Posted by Bethel Otuteye and Khawaja Shams (Android Security and Privacy Team), and Ron Aquino (Play Trust and Safety) Android and Google Play comprise a vibrant ecosystem with billions of users around the globe and millions of helpful apps. Keeping…
IT Security News Hourly Summary 2025-01-29 21h : 4 posts
4 posts were published in the last hour 19:34 : FBI Seizes Leading Hacking Forums Cracked.to and Nulled.to 19:34 : OpenAI tailored ChatGPT Gov for government use – here’s what that means 19:34 : Streamline the connectivity between your environment…
FBI Seizes Leading Hacking Forums Cracked.to and Nulled.to
Nulled.to and Cracked.to, major hacking forums, appear seized by the FBI as DNS records point to FBI servers.… This article has been indexed from Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News Read the original article: FBI Seizes Leading…
OpenAI tailored ChatGPT Gov for government use – here’s what that means
ChatGPT will be making its way to federal, state, and local agencies. The new version comes with benefits – and concerns. This article has been indexed from Latest stories for ZDNET in Security Read the original article: OpenAI tailored ChatGPT…
Streamline the connectivity between your environment and Red Hat Insights services
Introducing new connectivity optionsFollowing the announcement of Red Hat Insights proxy in technology preview, we are pleased to announce that this service is now generally available.Red Hat Insights proxy helps streamline the connectivity between your environment and Red Hat’s powerful…
Observo’s AI-native data pipelines cut noisy telemetry by 70%, strengthening enterprise security
The reduction in noisy, unstructured telemetry data by Observo can cut enterprise observability costs by up to 50%. This article has been indexed from Security News | VentureBeat Read the original article: Observo’s AI-native data pipelines cut noisy telemetry by…
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation, as confirmed by Fortinet. CVE-2025-24085 Apple Multiple Products Use-After-Free Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and…
These are the 10 worst PIN codes
Data analysis has shown which 4-digit pin codes offer the best chances for an attacker. Are you using one of them? This article has been indexed from Malwarebytes Read the original article: These are the 10 worst PIN codes
What DeepSeek’s R1 Model Means For AI Innovation and Enterprise Security
DeepSeek’s R1 model launch marks a significant milestone in AI accessibility, combining advanced reasoning capabilities with free, unlimited access. The platform’s explosive growth is evident—its mobile app topped the iOS App Store charts within 48 hours of release, indicating unprecedented…
SLAP/FLOP: Apple Silicon’s ‘Son of Spectre’ Critical Flaws
Watch this: Want more “speculative execution” bugs? You’re gonna be in a great mood all day. The post SLAP/FLOP: Apple Silicon’s ‘Son of Spectre’ Critical Flaws appeared first on Security Boulevard. This article has been indexed from Security Boulevard Read…
Lazarus Group Uses React-Based Admin Panel to Control Global Cyber Attacks
The North Korean threat actor known as the Lazarus Group has been observed leveraging a “web-based administrative platform” to oversee its command-and-control (C2) infrastructure, giving the adversary the ability to centrally supervise all aspects of their campaigns. “Each C2 server…
Whatsup Gold, Observium and Offis vulnerabilities
Cisco Talos’ Vulnerability Research team recently disclosed three vulnerabilities in Observium, three vulnerabilities in Offis, and four vulnerabilities in Whatsup Gold. These vulnerabilities exist in Observium, a network observation and monitoring system; Offis DCMTK, a collection of libraries and applications…
Lynx Ransomware Architecture to Attack Windows, Linux, ESXi Uncovered
The emergence of the Lynx Ransomware-as-a-Service (RaaS) platform has drawn significant attention in cybersecurity circles, owing to its advanced technical capabilities, structured affiliate workflow, and expansive ransomware arsenal. Lynx has proven to be a highly organized and efficient cybercriminal operation,…
Russian APT28 Hackers Exploit Zero-Day Vulnerabilities to Target Government and Security Sectors
A detailed analysis from Maverits, a leading cybersecurity firm, reveals a significant evolution in the strategies and objectives of APT28, a cyber-espionage group linked to Russia’s GRU military intelligence unit. Covering activities from 2022 to 2024, the report highlights APT28’s…
Hackers Exploit OAuth 2.0 Code Flow Using AiTM Attack on Microsoft Azure AD
Security enthusiasts and professionals are turning their focus towards a new angle on phishing attacks in the identity and access management space. During the “Offensive Entra ID (Azure AD) and Hybrid AD Security” training, a clever demonstration showcased how a…
New Apple SLAP & FLOP Side-Channel Attacks Let Attackers Steal Login Details From Browser
Researchers from the Georgia Institute of Technology and Ruhr University Bochum have uncovered two novel speculative execution attacks, named SLAP (Speculative Data Attacks via Load Address Prediction) and FLOP (Breaking the Apple M3 CPU via False Load Output Predictions). These…
MGM Resorts settles lawsuits after millions of customer records stolen in data breaches
A court filing says 37 million MGM customers had personal data stolen in the cyberattacks. © 2024 TechCrunch. All rights reserved. For personal use only. This article has been indexed from Security News | TechCrunch Read the original article: MGM…
Hackers Allegedly Selling Fortinet Vulnerability Exploit on Dark Web Forums
A significant cybersecurity threat has emerged as hackers on a prominent Russian dark web forum claim to be selling an active exploit targeting Fortinet devices. The exploit reportedly leverages a critical vulnerability, CVE-2024-55591, which affects FortiOS versions 7.0.0 through 7.0.16. …
Apple Chips Vulnerability Exposes Credit Cards & Location History to Hackers
Researchers have uncovered two critical vulnerabilities in Apple’s custom silicon chips, dubbed SLAP (Speculative Load Address Prediction) and FLOP (False Load Output Predictions). These flaws, found in Apple’s A- and M-series processors, expose sensitive user data such as credit card…
State-sponsored Actors Abusing Gemini to Fuel Cyber Attacks
The state-sponsored threat actors are increasingly exploiting Google’s AI-powered assistant, Gemini, to enhance their cyber operations. While generative AI tools like Gemini hold immense potential for innovation and productivity, their misuse by advanced persistent threat (APT) groups and information operations…
Windows 11 24H2 Update Breaks Web camera, Audio, & USB
The most recent update for Windows 11 24H2, identified as KB5050009, has caused various kinds of technical issues for users, affecting critical functionalities like audio, Bluetooth, USB devices, and webcams. Released earlier this month, the update was intended to enhance…
Our Digital Footprints are Breadcrumbs for Mapping our Personal Behavior
The Government Accountability Office states that customers are usually unaware of the potential privacy risks and biases that arise from use of personal information. The post Our Digital Footprints are Breadcrumbs for Mapping our Personal Behavior appeared first on Security…
Cybercriminals Use Google Ads and URL Cloaking to Spread Malware
Cybercriminals are increasingly using Google ads and sophisticated cloaking techniques to push malware onto unsuspecting users. The latest example involves a fake Homebrew website that tricked users into downloading an infostealer designed to steal sensitive data, including login credentials…
IT Security News Hourly Summary 2025-01-29 18h : 9 posts
9 posts were published in the last hour 16:35 : Magility 2025: Rückblick, Highlights und Ausblick 16:34 : New Zyxel Zero-Day Under Attack, No Patch Available 16:34 : Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891)…