Russian Zero-Day Seller is Offering Up to $4 Million for Telegram Exploits

Zero-day companies like Operation Zero develop or acquire security vulnerabilities in popular operating systems and apps and then re-sell them for a higher price.

For the company to focus on Telegram makes sense, considering the messaging app is especially popular with users in both Russia and Ukraine.

Cyber_Security_Channel

Читать полностью…

Security Researcher Breaks One of the Most Powerful Ransomware Attacks Using GPU Power

However, by reviewing the logs, the researcher was able to determine the time the ransomware was launched, and using the metadata, the time the encryption was completed.

He was then able to create a brute-force tool that could find the key for each individual file.

Running the tool on a pre-installed system was found to be inefficient, as it took too long to run on the RTX 3060 and RTC 3090.

Cyber_Security_Channel

Читать полностью…

Microsoft Flags Six Active Zero-Days, Patches 57 Flaws: Patch Tuesday

Redmond also urged Windows sysadmins to prioritize critical, code execution bugs in the Windows Subsystem for Linux, the Windows DNS Server, Windows Remote Desktop Service and Microsoft Office.

Cyber_Security_Channel

Читать полностью…

Three VMware Zero-Days Under Active Exploitation – What You Need to Know

The discovery of these zero-day vulnerabilities in VMware ESXi, Workstation, and Fusion emphasizes the need for timely patching and proactive security measures.

Since these flaws are being actively exploited in the wild, organizations should prioritize updates and strengthen their security posture.

Cyber_Security_Channel

Читать полностью…

New ‘Auto-Color’ Linux Malware Targets North America, Asia

The malware supports commands that enable the attacker to collect host information, uninstall the malware, create a reverse shell, create and modify files, execute a program, and turn the device into a proxy.

Cyber_Security_Channel

Читать полностью…

Microsoft Names Suspects in Lawsuit Against AI Hackers

The suspects named by Microsoft in a recent amended complaint are Arian Yadegarnia (Fiz) from Iran, Alan Krysiak (Drago) from the United Kingdom, Ricky Yuen (Cg-dot) from China (Hong Kong), and Phat Phung Tan (Asakuri) from Vietnam.

Cyber_Security_Channel

Читать полностью…

AI-Powered Cybersecurity: Balancing Automation, Real-Time Detection and Strategic Oversight

The skyrocketing adoption of AI-powered cybersecurity technologies makes it urgent for business leaders to gain a clear understanding of these issues.

Allocating budget to safeguarding AI technologies in use can have a sound return on investment because automation offers a notable reduction in operational costs and enhanced threat detection can dramatically reduce the steep costs associated with breaches​.

Cyber_Security_Channel

Читать полностью…

How to Defend Amazon S3 Buckets from Ransomware Exploiting SSE-C Encryption

All key management for S3 server-side encryption with SSE-C is handled outside of AWS, with encryption key material provided alongside the object, ensuring the cloud provider never stores the key material.

AWS emphasizes the importance of using short-term credentials, implementing data recovery procedures, and preventing the use of SSE-C on S3 buckets when not necessary for the workload.

Cyber_Security_Channel

Читать полностью…

ℹ️ $1.5B Hack of Bybit — the Largest Crypto Heist Ever

The Lazarus Group, a hacking organization under North Korea’s Reconnaissance General Bureau, has been identified by blockchain security experts.

North Korea has been accused of multiple hacks of cryptocurrency exchanges to steal digital assets, launder the funds, and use them to finance its nuclear weapons program.

In January, the United States, South Korea, and Japan issued a joint statement blaming North Korea for roughly $660 million in crypto thefts just in 2024 alone.

Cyber_Security_Channel

Читать полностью…

📌 Are you a Cyber Security Manager?

→ This resource is perfect for your company.

All-in-one solution for efficient Information Security Management.

This comprehensive package provides access to ISMS templates…

Seamlessly integrating into your organizational structure.

What do you get?

— Awareness
— Risk Management
— Implementation Roadmap
— ISO 27001 Self-Assessment
— Information Security Policies

With this system, you can:

— Meet stakeholder requirements
— Assure the security of your information
— Optimize your business processes all at once

Need to obtain the ISO-27001 certification?

Make the process hassle-free with Notion ISMS.

🔐 Check out this valuable resource from our partners:

↳ https://gumroad.com/a/792215507/qqkfpn

Читать полностью…

Microsoft Detects New XCSSET MacOS Malware Variant

The variant employs a much more randomized method for creating payloads to infect Xcode projects.

Both the encoding technique and the number of encoding iterations are randomized.

Cyber_Security_Channel

Читать полностью…

Amazon Sued in First 'My Health, My Data' Privacy Dispute

Amazon tracked users’ location data without their consent.

The company used it for targeted advertising and other means of enriching its business, according to a complaint filed by an Amazon app user in the US District Court Western District of Washington.

Information collected by these apps also included “biometric data and precise location information."

That data could reasonably indicate a consumer’s attempt to acquire or receive health services or supplies,” putting it in violation of Washington’s My Health My Data Act, the complaint said.

Amazon denied the above allegations that came through.

“These claims are not accurate, and we look forward to explaining this in court,” an Amazon spokesperson wrote in an Email.

Cyber_Security_Channel

Читать полностью…

The Case for Lean Cybersecurity Leadership

Businesses’ natural response to growing cyber risk has been to invest in and grow their cybersecurity capabilities, including:

— Creating new leadership roles
— Safeguarding the confidentiality/privacy
— Integrity and availability of organizational data

This phenomenon of decision-making bias stemming from overconfidence, referred to as illusory superiority, has been found in other settings as well.

Under certain conditions, people — regardless of their competence level — overestimate their abilities, skills, or qualities relative to those of their peers.

Cyber_Security_Channel

Читать полностью…

❗️Cyber Security News is looking for VOLUNTEERS to join our Team: Round 4

Our community is continuously growing and we are looking to further expand the Team of authors.

Responsibilities

• Conduct research on the Internet
• Format and publish posts to the channels of our community
• Offer creative ideas to enhance content

Requirements

• Research skills
• Stable Wi-Fi connection
• Strong interest in cybersecurity
• A mobile device with installed Telegram app
• Up to date knowledge about trending topics, current events, etc.

Offerings

• Exchange of knowledge with colleagues from the field
• Experience as a manager/admin of a large cybersecurity community (for CV)
• Opportunity to influence a growing community with a large audience

If you have a friend/colleague who would be interested in the position, feel free to send them this post!

Contacts

If you are interested in the above position or have any further questions, feel free to reach out → @cybersecadmin

- - - - -

@Cyber_Security_Channel

Читать полностью…

How Agentic AI will be Weaponized for Social Engineering Attacks

November 2022 saw the introduction of the first Large Language Model (LLM), freely released to the public.

In 2023, the world began using generative AI tools and developers rolled out a range of features and functionalities built on top of these LLMs.

By the second half of 2024, a new iteration rapidly emerged—AI-powered agents (“agentic AI”) that can act autonomously and execute complex tasks.

Cyber_Security_Channel

Читать полностью…

DeepSeek Created Chrome Infostealer Without Hesitation, Company Remains Silent

First, a fictional world was created to set clear rules and context aligned with the technical objectives.

“We developed a specialized virtual environment called Velora – a fictional world where malware development is treated as a legitimate discipline,” the researchers explained.

“In this environment, advanced programming and security concepts are considered fundamental skills, enabling direct technical discourse about traditionally restricted topics.”

Cyber_Security_Channel

Читать полностью…

CISA: Medusa Ransomware Hit Over 300 Critical Infrastructure Orgs

Medusa was first introduced as a closed ransomware variant, where a single group of threat actors handled all development and operations.

Although Medusa has since evolved into a Ransomware-as-a-service (RaaS) operation and adopted an affiliate model, its developers continue to oversee essential operations, including ransom negotiations.

Cyber_Security_Channel

Читать полностью…

Blackwire Labs and Carahsoft Partner to Bring AI-Powered Cybersecurity Solutions to the Public Sector

Blackwire Labs is an innovative cybersecurity company.

Led by industry experts, the company specializes in addressing critical challenges faced by Government agencies, particularly the cybersecurity skills shortage and the AI trust deficit.

We plan to empower their Public Sector customers with the highest-grade security defense possible without the cost of hiring additional security practitioners.

Cyber_Security_Channel

Читать полностью…

Static Scans, Red Teams and Frameworks Aim to Find Bad AI Models

The problem is growing. JFrog flagged 212 AI models to date that contain some sort of malicious functionality or code, double the approximately 100 malicious models found a year ago.

Cyber_Security_Channel

Читать полностью…

🚨 Android Threat Hunters, Your Job Just Got Easier! 

Our partners at ANY.RUN released a brand-new OS designed for real-time Android threat analysis inside a secure sandbox environment.  
 
Now, businesses and security teams can:  

• Investigate APK behavior in real time  
• Detect Android threats faster  
• Speed up incident response  
• Reduce cybersecurity costs  
 
Best part of the deal?

It’s available for all plans — even FREE users!  

👉 Try it now — via this link.

-----
 
#ad #paidpromotion #sponsored
 
@Cyber_Security_Channel

Читать полностью…

AI vs. Endpoint Attacks: What Security Leaders Must Know to Stay Ahead

Adversaries, especially cybercrime syndicates and nation-state actors, are refining their tradecraft with AI, adding to their arsenals faster than any enterprise can keep up.

Gen AI has democratized how adversaries, from rogue attackers to large-scale cyberwar operations, can create new weapons.

Adversaries are moving at machine speed, weaponizing gen AI to create sophisticated malware, launch targeted phishing campaigns and circumvent traditional defenses.

Cyber_Security_Channel

Читать полностью…

⚡️Elon Musk Claims ‘Massive Cyber-Attack’ Caused X Outages

Downdetector, a website that monitors malfunctions on various sites and platforms, showed thousands of reports of outages.

The platform, formerly known as Twitter, had been unresponsive for many users as posts failed to load.

Tweets that failed to appear displayed a message that “something went wrong” and told users to try reloading.

“We get attacked every day, but this was done with a lot of resources,” the platform’s CEO stated.

“Either a large, coordinated group and/or a country is involved.”

@Cyber_Security_Channel

Читать полностью…

Intelligence Community AI Cybersecurity Program Achieves ‘Massive Scientific Impact’

IARPA’s TrojAI program aims to defend AI systems from intentional, malicious attacks, known as Trojans.

That is done by developing technology to identify so-called backdoors or poisoned data in completed AI systems before the systems are deployed, IARPA explains on its TrojAI website.

Cyber_Security_Channel

Читать полностью…

Chinese Cyberspy Possibly Launching Ransomware Attacks as Side Job

All these intrusions were focused on espionage, but the same toolset was employed in a November 2024 extortion attempt on a medium-sized software and services company in South Asia, Symantec notes.

Cyber_Security_Channel

Читать полностью…

How Russian Hackers Are Exploiting Signal ‘Linked Devices’ Feature for Real-Time Spying

By tricking users into scanning malicious QR codes embedded in phishing pages or disguised as group invite links, Mandiant says APT groups linked to the Kremlin are secretly adding their own device as a linked endpoint.

Cyber_Security_Channel

Читать полностью…

⚡️Bybit ETH Cold Wallet Breach Sees $1.5B Moved to Unknown Address

Bybit has reported a breach involving one of their ETH cold wallets.

The platform stated that the issue started when a “sophisticated attack” manipulated a routine transfer from their ETH multisig cold wallet to their warm wallet.

Cyber_Security_Channel

Читать полностью…

Everything You Need to Know About the Privacy-Focused Messaging App Signal

Signal is an open-source, encrypted messaging app. It's available on Android and iOS devices, and it's free to download and use.

You can voice or video call others through the app, and you can send payments through the app using the cryptocurrency MobileCoin.

Signal uses end-to-end encryption to protect your messages and calls, which means that only your intended recipient can read your messages and receive your call.

Cyber_Security_Channel

Читать полностью…

Using Popular AI App DeepSeek Can Put Your Personal Information and Data at Risk: Study

"We found three serious vulnerabilities in the application as well as a number of privacy issues that, overall, mean that your data and your identity is placed at risk when you use the DeepSeek iOS," Hoog said.

A NowSecure mobile application security and privacy assessment has uncovered multiple security and privacy issues in the DeepSeek iOS mobile app.

Recent DeepSeek privacy analysis has focused on its Privacy Policy and Terms of Service.

However NowSecure analyzed the iOS app by running and inspecting the mobile app on real iOS devices to uncover confirmed security vulnerabilities and privacy issues.

Cyber_Security_Channel

Читать полностью…

UK Orders Apple to Give it Access to Encrypted Cloud Data

The UK’s demand is the latest flashpoint in a long-running battle between the tech industry and law enforcement over the use of encryption in messaging apps and storage services.

📷 Photo credit: Yau Ming Low / Shutterstock

Cyber_Security_Channel

Читать полностью…

Cyble Sensors Detect Attacks on Apache OFBiz, Palo Alto Networks

CVE-[2024]-[0012] is an authentication bypass vulnerability in PAN-OS that enables an unauthenticated attacker with network access to the management interface to gain PAN-OS administrator privileges.

The Palo Alto alert said hackers could use CVE-[2024]-[0012] to perform administrative actions, tamper with configurations, or exploit other authenticated privilege escalation vulnerabilities such as CVE-[2024]-[9474].

Cyber_Security_Channel

Читать полностью…