‘MirrorFace’ group found ways to run malware in the Windows sandbox, which is worrying Japan’s National Police Agency and Center of Incident Readiness and Strategy for Cybersecurity have confirmed third party reports of attacks on local orgs by publishing details…
Sara: Open-source RouterOS security inspector
Sara is an open-source tool designed to analyze RouterOS configurations and identify security vulnerabilities on MikroTik hardware. Sara’s main feature is using regular expressions as the primary analysis mechanism. This allows you to quickly and accurately process RouterOS configuration text…
GitLab CISO on proactive monitoring and metrics for DevSecOps success
In this Help Net Security interview, Josh Lemos, CISO at GitLab, talks about the shift from DevOps to DevSecOps, focusing on the complexity of building systems and integrating security tools. He shares tips for maintaining development speed, fostering collaboration, and…
Ivanti Flaw CVE-2025-0282 Actively Exploited, Impacts Connect Secure and Policy Secure
Ivanti is warning that a critical security flaw impacting Ivanti Connect Secure, Policy Secure, and ZTA Gateways has come under active exploitation in the wild beginning mid-December 2024. The security vulnerability in question is CVE-2025-0282 (CVSS score: 9.0), a stack-based…
Mirai Botnet Variant Exploits Zero-Day Vulnerabilities in Routers
Researchers observed the Gayfemboy botnet in early 2024 as a basic Mirai variant. Still, the botnet rapidly evolved through iterative development, including UPX polymorphic packing, integrating N-day vulnerabilities, and ultimately leveraging a 0-day vulnerability in Four-Faith industrial routers. By November…
Researchers Reveal Exploitation Techniques of North Korean Kimsuky APT Group
Since 2013, the advanced persistent threat (APT) known as Kimsuky, which the North Korean government sponsors, has been actively conducting cyber espionage operations. It employs advanced malware, spearphishing, and social engineering tactics to infiltrate target networks and exfiltrate sensitive data,…
IT Security News Hourly Summary 2025-01-09 06h : 4 posts
4 posts were published in the last hour 4:32 : Japanese Police claim China ran five-year cyberattack campaign targeting local orgs 4:32 : What Makes You… You? A Philosophical Take on Non-Human Identity 4:32 : Cybersecurity in 2025: Global conflict,…
Japanese Police claim China ran five-year cyberattack campaign targeting local orgs
‘MirrorFace’ group found ways to run malware in the Windows sandbox, which is worrying Japan’s National Police Agency and Center of Incident Readiness and Strategy for Cybersecurity have confirmed third party reports of attacks on local orgs by publishing details…
What Makes You… You? A Philosophical Take on Non-Human Identity
6 min readFrom DNA to data, explore the unanswered questions of identity and the challenges of securing a non-human world. The post What Makes You… You? A Philosophical Take on Non-Human Identity appeared first on Aembit. The post What Makes…
Cybersecurity in 2025: Global conflict, grown-up AI, and the wisdom of the crowd
As we look ahead to cybersecurity developments in 2025, there’s bad news and good—expect to see new challenging attacks and the cybersecurity community increasingly working together to counter threats that are beyond the scope of individual organizations. The post Cybersecurity…
Japanese Police claim China ran five-year cyberattack campaign
‘MirrorFace’ group found ways to run malware in the Windows sandbox, which is worrying Japan’s National Police Agency and Center of Incident Readiness and Strategy for Cybersecurity have confirmed third party reports of attacks on local orgs by publishing details…
ISC Stormcast For Thursday, January 9th, 2025 https://isc.sans.edu/podcastdetail/9272, (Thu, Jan 9th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Thursday, January 9th, 2025…
Examining Redtail Analyzing a Sophisticated Cryptomining Malware and its Advanced Tactics [Guest Diary], (Thu, Jan 9th)
[This is a Guest Diary by Cody Hales, an ISC intern as part of the SANS.edu BACS program] This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: Examining Redtail Analyzing a Sophisticated Cryptomining…
The US has a new cybersecurity safety label for smart devices
The White House this week announced a new label for internet-connected devices, the U.S. Cyber Trust Mark, intended to help consumers make more-informed decisions about the cybersecurity of products they bring into their homes. To earn the U.S. Cyber Trust…
IT Security News Hourly Summary 2025-01-09 03h : 4 posts
4 posts were published in the last hour 1:11 : The U.S. has a new cybersecurity safety label for smart devices 1:11 : I tried hard, but didn’t fix all of cybersecurity, admits outgoing US National Cyber Director 1:11 :…
The U.S. has a new cybersecurity safety label for smart devices
The White House this week announced a new label for internet-connected devices, the U.S. Cyber Trust Mark, intended to help consumers make more-informed decisions about the cybersecurity of products they bring into their homes. To earn the U.S. Cyber Trust…
I tried hard, but didn’t fix all of cybersecurity, admits outgoing US National Cyber Director
In colossal surprise, ONCD boss Harry Coker says more work is needed The outgoing leader of the United States’ Office of the National Cyber Director has a clear message for whomever President-elect Trump picks to be his successor: There’s a…
Database tables of student, teacher info stolen from PowerSchool in cyberattack
Class act: Biz only serves 60M people across America, no biggie A leading education software maker has admitted its IT environment was compromised in a cyberattack, with students and teachers’ personal data – including some Social Security Numbers and medical…
DEF CON 32 – Student Engagement Doesn’t Have to Suck
Author/Presenter: Dr. Muhsinah Morris Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel. Permalink…
Ivanti Connect Secure VPN Targeted in New Zero-Day Exploitation
Written by: John Wolfram, Josh Murchie, Matt Lin, Daniel Ainsworth, Robert Wallace, Dimiter Andonov, Dhanesh Kizhakkinan, Jacob Thompson < div class=”block-paragraph_advanced”>Note: This is a developing campaign under active analysis by Mandiant and Ivanti. We will continue to add more indicators,…
SonicWall warns of an exploitable SonicOS vulnerability
SonicWall warns customers to address an authentication bypass vulnerability in its firewall’s SonicOS that is “susceptible to actual exploitation.” SonicWall is urging customers to upgrade the SonicOS firmware of their firewalls to patch an authentication bypass vulnerability tracked as CVE-2024-53704…
I tried hard, but didn’t fix cybersecurity, admits outgoing US National Cyber Director
In colossal surprise, ONCD boss Harry Coker says more work is needed The outgoing leader of the USA’s Office of the National Cyber Director has a clear message for whoever President-elect Trump picks to be his successor: there’s a lot…
Ivanti Releases Security Updates for Connect Secure, Policy Secure, and ZTA Gateways
Ivanti released security updates to address vulnerabilities (CVE-2025-0282, CVE-2025-0283) in Ivanti Connect Secure, Policy Secure, and ZTA Gateways. A cyber threat actor could exploit CVE-2025-0282 to take control of an affected system. CISA has added CVE-2025-0282 to its Known Exploited Vulnerabilities…
CISA Adds One Vulnerability to the KEV Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-0282 Ivanti Connect Secure Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal…