The FBI has shared 42,000 phishing domains tied to the LabHost cybercrime platform, one of the largest global phishing-as-a-service (PhaaS) platforms that was dismantled in April 2024. [...]

Welcome to the second Cloud CISO Perspectives for April 2025. Today, Sandra Joyce, vice president, Google Threat Intelligence, will talk about the practical applications of AI in both attack and defense, adapted from her RSA Conference keynote. As with all Cloud CISO Perspectives, the contents of this newsletter are …

No specific law against it yet, but that's set to change A spate of high-profile swatting incidents in the US recently forced the FBI into action with its latest awareness campaign about the occasionally deadly practice.... [...]

British supermarket chain Co-op Food has confirmed to BleepingComputer via a statement that it has suffered limited operational disruption as it responds to a cyberattack. [...]

​Ascension, one of the largest private healthcare systems in the United States, is notifying patients that their personal and health information was stolen in a December 2024 data theft attack, which affected a former business partner. [...]

Meta is suing NSO Group, basically claiming that the latter hacks WhatsApp and not just WhatsApp users. We have a procedural ruling: Under the order, NSO Group is prohibited from presenting evidence about its customers’ identities, implying the targeted WhatsApp users are suspected or actual criminals, or alleging that …

Go ahead, please do Bash static analysis Shell scripting may finally get a proper bug-checker. A group of academics has proposed static analysis techniques aimed at improving the correctness and reliability of Unix shell programs.... [...]

A cloud security platform that manages the attack surface and security vulnerabilities in AWS Sponsored post You’d be naïve to believe that the cloud is secure by default, and while most hosting services provide basic defenses, it’s not always clear what level of protection these provide.... [...]

Microsoft has announced it will require paid subscriptions for Windows Server 2025 hotpatching, a service that enables admins to install security updates without restarting. [...]

Threat actors are intensifying internet-wide scanning for Git configuration files that can reveal sensitive secrets and authentication tokens used to compromise cloud services and source code repositories. [...]

Today, the French foreign ministry blamed the APT28 hacking group linked to Russia's military intelligence service (GRU) for targeting or breaching a dozen French entities over the last four years. [...]

Google dumped io_uring after $1M in bug bounties A proof-of-concept program has been released to demonstrate a so-called monitoring "blind spot" in how some Linux antivirus and other endpoint protection tools use the kernel's io_uring interface.... [...]

​A set of security vulnerabilities in Apple's AirPlay Protocol and AirPlay Software Development Kit (SDK) exposed unpatched third-party and Apple devices to various attacks, including remote code execution. [...]

As Big Tech gets used to the pain, smaller vendors urged to up their game Google says that despite a small dip in the number of exploited zero-day vulnerabilities in 2024, the number of attacks using these novel bugs continues on an upward trend overall.... [...]

South Korean mobile provider SK Telecom has announced free SIM card replacements to its 25 million mobile customers following a recent USIM data breach, but only 6 million cards are available through May. [...]

Former Rear Admiral calls for National Guard online deployment and corporates to be held accountable RSAC Russia used to be considered America's biggest adversary online, but over the past couple of years China has taken the role, and is proving highly effective at it.... [...]

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning of Broadcom Brocade Fabric OS, Commvault web servers, and Qualitia Active! Mail clients vulnerabilities that are actively exploited in attacks. [...]

Top voices warn that political retaliation puts democracy and national defense at risk The Electronic Frontier Foundation (EFF) and numerous infosec leaders are lobbying US President Donald Trump to drop his enduring investigation into Chris Krebs, claiming that targeting the former CISA boss amounts to bullying.... [...]

Artificial intelligence is helping Beijing's goons break in faster and stay longer RSAC The biggest threat to US critical infrastructure, according to FBI Deputy Assistant Director Cynthia Kaiser, can be summed up in one word: "China."... [...]

AI-generated computer code is rife with references to non-existent third-party libraries, creating a golden opportunity for supply-chain attacks that poison legitimate programs with malicious packages that can steal data, plant backdoors, and carry out other nefarious actions, newly published research shows. The study, which used 16 of the most …

This seems like an important advance in LLM security against prompt injection: Google DeepMind has unveiled CaMeL (CApabilities for MachinE Learning), a new approach to stopping prompt-injection attacks that abandons the failed strategy of having AI models police themselves. Instead, CaMeL treats language models as fundamentally untrusted components within …

Google's Threat Intelligence Group (GTIG) says attackers exploited 75 zero-day vulnerabilities in the wild last year, over 50% of which were linked to spyware attacks. [...]

FBI and others list how to spot NK infiltrators, but AI will make it harder RSAC Concerned a new recruit might be a North Korean stooge out to steal intellectual property and then hit an org with malware? There is an answer, for the moment at least.... [...]

They’re sorry/not sorry for testing if bots can change minds by pretending to be a trauma counselor or a victim of sexual abuse Researchers from the University of Zurich have admitted to secretly posting AI-generated material to popular Subreddit r/changemyview in the name of science.... [...]

British defence firms have reportedly warned staff not to connect their phones to Chinese-made EVs Mobile phones and desktop computers are longstanding targets for cyber spies – but how vulnerable are electric cars? On Monday the i newspaper claimed that British defence firms working for the UK government have warned …

Who could possibly be behind this attack on an ethnic minority China despises? Researchers at Canada’s Citizen Lab have spotted a phishing campaign and supply chain attack directed at Uyghur people living outside China, and suggest it’s an example of Beijing’s attempts to target the ethnic …

Florida man altered allergen info, DoSed former colleagues Former Disney employee Michael Scheuer was sentenced to 36 months in prison and fined almost $688,000 for screwing up a software application the entertainment giant used to cook up its restaurant menus.... [...]

Sometimes, silence is the best option An Oklahoma City cybersecurity professional accused of installing spyware on a hospital PC confirmed on LinkedIn key details of the drama.... [...]

Whistleblowing, email is evidential mail, HR is not your friend, and more discussed by CxO panel RSAC Chief security officers should negotiate personal liability insurance and a golden parachute when they start a new job – in case things go sideways and management tries to scapegoat them for a network …

Homeland Security boss Noem added as last-minute keynote, mind you RSAC There's a notable absence from this year's RSA Conference that kicked off today in San Francisco: The NSA's State of the Hack panel.... [...]

Ongoing outages at British retail giant Marks & Spencer are caused by a ransomware attack believed to be conducted by a hacking collective known as "Scattered Spider" BleepingComputer has learned from multiple sources. [...]

Hitachi Vantara, a subsidiary of Japanese multinational conglomerate Hitachi, was forced to take servers offline over the weekend to contain an Akira ransomware attack. [...]

Think of artificial intelligence as your embedded ally Sponsored post AI is reshaping cybersecurity in real time, raising the stakes on both sides of the battlefield. For defenders, it brings speed, precision, and automation at scale, helping security teams detect threats earlier and respond faster than ever. But adversaries …

The company doesn’t keep logs, so couldn’t turn over data : Windscribe, a globally used privacy-first VPN service, announced today that its founder, Yegor Sak, has been fully acquitted by a court in Athens, Greece, following a two-year legal battle in which Sak was personally charged in connection …

Employee benefits administration firm VeriSource Services is warning that a data breach exposed the personal information of four million people. [...]

Over 1,200 internet-exposed SAP NetWeaver instances are vulnerable to an actively exploited maximum severity unauthenticated file upload vulnerability that allows attackers to hijack servers. [...]

​Offensive Security warned Kali Linux users to manually install a new Kali repository signing key to avoid experiencing update failures. [...]

Internet services giant Cloudflare says it mitigated a record number of DDoS attacks in 2024, recording a massive 358% year-over-year jump and a 198% quarter-over-quarter increase. [...]

It took a 1 year+ probe, plenty of client calls for VeriSource to understand just how much of a yikes it has on its hands Houston-based VeriSource Services' long-running probe into a February 2024 digital break-in shows the data of 4 million people – not just a few hundred thousand …

Cybersecurity is facing a unique moment, where AI-enhanced threat intelligence, products, and services are poised to give defenders an advantage over the threats they face that’s proven elusive — until now. To empower security teams and business leaders in the AI era, and to help organizations proactively combat evolving …

The daily grind of sifting through endless alerts and repetitive tasks is burdening security teams. Too often, defenders struggle to keep up with evolving threats, but the rapid pace of AI advancement means it doesn’t have to be that way. Today at the RSA Conference, as we introduce …

Image board hints that rumors of a poorly maintained back end may be true Clearweb cesspit 4chan is back up and running, but says the damage caused by a cyberattack earlier this month was "catastrophic."... [...]

About a decade ago, Apple and Google started updating iOS and Android, respectively, to make them less susceptible to “juice jacking,” a form of attack that could surreptitiously steal data or execute malicious code when users plug their phones into special-purpose charging hardware. Now, researchers are revealing that, for …

Redmond reckons $1.50/core/month hotpatch service is worth it to avoid eight Patch Tuesday scrambles each year Microsoft has announced its preview of hotpatching for on-prem Windows Server 2025 will become a paid subscription service in July.... [...]

PLUS: Microsoft fixes messes China used to attack it; Mitre adds ESXi advice; Employee-tracking screenshots leak; and more! Infosec in brief Samsung has warned that some of its Galaxy devices store passwords in plaintext.... [...]

Coinbase has fixed a confusing bug in its account activity logs that caused users to think their credentials were compromised. [...]

Brave has open-sourceed a new tool called "Cookiecrumbler," which uses large language models (LLMs) to detect cookie consent notices and then community-driven reviews to block those that won't break site functionality. [...]

The ransomware scene is re-organizing, with one gang known as DragonForce working to gather other operations under a cartel-like structure. [...]

A large-scale phishing campaign targets WooCommerce users with a fake security alert urging them to download a "critical patch" that adds a Wordpress backdoor to the site. [...]

Infosec is a team sport... unless you're in the White House Opinion Just when it seems they couldn't be that careless, US officials tasked with defending the nation go and do something else that puts American critical infrastructure, national security, and troops' lives in danger.... [...]