PLUS: Chinese robodogs include backdoor; OpenAI helps spammer; A Dutch data disaster; And more! Infosec In Brief Fortinet last week admitted that attackers have found new ways to exploit three flaws it thought it had fixed last year.... [...]
PLUS: India's new electronics subsidies; Philippines unplugs a mobile carrier; Alibaba Cloud expands Asia In Brief Chinese officials admitted to directing cyberattacks on US infrastructure at a meeting with their American counterparts, according to The Wall Street Journal.... [...]
Military units, government nerds appear to join the fray, with physical infra in sights Feature From triggering a water tank overflow in Texas to shutting down Russian state news services on Vladimir Putin's birthday, self-styled hacktivists have been making headlines.... [...]
Military units, government nerds appear to join the fray, with physical infra in sights Feature From triggering a water tank overflow in Texas to shutting down Russian state news services on Vladimir Putin's birthday, self-styled hacktivists have been making headlines.... [...]
Google is fixing a long-standing privacy issue that, for years, enabled websites to determine users' browsing history through the previously visited links. [...]
Phishing-as-a-service (PhaaS) platform Tycoon2FA, known for bypassing multi-factor authentication on Microsoft 365 and Gmail accounts, has received updates that improve its stealth and evasion capabilities. [...]
A new class of supply chain attacks named 'slopsquatting' has emerged from the increased use of generative AI tools for coding and the model's tendency to "hallucinate" non-existent package names. [...]
Hallucinated package names fuel 'slopsquatting' The rise of LLM-powered code generation tools is reshaping how developers write software - and introducing new risks to the software supply chain in the process.... [...]
Redmond hopes you’ve forgotten or got over why everyone hated it the first time After temporarily shelving its controversial Windows Recall feature amid a wave of backlash, Microsoft is back at it - now quietly slipping the screenshotting app into the Windows 11 Release Preview channel for Copilot+ PCs …
Microsoft is testing a new Defender for Endpoint capability that will block traffic to and from undiscovered endpoints to thwart attackers' lateral network movement attempts. [...]
Security and privacy advocates are girding themselves for another uphill battle against Recall, the AI tool rolling out in Windows 11 that will screenshot, index, and store everything a user does every three seconds. When Recall was first introduced in May 2024, security practitioners roundly castigated it for creating …
Western Sydney University (WSU) announced two security incidents that exposed personal information belonging to members of its community. [...]
Fortinet warns that threat actors use a post-exploitation technique that helps them maintain read-only access to previously compromised FortiGate VPN devices even after the original attack vector was patched. [...]
Microsoft has now confirmed that an April 2025 Windows security update is creating a new empty "inetpub" folder and warned users not to delete it. [...]
Laboratory Services Cooperative (LSC) has released a statement informing it suffered a data breach where hackers stole sensitive information of roughly 1.6 million people from its systems. [...]
Fourlis Group, the operator of IKEA stores in Greece, Cyprus, Romania, and Bulgaria, has informed that the ransomware attack it suffered just before Black Friday on November 27, 2024, caused losses estimated to €20 million ($22.8M). [...]
Google is hosting dozens of extensions in its Chrome Web Store that perform suspicious actions on the more than 4 million devices that have installed them and that their developers have taken pains to carefully conceal. The extensions, which so far number at least 35, use the same code …
Researchers are trying to use squid color-changing biochemistry for solar tech. This appears to be new and related research to a 2019 squid post. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. [...]
Microsoft is reporting that its AI systems are able to find new vulnerabilities in source code: Microsoft discovered eleven vulnerabilities in GRUB2, including integer and buffer overflows in filesystem parsers, command flaws, and a side-channel in cryptographic comparison. Additionally, 9 buffer overflows in parsing SquashFS, EXT4, CramFS, JFFS2, and …
Issues at the very top continue to worsen The UK government's latest annual data breach survey shows the number of ransomware attacks on the isles is on the increase – and many techies are forced to constantly informally request company directors for defense spending because there's no security people on …
Former policy boss claims Facebook cared little about national security as it chased the mighty Yuan Facebook's former director of global public policy told a Senate committee that Meta CEO Mark Zuckerberg was willing to do almost anything to get the social network into China - including, she alleged, offering …
Imagine that all of us—all of society—have landed on some alien planet and need to form a government: clean slate. We do not have any legacy systems from the United States or any other country. We do not have any special or unique interests to perturb our …
Hackers started exploiting a high-severity flaw that allows bypassing authentication in the OttoKit (formerly SureTriggers) plugin for WordPress just hours after public disclosure. [...]
Props for the transparency though US sensor maker Sensata has told regulators that a ransomware attack caused an operational disruption, and that it's still working to fully restore affected systems.... [...]
China-based purveyors of SMS phishing kits are enjoying remarkable success converting phished payment card data into mobile wallets from Apple and Google. Until recently, the so-called “ Smishing Triad ” mainly impersonated toll road operators and shipping companies. But experts say these groups are now directly targeting customers of international financial …
The Russian state-backed hacking group Gamaredon (aka "Shuckworm") has been targeting a military mission of a Western country in Ukraine in attacks likely deployed from removable drives. [...]
Sensata Technologies (known as Sensata) has suffered a ransomware attack last weekend that encrypted parts of the company network and disrupted operations. [...]
Scammers are already cashing in with fake invoices for import costs World War Fee As the trade war between America and China escalates, some infosec and policy experts fear Beijing will strike back in cyberspace.... [...]
Officials teased more details to come later this year Following the 2024 takedown of several major malware operations under Operation Endgame, law enforcement has continued its crackdown into 2025, detaining five individuals linked to the Smokeloader botnet.... [...]
TL;DR: Move along, still nothing to see here - an idea that leaves infosec pros aghast Oracle's letter to customers about an intrusion into part of its public cloud empire - while insisting Oracle Cloud Infrastructure was untouched - has sparked a mix of ridicule and outrage in the infosec community …
Alleges cybersecurity agency was ‘weaponized’ to suppress debunked theories Updated The Trump administration on Wednesday ordered a criminal investigation into alleged censorship conducted by the USA’s Cybersecurity and Infrastructure Security Agency, aka CISA, plus revocation of any security clearances held by the agency's ex-head Chris Krebs and anyone …
Can't Redmond ask its whizz-bang Copilot AI to fix it? Updated Those keen to get their Microsoft PCs patched up as soon as possible have been getting an unpleasant shock when they try to get in using Windows Hello.... [...]
It worked for in 2018 with Chris Krebs. Will it work again? Uncle Sam's Cybersecurity and Infrastructure Security Agency, aka CISA, has been "actively hiding information" about American telecommunications networks' weak security for years, according to Senator Ron Wyden.... [...]
A targeted campaign exploited Server-Side Request Forgery (SSRF) vulnerabilities in websites hosted on AWS EC2 instances to extract EC2 Metadata, which could include Identity and Access Management (IAM) credentials from the IMDSv1 endpoint. [...]
OCC mum on who broke into email, but Treasury fingered China in similar hack months ago A US banking regulator fears sensitive financial oversight data was stolen from its IT systems in what's been described as "a major information security incident."... [...]
OCC mum on who broke into email, but Treasury fingered China in similar hack months ago A US banking regulator says sensitive financial oversight data was accessed by one or more system intruders for more than a year in what's been described as "a major information security incident."... [...]
Spammers used OpenAI to generate messages that were unique to each recipient, allowing them to bypass spam-detection filters and blast unwanted messages to more than 80,000 websites in four months, researchers said Wednesday. The finding, documented in a post published by security firm SentinelOne’s SentinelLabs, underscores the …
Oracle finally confirmed in email notifications sent to customers that a hacker stole and leaked credentials that were stolen from what it described as "two obsolete servers." [...]
AWS Network Firewall is a managed, stateful network firewall and intrusion detection and prevention service. It allows you to implement security rules for fine-grained control of your VPC network traffic. In this blog post, we discuss flow capture and flow flush, new features of AWS Network Firewall that enhance …
Fortinet has released security patches for a critical vulnerability in its FortiSwitch devices that can be exploited to change administrator passwords remotely. [...]
Today’s organizations rely heavily on secure and reliable communication channels and digital certificates play a crucial role in securing internal and external-facing infrastructure by establishing trust and enabling encrypted communication. While public certificates are commonly used to secure internet applications, many organizations prefer private certificates for internal resources …
Hackers exploited a vulnerability in Gladinet CentreStack's secure file-sharing software as a zero-day since March to breach storage servers [...]
AI is making voice phishing (vishing) more dangerous than ever, with scammers cloning voices in seconds to trick employees into handing over their credentials. Learn how to defend your organization with Specops Secure Service Desk. [...]
Phishing actors are employing a new evasion tactic called 'Precision-Validated Phishing' that only shows fake login forms when a user enters an email address that the threat actors specifically targeted. [...]
In follow-up activity for Operation Endgame, law enforcement tracked down Smokeloader botnet's customers and detained at least five individuals. [...]
How Chocolate Factory hopes to double down on enterprise-sec Cloud Next Google will today reveal a new unified security platform that analysts think can help it battle Microsoft for a bigger chunk of the enterprise infosec market.... [...]
Today at Google Cloud Next, we are announcing Google Unified Security, new security agents, and innovations across our security portfolio designed to deliver stronger security outcomes and enable every organization to make Google a part of their security team. Introducing Google Unified Security Enterprise infrastructure continues to grow in …
Neiman Lab has some good advice on how to leak a story to a journalist. [...]
Microsoft today released updates to plug at least 121 security holes in its Windows operating systems and software, including one vulnerability that is already being exploited in the wild. Eleven of those flaws earned Microsoft’s most-dire “critical” rating, meaning malware or malcontents could exploit them with little to …
Lawsuit claims sick cyber-voyeurism went undetected for years, using hundreds of PCs, due to lax infosec A now-former pharmacist at the University of Maryland Medical Center (UMMC) has been accused of compromising the US healthcare organization's IT systems to ogle female clinicians using webcams at their workplace and at …