The FBI, America’s federal law enforcement agency, has issued an urgent warning to all Gmail users about an ongoing hacking campaign carried out by the operators of Medusa Ransomware. According to the FBI, this cybercriminal group is notorious for encrypting…
Decrypting Akira Ransomware on Linux/ESXi Without Paying Hackers
A team successfully decrypted an instance of the Akira ransomware on Linux/ESXi systems without succumbing to the hackers’ demands. This achievement not only underscores the ingenuity of cybersecurity experts but also serves as a powerful message to those who rely…
Volt Typhoon Found Inside Massachusetts Electric Utility for Nearly a Year
Industrial cybersecurity firm Dragos has revealed that a small electric and water utility in Massachusetts was breached by a sophisticated Chinese Advanced Persistent Threat (APT) group for over 300 days. The attack targeted Littleton Electric Light and Water Departments (LELWD),…
OpenAI Pushes for Federal-Only AI Regulation
OpenAI has officially called on US lawmakers to exempt it from complying with state-level AI regulations, instead urging a unified approach under federal AI rules. It argues that a consistent, nationwide framework is critical to maintain US leadership in AI…
Top 5 threats keeping CISOs up at night in 2025
Cyber threats in 2025 require a proactive, adaptive approach. To stay ahead, CISOs must balance technical defenses, regulatory expectations, and human factors. By prioritizing AI-driven security, ransomware resilience, supply chain risk management, insider threat mitigation, and compliance preparedness, CISOs can…
OBSCURE#BAT Malware Uses Fake CAPTCHA Pages to Deploy Rootkit r77 and Evade Detection
A new malware campaign has been observed leveraging social engineering tactics to deliver an open-source rootkit called r77. The activity, condemned OBSCURE#BAT by Securonix, enables threat actors to establish persistence and evade detection on compromised systems. It’s currently not known…
Guardz Reveals Details of an Ongoing Phishing Campaign Exploiting Microsoft 365 Infrastructure
The cybersecurity company empowering MSPs to secure small businesses identified a highly sophisticated Microsoft 365 tenant brand manipulation and disrupted its use against their customers. Guardz, the cybersecurity company empowering MSPs and IT professionals to deliver comprehensive, AI-native cyber protection…
New Cyber Attack Targets PyPI Users to Steal Cloud Tokens and Sensitive Data
A recent discovery by ReversingLabs researchers has unveiled a malicious cyber attack targeting the Python Package Index (PyPI) users, a popular platform for Python developers. This sophisticated campaign involves malicious packages masquerading as time-related utilities, but are designed to steal…
NHS Investigates Alleged API Flaw That May Have Exposed Patient Data
The NHS is investigating claims made by a whistleblower regarding a security flaw at Medefer, an online healthcare provider working with the NHS. The whistleblower alleged that a flaw in the company’s application programming interface (API) exposed NHS patient data.…
Top 10 Best Cyber Attack Simulation Tools – 2025
Cyber attack simulation tools help organizations identify vulnerabilities, test security defenses, and improve their cybersecurity posture by simulating real-world attacks. These tools range from breach and attack simulation (BAS) platforms to adversary emulation frameworks. Here are some of the top…
One PUT Request to Own Tomcat: CVE-2025-24813 RCE is in the Wild
A devastating new remote code execution (RCE) vulnerability, CVE-2025-24813, is now actively exploited in the wild. Attackers need just one PUT API request to take over vulnerable Apache Tomcat servers. The exploit, originally published by a Chinese forum user iSee857,…
New infosec products of the week: March 14, 2025
Here’s a look at the most interesting products from the past week, featuring releases from Alloy, Detectify, Pondurance, and SimSpace. SimSpace Stack Optimizer allows organizations to measure their security technologies Stack Optimizer is designed to help organizations make informed, strategic…
94% of Wi-Fi networks lack protection against deauthentication attacks
A recent report from Nozomi Networks Labs, based on an analysis of over 500,000 wireless networks worldwide, reveals that only 6% are adequately protected against wireless deauthentication attacks. Most wireless networks, including those in mission-critical environments, remain highly exposed to…
What role do APIs play in automating NHI management?
Could API Automation Be The Missing Piece In Your NHI Management? One critical question stands out: Could the underutilized potential of API automation be the missing piece in your Non-Human Identities (NHI) management strategy? With the increasing complexity of cloud…
What security considerations should I keep in mind for NHI automation?
Why are Security Considerations Essential for Non-Human Identities Automation? The age of automation has dawned upon us. Automation carries the promise of immense business benefits, yet, it brings forth its own set of security challenges. For organizations heavily invested in…
How can I integrate automated NHI auditing into our pipeline?
How Can Automated NHI Auditing Enhance Your Cybersecurity Strategy? Is your organization struggling with managing the ever-increasing volume of Non-Human Identities (NHIs) within your IT infrastructure? The NHI universe comprises machine identities created by combining a unique identifier or ‘Secret’…
IT Security News Hourly Summary 2025-03-14 06h : 3 posts
3 posts were published in the last hour 4:35 : What is QR Code Phishing? (Quishing) – Attack & Prevention Guide in 2025 4:35 : 5 Ways to Prepare Your Data Estate for Copilot Adoption and Agentic AI 4:9 :…
What is QR Code Phishing? (Quishing) – Attack & Prevention Guide in 2025
QR code Phishing, or “Quishing,” is a cyber threat that exploits the widespread use of QR (Quick Response) codes in phishing attacks. Quishing takes advantage of the recent high-use volume and increasing popularity of QR codes. These codes, which can…
5 Ways to Prepare Your Data Estate for Copilot Adoption and Agentic AI
AI Copilots and Agentic AI (those capable of independently taking actions to achieve specified goals) remain the talk of the… The post 5 Ways to Prepare Your Data Estate for Copilot Adoption and Agentic AI appeared first on Symmetry Systems.…
Blockchain and cyber security
The global blockchain security market is projected to grow from an estimated US$20bn in 2024 to $250bn in the next five years as companies leverage the technology to enhance a variety of different processes, but this growth will also reshape…
Cybersecurity in the Age of Scarcity
Ditching ‘More People, More Controls’ for a Smarter Approach With all the layoffs happening in the federal government, the world of cybersecurity has not gone unscathed. At last count, more than 130 positions were cut from the Department of Homeland…
Accelerating Mergers and Acquisitions with Zero Trust Network Access (ZTNA)
Introduction Mergers and acquisitions (M&A) are critical growth strategies for businesses, but they come with significant IT and security challenges. A smooth transition requires the rapid integration of networks, secure access to applications, and the protection of sensitive data. Traditional…
The DevOps Threats Unwrapped: over 502 incidents and 955 hours of disruptions in GitHub, GitLab, Atlassian, and Azure DevOps
502 incidents, including 48 at the highest risk level, resulting in a total of 955 hours of major and critical disruptions – that’s 120 business days… These are the conclusions of The DevOps Threats Unwrapped report prepared by the GitProtect…
ISC Stormcast For Friday, March 14th, 2025 https://isc.sans.edu/podcastdetail/9364, (Fri, Mar 14th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Friday, March 14th, 2025…