IT Security News Daily Summary 2025-07-18

164 posts were published in the last hour

• 21:32 : My favorite lens and screen-cleaning kit keeps my tech spotless, and it only costs $8
• 21:32 : AI’s biggest impact on your workforce is still to come – 3 ways to avoid getting left behind
• 21:32 : Authorities released free decryptor for Phobos and 8base ransomware
• 21:2 : How to Expose IBM FS Cloud Container App to Public
• 21:2 : Europe’s General-Purpose AI Rulebook: What’s Covered & Which Tech Giants Signed It
• 20:34 : Chinese Threat Actors Operate 2,800 Malicious Domains to Distribute Windows Malware
• 20:34 : Europe’s New AI Rulebook Just Dropped: Here’s What It Means
• 20:34 : Google Sued BadBox 2.0 Malware Botnet Operators That Infects 10 Million+ Devices
• 20:5 : IT Security News Hourly Summary 2025-07-18 21h : 5 posts
• 20:2 : New Veeam-Themed Phishing Attack Uses Weaponized WAV File to Target Users
• 19:37 : Vulnerable to Bulletproof: Protect TLS via Certificate Posture Management
• 19:37 : Optimizing Government Websites for Peak Traffic Events
• 19:37 : Lumma Infostealer Steals Browser Data and Sells It as Logs on Underground Markets
• 19:36 : Ivanti Zero-Days Exploited to Drop MDifyLoader and Launch In-Memory Cobalt Strike Attacks
• 19:36 : UNG0002 Group Hits China, Hong Kong, Pakistan Using LNK Files and RATs in Twin Campaigns
• 19:36 : China’s Massistant Tool Secretly Extracts SMS, GPS Data, and Images From Confiscated Phones
• 19:7 : New Surge of Crypto-Jacking Hits Over 3,500 Websites
• 19:7 : AI-Driven Threat Hunting: Catching Zero Day Exploits Before They Strike
• 19:7 : What is biometric authentication?
• 19:7 : How to create a risk management plan: Template, key steps
• 19:7 : A surveillance vendor was caught exploiting a new SS7 attack to track people’s phone locations
• 19:7 : New Wave of Crypto-Hijacking Infects 3,500+ Websites
• 19:7 : Google Sues the Operators Behind the BadBox 2.0 Botnet
• 18:32 : Fancy Bear Hackers Target Governments and Military Entities with Advanced Tools
• 18:32 : I changed 12 settings on my Apple TV to instantly improve the performance
• 18:5 : Snake Keylogger Bypasses Windows Defender and Uses Scheduled Tasks to Steal Credentials
• 18:5 : Burn that List: Smarter Use of Allowlists and Denylists in Multi-Tenant Systems
• 18:5 : The OnePlus 12 was already our favorite Android deal – and now it’s $300 off
• 18:4 : CISA Adds One Known Exploited Vulnerability to Catalog
• 17:32 : US Congress Passes Stablecoin Bill
• 17:32 : PoisonSeed Tricking Users Into Bypassing FIDO Keys With QR Codes
• 17:5 : IT Security News Hourly Summary 2025-07-18 18h : 7 posts
• 17:3 : A Leader in the 2025 Gartner Magic Quadrant for EPP — 3 Years Running
• 17:3 : Meta execs pay the pain away with $8 billion privacy settlement
• 17:3 : Ukraine Pwns Russian Drone Maker — Gaskar is ‘Paralyzed’
• 17:3 : Asia is a Major Hub For Cybercrime, And AI is Poised to Exacerbate The Problem
• 17:2 : Microsoft at Black Hat USA 2025: A unified approach to modern cyber defense
• 16:32 : Securing Tomorrow: An Interview with Trend Micro VP of Product Management Michael Habibi
• 16:32 : The best MagSafe accessories of 2025 for your new iPhone
• 16:32 : Is your Ring camera showing strange logins? Here’s what’s going on
• 16:32 : OpenAI’s ChatGPT Agent Can Create Your Spreadsheets and Presentations
• 16:32 : How China’s Patriotic ‘Honkers’ Became the Nation’s Elite Cyberspies
• 16:5 : I ran with Samsung’s Galaxy Watch 8 Classic, and it both humbled and motivated me
• 16:5 : You can finally move Chrome’s address bar on Android – here’s how
• 16:5 : How China’s Patriotic ‘Honkers’ Became the Nation’s Elite Cyber Spies
• 15:39 : Best travel VPNs 2025: Expert-tested for streaming and bypassing country blocks
• 15:39 : The Challenges of Operationalizing Threat Intelligence
• 15:39 : Why Major Companies Are Still Falling to Basic Cybersecurity Failures
• 15:39 : CISA Issues Advisories on Critical ICS Vulnerabilities Across Multiple Sectors
• 15:7 : Employee Spotlight: Getting to Know Sandy Venkataraman
• 15:7 : NordPass vs. Bitwarden: Which password manager is best?
• 15:7 : Fancy Bear Hackers Attacking Governments, Military Entities With New Sophisticated Tools
• 14:8 : iPadOS 26 is turning my iPad Air into the ultraportable laptop it was meant to be
• 14:8 : Wacom says its new drawing tablet needs no setup and has a pen that can’t die
• 14:7 : NVIDIA Issues Advisory After Demo of First Rowhammer Attack on GPUs
• 14:7 : Microsoft Defender for Office 365 Launches New Dashboard for Enhanced Threat Vector Insights
• 14:7 : Threat Actors Weaponizing GitHub Accounts To Host Payloads, Tools and Amadey Malware Plug-Ins
• 14:7 : Ubiquiti UniFi Devices Vulnerability Allows Attackers to Inject Malicious Commands
• 14:7 : Sophos Intercept X for Windows Vulnerabilities Enable Arbitrary Code Execution
• 14:7 : Threat Actors Exploiting Ivanti Connect Secure Vulnerabilities to Deploy Cobalt Strike Beacon
• 14:7 : As companies race to add AI, terms of service changes are going to freak a lot of people out
• 14:7 : In Other News: Law Firm Hacked by China, Symantec Flaw, Meta AI Hack, FIDO Key Bypass
• 14:6 : Google Gemini Exploit Enables Covert Delivery of Phishing Content
• 14:6 : Hidden Crypto Mining Operation Found in Truck Tied to Village Power Supply
• 14:5 : IT Security News Hourly Summary 2025-07-18 15h : 13 posts
• 13:35 : New QR Code Attacks Through PDFs Bypass Detection and Steal Credentials
• 13:35 : Practical Steps to Secure the Software Supply Chain End to End
• 13:34 : Corporate blog: Employee Spotlight: Getting to Know Sandy Venkataraman
• 13:34 : I swapped my Apple Watch Ultra for this big-screen Garmin that’s easier to read
• 13:34 : NailaoLocker Ransomware’s “Cheese”
• 13:5 : Google Sues BadBox 2.0 Botnet Operators Behind 10 Million+ Infected Devices
• 13:5 : Sophos Intercept X for Windows Flaws Enable Arbitrary Code Execution
• 13:5 : Salesforce used AI to cut support load by 5% — but the real win was teaching bots to say ‘I’m sorry’
• 13:5 : Email Protection Startup StrongestLayer Emerges From Stealth Mode
• 13:4 : Summer Vacation Alert Surfaces More Than 5 Million Unsecured Wi-Fi Networks
• 13:4 : Russia Linked to New Malware Targeting Email Accounts for Espionage
• 12:39 : Microsoft Defender for Office 365 Gets Enhanced Threat Dashboard
• 12:39 : Ubiquiti UniFi Vulnerability Lets Hackers Inject Malicious Commands
• 12:38 : Grafana Flaws Allow User Redirection and Code Execution in Dashboards
• 12:38 : How to build a cybersecurity team to maximize business impact
• 12:38 : CISO role in ASM could add runtime security, tokenization
• 12:38 : Anne Arundel Dermatology data breach impacts 1.9 million people
• 12:5 : Microsoft Details Scattered Spider TTPs Observed in Recent Attack Chains
• 12:5 : Critical MCP Vulnerabilities are Slipping Through the Cracks
• 12:5 : Cambodia Arrests More Than 1,000 in Cyberscam Crackdown
• 12:5 : New “LameHug” Malware Deploys AI-Generated Commands
• 11:35 : Years Long Linux Cryptominer Spotted Using Legit Sites to Spread Malware
• 11:35 : Threat Actors Exploit Ivanti Connect Secure Flaws to Deploy Cobalt Strike Beacon
• 11:34 : The best Sony TVs of 2025: Expert tested and reviewed
• 11:34 : New Mobile Phone Forensics Tool
• 11:34 : 1.4 Million Affected by Data Breach at Virginia Radiology Practice
• 11:34 : Fortinet FortiWeb Flaw Exploited in the Wild After PoC Publication
• 11:34 : From Backup to Cyber Resilience: Why IT Leaders Must Rethink Backup in the Age of Ransomware
• 11:34 : Critical NVIDIA Container Toolkit Flaw Allows Privilege Escalation on AI Cloud Services
• 11:34 : Google Sues 25 Chinese Entities Over BADBOX 2.0 Botnet Affecting 10M Android Devices
• 11:5 : Fraud: A Growth Industry Powered by Gen-AI
• 11:5 : IT Security News Hourly Summary 2025-07-18 12h : 6 posts
• 10:37 : Hackers Exploit ClickFix Tactics to Spread NetSupport RAT, Latrodectus, and Lumma Stealer
• 10:37 : LameHug: first AI-Powered malware linked to Russia’s APT28
• 10:37 : BIND 9 Vulnerabilities Expose Organizations to Cache Poisoning and DoS Attacks
• 10:37 : Hackers are Using ClickFix Techniques to Deliver NetSupport RAT, Latrodectus and Lumma Stealer Malware
• 10:37 : New WAFFLED Attack Exploits AWS, Azure, Cloud Armor, Cloudflare, and ModSecurity WAFs
• 10:37 : Signal App Clone TeleMessage Vulnerability May Leak Passwords; Hackers Exploiting It
• 10:37 : CISA Releases 3 ICS Advisories Covering Vulnerabilities and Exploits
• 10:36 : CitrixBleed 2: 100 Organizations Hacked, Thousands of Instances Still Vulnerable
• 10:5 : WAFFLED: New Technique Targets Web Application Firewall Weaknesses
• 10:5 : Microsoft Uncovers Scattered Spider Tactics, Techniques, and Procedures in Recent Attacks
• 10:5 : Lenovo Protection Driver Flaw Enables Privilege Escalation and Code Execution
• 10:5 : The best Apple Watch of 2025: Here’s the best smartwatch for you
• 9:37 : Threat Actors Exploit GitHub Accounts to Host Payloads, Tools, and Amadey Malware Plugins
• 9:36 : 5 Features Every AI-Powered SOC Platform Needs in 2025
• 9:36 : Google Sues Operators of 10-Million-Device Badbox 2.0 Botnet
• 9:5 : Best VPN services 2025: The fastest VPNs with the best networks, ranked
• 9:5 : How a circuit breaker finder helped me map my home’s wiring (and why that matters)
• 9:5 : The best free email marketing software of 2025: Expert tested
• 9:4 : Critical Nvidia Toolkit Flaw Exposes AI Cloud Services to Hacking
• 8:37 : Russian Vodka Maker Beluga Struck by Ransomware Attack
• 8:36 : Broadcom patches critical VMware flaws exploited at Pwn2Own Berlin 2025
• 8:36 : Retail Becomes New Target as Healthcare Ransomware Attacks Slow
• 8:36 : AI-Generated Lcryx Ransomware Discovered in Cryptomining Botnet
• 8:5 : Veeam Phishing via Wav File, (Fri, Jul 18th)
• 8:5 : 10 Best XDR (Extended Detection & Response) Solutions 2025
• 8:5 : CISA Publishes 13 ICS Security Advisories on Critical Flaws
• 8:5 : ‘Daemon Ex Plist’ Vulnerability Grants Root Access on macOS
• 8:5 : I tested a ‘de-Googled’ tablet without all the bloatware – and it was beyond refreshing
• 8:5 : This MSI handheld could replace my gaming laptop, and not just for its more portable design
• 8:5 : I tested a Bluetooth tracker for iOS and Android, and its safety features are top-tier
• 8:5 : Anne Arundel Dermatology Data Breach Impacts 1.9 Million People
• 8:5 : IT Security News Hourly Summary 2025-07-18 09h : 7 posts
• 7:32 : The Apple Watch Ultra 2 is the premium smartwatch I prefer – here’s why
• 7:32 : You can save $150 on the OnePlus 13 right now – but hurry, because this deal won’t last long
• 7:32 : This physical Clicks keyboard is the Pixel 9 upgrade I didn’t know I needed
• 7:32 : I tested HP’s new EliteBook X G1i, and it’s a featherweight champ in the office
• 7:32 : Reduce risk in Kubernetes: How to separate admin roles for safer, compliant operations
• 7:32 : Taiwan semiconductor sector hacked, Salt Typhoon breaches National Guard, Congress ponders Stuxnet
• 7:4 : This Android wearable lasts for days, and left my Samsung Galaxy Watch in the dust
• 7:4 : Settlement Reached in Investors’ Lawsuit Against Meta CEO Mark Zuckerberg and Other Company Leaders
• 7:4 : Cybersecurity Today: DNS Malware, SonicWall Backdoor, Military Breach, and BigONE Crypto Hack
• 6:35 : Signal App Clone Vulnerability Actively Exploited for Password Theft
• 6:35 : Microsoft Entra ID Vulnerability Let Attackers Escalate Privileges to Global Admin Role
• 6:35 : Why we must go beyond tooling and CVEs to illuminate security blind spots
• 6:35 : Strata Identity provides identity guardrails and observability for AI agents
• 6:5 : Microsoft Entra ID Flaw Enables Privilege Escalation to Global Admin
• 6:4 : BIND 9 Vulnerabilities Enable Cache Poisoning and Service Disruption
• 6:4 : Making security and development co-owners of DevSecOps
• 5:5 : IT Security News Hourly Summary 2025-07-18 06h : 1 posts
• 5:4 : Hackers Abuse DNS Blind Spots to Stealthily Deliver Malware
• 5:4 : AI adoption is booming but secure scaling not so much
• 4:36 : Buy Now, Pay Later… with your data
• 4:4 : New infosec products of the week: July 18, 2025
• 2:4 : ISC Stormcast For Friday, July 18th, 2025 https://isc.sans.edu/podcastdetail/9532, (Fri, Jul 18th)
• 2:4 : Too many open browser tabs? This is still my favorite solution – and has been for years
• 2:4 : This new browser won’t monetize your every move – how to try it
• 1:34 : Poor Passwords Tattle on AI Hiring Bot Maker Paradox.ai
• 0:3 : Check Point Unveils Quantum Spark 2500 Series, Bringing Enterprise-Level Security and Advanced Connectivity to SMBs
• 23:36 : Google sues 25 alleged BadBox 2.0 botnet operators, all of whom are in China
• 23:36 : From Cloudflare Bypass to Credit Card Theft
• 23:5 : IT Security News Hourly Summary 2025-07-18 00h : 6 posts
• 23:4 : Scattered Spider Cyber Gang Now Targeting Airlines With Ransomware, Microsoft Warns
• 22:55 : IT Security News Daily Summary 2025-07-17
• 22:38 : Cloud Cost Conundrum: Rising Expenses Hinder AI Innovation in Europe
• 22:38 : New TeleMessage SGNL Flaw Is Actively Being Exploited by Attackers
• 22:38 : Google Reveals How a Hacker Exploits SonicWall Hardware Using OVERSTEP Backdoor
• 22:38 : How to calculate cybersecurity ROI for CEOs and boards