23174
๐ The finest daily news on cybersecurity and privacy. ๐ Daily releases. ๐ป Is your online life secure? ๐ฉ lalilolalo.dev@gmail.com
๐ต๏ธโโ๏ธ How Organizations Can Leverage Cyber Insurance Effectively ๐ต๏ธโโ๏ธBy focusing on prevention, education, and risk transfer through insurance, organizations especially SMEs can protect themselves from the rapidly escalating threats of cyberattacks.
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
๐ข More than 5 million Americans just had their personal information exposed in the Yale New Haven Health data breach โ and lawsuits are already rolling in ๐ขA data breach at Yale New Haven Health has exposed data belonging to millions of people and lawsuits have already been filed.
๐ Read more.
๐ Via "ITPro"
----------
๐๏ธ Seen on @cibsecurity
๐ข Westcon-Comstor unveils new managed SOC solution for Cisco partners ๐ขPowered by Cisco XDR, the new offering will enable partners to tap into new revenue streams, the company said.
๐ Read more.
๐ Via "ITPro"
----------
๐๏ธ Seen on @cibsecurity
๐ข Criminals target APIs as web attacks skyrocket globally ๐ขMore than a third of web attacks target APIs as AI expands attack surfaces and brings new security challenges.
๐ Read more.
๐ Via "ITPro"
----------
๐๏ธ Seen on @cibsecurity
๐ต๏ธโโ๏ธ Max-Severity Commvault Bug Alarms Researchers ๐ต๏ธโโ๏ธThough already patched, the vulnerability is especially problematic because of the highly privileged access it offers to businesscritical systems, sensitive data, and backups for attackers.
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
๐ข What to look out for at RSAC Conference 2025 ๐ขConvincing attendees that AI can revolutionize security will be the first point of order at next weeks RSA Conference but traditional threats will be a constant undercurrent.
๐ Read more.
๐ Via "ITPro"
----------
๐๏ธ Seen on @cibsecurity
๐ต๏ธโโ๏ธ FBI: Cybercrime Losses Rocket to $16.6B in 2024 ๐ต๏ธโโ๏ธThe losses are 33 higher than the year before, with phishing leading the way as the mostreported cybercrime last year, and ransomware was the top threat to critical infrastructure, according to the FBI Internet Crime Report.
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
๐ Blue Shield of California Data Breach Affects 4.7 Million Members ๐A misconfigured tracking tool has exposed protected health information of 4.7 million Blue Shield members to Google Ads.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ Lazarus Hits 6 South Korean Firms via Cross EX, Innorix Zero-Day and ThreatNeedle Malware ๐๏ธAt least six organizations in South Korea have been targeted by the prolific North Korealinked Lazarus Group as part of a campaign dubbed Operation SyncHole. The activity targeted South Korea's software, IT, financial, semiconductor manufacturing, and telecommunications industries, according to a report from Kaspersky published today. The earliest evidence of compromise was first detected in.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐ Highest-Risk Security Flaw Found in Commvault Backup Solutions ๐A critical path traversal vulnerability in Commvaults backup and replication solutions has been reported.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ Linux io_uring PoC Rootkit Bypasses System Call-Based Threat Detection Tools ๐๏ธCybersecurity researchers have demonstrated a proofofconcept PoC rootkit dubbed Curing that leverages a Linux asynchronous IO mechanism called iouring to bypass traditional system call monitoring. This causes a "major blind spot in Linux runtime security tools," ARMO said. "This mechanism allows a user application to perform various actions without using system calls," the company said in.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐ Ofcom Lays Down the Law with Child Safety Rules for Tech Giants ๐Ofcoms Protection of Children Codes and Guidance lists 40 new child safety measures for tech firms.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐ Ransomware Attacks Fall Sharply in March ๐NCC Group found that ransomware attacks fell by 32 in March compared to February, but described this finding as a red herring.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ Critical Commvault Command Center Flaw Enables Attackers to Execute Code Remotely ๐๏ธA critical security flaw has been disclosed in the Commvault Command Center that could allow arbitrary code execution on affected installations. The vulnerability, tracked as CVE202534028, carries a CVSS score of 9.0 out of a maximum of 10.0. "A critical security vulnerability has been identified in the Command Center installation, allowing remote attackers to execute arbitrary code without.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐ฆฟ Google Chrome Keeps Third-Party Cookies Settings, Lets Users โMake an Informed Choiceโ ๐ฆฟPrivacy Sandbox, originally pitched as an alternative to crosssite ad tracking, will not show a standalone prompt. Instead, Chrome is readying a different informed choice.
๐ Read more.
๐ Via "Tech Republic"
----------
๐๏ธ Seen on @cibsecurity
๐ข Healthcare organizations are turning a blind eye to phishing attacks ๐ขA survey reveals that most attacks go unreported, putting patient data at risk.
๐ Read more.
๐ Via "ITPro"
----------
๐๏ธ Seen on @cibsecurity
๐ข April rundown: MITRE frights and Microsoft launches Recall (again) ๐ขAs CISA delivered an eleventhhour reprieve for the CVE database, AWS reportedly began to pause some data center leases.
๐ Read more.
๐ Via "ITPro"
----------
๐๏ธ Seen on @cibsecurity
๐ข M&S suspends online sales as 'cyber incident' continues ๐ขMarks Spencer MS has informed customers that all online and app sales have been suspended as the high street retailer battles a cyber incident.
๐ Read more.
๐ Via "ITPro"
----------
๐๏ธ Seen on @cibsecurity
๐ต๏ธโโ๏ธ NFC-Powered Android Malware Enables Instant Cash-Outs ๐ต๏ธโโ๏ธResearchers at security vendor Cleafy detailed a malware known as "SuperCard X" that uses the NFC reader on a victim's own phone to steal credit card funds instantly.
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
๐ต๏ธโโ๏ธ 'SessionShark' ToolKit Evades Microsoft Office 365 MFA ๐ต๏ธโโ๏ธThe creators of the toolkit are advertising it as an educational and ethical resource, but what it promises to provide users if purchased indicates it's anything but.
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
๐ ELENOR-corp Ransomware Targets Healthcare Sector ๐ELENORcorp ransomware, a new version of Mimic, is targeting healthcare organizations using advanced capabilities.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐ต๏ธโโ๏ธ Navigating Regulatory Shifts & AI Risks ๐ต๏ธโโ๏ธBy proactively embracing emerging trends around encryption, AI security, and platform consolidation, organizations can turn compliance burdens into competitive advantage.
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
๐ฆฟ Microsoft Resumes Recall Feature Rollout After Privacy Backlash, Adds Security Functions ๐ฆฟMicrosoft is expanding the rollout of Recall after months of testing and the addition of new security features.
๐ Read more.
๐ Via "Tech Republic"
----------
๐๏ธ Seen on @cibsecurity
๐ข Ransomware attacks are rising โ but quiet payouts could mean there's more than actually reported ๐ขRansomware attacks continue to climb, but they may be even higher than official figures show as companies choose to quietly pay to make such incidents go away.
๐ Read more.
๐ Via "ITPro"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ 159 CVEs Exploited in Q1 2025 โ 28.3% Within 24 Hours of Disclosure ๐๏ธAs many as 159 CVE identifiers have been flagged as exploited in the wild in the first quarter of 2025, up from 151 in Q4 2024. "We continue to see vulnerabilities being exploited at a fast pace with 28.3 of vulnerabilities being exploited within 1day of their CVE disclosure," VulnCheck said in a report shared with The Hacker News. This translates to 45 security flaws that have been weaponized.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ Darcula Adds GenAI to Phishing Toolkit, Lowering the Barrier for Cybercriminals ๐๏ธThe threat actors behind the Darcula phishingasaservice PhaaS platform have released new updates to their cybercrime suite with generative artificial intelligence GenAI capabilities. "This addition lowers the technical barrier for creating phishing pages, enabling less techsavvy criminals to deploy customized scams in minutes," Netcraft said in a new report shared with The Hacker News. ".
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐ ETSI Unveils New Baseline Requirements for Securing AI ๐ETSIs says new technical specification for securing AI models and systems sets international benchmark.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐ Verizon DBIR: Small Businesses Bearing the Brunt of Ransomware Attacks ๐While the Verizon annual report showed that ransomware is rising, it also found that ransom payments are in decline.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ Automating Zero Trust in Healthcare: From Risk Scoring to Dynamic Policy Enforcement Without Network Redesign ๐๏ธThe Evolving Healthcare Cybersecurity Landscapeย Healthcare organizations face unprecedented cybersecurity challenges in 2025. With operational technology OT environments increasingly targeted and the convergence of IT and medical systems creating an expanded attack surface, traditional security approaches are proving inadequate. According to recent statistics, the healthcare sector.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐ข Hackers are using Zoomโs remote control feature to infect devices with malware ๐ขSecurity experts have issued an alert over a new social engineering campaign using Zooms remote control features to take over victim devices.
๐ Read more.
๐ Via "ITPro"
----------
๐๏ธ Seen on @cibsecurity