Stay Updated with the Latest Tech News
Get ahead of the curve with the latest insights, trends, and analysis in the tech world.
Browse by Category
Top 5 AI-Powered Social Engineering Attacks
Social engineering has long been an effective tactic because of how it focuses on human vulnerabilities. Thereβs no brute-force βspray and prayβ password guessing. No scouring systems for unpatched software. Instead, it simply relies on manipulating emotions such as trust, fear, and respect for authority, usually with the goal of gaining access to sensitive information or protected systems.
Published on: January 31, 2025 | Source:
Share on Facebook
Share in Tweet (rip twitter)
Share on LinkedIn
Share on Reddit
Share on Threads
Share on Bluesky
Italy Bans Chinese DeepSeek AI Over Data Privacy and Ethical Concerns
Italy's data protection watchdog has blocked Chinese artificial intelligence (AI) firm DeepSeek's service within the country, citing a lack of information on its use of users' personal data. The development comes days after the authority, the Garante, sent a series of questions to DeepSeek, asking about its data handling practices and where it obtained its training data. In particular, it wanted
Published on: January 31, 2025 | Source:Google Bans 158,000 Malicious Android App Developer Accounts in 2024
Google said it blocked over 2.36 million policy-violating Android apps from being published to the Google Play app marketplace in 2024 and banned more than 158,000 bad developer accounts that attempted to publish such harmful apps. The tech giant also noted it prevented 1.3 million apps from getting excessive or unnecessary access to sensitive user data during the time period by working with
Published on: January 31, 2025 | Source:NorthBay Health Data Breach Impacts 569,000 Individuals
NorthBay Health says hackers stole the personal information of 569,000 individuals in a 2024 ransomware attack. The post NorthBay Health Data Breach Impacts 569,000 Individuals appeared first on SecurityWeek.
Published on: January 31, 2025 | Source:Broadcom Patches VMware Aria Flaws β Exploits May Lead to Credential Theft
Broadcom has released security updates to patch five security flaws impacting VMware Aria Operations and Aria Operations for Logs, warning customers that attackers could exploit them to gain elevated access or obtain sensitive information. The list of identified flaws, which impact versions 8.x of the software, is below - CVE-2025-22218 (CVSS score: 8.5) - A malicious actor with View Only Admin
Published on: January 31, 2025 | Source:Clutch Security Raises $20 Million for Non-Human Identity Protection Platform
Clutch Security has raised $20 million in a Series A funding round led by SignalFire to secure non-human identities. The post Clutch Security Raises $20 Million for Non-Human Identity Protection Platform appeared first on SecurityWeek.
Published on: January 31, 2025 | Source:Trump Administration Faces Security Balancing Act in Borderless Cyber Landscape
What challenges will the new administration face and what might President Trumpβs record on cybersecurity indicate about the likely approach in 2025 and beyond? The post Trump Administration Faces Security Balancing Act in Borderless Cyber Landscape appeared first on SecurityWeek.
Published on: January 31, 2025 | Source:Healthcare Sector Charts 2 More Ransomware Attacks
No ransomware groups have yet to claim responsibility for either attack, and both institutions have yet to reveal what may have been stolen.
Published on: January 30, 2025 | Source:FBI nominee Kash Patel gets questions on cybercrime investigations, Silk Road founder, surveillance powers
Cyber otherwise wasnβt a big focus during the Senate Judiciary Committee hearing on Patelβs nomination to lead the bureau. The post FBI nominee Kash Patel gets questions on cybercrime investigations, Silk Road founder, surveillance powers appeared first on CyberScoop.
Published on: January 30, 2025 | Source:Department of Justice partners with Dutch police to break up HeartSender network
Also known as βSaim Raza,β the group was allegedly responsible for over $3 million in losses. The post Department of Justice partners with Dutch police to break up HeartSender network appeared first on CyberScoop.
Published on: January 30, 2025 | Source:Justice Department Sues to Block $14 Billion Juniper Buyout by Hewlett Packard Enterprise
The lawsuit said that the combination of businesses would eliminate competition, raise prices and reduce innovation. The post Justice Department Sues to Block $14 Billion Juniper Buyout by Hewlett Packard Enterprise appeared first on SecurityWeek.
Published on: January 30, 2025 | Source:Tulsi Gabbard tussles with senators over Snowden, surveillanceΒ
President Trumpβs nominee to lead ODNI substantially revised her previous positions on the former NSA contractor and Section 702 spying authorities. The post Tulsi Gabbard tussles with senators over Snowden, surveillance appeared first on CyberScoop.
Published on: January 30, 2025 | Source:VMware Patches High-Risk Flaws in Oft-Targeted Aria Operations Products
VMWare calls attention to patches for multiple 'high-risk' security defects in its Aria Operations and Aria Operations for Logs products. The post VMware Patches High-Risk Flaws in Oft-Targeted Aria Operations Products appeared first on SecurityWeek.
Published on: January 30, 2025 | Source:Conifers.ai Scores $25M Investment for Agentic AI SOC Technology
Backed by SYN Ventures, Conifers.ai plans to use βagentic AIβ technology to tackle complex security operations center (SOC) problems. The post Conifers.ai Scores $25M Investment for Agentic AI SOC Technology appeared first on SecurityWeek.
Published on: January 30, 2025 | Source:House bill aims to better protect financial institutions from ransomware attacks
The bipartisan legislation would direct the Treasury secretary to deliver a report on public-private coordination to combat attacks on the financial sector. The post House bill aims to better protect financial institutions from ransomware attacks appeared first on CyberScoop.
Published on: January 30, 2025 | Source:Taming Shadow AI:Β Valence Security, Endor Labs Unveil New Protections to Counter Hidden AI Threats
Valence Security and Endor Labs have introduced extensions to their existing platforms specifically to tackle the invisibility and wrongful use of Shadow AI. The post Taming Shadow AI:Valence Security, Endor Labs Unveil New Protections to Counter Hidden AI Threats appeared first on SecurityWeek.
Published on: January 30, 2025 | Source:Wiz researchers find sensitive DeepSeek data exposed to internet
Experts for the cloud security firm pulled sensitive data from the service with simple SQL queries. The post Wiz researchers find sensitive DeepSeek data exposed to internet appeared first on CyberScoop.
Published on: January 30, 2025 | Source:DARPA wants to create βself-healingβ firmware that can respond and recover from cyberattacksΒ
The agencyβs Red-C program seeks to build new defenses into bus-based computer systems. The post DARPA wants to create βself-healingβ firmware that can respond and recover from cyberattacks appeared first on CyberScoop.
Published on: January 30, 2025 | Source:Backline Emerges From Stealth With $9M in Funding for Vulnerability Remediation Platform
Backline has emerged from stealth mode with an autonomous security remediation platform and $9 million in seed funding. The post Backline Emerges From Stealth With $9M in Funding for Vulnerability Remediation Platform appeared first on SecurityWeek.
Published on: January 30, 2025 | Source:Infrastructure Laundering: Blending in with the Cloud
In an effort to blend in and make their malicious traffic tougher to block, hosting firms catering to cybercriminals in China and Russia increasingly are funneling their operations through major U.S. cloud providers. Research published this week on one such outfit -- a sprawling network tied to Chinese organized crime gangs and aptly named "Funnull" -- highlights a persistent whac-a-mole problem facing cloud services.
Published on: January 30, 2025 | Source:Cyber Insights 2025: Cyberinsurance β The Debate Continues
Better risk management could lead to reduced premiums on top of value for money, making cyberinsurance a silent driver for improved cybersecurity. The post Cyber Insights 2025: Cyberinsurance β The Debate Continues appeared first on SecurityWeek.
Published on: January 30, 2025 | Source:Google: Over 57 Nation-State Threat Groups Using AI for Cyber Operations
Over 57 distinct threat actors with ties to China, Iran, North Korea, and Russia have been observed using artificial intelligence (AI) technology powered by Google to further enable their malicious cyber and information operations. "Threat actors are experimenting with Gemini to enable their operations, finding productivity gains but not yet developing novel capabilities," Google Threat
Published on: January 30, 2025 | Source:Seraphic Attracts $29M Investment to Chase Enterprise Browser Business
Seraphic Security banks $29 million investment as VCs remain bullish on startups with security-themed browsers for corporate defenders. The post Seraphic Attracts $29M Investment to Chase Enterprise Browser Business appeared first on SecurityWeek.
Published on: January 30, 2025 | Source:New Jailbreaks Allow Users to Manipulate GitHub Copilot
Whether by intercepting its traffic or just giving it a little nudge, GitHub's AI assistant can be made to do malicious things it isn't supposed to.
Published on: January 30, 2025 | Source:Automated Pen Testing Is Improving β Slowly
The rate of evolution has been glacial, but tools now understand cloud environments and can target Web applications.
Published on: January 30, 2025 | Source:US Cyber Agencyβs Future Role in Elections Remains Murky Under the Trump Administration
President Donald Trump has yet to name anyone to lead the U.S. Cybersecurity and Infrastructure Security. The post US Cyber Agencyβs Future Role in Elections Remains Murky Under the Trump Administration appeared first on SecurityWeek.
Published on: January 30, 2025 | Source:Exposure Management Provider CYE Acquires Solvo
The addition of Solvo CSPM to CYE Hyver aims to address the need for multicloud vulnerability monitoring and risk assessment.
Published on: January 30, 2025 | Source:Authorities Seize Domains of Popular Hacking Forums in Major Cybercrime Crackdown
An international law enforcement operation has dismantled the domains associated with various online platforms linked to cybercrime such as Cracked, Nulled, Sellix, and StarkRDP. The effort, which took place between January 28 and 30, 2025, targeted the following domains - www.cracked.io www.nulled.to www.mysellix.io www.sellix.io www.starkrdp.io Visitors to these websites are now greeted by a
Published on: January 30, 2025 | Source:TeamViewer Patches High-Severity Vulnerability in Windows Applications
TeamViewer has released patches for a high-severity elevation of privilege vulnerability in its client and host applications for Windows. The post TeamViewer Patches High-Severity Vulnerability in Windows Applications appeared first on SecurityWeek.
Published on: January 30, 2025 | Source:Nulled, Other Cybercrime Websites Seized by Law Enforcement
Several cybercrime websites have been seized in a law enforcement operation, including Nulled, Cracked, Sellix, and StarkRDP. The post Nulled, Other Cybercrime Websites Seized by Law Enforcement appeared first on SecurityWeek.
Published on: January 30, 2025 | Source:Fake Reddit and WeTransfer Sites are Pushing Malware
There are thousands of fake Reddit and WeTransfer webpages that are pushing malware. They exploit people who are using search engines to search sites like Reddit. Unsuspecting victims clicking on the link are taken to a fake WeTransfer site that mimicks the interface of the popular file-sharing service. The βDownloadβ button leads to the Lumma Stealer payload hosted on βweighcobbweo[.]top.β Boingboing post.
Published on: January 30, 2025 | Source:Lightning AI Studio Vulnerability Could've Allowed RCE via Hidden URL Parameter
Cybersecurity researchers have disclosed a critical security flaw in the Lightning AI Studio development platform that, if successfully exploited, could have allowed for remote code execution. The vulnerability, rated a CVSS score of 9.4, enables "attackers to potentially execute arbitrary commands with root privileges" by exploiting a hidden URL parameter, application security firm Noma said in
Published on: January 30, 2025 | Source:Lightning AI Studio Vulnerability Allowed RCE via Hidden URL Parameter
Cybersecurity researchers have disclosed a critical security flaw in the Lightning AI Studio development platform that, if successfully exploited, could allow for remote code execution. The vulnerability, rated a CVSS score of 9.4, enables "attackers to potentially execute arbitrary commands with root privileges" by exploiting a hidden URL parameter, application security firm Noma said in a
Published on: January 30, 2025 | Source:This month in security with Tony Anscombe β January 2025 edition
DeepSeekβs bursting onto the AI scene, apparent shifts in US cybersecurity policies, and a massive student data breach all signal another eventful year in cybersecurity and data privacy
Published on: January 30, 2025 | Source:SOC Analysts - Reimagining Their Role Using AI
The job of a SOC analyst has never been easy. Faced with an overwhelming flood of daily alerts, analysts (and sometimes IT teams who are doubling as SecOps) must try and triage thousands of security alertsβoften false positivesβjust to identify a handful of real threats. This relentless, 24/7 work leads to alert fatigue, desensitization, and increased risk of missing critical security incidents.
Published on: January 30, 2025 | Source: