A new ransomware group, SecP0, has emerged on the cybercrime landscape, adopting a novel and deeply concerning tactic: demanding ransom payments not for encrypted data, but for undisclosed software vulnerabilities. This shift in strategy represents a significant evolution in ransomware…
Two Hackers Arrested for Stealing Taylor Swift Era Concert Tickets Worth $600k
In a sophisticated cybercrime operation targeting high-demand events, two individuals were arrested this week for allegedly orchestrating a $600,000 ticket theft scheme involving Taylor Swift’s Eras Tour and other major concerts. Queens District Attorney Melinda Katz revealed that Tyrone Rose,…
AI, Web Scraping and the Transformation of Data Privacy: What the EDPB’s Rulings Mean for Businesses
Web scraping is no longer just about collecting raw data. AI transforms this data, embedding it into machine learning models that can generate insights, predict behaviors and even infer new information about individuals in ways that were never intended when…
New Malware ‘Desert Dexter’ Hits Over 900 Victims Worldwide
A newly discovered malicious campaign dubbed “Desert Dexter” has infected approximately 900 victims across multiple countries, primarily in the Middle East and North Africa. The Positive Technologies Expert Security Center (PT ESC) uncovered the operation, which has been active since…
Probationary firing protest, hacker names frustration, conversational scam detector
Former top NSA cyber official protests probationary firings Differing names for hackers hinders law enforcement, says security agent Google releases AI scam detection for Android to fight conversational fraud Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader…
Mehr Sicherheit mit Cloud
Cloud-Lösungen sind eine zukunftsfähige Möglichkeit, um die wachsenden Datenmengen sicher zu verarbeiten und zu speichern, unter anderem durch hybride Modelle. Andreas Flemming von Genetec gibt einen Einblick in aktuelle Entwicklungen. Dieser Artikel wurde indexiert von Newsfeed Lesen Sie den originalen…
Anklageerhebung: Junger Berliner wegen großen Phishing-Betrugs vor Gericht
Ein 21-jähriger Berliner steht in einem Strafverfahren wegen mutmaßlicher Phishing-Aktivitäten vor Gericht. (Phishing, Security) Dieser Artikel wurde indexiert von Golem.de – Security Lesen Sie den originalen Artikel: Anklageerhebung: Junger Berliner wegen großen Phishing-Betrugs vor Gericht
LibreOffice Flaw Allows Attackers to Run Arbitrary Scripts via Macro URL
A significant security vulnerability in LibreOffice, designated as CVE-2025-1080, has been patched in versions 24.8.5 and 25.2.1, released on March 4, 2025. The flaw, which allowed attackers to execute arbitrary scripts through manipulated macro URLs, posed a severe risk to…
Critical IDOR Vulnerabilities in ZITADEL Let Hackers Modify Key Settings
Security researchers have disclosed critical Insecure Direct Object Reference (IDOR) vulnerabilities in ZITADEL’s administration interface that expose organizations to account takeover risks and unauthorized configuration changes. Tracked as CVE-2025-27507 with a CVSS v3.1 score of 9.1/10, these flaws allow authenticated users without proper permissions…
Google Announces GoStringUngarbler Tool to Decrypt Go Based Malware
In a landmark development for cybersecurity infrastructure, Google’s Mandiant subsidiary has unveiled GoStringUngarbler – an open-source deobfuscation framework designed to neutralize advanced string encryption techniques in Go-based malware. This innovation specifically targets binaries obfuscated using garble, an increasingly prevalent obfuscation…
15 Best Patch Management Tools In 2025
Patch management tools are essential for maintaining the security and efficiency of IT systems in 2025. These tools automate the process of identifying, testing, and deploying software updates and security patches across various operating systems and applications. Top contenders in…
50 World’s Best Cyber Security Companies – 2025
Cybersecurity has transformed from a niche technical field into a critical business priority that shapes organizational strategies worldwide. As we navigate through 2025, the cybersecurity industry continues to expand in response to increasingly sophisticated threats, digital transformation initiatives, and regulatory requirements. The global cybersecurity market is…
BreachRx Brings Generative AI to Security Incident Management
BreachRx this week added generative artificial intelligence (GenAI) capabilities to a security incident platform that promises to streamline workflows across all the stakeholders that need to collaborate. The post BreachRx Brings Generative AI to Security Incident Management appeared first on…
IT Security News Hourly Summary 2025-03-06 09h : 1 posts
1 posts were published in the last hour 7:32 : SecP0 Ransomware Gang Threatens to Expose Critical Vulnerabilities
SecP0 Ransomware Gang Threatens to Expose Critical Vulnerabilities
A new ransomware collective dubbed SecP0 has emerged with a disruptive strategy that diverges sharply from conventional cybercriminal playbooks. Unlike traditional ransomware groups that focus on encrypting data or threatening to leak stolen information, SecP0 is now demanding ransoms in exchange for withholding…
Malicious Android App on Google Play Compromises 220,000+ Devices
Security researchers at ThreatLabz recently uncovered a sophisticated malware campaign operating through the Google Play Store, leveraging a seemingly benign application to distribute the Anatsa banking trojan (also known as TeaBot). The malicious app, disguised as a file manager and…
12 Chinese Hackers Charged For Cyber Attacks on U.S Treasury
The U.S. Department of Justice (DOJ) unsealed indictments today against 12 Chinese nationals linked to state-sponsored cyber espionage campaigns targeting the U.S. Treasury Department, religious organizations, media outlets, and critical infrastructure. The charges reveal an extensive, decade-long operation leveraging advanced…
Bybit Hot Wallet Exploit for Malicious Transaction – Technical Analysis Released
Researchers uncovered one of the most technically sophisticated attacks in cryptocurrency history, exploiting Bybit’s Ethereum hot wallet infrastructure through a malicious proxy contract upgrade. The breach, attributed to North Korea’s Lazarus Group via blockchain fingerprinting, resulted in the theft of…
U.S. Charges 12 Chinese Nationals in State-Backed Hacking Operations
The U.S. Department of Justice (DoJ) has announced charges against 12 Chinese nationals for their alleged participation in a wide-ranging scheme designed to steal data and suppress free speech and dissent globally. The individuals include two officers of the People’s…
Technical Analysis Released on Bybit Hot Wallet Exploit
Cryptocurrency exchange Bybit suffered a sophisticated smart contract exploit on February 21, 2025, resulting in the theft of 401,346.76 ETH (approximately $1.2 billion at the time of the incident). The attack vector leveraged advanced proxy contract manipulation through malicious delegatecall…
How to prevent data leakage in collaboration tools like Slack and Teams
In recent years, collaboration tools have become an absolute necessity for remote and hybrid work. This primarily increased during the COVID-19 pandemic due to the impossibility of communicating in person. So, tools like Slack, Microsoft Teams, and Zoom surged in…
Typosquatted Go Packages Distribute Malware Loader Targeting Linux and macOS
Researchers from Socket have identified an ongoing campaign involving at least seven typosquatted Go packages. These packages impersonate well-known Go libraries and are designed to deploy loader malware on Linux and macOS systems. Typosquatted packages are malicious software components designed…
41,500+ VMware ESXi Instances Vulnerable to Code Execution Attacks
Shadowserver observed that 41,500+ internet-exposed VMware ESXi hypervisors as of March 4, 2025, are vulnerable to CVE-2025-22224, a critical zero-day vulnerability actively exploited in attacks. Broadcom patched the vulnerability in an emergency update. It enables attackers with local administrative access…
The CISO’s bookshelf: 10 must-reads for security leaders
Discover essential reads for CISOs in this curated list of books covering cybersecurity leadership, risk management, zero trust, board communication, and more. Why CISOs Fail, 2nd Edition Author: Barak Engel Barak Engel expands on the ideas from his original 2017…