Stay Updated with the Latest Tech News
Get ahead of the curve with the latest insights, trends, and analysis in the tech world.
Browse by Category
U.S. Charges 12 Chinese Nationals in State-Backed Hacking Operations
The U.S. Department of Justice (DoJ) has announced charges against 12 Chinese nationals for their alleged participation in a wide-ranging scheme designed to steal data and suppress free speech and dissent globally. The individuals include two officers of the People's Republic of China's (PRC) Ministry of Public Security (MPS), eight employees of an ostensibly private PRC company, Anxun
Published on: March 06, 2025 | Source:
Share on Facebook
Share in Tweet (rip twitter)
Share on LinkedIn
Share on Reddit
Share on Threads
Share on Bluesky
Cybersecurity's Future Is All About Governance, Not More Tools
As CISOs take a seat at the boardroom table, the focus shifts from stacking security tools to driving accountability, efficiency, and strategic risk management.
Published on: March 06, 2025 | Source:Espionage Actor 'Lotus Blossom' Targets Southeast Asia
The threat actor, of unknown origin, is deploying a proprietary backdoor malware known as "Sagerunex" against critical infrastructure in Hong Kong, Philippines, Taiwan, and Vietnam.
Published on: March 06, 2025 | Source:China's Silk Typhoon APT Shifts to IT Supply Chain Attacks
The nation-state threat group has been breaching providers of remote management tools, identity management providers, and other IT companies to access networks of targeted entities, according to Microsoft.
Published on: March 05, 2025 | Source:US indicts 12 Chinese nationals for vast espionage attack spree
A flurry of unsealed indictments reveal Chinaβs alleged well-coordinated effort to use a hacker-for-hire ecosystem to conduct espionage while obscuring the governmentβs direct involvement. The post US indicts 12 Chinese nationals for vast espionage attack spree appeared first on CyberScoop.
Published on: March 05, 2025 | Source:Qualcomm, MediaTek Release Security Fix Bonanza
The chipmakers patched bugs, mostly critical and high severity, that affect everything from smartphones to TVs to artificial intelligence platforms.
Published on: March 05, 2025 | Source:Bogus 'BianLian' Gang Sends Snail-Mail Extortion Letters
The letters mimic typical ransom notes and threaten to delete or leak compromised data if payments aren't made, though none of the organizations that received them had active ransomware attacks.
Published on: March 05, 2025 | Source:Cybercriminals picked up the pace on attacks last year
Ransomware groups last year achieved lateral movement within an average of 48 minutes after gaining initial access to targeted environments, threat intelligence experts said. The post Cybercriminals picked up the pace on attacks last year appeared first on CyberScoop.
Published on: March 05, 2025 | Source:Anorexia coaches, self-harm buddies and sexualized minors: How online communities are using AI chatbots for harmful behaviorΒ
Research from Graphika details how a range of online communities are creating AI personalities that can blur reality for lonely individuals, particularly teenagers. The post Anorexia coaches, self-harm buddies and sexualized minors: How online communities are using AI chatbots for harmful behavior appeared first on CyberScoop.
Published on: March 05, 2025 | Source:Chainguardβs FIPS-compliant Cassandra addresses security demand of federal and regulated markets
The new offering paves the way for orgs to use the widely popular open-source software with their highly sensitive data. The post Chainguardβs FIPS-compliant Cassandra addresses security demand of federal and regulated markets appeared first on CyberScoop.
Published on: March 05, 2025 | Source:SpecterOps Scores $75M Series B to Scale BloodHound Enterprise PlatformΒ
SpecterOps has raised an unusually large $75 million Series B funding round to accelerate the growth of its BloodHound Enterprise platform. The post SpecterOps Scores $75M Series B to Scale BloodHound Enterprise Platform appeared first on SecurityWeek.
Published on: March 05, 2025 | Source:China Hackers Behind US Treasury Breach Caught Targeting IT Supply Chain
Silk Typhoon APT caught using IT supply chain entry points to conduct reconnaissance, siphon data, and move laterally on victim networks. The post China Hackers Behind US Treasury Breach Caught Targeting IT Supply Chain appeared first on SecurityWeek.
Published on: March 05, 2025 | Source:Former top NSA cyber official: Probationary firings βdevastatingβ to cyber, national security
Rob Joyce emphasized during a House hearing how important probationary employees are to NSA efforts to counter China and other threats in cyberspace. The post Former top NSA cyber official: Probationary firings βdevastatingβ to cyber, national security appeared first on CyberScoop.
Published on: March 05, 2025 | Source:China-Linked Silk Typhoon Expands Cyber Attacks to IT Supply Chains for Initial Access
The China-linked threat actor behind the zero-day exploitation of security flaws in Microsoft Exchange servers in January 2021 has shifted its tactics to target the information technology (IT) supply chain as a means to obtain initial access to corporate networks. That's according to new findings from the Microsoft Threat Intelligence team, which said the Silk Typhoon (formerly Hafnium) hacking
Published on: March 05, 2025 | Source:Why Security Leaders Are Opting for Consulting Gigs
Many CISOs are weighing the benefits of going virtual as a consultant. Can the pendulum swing in the other direction?
Published on: March 05, 2025 | Source:Defending against USB drive attacks with Wazuh
USB drive attacks constitute a significant cybersecurity risk, taking advantage of the everyday use of USB devices to deliver malware and circumvent traditional network security measures. These attacks lead to data breaches, financial losses, and operational disruptions, with lasting impacts on an organization's reputation. An example is the Stuxnet worm discovered in 2010, a malware designed to
Published on: March 05, 2025 | Source:Black Basta Pivots to Cactus Ransomware Group
The future of the formerly fearsome cybercriminal group remains uncertain as key members have moved to a new affiliation, in fresh attacks that use novel persistence malware BackConnect.
Published on: March 05, 2025 | Source:Iranian Hackers Target UAE Firms With Polyglot Files
An Iranian threat actor was seen targeting UAE organizations with polyglot files to deliver a new backdoor named Sosano. The post Iranian Hackers Target UAE Firms With Polyglot Files appeared first on SecurityWeek.
Published on: March 05, 2025 | Source:Dark Caracal Uses Poco RAT to Target Spanish-Speaking Enterprises in Latin America
The threat actor known as Dark Caracal has been attributed to a campaign that deployed a remote access trojan called Poco RAT in attacks targeting Spanish-speaking targets in Latin America in 2024. The findings come from Russian cybersecurity company Positive Technologies, which described the malware as loaded with a "full suite of espionage features." "It could upload files, capture screenshots
Published on: March 05, 2025 | Source:Google Rolls Out AI Scam Detection for Android to Combat Conversational Fraud
Google has announced the rollout of artificial intelligence (AI)-powered scam detection features to secure Android device users and their personal information. "These features specifically target conversational scams, which can often appear initially harmless before evolving into harmful situations," Google said. "And more phone calling scammers are using spoofing techniques to hide their real
Published on: March 05, 2025 | Source:North Korean Fake IT Workers Pose as Blockchain Developers on GitHub
North Korean fake IT workers are creating personas on GitHub to land blockchain developer jobs at US and Japanese firms. The post North Korean Fake IT Workers Pose as Blockchain Developers on GitHub appeared first on SecurityWeek.
Published on: March 05, 2025 | Source:Two Venezuelans Arrested in US for ATM Jackpotting
Several Venezuelans have been arrested and charged in the US in recent months for their role in ATM jackpotting schemes. The post Two Venezuelans Arrested in US for ATM Jackpotting appeared first on SecurityWeek.
Published on: March 05, 2025 | Source:CISA Identifies Five New Vulnerabilities Currently Being Exploited
Of the five, one is a Windows vulnerability, another is a Cisco vulnerability. We donβt have any details about who is exploiting them, or how. News article. Slashdot thread.
Published on: March 05, 2025 | Source:Chrome 134, Firefox 136 Patch High-Severity Vulnerabilities
Chrome 134 and Firefox 136 are rolling out across desktop and mobile with patches for multiple high-severity vulnerabilities. The post Chrome 134, Firefox 136 Patch High-Severity Vulnerabilities appeared first on SecurityWeek.
Published on: March 05, 2025 | Source:Chinese APT Lotus Panda Targets Governments With New Sagerunex Backdoor Variants
The threat actor known as Lotus Panda has been observed targeting government, manufacturing, telecommunications, and media sectors in the Philippines, Vietnam, Hong Kong, and Taiwan with updated versions of a known backdoor called Sagerunex. "Lotus Blossom has been using the Sagerunex backdoor since at least 2016 and is increasingly employing long-term persistence command shells and developing
Published on: March 05, 2025 | Source:Investigator says differing names for hacker groups, hackers studying investigative methods hinders law enforcement
Competing agencies and districts are another hurdle for prosecutions, an investigator said in a recent speech. The post Investigator says differing names for hacker groups, hackers studying investigative methods hinders law enforcement appeared first on CyberScoop.
Published on: March 05, 2025 | Source:Identity: The New Cybersecurity Battleground
The rapid adoption of cloud services, SaaS applications, and the shift to remote work have fundamentally reshaped how enterprises operate. These technological advances have created a world of opportunity but also brought about complexities that pose significant security threats. At the core of these vulnerabilities lies Identityβthe gateway to enterprise security and the number one attack vector
Published on: March 05, 2025 | Source:Knostic Secures $11 Million to Rein in Enterprise AI Data Leakage, OversharingΒ
Knostic provides a βneed-to-knowβ filter on the answers generated by enterprise large language models (LLM) tools. The post Knostic Secures $11 Million to Rein in Enterprise AI Data Leakage, Oversharing appeared first on SecurityWeek.
Published on: March 05, 2025 | Source:Kids behaving badly online? Here's what parents can do
By taking time to understand and communicate the impact of undesirable online behavior, you can teach your kids an invaluable set of life lessons for a new digital age
Published on: March 05, 2025 | Source:Seven Malicious Go Packages Found Deploying Malware on Linux and macOS Systems
Cybersecurity researchers are alerting of an ongoing malicious campaign targeting the Go ecosystem with typosquatted modules that are designed to deploy loader malware on Linux and Apple macOS systems. "The threat actor has published at least seven packages impersonating widely used Go libraries, including one (github[.]com/shallowmulti/hypert) that appears to target financial-sector developers
Published on: March 05, 2025 | Source:'Cocktail of Cyber-Risk' Should Stir Concerns Among CISOs
A global report published by the World Economic Forum points to a new "world order characterized by greater instability, polarizing narratives, eroding trust, and insecurity.
Published on: March 05, 2025 | Source:Congress eyes bigger cyber role for NTIA amid telecom attacks
A pair of cyber-focused bills tied to the National Telecommunications and Information Administration advanced out of a House committee Tuesday. The post Congress eyes bigger cyber role for NTIA amid telecom attacks appeared first on CyberScoop.
Published on: March 04, 2025 | Source:Rapid7 Delivers Command Platform Offerings for Exposure Management
Published on: March 04, 2025 | Source:
3 VMware Zero-Day Bugs Allow Sandbox Escape
The now-patched bugs are under active exploit and enable attackers to carry out a wide range of malicious activities, including escaping a virtual machine and gaining access to the underlying host.
Published on: March 04, 2025 | Source:Threat Actor 'JavaGhost' Targets AWS Environments in Phishing Scheme
Palo Alto Networks' Unit 42 details how a threat actor is dodging detection with careful targeting and the use of Amazon's native email tools.
Published on: March 04, 2025 | Source: