23174
๐ The finest daily news on cybersecurity and privacy. ๐ Daily releases. ๐ป Is your online life secure? ๐ฉ lalilolalo.dev@gmail.com
๐ Identity Attacks Now Comprise a Third of Intrusions ๐IBM warns of infostealer surge as attackers automate credential theft and adopt AI to generate highly convincing phishing emails en masse.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐ต๏ธโโ๏ธ Android Phones Pre-Downloaded With Malware Target User Crypto Wallets ๐ต๏ธโโ๏ธThe threat actors lace predownloaded applications with malware to steal cryptocurrency by covertly swapping users' wallet addresses with their own.
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
๐ต๏ธโโ๏ธ CVE Program Cuts Send the Cyber Sector Into Panic Mode ๐ต๏ธโโ๏ธAfter threatening to slash support for the CVE program, CISA threw MITRE a lifeline at the last minute extending its government contract for another 11 months. After that, it looks like it's up to the private sector to find the cash to keep it going.
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ Meta Resumes E.U. AI Training Using Public User Data After Regulator Approval ๐๏ธMeta has announced that it will begin to train its artificial intelligence AI models using public data shared by adults across its platforms in the European Union, nearly a year after it paused its efforts due to data protection concerns from Irish regulators. "This training will better support millions of people and businesses in Europe, by teaching our generative AI models to better.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
โ๏ธ Trump Revenge Tour Targets Cyber Leaders, Elections โ๏ธPresident Trump last week revoked security clearances for Chris Krebs, the former director of the Cybersecurity and Infrastructure Security Agency CISA who was fired by Trump after declaring the 2020 election the most secure in U.S. history. The White House memo, which also suspended clearances for other security professionals at Krebs's employer SentinelOne, comes as CISA is facing huge funding and staffing cuts.
๐ Read more.
๐ Via "Krebs on Security"
----------
๐๏ธ Seen on @cibsecurity
๐ต๏ธโโ๏ธ AI Code Tools Widely Hallucinate Packages ๐ต๏ธโโ๏ธThe hallucination problem is not just pervasive, it is persistent as well, according to new research.
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
๐ต๏ธโโ๏ธ Chinese APTs Exploit EDR 'Visibility Gap' for Cyber Espionage ๐ต๏ธโโ๏ธBlind spots in network visibility, including in firewalls, IoT devices, and the cloud, are being exploited by Chinese statebacked threat actors with increasing success, according to new threat intelligence. Here's how experts say you can get eyes on it all.
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
๐ฆ
DOGE โBig Ballsโ Ransomware and the False Connection to Edward Coristine ๐ฆ
Cyble DOGE BIG BALLS Ransomware and the False Connection to Edward Coristine " dataimagecaption"" datamediumfile"httpscyble.comwpcontentuploads202504NewCybleBlogs300x150.png" datalargefile"httpscyble.comwpcontentuploads202504NewCybleBlogs1024x512.png" title"DOGE "Big Balls" Ransomware and the False Connection to Edward Coristine 1" Key Takeaways This attack leverages a ZIP file with a deceptive LNK shortcut to silently execute a multistage PowerShellbased infection chain, ensuring stealthy deployment. A vulnerable driver CVE20152291 is exploited through a Bring Your Own Vulnerable Driver BYOVD technique to gain kernellevel readwrite access for privilege escalation. The payload is a customized version of Fog ransomware, branded as "DOGE BIG BALLS Ransomware," reflecting an attemp...
๐ Read more.
๐ Via "CYBLE"
----------
๐๏ธ Seen on @cibsecurity
๐ Digital Certificate Lifespans to Fall to 47 Days by 2029 ๐CABrowser Forum members have voted in favor of shortening TLSSSL certificate lifespans to 47 days.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐ New Malware ResolverRAT Targets Healthcare and Pharma Sectors ๐ResolverRAT targets healthcare organizations using advanced evasion techniques and social engineering.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐ Major WordPress Plugin Flaw Exploited in Under 4 Hours ๐Flaw in SureTriggers plugin allows unauthenticated users to create admin accounts on WordPress sites.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ Cybersecurity in the AI Era: Evolve Faster Than the Threats or Get Left Behind ๐๏ธAI is changing cybersecurity faster than many defenders realize. Attackers are already using AI to automate reconnaissance, generate sophisticated phishing lures, and exploit vulnerabilities before security teams can react. Meanwhile, defenders are overwhelmed by massive amounts of data and alerts, struggling to process information quickly enough to identify real threats. AI offers a way to.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ Phishing Campaigns Use Real-Time Checks to Validate Victim Emails Before Credential Theft ๐๏ธCybersecurity researchers are calling attention to a new type of credential phishing scheme that ensures that the stolen information is associated with valid online accounts. The technique has been codenamed precisionvalidating phishing by Cofense, which it said employs realtime email validation so that only a select set of highvalue targets are served the fake login screens. "This tactic not.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐ต๏ธโโ๏ธ Morocco Investigates Social Security Agency Data Leak ๐ต๏ธโโ๏ธA threat actor has claimed responsibility for the alleged politically motivated attack and has uploaded the stolen data to a Dark Web forum.
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
๐ต๏ธโโ๏ธ 7 RSAC 2025 Cloud Security Sessions You Don't Want to Miss ๐ต๏ธโโ๏ธSome of the brightest minds in the industry will discuss how to strengthen cloud security.
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
๐ต๏ธโโ๏ธ CVE Program Cuts Send the Cyber Sector Into Panic Mode ๐ต๏ธโโ๏ธAfter threatening to slash support for the CVE program, CISA threw MITRE a lifeline at the last minute extending its government contract for another 11 months. After that, it looks like it's up to the private sector to find the cash to keep it going.
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
๐ Identity Attacks Now Comprise a Third of Intrusions ๐IBM warns of infostealer surge as attackers automate credential theft and adopt AI to generate highly convincing phishing emails en masse.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐ต๏ธโโ๏ธ Dogged by Trump, Chris Krebs Resigns From SentinelOne ๐ต๏ธโโ๏ธThe president revoked the former CISA director's security clearance, half a decade after Krebs challenged rightwing election disinformation, prompting his eventual resignation.
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ Gladinetโs Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability ๐๏ธA recently disclosed security flaw in Gladinet CentreStack also impacts its Triofox remote access and collaboration solution, according to Huntress, with seven different organizations compromised to date. Tracked as CVE202530406 CVSS score 9.0, the vulnerability refers to the use of a hardcoded cryptographic key that could expose internetaccessible servers to remote code execution attacks.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐ต๏ธโโ๏ธ Threat Intel Firm Offers Crypto in Exchange for Dark Web Accounts ๐ต๏ธโโ๏ธProdaft is currently buying accounts from five Dark Web forums and offers to pay extra for administrator or moderator accounts. The idea is to infiltrate forums to boost its threat intelligence.
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
๐ต๏ธโโ๏ธ Fortinet Zero-Day Bug May Lead to Arbitrary Code Execution ๐ต๏ธโโ๏ธA threat actor posted about the zeroday exploit on the same day that Fortinet published a warning about known vulnerabilities under active exploitation.
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ ResolverRAT Campaign Targets Healthcare, Pharma via Phishing and DLL Side-Loading ๐๏ธCybersecurity researchers have discovered a new, sophisticated remote access trojan called ResolverRAT that has been observed in attacks targeting healthcare and pharmaceutical sectors. "The threat actor leverages fearbased lures delivered via phishing emails, designed to pressure recipients into clicking a malicious link," Morphisec Labs researcher Nadav Lorber said in a report shared with The.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐ AI Hallucinations Create โSlopsquattingโ Supply Chain Threat ๐Experts have warned that threat actors could hijack AI hallucinations in slopsquatting attacks.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐ US Blocks Foreign Governments from Acquiring Citizen Data ๐The US government has implemented a program that applies export controls on data transactions to certain countries of concern, including China and Russia.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐ Prodaft Offers "No Judgment" Deal to Buy Dark Web Accounts from Cybercrime Forum Users ๐Through the SYS Initiative, Prodaft is offering a secure, anonymous channel for individuals to share information about ongoing cybercrime activities.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ Pakistan-Linked Hackers Expand Targets in India with CurlBack RAT and Spark RAT ๐๏ธA threat actor with ties to Pakistan has been observed targeting various sectors in India with various remote access trojans like Xeno RAT, Spark RAT, and a previously undocumented malware family called CurlBack RAT. The activity, detected by SEQRITE in December 2024, targeted Indian entities under railway, oil and gas, and external affairs ministries, marking an expansion of the hacking crew's.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ โก Weekly Recap: Windows 0-Day, VPN Exploits, Weaponized AI, Hijacked Antivirus and More ๐๏ธAttackers arent waiting for patches anymore they are breaking in before defenses are ready. Trusted security tools are being hijacked to deliver malware. Even after a breach is detected and patched, some attackers stay hidden. This weeks events show a hard truth its not enough to react after an attack. You have to assume that any system you trust today could fail tomorrow. In a world.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐ฆฟ How to Use LastPass Password Manager ๐ฆฟLearn how to set up and use LastPass password manager. Start managing and storing your passwords with this stepbystep guide.
๐ Read more.
๐ Via "Tech Republic"
----------
๐๏ธ Seen on @cibsecurity
๐ต๏ธโโ๏ธ How DigitalOcean Moved Away From Manual Identity Management ๐ต๏ธโโ๏ธDigitalOcean executives describe how they automated and streamlined many of the identity and access management functions that had been previously handled manually.
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
๐ต๏ธโโ๏ธ A New 'It RAT': Stealthy 'Resolver' Malware Burrows In ๐ต๏ธโโ๏ธA new infostealer on the market is making big waves globally, replacing Lumma et al. in attacks and employing so many stealth, persistence, and antianalysis tricks that it's downright difficult to count them all.
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity