23174
🗞 The finest daily news on cybersecurity and privacy. 🔔 Daily releases. 💻 Is your online life secure? 📩 lalilolalo.dev@gmail.com
🦿 8 Best Enterprise Password Managers 🦿Explore the best enterprise password managers that provide security and centralized control for managing and protecting passwords across your organization.
📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
🦿 North Korean Hackers Disguised as IT Workers Targeting UK, European Companies, Google Finds 🦿The attackers pose as legitimate remote IT workers, looking to both generate revenue and access sensitive company data through employment. "Europe needs to wake up fast, according to Googles Jamie Collier.
📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
🦿 Benchmarks Find ‘DeepSeek-V3-0324 Is More Vulnerable Than Qwen2.5-Max’ 🦿While the latest iteration of Qwen2.5Max outperforms DeepSeekV3 on security, the AI model lags behind its competition in several other areas.
📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
🕵️♂️ Google Quick Share Bug Bypasses Allow Zero-Click File Transfer 🕵️♂️Google addresses patch bypasses for CVE202438272 and CVE202438271, part of the previously announced "QuickShell" silent RCE attack chain against Windows users.
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
🕵️♂️ Social Engineering Just Got Smarter 🕵️♂️Polices that forbid employees from divulging company details are worthless if the same information can be obtained from sources employees have no control over.
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
🕵️♂️ Counterfeit Phones Carrying Hidden Revamped Triada Malware 🕵️♂️The malware, first discovered in 2016, has been updated over the years, and the latest version is now hiding in the firmware of counterfeit mobile phones.
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
🕵️♂️ China-Linked Threat Group Exploits Ivanti Bug 🕵️♂️The vendor had originally assessed the flaw as low risk but now says it is a critical issue that enables remote code execution.
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
🕵️♂️ Rafts of Security Bugs Could Rain Out Solar Grids 🕵️♂️At least three major energy solution and renewable energy companies have nearly 50 vulnerabilities many of them "basic" mistakes indicating a lack of developed cybersecurity safeguards.
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
🕵️♂️ CISA Layoffs Are a Momentary Disruption, Not a Threat 🕵️♂️Layoffs may cause shortterm disruptions, but they don't represent a catastrophic loss of cybersecurity capability because the true cyber operations never resided solely within CISA to begin with.
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
📢 Bugcrowd’s new MSP program looks to transform pen testing for small businesses 📢Cybersecurity provider Bugcrowd has launched a new service aimed at helping MSPs drive pen testing capabilities with a particular focus on small businesses.
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
📢 Zero trust gains momentum amid growing network visibility challenges 📢Organizations are looking to automation, orchestration, and risk mitigation as key security priorities.
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
🖋️ Europol Dismantles Kidflix With 72,000 CSAM Videos Seized in Major Operation 🖋️In one of the largest coordinated law enforcement operations, authorities have dismantled Kidflix, a streaming platform that offered child sexual abuse material CSAM. "A total of 1.8 million users worldwide logged on to the platform between April 2022 and March 2025," Europol said in a statement. "On March 11, 2025, the server, which contained around 72,000 videos at the time, was seized by.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
📔 Stripe API Skimming Campaign Unveils New Techniques for Theft 📔A novel skimming attack has been observed by Jscramber, using the Stripe API to steal payment information by injecting malicious scripts into pages.
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
🕵️♂️ In Salt Typhoon's Wake, Congress Mulls Potential Options 🕵️♂️While the House Committee on Government Reform was looking for retaliatory options, cybersecurity experts pointed them toward building better defenses.
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
📢 Cyber scams cost businesses $1.7 million per year, claims report 📢Supply chain attacks, brand impersonation, and APTs top the list of threats to businesses.
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
🦿 Payment Fraud Detection and Prevention: Here’s All To Know 🦿Here are the most common and latest advancements in payment fraud strategies and payment fraud prevention tools for protecting your business.
📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
🦿 Windows 11 Forces Microsoft Account Sign In & Removes Bypass Trick Option 🦿Microsoft is killing the Windows 11 bypass trick soon, all setups will require internet and a Microsoft Account, leaving privacyconscious users with fewer options.
📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
🕵️♂️ Israel Enters 'Stage 3' of Cyber Wars With Iran Proxies 🕵️♂️While Israel and Iranian proxies fight it out IRL, their conflict in cyberspace has developed in parallel. These days attacks have decelerated, but advanced in sophistication.
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
🕵️♂️ Emerging Risks Require IT/OT Collaboration to Secure Physical Systems 🕵️♂️With an increase in cyberphysical attacks that can cause significant disruptions, financial fallout and safety concerns for victim organizations, IT and OT security teams cannot keep working in silos.
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
🕵️♂️ Runtime Ventures Launches New Fund for Seed, Pre-Seed Startups 🕵️♂️Cofounders Michael Sutton and David Endler raised 32 million to invest in early stage cybersecurity startups as well as to provide mentoring support.
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
🕵️♂️ Disclosure Drama Clouds CrushFTP Vulnerability Exploitation 🕵️♂️CrushFTP CEO Ben Spink slammed several cybersecurity companies for creating confusion around a critical authentication bypass flaw that's currently under attack.
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
🕵️♂️ Microsoft Boosts Email Sender Rules for Outlook 🕵️♂️The tech giant will enforce new email authentication protocols for Outlook users who send large volumes of email beginning on May 5.
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
🕵️♂️ Secure Communications Evolve Beyond End-to-End Encryption 🕵️♂️Signal, Wickr, WhatsApp, and Cape all have different approaches to security and privacy, yet most are finding ways to make secure communications more private.
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
📢 ICO admits it's too slow dealing with complaints – so it's eying up automation to cut staff workloads 📢The UK's data protection authority has apologized for being slow to respond to data protection complaints, saying it's been overwhelmed by increased workloads.
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
📢 Security experts issue warning over the rise of 'gray bot' AI web scrapers 📢While not malicious, the bots can overwhelm web applications in a way similar to bad actors.
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
📢 Warning issued over ‘fast flux’ techniques used to obscure malicious signals on compromised networks 📢Cybersecurity agencies have issued a stark message that too little is being done to sniff out malware hiding in corporate networks.
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
🖋️ Legacy Stripe API Exploited to Validate Stolen Payment Cards in Web Skimmer Campaign 🖋️Threat hunters are warning of a sophisticated web skimmer campaign that leverages a legacy application programming interface API from payment processor Stripe to validate stolen payment information prior to exfiltration. "This tactic ensures that only valid card data is sent to the attackers, making the operation more efficient and potentially harder to detect," Jscrambler researchers Pedro.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🦿 Still Using an Older Version of iOS or iPadOS? Update Now to Patch These Critical Security Vulnerabilities 🦿Apple has also fixed vulnerabilities in iPadOS 17.7.6, macOS Sonoma 14.7.5, and macOS Ventura 13.7.5, as well as its recently released iOS 18.4.
📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
🕵️♂️ DPRK 'IT Workers' Pivot to Europe for Employment Scams 🕵️♂️By using fake references and building connections with recruiters, some North Korean nationals are landing sixfigure jobs that replenish DPRK coffers.
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
📔 Royal Mail Investigates Data Breach Affecting Supplier 📔A cyber threat actor has claimed to have leaked 144GB of data from Royal Mail users.
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity