In this Help Net Security interview, Sean Cordero, CISO at Zscaler, talks about securing hybrid work and the new challenges it presents to cybersecurity teams. He discusses how hybrid work has exposed gaps in traditional security models while offering advice…
OPNsense 25.1 Released, What’s New!
The highly anticipated release of OPNsense 25.1 has officially arrived! Nicknamed “Ultimate Unicorn,” this update marks a significant milestone for the open-source firewall platform, celebrating its decade-long journey of innovation, security, and reliable performance. Packed with exciting features, new integrations,…
ExtensionHound: Open-source tool for Chrome extension DNS forensics
Traditional monitoring tools reveal only traffic from the Chrome process, leaving security teams uncertain about which extension is responsible for a suspicious DNS query. ExtensionHound solves this by analyzing Chrome’s internal network state and linking DNS activity to specific extensions.…
DeepSeek AI data under scrutiny as Microsoft investigates OpenAI data steal
DeepSeek AI, a Chinese chatbot service that recently gained traction on the Apple App Store, is now in the spotlight due to allegations of unauthorized data access from Microsoft-backed OpenAI. According to sources familiar with the situation, DeepSeek AI’s founder,…
DeepSeek is Now Available With Microsoft Azure AI Foundry
Microsoft has officially added DeepSeek R1, an advanced AI model, to its Azure AI Foundry and GitHub Model Catalog. This move places DeepSeek R1 among a curated selection of over 1,800 AI models, spanning open-source, task-specific, and industry-focused solutions. Businesses…
89% of AI-powered APIs rely on insecure authentication mechanisms
APIs have emerged as the predominant attack surface over the past year, with AI being the biggest driver of API security risks, according to Wallarm. “Based on our findings, what is clear is that API security is no longer just…
IT Security News Hourly Summary 2025-01-30 06h : 2 posts
2 posts were published in the last hour 4:35 : DeepSeek Database Leaked – Full Control Over DB Secret keys, Logs & Chat History Exposed 4:35 : How to use Hide My Email to protect your inbox from spam
DeepSeek Database Leaked – Full Control Over DB Secret keys, Logs & Chat History Exposed
A security vulnerability in DeepSeek, a prominent Chinese AI startup, exposed a publicly accessible ClickHouse database containing highly sensitive information, including over a million lines of log streams. The breach, which included chat logs, API keys, backend details, and operational…
How to use Hide My Email to protect your inbox from spam
Hide My Email is a service that comes with iCloud+, Apple’s subscription-based service. It allows users to generate one-time-use or reusable email addresses that forward messages to their personal inbox without ever revealing their actual email address. This means it…
ISC Stormcast For Thursday, January 30th, 2025 https://isc.sans.edu/podcastdetail/9302, (Thu, Jan 30th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Thursday, January 30th, 2025…
Alibaba’s Qwen 2.5-Max: The AI Marathoner Outpacing DeepSeek and Catching OpenAI’s Shadow
Discover how Alibaba’s Qwen 2.5-Max AI model with Mixture-of-Experts architecture outperforms DeepSeek V3 in key benchmarks, challenges OpenAI, and revolutionizes healthcare, finance, and content creation. Explore technical breakthroughs and industry implications. The post Alibaba’s Qwen 2.5-Max: The AI Marathoner Outpacing…
Operation Talent: FBI Seizes Nulled.to, Cracked.to, Sellix.io and more
The FBI has seized Nulled.to, Cracked.to, Sellix.io, and StarkRDP.io in Operation Talent, targeting cybercrime forums and illicit marketplaces.… This article has been indexed from Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News Read the original article: Operation Talent: FBI…
DeepSeek helps speed up threat detection while raising national security concerns
DeepSeek and its R1 model aren’t wasting any time rewriting the rules of cybersecurity AI in real-time. Enterprises can’t ignore this risk. This article has been indexed from Security News | VentureBeat Read the original article: DeepSeek helps speed up…
IT Security News Hourly Summary 2025-01-30 03h : 2 posts
2 posts were published in the last hour 1:32 : Wacom says crooks probably swiped customer credit cards from its online checkout 1:8 : Going (for) broke: 6 common online betting scams and how to avoid them
Wacom says crooks probably swiped customer credit cards from its online checkout
Digital canvas slinger indicates dot-com was skimmed for over a month Graphics tablet maker Wacom has warned customers their credit card details may well have been stolen by miscreants while they were buying stuff from its website.… This article has…
Going (for) broke: 6 common online betting scams and how to avoid them
Don’t roll the dice on your online safety – watch out for bogus sports betting apps and other traps commonly set by scammers This article has been indexed from WeLiveSecurity Read the original article: Going (for) broke: 6 common online…
ASRM: A New Pillar for Cyber Insurance Underwriting
ASRM transforms cyber insurance underwriting by integrating real-time risk assessments, advanced tools (NDR, EDR, Cloud Security, MDR), and proactive mitigation strategies to improve accuracy, reduce claims, and build trust. This article has been indexed from Trend Micro Research, News and…
Dario Amodei challenges DeepSeek’s $6 million AI narrative: What Anthropic thinks about China’s latest AI move
Anthropic co-founder Dario Amodei reveals DeepSeek’s Chinese AI breakthrough actually cost billions, not $6 million, challenging market narratives and explaining why AI development remains resource-intensive despite engineering improvements. This article has been indexed from Security News | VentureBeat Read the…
Guess who left a database wide open, exposing chat logs, API keys, and more? Yup, DeepSeek
Oh someone’s in DeepShi… China-based AI biz DeepSeek may have developed competitive, cost-efficient generative models, but its cybersecurity chops are another story.… This article has been indexed from The Register – Security Read the original article: Guess who left a…
North Koreans clone open source projects to plant backdoors, steal credentials
Stealing crypto is so 2024. Supply-chain attacks leading to data exfil pays off better? North Korea’s Lazarus Group compromised hundreds of victims across the globe in a massive secret-stealing supply chain attack that was ongoing as of earlier this month,…
Lazarus Group cloned open source projects to plant backdoors, steal credentials
Stealing crypto is so 2024. Supply-chain attacks leading to data exfil pays off better? North Korea’s Lazarus Group compromised hundreds of victims across the globe in a massive secret-stealing supply chain attack that was ongoing as of earlier this month,…
CL-STA-0048: An Espionage Operation Against High-Value Targets in South Asia
A Chinese-linked espionage campaign targeted entities in South Asia using rare techniques like DNS exfiltration, with the aim to steal sensitive data. The post CL-STA-0048: An Espionage Operation Against High-Value Targets in South Asia appeared first on Unit 42. This…
IT Security News Hourly Summary 2025-01-30 00h : 4 posts
4 posts were published in the last hour 22:55 : IT Security News Daily Summary 2025-01-29 22:34 : Hackers are hijacking WordPress sites to push Windows and Mac malware 22:20 : Russian UAC-0063 Targets Europe and Central Asia with Advanced…
IT Security News Daily Summary 2025-01-29
210 posts were published in the last hour 22:34 : Hackers are hijacking WordPress sites to push Windows and Mac malware 22:20 : Russian UAC-0063 Targets Europe and Central Asia with Advanced Malware 22:20 : Exposed DeepSeek Database Revealed Chat…