Stay Updated with the Latest Tech News
Get ahead of the curve with the latest insights, trends, and analysis in the tech world.
Browse by Category
New Anubis Ransomware Could Pose Major Threat to Organizations
Threat Intelligence firm Kela warns of a new ransomware group called Anubis operating as a RaaS service with an extensive array of options for affiliates. The post New Anubis Ransomware Could Pose Major Threat to Organizations appeared first on SecurityWeek.
Published on: February 26, 2025 | Source:
Share on Facebook
Share in Tweet (rip twitter)
Share on LinkedIn
Share on Reddit
Share on Threads
Share on Bluesky
A major cybersecurity law is expiring soon โ and advocates are prepping to push Congress for renewalย
The 2015 Cybersecurity Information Sharing Act provides vital legal protections for cyber threat sharing initiatives, they say. The post A major cybersecurity law is expiring soon โ and advocates are prepping to push Congress for renewal appeared first on CyberScoop.
Published on: February 26, 2025 | Source:Machine Unlearning: The Lobotomization of LLMs
In the end, the question isn't whether large language models will ever forget โ it's how we'll develop the tools and systems to do so effectively and ethically.
Published on: February 26, 2025 | Source:Fortanix Tackles Quantum Computing Threats With New Algorithms
Fortanix is implementing post-quantum cryptographic algorithms in its security suite to protect against future attacks.
Published on: February 26, 2025 | Source:Leaked Black Basta Ransomware Chat Logs Reveal Inner Workings and Internal Conflicts
More than a year's worth of internal chat logs from a ransomware gang known as Black Basta have been published online in a leak that provides unprecedented visibility into their tactics and internal conflicts among its members. The Russian-language chats on the Matrix messaging platform between September 18, 2023, and September 28, 2024, were initially leaked on February 11, 2025, by an
Published on: February 26, 2025 | Source:An iCloud Backdoor Would Make Our Phones Less Safe
Last month, the UK government demanded that Apple weaken the security of iCloud for users worldwide. On Friday, Apple took steps to comply for users in the United Kingdom. But the British law is written in a way that requires Apple to give its government access to anyone, anywhere in the world. If the government demands Apple weaken its security worldwide, it would increase everyoneโs cyber-risk in an already dangerous...
Published on: February 26, 2025 | Source:UK Demanded Apple Add a Backdoor to iCloud
Last month, the UK government demanded that Apple weaken the security of iCloud for users worldwide. On Friday, Apple took steps to comply for users in the United Kingdom. But the British law is written in a way that requires Apple to give its government access to anyone, anywhere in the world. If the government demands Apple weaken its security worldwide, it would increase everyoneโs cyber-risk in an already dangerous...
Published on: February 26, 2025 | Source:CISAโs AI cybersecurity playbook calls for greater collaboration, but trust is key to successful execution
A DHS and Cybercom alum shares initial reactions to and future considerations for the JCDC AI Cybersecurity Collaboration Playbook. The post CISAโs AI cybersecurity playbook calls for greater collaboration, but trust is key to successful execution appeared first on CyberScoop.
Published on: February 26, 2025 | Source:OpenSSF Releases Security Baseline for Open Source Projects
The Open Source Security Foundation (OpenSSF) has created a structured set of security requirements for open source projects. The post OpenSSF Releases Security Baseline for Open Source Projects appeared first on SecurityWeek.
Published on: February 26, 2025 | Source:SOC 3.0 - The Evolution of the SOC and How AI is Empowering Human Talent
Organizations today face relentless cyber attacks, with high-profile breaches hitting the headlines almost daily. Reflecting on a long journey in the security field, itโs clear this isnโt just a human problemโitโs a math problem. There are simply too many threats and security tasks for any SOC to manually handle in a reasonable timeframe. Yet, there is a solution. Many refer to it as SOC 3.0โan
Published on: February 26, 2025 | Source:Qualcomm Extends Security Support for Android Devices to 8 Years
Qualcomm says itโs working with Google to ensure that Android device manufacturers will be able to provide security updates for 8 years. The post Qualcomm Extends Security Support for Android Devices to 8 Years appeared first on SecurityWeek.
Published on: February 26, 2025 | Source:New Linux Malware โAuto-Colorโ Grants Hackers Full Remote Access to Compromised Systems
Universities and government organizations in North America and Asia have been targeted by a previously undocumented Linux malware called Auto-Color between November and December 2024, according to new findings from Palo Alto Networks Unit 42. "Once installed, Auto-color allows threat actors full remote access to compromised machines, making it very difficult to remove without specialized
Published on: February 26, 2025 | Source:3.3 Million People Impacted by DISA Data Breach
Background and drug screening giant DISA has revealed that a 2024 data breach impacts more than 3.3 million people. The post 3.3 Million People Impacted by DISA Data Breach appeared first on SecurityWeek.
Published on: February 26, 2025 | Source:Three Password Cracking Techniques and How to Defend Against Them
Passwords are rarely appreciated until a security breach occurs; suffice to say, the importance of a strong password becomes clear only when faced with the consequences of a weak one. However, most end users are unaware of just how vulnerable their passwords are to the most common password-cracking methods.The following are the three common techniques for cracking passwords and how to
Published on: February 26, 2025 | Source:CERT-UA Warns of UAC-0173 Attacks Deploying DCRat to Compromise Ukrainian Notaries
The Computer Emergency Response Team of Ukraine (CERT-UA) on Tuesday warned of renewed activity from an organized criminal group it tracks as UAC-0173 that involves infecting computers with a remote access trojan named DCRat (aka DarkCrystal RAT). The Ukrainian cybersecurity authority said it observed the latest attack wave starting in mid-January 2025. The activity is designed to target the
Published on: February 26, 2025 | Source:Malicious PyPI Package "automslc" Enables 104K+ Unauthorized Deezer Music Downloads
Cybersecurity researchers have flagged a malicious Python library on the Python Package Index (PyPI) repository that facilitates unauthorized music downloads from music streaming service Deezer. The package in question is automslc, which has been downloaded over 104,000 times to date. First published in May 2019, it remains available on PyPI as of writing. "Although automslc, which has been
Published on: February 26, 2025 | Source:Stealthy Linux 'Auto-color' Backdoor Paints US Institutions With Malware
Attackers are using a novel malware that takes on different file names each time it's deployed; it also boasts an anti-removal mechanism to target universities and government offices.
Published on: February 26, 2025 | Source:This month in security with Tony Anscombe โ February 2025 edition
Ransomware payments trending down, the cyber-resilience gap facing SMBs, and APT groups embracing generative AI โ it's a wrap on another month filled with impactful security news
Published on: February 26, 2025 | Source:CISA Adds Microsoft and Zimbra Flaws to KEV Catalog Amid Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday placed two security flaws impacting Microsoft Partner Center and Synacor Zimbra Collaboration Suite (ZCS) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerabilities in question are as follows - CVE-2024-49035 (CVSS score: 8.7) - An improper access control
Published on: February 26, 2025 | Source:How to Rein in Identity Session Security Risk With CAEP
Addressing the complexities of session management in multi-IDP environments, the protocol offers a pathway to real-time security, proactive risk mitigation, and enhanced user trust.
Published on: February 25, 2025 | Source:AI Tricksters Spin Up Fake DeepSeek Sites to Steal Crypto
The fake websites trick users into downloading and running malware that searches for personal information, especially anything related to cryptocurrency.
Published on: February 25, 2025 | Source:Microsoft 365 Accounts Get Sprayed by Mega-Botnet
The threat actors are exploiting noninteractive sign-ins, an authentication feature that security teams don't typically monitor.
Published on: February 25, 2025 | Source:Max Severity RCE Vuln in All Versions of MITRE Caldera
In the wrong hands, the popular red-teaming tool can be made to access networks, escalate privileges, conduct reconnaissance, and disguise malicious activity as a simulated exercise.
Published on: February 25, 2025 | Source:North Korea's Lazarus Pulls Off Biggest Crypto Heist in History
Cyberattackers believed to be affiliated with the state-sponsored threat group pulled off the largest crypto heist reported to date, stealing $1.5 billion from exchange Bybit. It was carried out by interfering with a routine transfer between wallets.
Published on: February 25, 2025 | Source:Purging cyber review board was โa great idea,โ DHS deputy secretary nominee says
Troy Edgar told lawmakers that the Cyber Safety Review Board, which was investigating the Salt Typhoon hack, was โgoing in the wrong direction.โ The post Purging cyber review board was โa great idea,โ DHS deputy secretary nominee says appeared first on CyberScoop.
Published on: February 25, 2025 | Source:House Dems say DOGE is leaving publicly exposed entry points into government systems
A letter from a trio of lawmakers says the group has โleft multiple government agencies vulnerable to cyberattacksโ from foreign entities. The post House Dems say DOGE is leaving publicly exposed entry points into government systems appeared first on CyberScoop.
Published on: February 25, 2025 | Source:North Korean Hackers Steal $1.5B in Cryptocurrency
It looks like a very sophisticated attack against the Dubai-based exchange Bybit: Bybit officials disclosed the theft of more than 400,000 ethereum and staked ethereum coins just hours after it occurred. The notification said the digital loot had been stored in a โMultisig Cold Walletโ when, somehow, it was transferred to one of the exchangeโs hot wallets. From there, the cryptocurrency was transferred out of Bybit...
Published on: February 25, 2025 | Source:Offensive AI Startup Dreadnode Secures $14M to Stress-Test AI Systems
Dreadnode is building โoffensive machine learningโ tools to safely simulate how AI models might be exploited in the wild. The post Offensive AI Startup Dreadnode Secures $14M to Stress-Test AI Systems appeared first on SecurityWeek.
Published on: February 25, 2025 | Source:LightSpy Expands to 100+ Commands, Increasing Control Over Windows, macOS, Linux, and Mobile
Cybersecurity researchers have flagged an updated version of the LightSpy implant that comes equipped with an expanded set of data collection features to extract information from social media platforms like Facebook and Instagram. LightSpy is the name given to a modular spyware that's capable of infecting both Windows and Apple systems with an aim to harvest data. It was first documented in
Published on: February 25, 2025 | Source:Skybox Security Shuts Down, Lays Off Entire Workforceย
The sudden shutdown follows the sale of Skybox Securityโs business and technology assets to rival Israeli cybersecurity firm Tufin. The post Skybox Security Shuts Down, Lays Off Entire Workforce appeared first on SecurityWeek.
Published on: February 25, 2025 | Source:Belarus-Linked Ghostwriter Uses Macropack-Obfuscated Excel Macros to Deploy Malware
Opposition activists in Belarus as well as Ukrainian military and government organizations are the target of a new campaign that employs malware-laced Microsoft Excel documents as lures to deliver a new variant of PicassoLoader. The threat cluster has been assessed to be an extension of a long-running campaign mounted by a Belarus-aligned threat actor dubbed Ghostwriter (aka Moonscape,
Published on: February 25, 2025 | Source:Unmanaged Devices: The Overlooked Threat CISOs Must Confront
No matter the strategy, companies must approach securing unmanaged devices with sensitivity and respect for employee privacy.
Published on: February 25, 2025 | Source:Edera Banks $15M for Kubernetes Workload Isolation Tech
Seattle startup building technology to mitigate lateral movement and block โliving off the landโ techniques wins interest from investors. The post Edera Banks $15M for Kubernetes Workload Isolation Tech appeared first on SecurityWeek.
Published on: February 25, 2025 | Source:Leader of North Korean Hackers Sanctioned by EU
The EU has announced new sanctions against entities aiding Russiaโs war against Ukraine, including an individual who leads North Korean hackers. The post Leader of North Korean Hackers Sanctioned by EU appeared first on SecurityWeek.
Published on: February 25, 2025 | Source:CISA Warns of Attacks Exploiting Oracle Agile PLM Vulnerability
CISA has added CVE-2024-20953, an Oracle Agile PLM vulnerability patched in January 2024, to its KEV catalog. The post CISA Warns of Attacks Exploiting Oracle Agile PLM Vulnerability appeared first on SecurityWeek.
Published on: February 25, 2025 | Source: