23174
๐ The finest daily news on cybersecurity and privacy. ๐ Daily releases. ๐ป Is your online life secure? ๐ฉ lalilolalo.dev@gmail.com
๐๏ธ PoisonSeed Exploits CRM Accounts to Launch Cryptocurrency Seed Phrase Poisoning Attacks ๐๏ธA malicious campaign dubbed PoisonSeed is leveraging compromised credentials associated with customer relationship management CRM tools and bulk email providers to send spam messages containing cryptocurrency seed phrases in an attempt to drain victims' digital wallets. "Recipients of the bulk spam are targeted with a cryptocurrency seed phrase poisoning attack," Silent Push said in an.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ โก Weekly Recap: VPN Exploits, Oracle's Silent Breach, ClickFix Surge and More ๐๏ธToday, every unpatched system, leaked password, and overlooked plugin is a doorway for attackers. Supply chains stretch deep into the code we trust, and malware hides not just in shady apps but in job offers, hardware, and cloud services we rely on every day. Hackers dont need sophisticated exploits anymore. Sometimes, your credentials and a little social engineering are enough. This week,.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ โก Weekly Recap: VPN Exploits, Oracle's Silent Breach, ClickFix Surge and More ๐๏ธToday, every unpatched system, leaked password, and overlooked plugin is a doorway for attackers. Supply chains stretch deep into the code we trust, and malware hides not just in shady apps but in job offers, hardware, and cloud services we rely on every day. Hackers dont need sophisticated exploits anymore. Sometimes, your credentials and a little social engineering are enough. This week,.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐ Darknetโs Xanthorox AI Offers Customizable Tools for Hackers ๐Xanthorox AI, a selfcontained system for offensive cyber operations, has emerged on darknet forums.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐ Darknetโs Xanthorox AI Offers Customizable Tools for Hackers ๐Xanthorox AI, a selfcontained system for offensive cyber operations, has emerged on darknet forums.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ CISA and FBI Warn Fast Flux is Powering Resilient Malware, C2, and Phishing Networks ๐๏ธCybersecurity agencies from Australia, Canada, New Zealand, and the United States have published a joint advisory about the risks associated with a technique called fast flux that has been adopted by threat actors to obscure a commandandcontrol C2 channel. "'Fast flux' is a technique used to obfuscate the locations of malicious servers through rapidly changing Domain Name System DNS.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ Security Theater: Vanity Metrics Keep You Busy - and Exposed ๐๏ธAfter more than 25 years of mitigating risks, ensuring compliance, and building robust security programs for Fortune 500 companies, Ive learned that looking busy isnt the same as being secure.ย Its an easy trap for busy cybersecurity leaders to fall into. We rely on metrics that tell a story of the tremendous efforts were expending how many vulnerabilities we patched, how fast we.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐ต๏ธโโ๏ธ NIST to Implement 'Deferred' Status to Dated Vulnerabilities ๐ต๏ธโโ๏ธThe changes will go into effect over the next several days to reflect which CVEs are being prioritized in the National Vulnerability Database NVD.
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
๐ Smishing Triad Fuels Surge in Toll Payment Scams in US, UK ๐A rise in smishing campaigns impersonating toll service providers has been linked to Chinas Smishing Triad.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐ต๏ธโโ๏ธ ToddyCat APT Targets ESET Bug to Load Silent Malware ๐ต๏ธโโ๏ธResearchers found the threat actor attempting to use the nowpatched flaw to load and execute a malicious dynamic link library on infected systems.
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
๐ Malicious Microsoft VS Code Extensions Used in Cryptojacking Campaign ๐Security researchers from ExtensionTotal have found nine malicious extensions in Visual Studio Code, Microsofts lightweight sourcecode editor.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ โก Weekly Recap: VPN Exploits, Oracle's Silent Breach, ClickFix Surge and More ๐๏ธToday, every unpatched system, leaked password, and overlooked plugin is a doorway for attackers. Supply chains stretch deep into the code we trust, and malware hides not just in shady apps but in job offers, hardware, and cloud services we rely on every day. Hackers dont need sophisticated exploits anymore. Sometimes, your credentials and a little social engineering are enough. This week,.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐ Malicious Microsoft VS Code Extensions Used in Cryptojacking Campaign ๐Security researchers from ExtensionTotal have found nine malicious extensions in Visual Studio Code, Microsofts lightweight sourcecode editor.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ CISA and FBI Warn Fast Flux is Powering Resilient Malware, C2, and Phishing Networks ๐๏ธCybersecurity agencies from Australia, Canada, New Zealand, and the United States have published a joint advisory about the risks associated with a technique called fast flux that has been adopted by threat actors to obscure a commandandcontrol C2 channel. "'Fast flux' is a technique used to obfuscate the locations of malicious servers through rapidly changing Domain Name System DNS.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐ฆฟ Googleโs Sec-Gemini v1 Takes on Hackers & Outperforms Rivals by 11% ๐ฆฟSecGemini v1 has access to realtime cybersecurity data from trusted sources including Google Threat Intelligence, Mandiants attack reports, and the Open Source Vulnerabilities database.
๐ Read more.
๐ Via "Tech Republic"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ โก Weekly Recap: VPN Exploits, Oracle's Silent Breach, ClickFix Surge and More ๐๏ธToday, every unpatched system, leaked password, and overlooked plugin is a doorway for attackers. Supply chains stretch deep into the code we trust, and malware hides not just in shady apps but in job offers, hardware, and cloud services we rely on every day. Hackers dont need sophisticated exploits anymore. Sometimes, your credentials and a little social engineering are enough. This week,.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐ Darknetโs Xanthorox AI Offers Customizable Tools for Hackers ๐Xanthorox AI, a selfcontained system for offensive cyber operations, has emerged on darknet forums.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐ต๏ธโโ๏ธ Scattered Spider's 'King Bob' Pleads Guilty to Cyber Charges ๐ต๏ธโโ๏ธThe 20yearold was arrested in January 2024 alongside four other group members who carried out related cybercriminal acts, earning them similar charges.
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
๐ Darknetโs Xanthorox AI Offers Customizable Tools for Hackers ๐Xanthorox AI, a selfcontained system for offensive cyber operations, has emerged on darknet forums.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ CISA and FBI Warn Fast Flux is Powering Resilient Malware, C2, and Phishing Networks ๐๏ธCybersecurity agencies from Australia, Canada, New Zealand, and the United States have published a joint advisory about the risks associated with a technique called fast flux that has been adopted by threat actors to obscure a commandandcontrol C2 channel. "'Fast flux' is a technique used to obfuscate the locations of malicious servers through rapidly changing Domain Name System DNS.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ CISA and FBI Warn Fast Flux is Powering Resilient Malware, C2, and Phishing Networks ๐๏ธCybersecurity agencies from Australia, Canada, New Zealand, and the United States have published a joint advisory about the risks associated with a technique called fast flux that has been adopted by threat actors to obscure a commandandcontrol C2 channel. "'Fast flux' is a technique used to obfuscate the locations of malicious servers through rapidly changing Domain Name System DNS.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐ Smishing Triad Fuels Surge in Toll Payment Scams in US, UK ๐A rise in smishing campaigns impersonating toll service providers has been linked to Chinas Smishing Triad.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐ Smishing Triad Fuels Surge in Toll Payment Scams in US, UK ๐A rise in smishing campaigns impersonating toll service providers has been linked to Chinas Smishing Triad.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐ Smishing Triad Fuels Surge in Toll Payment Scams in US, UK ๐A rise in smishing campaigns impersonating toll service providers has been linked to Chinas Smishing Triad.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐ What Is Cyber Threat Hunting? ๐Cyber threat hunting is a proactive approach of searching networks, endpoints, and datasets to uncover hidden cyber threats that have bypassed traditional security measures. Threat hunting in cybersecurity is not just about reacting to alerts its about actively seeking out malicious activities and advanced persistent threats that lurk beneath the surface, potentially causing significant damage The post What Is Cyber Threat Hunting? appeared first on UnderDefense.
๐ Read more.
๐ Via "UnderDefense"
----------
๐๏ธ Seen on @cibsecurity
๐ฆฟ Googleโs Sec-Gemini v1 Takes on Hackers & Outperforms Rivals by 11% ๐ฆฟSecGemini v1 has access to realtime cybersecurity data from trusted sources including Google Threat Intelligence, Mandiants attack reports, and the Open Source Vulnerabilities database.
๐ Read more.
๐ Via "Tech Republic"
----------
๐๏ธ Seen on @cibsecurity
๐ Malicious Microsoft VS Code Extensions Used in Cryptojacking Campaign ๐Security researchers from ExtensionTotal have found nine malicious extensions in Visual Studio Code, Microsofts lightweight sourcecode editor.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐ Malicious Microsoft VS Code Extensions Used in Cryptojacking Campaign ๐Security researchers from ExtensionTotal have found nine malicious extensions in Visual Studio Code, Microsofts lightweight sourcecode editor.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐ What Is Cyber Threat Hunting? ๐Cyber threat hunting is a proactive approach of searching networks, endpoints, and datasets to uncover hidden cyber threats that have bypassed traditional security measures. Threat hunting in cybersecurity is not just about reacting to alerts its about actively seeking out malicious activities and advanced persistent threats that lurk beneath the surface, potentially causing significant damage The post What Is Cyber Threat Hunting? appeared first on UnderDefense.
๐ Read more.
๐ Via "UnderDefense"
----------
๐๏ธ Seen on @cibsecurity
๐ฆ
IT Vulnerability Report: VMware, Microsoft Fixes Urged by Cyble ๐ฆ
Cyble IT Vulnerability Report VMware, Microsoft Fixes Urged by Cyble " dataimagecaption"Cyble IT Vulnerability Report VMware, Microsoft Fixes Urged by Cyble " datamediumfile"httpscyble.comwpcontentuploads202504CybleBlogsITVulnerabilityReport300x150.jpg" datalargefile"httpscyble.comwpcontentuploads202504CybleBlogsITVulnerabilityReport.jpg" title"IT Vulnerability Report VMware, Microsoft Fixes Urged by Cyble 1" Overview Cybles vulnerability intelligence unit examined 30 vulnerabilities and 14 dark web exploit claims in recent reports to clients and flagged eight of the vulnerabilities as meriting highpriority attention by security teams. Cyble said the eight vulnerabilities found in products from Microsoft, VMware, Apple, Google, and others can lead to system compromise, data bre...
๐ Read more.
๐ Via "CYBLE"
----------
๐๏ธ Seen on @cibsecurity