Security researchers at Palo Alto Networks’ Unit 42 have uncovered a resurgence of the modular Bookworm malware in cyberattacks targeting government and diplomatic entities across Southeast Asia. The activity, attributed to the Chinese state-aligned threat actor Stately Taurus (also tracked…
SPAWNCHIMERA Malware Exploiting Ivanti Buffer Overflow Vulnerability By Applying A Fix
Ivanti disclosed a critical buffer overflow vulnerability (CVE-2025-0282) affecting its Connect Secure VPN appliances. This vulnerability, caused by improper handling of the strncpy function in the web server component, allowed attackers to execute arbitrary code remotely. JPCERT/CC confirmed multiple exploitation…
Pegasus Spyware Used Widely to Target Individuals in Private Industry & Finance Sectors
Pegasus spyware, once considered a tool for targeting journalists and activists—is now being deployed against executives in the private sector, including finance, real estate, and logistics. In a December 2024 investigation, 11 new Pegasus infections were detected among 18,000 devices…
Pegasus Spyware Now Targeting Business Executives and Financial Sector Professionals
The once-shadowy realm of Pegasus spyware has breached new frontiers, with forensic analyses revealing a stark pivot from targeting journalists and activists to infiltrating the private sector. In December 2024, mobile security firm iVerify detected 11 new Pegasus infections among…
Ivanti endpoint manager can become endpoint ravager, thanks to quartet of critical flaws
PoC exploit code shows why this is a patch priority Security engineers have released a proof-of-concept exploit for four critical Ivanti Endpoint Manager bugs, giving those who haven’t already installed patches released in January extra incentive to revisit their to-do…
Anzeige: 15 Prozent auf Security-Workshops – nur noch eine Woche
Security Awareness, First Response, Pentesting oder Cloud Security – nur noch eine Woche bietet die Golem Karrierewelt 15 Prozent Rabatt auf IT-Sicherheitsworkshops. (Golem Karrierewelt, Betriebssysteme) Dieser Artikel wurde indexiert von Golem.de – Security Lesen Sie den originalen Artikel: Anzeige: 15…
Genea Australia data breach and Black Basta Ransomware gang data leak
Genea IVF Australia Data Breach: A Detailed Account Genea Australia, a leading fertility service provider and one of the three largest in the country, has confirmed that it has fallen victim to a significant cyberattack, resulting in a data breach.…
Controlling Shadow AI: Protecting Knowledge Management from Cyber Threats
By 2025, the first major breach of a knowledge management generative artificial intelligence (Gen AI) solution chatbot will make global headlines. This will mark a turning point in cybersecurity for all industries. The widespread adoption of Gen AI-based business solutions…
Cybercriminals Leverage Google Tag Manager for Credit Card Data Theft
It is common for cybersecurity criminals to exploit vulnerabilities in Magento to inject an obfuscated script, which has been delivered through Google Tag Manager (GTM), into Magento-based eCommerce platforms, which allows them to intercept and steal credit card information…
How to secure Notes on iOS and macOS
Apple allows you to lock your notes using your iPhone passcode or a separate password, ensuring your private information stays protected across all your Apple devices, including iOS and macOS. Whether you’re using your iPhone, iPad, or Mac, here’s how…
Mastering the cybersecurity tightrope of protection, detection, and response
In this Help Net Security interview, Chester Wisniewski, Director and Global Field CISO at Sophos, discusses the shifting ransomware landscape, the risks posed by quantum decryption threats, and the role of vendor security validation. Wisniewski notes that cyber resilience is…
Baby, You Can Hack My Car: Upstream’s 2025 Automotive and Smart Mobility Cybersecurity Report
Cyberattacks in the automotive industry are on the rise. They’re also becoming more impactful. And the gap between the risk landscape and organizational resilience is growing. Automotive cybersecurity is at a critical moment, and the choice is clear: close the…
Google Released PoC Exploit For Palo Alto Firewall Command Injection Vulnerability
Google’s Project Zero and Mandiant cybersecurity teams have jointly published a proof-of-concept (PoC) exploit for a high-severity command injection vulnerability in Palo Alto Networks’ PAN-OS OpenConfig plugin. Tracked as CVE-2025-0110, the flaw allows authenticated administrators to execute arbitrary commands on…
IT Security News Hourly Summary 2025-02-21 06h : 3 posts
3 posts were published in the last hour 4:31 : New infosec products of the week: February 21, 2025 4:9 : New Active Directory Pentesting Tool For KeyCredentialLink Management 4:9 : Thailand ready to welcome 7,000 trafficked scam call center…
New infosec products of the week: February 21, 2025
Here’s a look at the most interesting products from the past week, featuring releases from 1Password, Fortinet, Pangea, Privacera, and Veeam Software. Fortinet enhances FortiAnalyzer to deliver accelerated threat hunting and incident response FortiAnalyzer offers a streamlined entry point to…
New Active Directory Pentesting Tool For KeyCredentialLink Management
RedTeamPentesting has unveiled a new tool, keycred, which offers a robust solution for managing KeyCredentialLinks in Active Directory (AD) environments. This command-line interface (CLI) tool and library implements the KeyCredentialLink structures as defined in section 2.2.20 of the Microsoft Active…
Thailand ready to welcome 7,000 trafficked scam call center victims back from Myanmar
It comes amid a major crackdown on the abusive industry that started during COVID Thailand is preparing to receive thousands of people rescued from scam call centers in Myanmar as the country launches a major crackdown on the pervasive criminal…
Windows Wi-Fi Password Stealer Malware Found Hosted on GitHub
A GitHub repository titled Windows-WiFi-Password-Stealer has surfaced, raising concerns among cybersecurity professionals. This repository, hosted by the user “cyberthirty,” provides a Python-based script capable of extracting saved WiFi credentials from Windows systems and saving them to a text file. While…
IT Security News Hourly Summary 2025-02-21 03h : 4 posts
4 posts were published in the last hour 1:32 : Life in the Swimlane with Gabriella Lopez, Senior Sales Development Representative 1:9 : ISC Stormcast For Friday, February 21st, 2025 https://isc.sans.edu/podcastdetail/9334, (Fri, Feb 21st) 1:9 : CISA Adds Two Known…
Life in the Swimlane with Gabriella Lopez, Senior Sales Development Representative
The post Life in the Swimlane with Gabriella Lopez, Senior Sales Development Representative appeared first on AI Security Automation. The post Life in the Swimlane with Gabriella Lopez, Senior Sales Development Representative appeared first on Security Boulevard. This article has…
ISC Stormcast For Friday, February 21st, 2025 https://isc.sans.edu/podcastdetail/9334, (Fri, Feb 21st)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Friday, February 21st, 2025…
CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-23209 Craft CMS Code Injection Vulnerability CVE-2025-0111 Palo Alto Networks PAN-OS File Read Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber…
Linux royalty backs adoption of Rust for kernel code, says its rise is inevitable
Nobody wants memory bugs. Penguinistas continue debate on how to squish ’em Some Linux kernel maintainers remain unconvinced that adding Rust code to the open source project is a good idea, but its VIPs are coming out in support of…
Cocospy – 1,798,059 breached accounts
In February 2025, the spyware service Cocospy suffered a data breach along with sibling spyware service, Spyic. The Cocospy breach alone exposed almost 1.8M customer email addresses which were provided to HIBP, and reportedly also enabled unauthorised access to captured…