Cisco has confirmed that a Chinese threat actor known as Salt Typhoon gained access by likely abusing a known security flaw tracked as CVE-2018-0171, and by obtaining legitimate victim login credentials as part of a targeted campaign aimed at major…
Category: EN
NioCorp BEC scam, Australian IVF breach, SEC’s cyber unit
Minerals company loses $500,000 to BEC scam Australian IVF provider investigating cyber incident SEC replaces cryptocurrency fraud unit with emerging tech team Thanks to today’s episode sponsor, Scrut Automation Scrut Automation allows compliance and risk teams of any size to…
CISA Releases 7 ICS Advisories Detailing Vulnerabilities & Exploits
The Cybersecurity and Infrastructure Security Agency (CISA) issued seven Industrial Control Systems (ICS) advisories detailing critical vulnerabilities in widely used systems. These advisories highlight critical vulnerabilities in ICS products from major vendors such ABB, Carrier, Siemens and Mitsubishi Electric, providing…
CISA Issues Seven ICS Advisories Highlighting Critical Vulnerabilities
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released seven Industrial Control Systems (ICS) advisories on February 20, 2025, addressing critical vulnerabilities in products from ABB, Siemens, Mitsubishi Electric, and other industrial technology providers. These advisories underscore escalating risks to…
Chinese Hackers Using New Bookworm Malware In Attacks Targeting Southeast Asia
Security researchers at Palo Alto Networks’ Unit 42 have uncovered a resurgence of the modular Bookworm malware in cyberattacks targeting government and diplomatic entities across Southeast Asia. The activity, attributed to the Chinese state-aligned threat actor Stately Taurus (also tracked…
SPAWNCHIMERA Malware Exploiting Ivanti Buffer Overflow Vulnerability By Applying A Fix
Ivanti disclosed a critical buffer overflow vulnerability (CVE-2025-0282) affecting its Connect Secure VPN appliances. This vulnerability, caused by improper handling of the strncpy function in the web server component, allowed attackers to execute arbitrary code remotely. JPCERT/CC confirmed multiple exploitation…
Pegasus Spyware Used Widely to Target Individuals in Private Industry & Finance Sectors
Pegasus spyware, once considered a tool for targeting journalists and activists—is now being deployed against executives in the private sector, including finance, real estate, and logistics. In a December 2024 investigation, 11 new Pegasus infections were detected among 18,000 devices…
Pegasus Spyware Now Targeting Business Executives and Financial Sector Professionals
The once-shadowy realm of Pegasus spyware has breached new frontiers, with forensic analyses revealing a stark pivot from targeting journalists and activists to infiltrating the private sector. In December 2024, mobile security firm iVerify detected 11 new Pegasus infections among…
Ivanti endpoint manager can become endpoint ravager, thanks to quartet of critical flaws
PoC exploit code shows why this is a patch priority Security engineers have released a proof-of-concept exploit for four critical Ivanti Endpoint Manager bugs, giving those who haven’t already installed patches released in January extra incentive to revisit their to-do…
Genea Australia data breach and Black Basta Ransomware gang data leak
Genea IVF Australia Data Breach: A Detailed Account Genea Australia, a leading fertility service provider and one of the three largest in the country, has confirmed that it has fallen victim to a significant cyberattack, resulting in a data breach.…
Controlling Shadow AI: Protecting Knowledge Management from Cyber Threats
By 2025, the first major breach of a knowledge management generative artificial intelligence (Gen AI) solution chatbot will make global headlines. This will mark a turning point in cybersecurity for all industries. The widespread adoption of Gen AI-based business solutions…
Cybercriminals Leverage Google Tag Manager for Credit Card Data Theft
It is common for cybersecurity criminals to exploit vulnerabilities in Magento to inject an obfuscated script, which has been delivered through Google Tag Manager (GTM), into Magento-based eCommerce platforms, which allows them to intercept and steal credit card information…
How to secure Notes on iOS and macOS
Apple allows you to lock your notes using your iPhone passcode or a separate password, ensuring your private information stays protected across all your Apple devices, including iOS and macOS. Whether you’re using your iPhone, iPad, or Mac, here’s how…
Mastering the cybersecurity tightrope of protection, detection, and response
In this Help Net Security interview, Chester Wisniewski, Director and Global Field CISO at Sophos, discusses the shifting ransomware landscape, the risks posed by quantum decryption threats, and the role of vendor security validation. Wisniewski notes that cyber resilience is…
Baby, You Can Hack My Car: Upstream’s 2025 Automotive and Smart Mobility Cybersecurity Report
Cyberattacks in the automotive industry are on the rise. They’re also becoming more impactful. And the gap between the risk landscape and organizational resilience is growing. Automotive cybersecurity is at a critical moment, and the choice is clear: close the…
Google Released PoC Exploit For Palo Alto Firewall Command Injection Vulnerability
Google’s Project Zero and Mandiant cybersecurity teams have jointly published a proof-of-concept (PoC) exploit for a high-severity command injection vulnerability in Palo Alto Networks’ PAN-OS OpenConfig plugin. Tracked as CVE-2025-0110, the flaw allows authenticated administrators to execute arbitrary commands on…
New infosec products of the week: February 21, 2025
Here’s a look at the most interesting products from the past week, featuring releases from 1Password, Fortinet, Pangea, Privacera, and Veeam Software. Fortinet enhances FortiAnalyzer to deliver accelerated threat hunting and incident response FortiAnalyzer offers a streamlined entry point to…
New Active Directory Pentesting Tool For KeyCredentialLink Management
RedTeamPentesting has unveiled a new tool, keycred, which offers a robust solution for managing KeyCredentialLinks in Active Directory (AD) environments. This command-line interface (CLI) tool and library implements the KeyCredentialLink structures as defined in section 2.2.20 of the Microsoft Active…
Thailand ready to welcome 7,000 trafficked scam call center victims back from Myanmar
It comes amid a major crackdown on the abusive industry that started during COVID Thailand is preparing to receive thousands of people rescued from scam call centers in Myanmar as the country launches a major crackdown on the pervasive criminal…
Windows Wi-Fi Password Stealer Malware Found Hosted on GitHub
A GitHub repository titled Windows-WiFi-Password-Stealer has surfaced, raising concerns among cybersecurity professionals. This repository, hosted by the user “cyberthirty,” provides a Python-based script capable of extracting saved WiFi credentials from Windows systems and saving them to a text file. While…