Stay Updated with the Latest Tech News
Get ahead of the curve with the latest insights, trends, and analysis in the tech world.
Browse by Category
Sharing of Telegram User Data Surges After CEO Arrest
Until September 2024, the encrypted messaging service acceded to 14 requests for user data from the US; that number jumped to 900 after its CEO was detained by French authorities in August.
Published on: January 07, 2025 | Source:
Share on Facebook
Share in Tweet (rip twitter)
Share on LinkedIn
Share on Reddit
Share on Threads
Share on Bluesky
Pentagon Adds Chinese Gaming Giant Tencent to Federal Ban
The sprawling social media and gaming platform says that being considered a Chinese military business must be a mistake.
Published on: January 07, 2025 | Source:White House launches cybersecurity label program for consumers
The White House announced Tuesday the official launch of the U.S. Cyber Trust Mark, a cybersecurity labeling initiative aimed at enhancing the security of internet-connected devices. The initiative tackles rising consumer concerns about the security vulnerabilities of βsmartβ devices essential to modern homes. As households become more dependent on interconnected gadgets β with a 2023 [β¦] The post White House launches...
Published on: January 07, 2025 | Source:CISA: Third-Party Data Breach Limited to Treasury Dept.
The breach was carried out by exploiting CVE-2024-12356 in BeyondTrust cybersecurity company, just last week.
Published on: January 07, 2025 | Source:PhishWP Plug-in Hijacks WordPress E-Commerce Checkouts
The malware, found on a Russian cybercriminal site, impersonates e-commerce payment-processing services such as Stripe to steal user payment data from legitimate websites.
Published on: January 07, 2025 | Source:Android patches several vulnerabilities in first security update of 2025
The bulletin identifies five critical remote code execution (RCE) vulnerabilities affecting the core components of Androidβs system. The post Android patches several vulnerabilities in first security update of 2025 appeared first on CyberScoop.
Published on: January 07, 2025 | Source:Name That Edge Toon: Greetings and Salutations
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 gift card.
Published on: January 07, 2025 | Source:Cybercriminals Don't Care About National Cyber Policy
We can't put defense on hold until Inauguration Day.
Published on: January 07, 2025 | Source:Researchers Uncover Major Security Flaw in Illumina iSeq 100 DNA Sequencers
Cybersecurity researchers have uncovered firmware security vulnerabilities in the Illumina iSeq 100 DNA sequencing instrument that, if successfully exploited, could permit attackers to brick or plant persistent malware on susceptible devices. "The Illumina iSeq 100 used a very outdated implementation of BIOS firmware using CSM [Compatibility Support Mode] mode and without Secure Boot or standard
Published on: January 07, 2025 | Source:US Treasury Department Sanctions Chinese Company Over Cyberattacks
From the Washington Post: The sanctions target Beijing Integrity Technology Group, which U.S. officials say employed workers responsible for the Flax Typhoon attacks which compromised devices including routers and internet-enabled cameras to infiltrate government and industrial targets in the United States, Taiwan, Europe and elsewhere.
Published on: January 07, 2025 | Source:Farewell to the Fallen: The Cybersecurity Stars We Lost Last Year
It's time once again to pay our respects to the once-famous cybersecurity solutions whose usefulness died in the past year. The cybercriminal world collectively mourns the loss of these solutions and the easy access they provide to victim organizations. These solutions, though celebrated in their prime, succumbed to the twin forces of time and advancing threats. Much like a tribute to
Published on: January 07, 2025 | Source:State-aligned actors are increasingly deploying ransomware β and thatβs bad news for everyone
The blurring of lines between cybercrime and state-sponsored attacks underscores the increasingly fluid and multifaceted nature of todayβs cyberthreats
Published on: January 07, 2025 | Source:New EAGERBEE Variant Targets ISPs and Governments with Advanced Backdoor Capabilities
Internet service providers (ISPs) and governmental entities in the Middle East have been targeted using an updated variant of the EAGERBEE malware framework. The new variant of EAGERBEE (aka Thumtais) comes fitted with various components that allow the backdoor to deploy additional payloads, enumerate file systems, and execute commands shells, demonstrating a significant evolution. "The key
Published on: January 07, 2025 | Source:CISA: No Wider Federal Impact from Treasury Cyber Attack, Investigation Ongoing
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday said there are no indications that the cyber attack targeting the Treasury Department impacted other federal agencies. The agency said it's working closely with the Treasury Department and BeyondTrust to get a better understanding of the breach and mitigate its impacts. "The security of federal systems and the data they
Published on: January 07, 2025 | Source:Moxa Alerts Users to High-Severity Vulnerabilities in Cellular and Secure Routers
Taiwan-based Moxa has warned of two security vulnerabilities impacting its cellular routers, secure routers, and network security appliances that could allow privilege escalation and command execution. The list of vulnerabilities is as follows - CVE-2024-9138 (CVSS 4.0 score: 8.6) - A hard-coded credentials vulnerability that could allow an authenticated user to escalate privileges and gain
Published on: January 07, 2025 | Source:Veracode Buys Package Analysis Technology From Phylum
The deal adds Phylum's technology for malicious package analysis, detection, and mitigation to Veracode's software composition analysis portfolio.
Published on: January 07, 2025 | Source:In Appreciation: Amit Yoran, Tenable CEO, Passes Away
Cybersecurity industry visionary and renowned executive Amit Yoran has passed away after an almost one-year battle with cancer.
Published on: January 06, 2025 | Source:China's Salt Typhoon Adds Charter, Windstream to Telecom Victim List
These latest attacks follow a long string of cyberattacks and breaches targeting US and global telecom and ISP companies.
Published on: January 06, 2025 | Source:FireScam Android Spyware Campaign Poses 'Significant Threat Worldwide'
A fake Telegram Premium app delivers information-stealing malware, in a prime example of the rising threat of adversaries leveraging everyday applications, researchers say.
Published on: January 06, 2025 | Source:Industrial networking manufacturer Moxa reports βcriticalβ router bugs
Moxa says the flaws can be used to bypass user authentication, escalate privileges and gain root access to devices. The post Industrial networking manufacturer Moxa reports βcriticalβ router bugs appeared first on CyberScoop.
Published on: January 06, 2025 | Source:EagerBee Backdoor Takes Flight Against Mideast ISPs, Government Targets
The malware, operated by China-backed cyberattackers, has been significantly fortified with new evasive and post-infection capabilities.
Published on: January 06, 2025 | Source:IoT's Regulatory Reckoning Is Overdue
New security regulations are more than compliance hurdles β they're opportunities to build better products, restore trust, and lead the next chapter of innovation.
Published on: January 06, 2025 | Source:Will AI Code Generators Overcome Their Insecurities This Year?
In just two years, LLMs have become standard for developers β and non-developers β to generate code, but companies still need to improve security processes to reduce software vulnerabilities.
Published on: January 06, 2025 | Source:India Proposes Digital Data Rules with Tough Penalties and Cybersecurity Requirements
The Indian government has published a draft version of the Digital Personal Data Protection (DPDP) Rules for public consultation. "Data fiduciaries must provide clear and accessible information about how personal data is processed, enabling informed consent," India's Press Information Bureau (PIB) said in a statement released Sunday. "Citizens are empowered with rights to demand data erasure,
Published on: January 06, 2025 | Source:Privacy of Photos.appβs Enhanced Visual Search
Initial speculation about a new Apple feature.
Published on: January 06, 2025 | Source:β‘ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [6 Jan]
Every tap, click, and swipe we make online shapes our digital lives, but it also opens doorsβsome we never meant to unlock. Extensions we trust, assistants we rely on, and even the codes we scan are turning into tools for attackers. The line between convenience and vulnerability has never been thinner. This week, we dive into the hidden risks, surprising loopholes, and the clever tricks
Published on: January 06, 2025 | Source:From $22M in Ransom to +100M Stolen Records: 2025's All-Star SaaS Threat Actors to Watch
In 2024, cyber threats targeting SaaS surged, with 7,000 password attacks blocked per second (just in Entra ID)βa 75% increase from last yearβand phishing attempts up by 58%, causing $3.5 billion in losses (source: Microsoft Digital Defense Report 2024). SaaS attacks are increasing, with hackers often evading detection through legitimate usage patterns. The cyber threat arena saw standout
Published on: January 06, 2025 | Source:FireScam Android Malware Poses as Telegram Premium to Steal Data and Control Devices
An Android information stealing malware named FireScam has been found masquerading as a premium version of the Telegram messaging app to steal data and maintain persistent remote control over compromised devices. "Disguised as a fake 'Telegram Premium' app, it is distributed through a GitHub.io-hosted phishing site that impersonates RuStore β a popular app store in the Russian Federation,"
Published on: January 06, 2025 | Source:AI moves to your PC with its own special hardware
Seeking to keep sensitive data private and accelerate AI workloads? Look no further than AI PCs powered by Intel Core Ultra processors with a built-in NPU.
Published on: January 06, 2025 | Source:Cybercriminals Target Ethereum Developers with Fake Hardhat npm Packages
Cybersecurity researchers have revealed several malicious packages on the npm registry that have been found impersonating the Nomic Foundation's Hardhat tool in order to steal sensitive data from developer systems. "By exploiting trust in open source plugins, attackers have infiltrated these platforms through malicious npm packages, exfiltrating critical data such as private keys, mnemonics,
Published on: January 06, 2025 | Source:Tenable CEO Amit Yoran dies at 54
Yoran had stepped away from his job in December, announcing he was fighting cancer. The post Tenable CEO Amit Yoran dies at 54 appeared first on CyberScoop.
Published on: January 04, 2025 | Source:Researchers Uncover Nuclei Vulnerability Enabling Signature Bypass and Code Execution
A high-severity security flaw has been disclosed in ProjectDiscovery's Nuclei, a widely-used open-source vulnerability scanner that, if successfully exploited, could allow attackers to bypass signature checks and potentially execute malicious code. Tracked as CVE-2024-43405, it carries a CVSS score of 7.4 out of a maximum of 10.0. It impacts all versions of Nuclei later than 3.0.0. "The
Published on: January 04, 2025 | Source:PLAYFULGHOST Delivered via Phishing and SEO Poisoning in Trojanized VPN Apps
Cybersecurity researchers have flagged a new malware called PLAYFULGHOST that comes with a wide range of information-gathering features like keylogging, screen capture, audio capture, remote shell, and file transfer/execution. The backdoor, according to Google's Mandiant Managed Defense team, shares functional overlaps with a known remote administration tool referred to as Gh0st RAT, which had
Published on: January 04, 2025 | Source:U.S. Sanctions Chinese Cybersecurity Firm for State-Backed Hacking Campaigns
The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) on Friday issued sanctions against a Beijing-based cybersecurity company known as Integrity Technology Group, Incorporated for orchestrating several cyber attacks against U.S. victims. These attacks have been publicly attributed to a Chinese state-sponsored threat actor tracked as Flax Typhoon (aka Ethereal Panda or
Published on: January 04, 2025 | Source:Thousands of BeyondTrust Systems Remain Exposed
Weeks after the critical vulnerability was reported and a hacking of the Treasury Department, nearly 9,000 BeyondTrust instances remain wide open to the Internet, researchers say β though it's impossible to tell how many are still vulnerable.
Published on: January 03, 2025 | Source: