Interesting: The company has released a working rootkit called “Curing” that uses io_uring, a feature built into the Linux kernel, to stealthily perform malicious activities without being caught by many of the detection solutions currently on the market. At the…
Author: wordpress
Six Years of Dangerous Misconceptions Targeting Ola Bini and Digital Rights in Ecuador
< div class=”field field–name-body field–type-text-with-summary field–label-hidden”> < div class=”field__items”> Ola Bini was first detained in Quito’s airport six years ago, called a “Russian hacker,” and accused of “alleged participation in the crime of assault on the integrity of computer systems.”…
Client-Side Security Breach Alert: Blue Shield of California Exposes 4.7 Million Members’ Health Data Through Web Analytics Configuration
by Source Defense A recent incident at Blue Shield of California highlights the critical importance of client-side security controls when implementing third-party scripts on healthcare websites. The nonprofit health plan has disclosed a significant data breach affecting 4.7 million members,…
RSAC Fireside Chat: The NDR evolution story—from open source start to kill chain clarity
As enterprises brace for a new wave of stealthy intrusions — so-called Typhoon attacks — security leaders are doubling down on network intelligence that goes beyond surface-level alerts. Related: What is NDR? In this RSAC 2025 Fireside Chat, I sat…
IT Security News Hourly Summary 2025-04-24 21h : 5 posts
5 posts were published in the last hour 19:5 : Yale New Haven Health (YNHHS) data breach impacted 5.5 million patients 18:33 : Threat Actors Taking Advantage of Unsecured Kubernetes Clusters for Cryptocurrency Mining 18:6 : Lessons from Ted Lasso…
Yale New Haven Health (YNHHS) data breach impacted 5.5 million patients
Yale New Haven Health (YNHHS) announced that threat actors stole the personal data of 5.5 million patients in a cyberattack. Yale New Haven Health (YNHHS) disclosed a data breach that exposed personal information of 5.5 million patients following a cyberattack…
Threat Actors Taking Advantage of Unsecured Kubernetes Clusters for Cryptocurrency Mining
In a troubling development for cybersecurity professionals, threat actors are increasingly targeting unsecured Kubernetes clusters to deploy cryptocurrency mining operations, leveraging the computational resources of victim organizations without their knowledge. These attacks exploit vulnerabilities in containerized environments, particularly focusing on…
Lessons from Ted Lasso for cybersecurity success
In this edition, Bill explores how intellectual curiosity drives success in cybersecurity, shares insights on the IAB ToyMaker’s tactics, and covers the top security headlines you need to know. This article has been indexed from Cisco Talos Blog Read the…
OpenAI Would Buy Google’s Chrome, Executive Tells Judge
AI pioneer OpenAI is interested if Google is forced to sell of its Chrome browser amid antitrust trial in United States This article has been indexed from Silicon UK Read the original article: OpenAI Would Buy Google’s Chrome, Executive Tells…
Microsoft mystery folder fix might need a fix of its own
This one weird trick can stop Windows updates dead in their tracks Turns out Microsoft’s latest patch job might need a patch of its own, again. This time, the culprit is a mysterious inetpub folder quietly deployed by Redmond, now…
Lazarus APT Targets Organizations by Exploiting One-Day Vulnerabilities
A recent cyber espionage campaign by the notorious Lazarus Advanced Persistent Threat (APT) group, tracked as “Operation SyncHole,” has compromised at least six South Korean organizations across software, IT, financial, semiconductor, and telecommunications sectors since November 2024. According to detailed…
Verizon DBIR Report: Small Businesses Identified as Key Targets in Ransomware Attacks
Verizon Business’s 2025 Data Breach Investigations Report (DBIR), released on April 24, 2025, paints a stark picture of the cybersecurity landscape, drawing from an analysis of over 22,000 security incidents, including 12,195 confirmed data breaches. The report identifies credential abuse…
Bruce Byrd on Public-Private Partnerships in Cybersecurity
Bruce Byrd offers strategic insights on cybersecurity evolution including public-private partnerships and AI impact. The post Bruce Byrd on Public-Private Partnerships in Cybersecurity appeared first on Palo Alto Networks Blog. This article has been indexed from Palo Alto Networks Blog…
New whitepaper outlines the taxonomy of failure modes in AI agents
Read the new whitepaper from the Microsoft AI Red Team to better understand the taxonomy of failure mode in agentic AI. The post New whitepaper outlines the taxonomy of failure modes in AI agents appeared first on Microsoft Security Blog.…
Blue Shield Leaked Millions of Patient Info to Google for Years
Blue Shield of California exposed the health data of 4.7 million members to Google for years due to… This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto Read the original article: Blue Shield…
Weaponized SVG Files Used by Threat Actors to Redirect Users to Malicious Sites
Cybercriminals are increasingly weaponizing Scalable Vector Graphics (SVG) files to orchestrate sophisticated phishing campaigns. According to research from Intezer, a cybersecurity firm that triages millions of alerts for enterprises globally, attackers are embedding malicious JavaScript within SVG files to redirect…
Hackers Exploit Ivanti Connect Secure 0-Day to Deploy DslogdRAT and Web Shell
Threat actors exploited a zero-day vulnerability in Ivanti Connect Secure, identified as CVE-2025-0282, to deploy malicious tools including a web shell and a sophisticated remote access trojan (RAT) named DslogdRAT. According to a detailed analysis by JPCERT/CC, these attacks underscore…
New Steganography Campaign Exploits MS Office Vulnerability to Distribute AsyncRAT
A recently uncovered cyberattack campaign has brought steganography back into the spotlight, showcasing the creative and insidious methods attackers employ to deliver malware. This operation, dubbed the “Stego-Campaign,” exploits a known Microsoft Office vulnerability, CVE-2017-0199, to initiate infections and ultimately…
Threat Actors Exploiting Unsecured Kubernetes Clusters for Crypto Mining
In a startling revelation from Microsoft Threat Intelligence, threat actors are increasingly targeting unsecured Kubernetes clusters to conduct illicit activities such as cryptomining. The dynamic and complex nature of containerized environments poses significant challenges for security teams in detecting runtime…
ToyMaker Hackers Compromise Numerous Hosts via SSH and File Transfer Tools
In a alarming cybersecurity breach uncovered by Cisco Talos in 2023, a critical infrastructure enterprise fell victim to a meticulously orchestrated attack involving multiple threat actors. The initial access broker, identified as “ToyMaker” with medium confidence as a financially motivated…