thursday, February 6th, 2025 https://isc.sans.edu/podcastdetail/9312, (Thu, Feb 6th) by SANS Internet Storm Center, InfoCON: green on Thu, 06 Feb 2025 01:30:25 GMT
Phishing via “com-” prefix domains, (Wed, Feb 5th) by SANS Internet Storm Center, InfoCON: green on Wed, 05 Feb 2025 17:50:33 GMT
ISC Stormcast For Wednesday, February 5th, 2025 https://isc.sans.edu/podcastdetail/9310, (Wed, Feb 5th) by SANS Internet Storm Center, InfoCON: green on Wed, 05 Feb 2025 01:53:31 GMT
Some updates to our data feeds, (Tue, Feb 4th) by SANS Internet Storm Center, InfoCON: green on Tue, 04 Feb 2025 16:01:03 GMT
ISC Stormcast For Tuesday, February 4th, 2025 https://isc.sans.edu/podcastdetail/9308, (Tue, Feb 4th) by SANS Internet Storm Center, InfoCON: green on Tue, 04 Feb 2025 02:00:02 GMT
Crypto Wallet Scam, (Mon, Feb 3rd) by SANS Internet Storm Center, InfoCON: green on Mon, 03 Feb 2025 09:10:15 GMT

Disclaimer #

The summaries in this brief are generated autonomously by the OpenAI LLM model based on the provided system and user prompts. While every effort is made to consolidate accurate and relevant insights, the model may occasionally misinterpret, misrepresent, or hallucinate information. Readers are strongly advised to verify all key points by consulting the original sources linked in the brief for complete context and accuracy.

This document is created with BlackStork and is based on the template available on GitHub.

Reach out if you have questions or suggestions.

February 9, 2025