Stay Updated with the Latest Tech News
Get ahead of the curve with the latest insights, trends, and analysis in the tech world.
Browse by Category
Threat actors are increasingly trying to grind business to a halt
Palo Alto Networksβ threat intelligence firm said nearly 9 in 10 cyberattacks it responded to last year involved disrupted business operations. The post Threat actors are increasingly trying to grind business to a halt appeared first on CyberScoop.
Published on: February 25, 2025 | Source:
Share on Facebook
Share in Tweet (rip twitter)
Share on LinkedIn
Share on Reddit
Share on Threads
Share on Bluesky
Industrial System Cyberattacks Surge as OT Stays Vulnerable
Nearly a third of organizations have an operational system connected to the Internet with a known exploited vulnerability, as attacks by state and non-state actors increase.
Published on: February 25, 2025 | Source:5 Active Malware Campaigns in Q1 2025
The first quarter of 2025 has been a battlefield in the world of cybersecurity. Cybercriminals continued launching aggressive new campaigns and refining their attack methods. Below is an overview of five notable malware families, accompanied by analyses conducted in controlled environments. NetSupport RAT Exploiting the ClickFix Technique In early 2025, threat actors began exploiting a technique
Published on: February 25, 2025 | Source:Dragos: Surge of new hacking groups enter ICS space as states collaborate with private actors
States are increasingly collaborating with cybercriminal groups to share resources and amplify attacks on critical infrastructure in rival nations, a new report finds. The post Dragos: Surge of new hacking groups enter ICS space as states collaborate with private actors appeared first on CyberScoop.
Published on: February 25, 2025 | Source:2,500+ Truesight.sys Driver Variants Exploited to Bypass EDR and Deploy HiddenGh0st RAT
A large-scale malware campaign has been found leveraging a vulnerable Windows driver associated with Adlice's product suite to sidestep detection efforts and deliver the Gh0st RAT malware. "To further evade detection, the attackers deliberately generated multiple variants (with different hashes) of the 2.0.2 driver by modifying specific PE parts while keeping the signature valid," Check Point
Published on: February 25, 2025 | Source:GitVenom Malware Steals $456K in Bitcoin Using Fake GitHub Projects to Hijack Wallets
Cybersecurity researchers are calling attention to an ongoing campaign that's targeting gamers and cryptocurrency investors under the guise of open-source projects hosted on GitHub. The campaign, which spans hundreds of repositories, has been dubbed GitVenom by Kaspersky. "The infected projects include an automation instrument for interacting with Instagram accounts, a Telegram bot that enables
Published on: February 25, 2025 | Source:FatalRAT Phishing Attacks Target APAC Industries Using Chinese Cloud Services
Various industrial organizations in the Asia-Pacific (APAC) region have been targeted as part of phishing attacks designed to deliver a known malware called FatalRAT. "The threat was orchestrated by attackers using legitimate Chinese cloud content delivery network (CDN) myqcloud and the Youdao Cloud Notes service as part of their attack infrastructure," Kaspersky ICS CERT said in a Monday
Published on: February 25, 2025 | Source:Two Actively Exploited Security Flaws in Adobe and Oracle Products Flagged by CISA
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two security flaws impacting Adobe ColdFusion and Oracle Agile Product Lifecycle Management (PLM) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerabilities in question are listed below - CVE-2017-3066 (CVSS score: 9.8) - A deserialization vulnerability impacting
Published on: February 25, 2025 | Source:Betting (and Losing) the Farm on Traditional Cybersecurity
Standard SecOps training is no longer enough to tackle modern cybersecurity challenges. People need to develop nontraditional skills.
Published on: February 24, 2025 | Source:Zero-Day Bug Pops Up in Parallels Desktop for Mac
A patch bypass for a bug in the popular desktop emulator enables root-level privilege escalation and has no fix in sight.
Published on: February 24, 2025 | Source:25 Years On, Active Directory Is Still a Prime Attack Target
Evolving threats and hybrid identity challenges keep Microsoft's Active Directory at risk.
Published on: February 24, 2025 | Source:DeepSeek's ByteDance Data-Sharing Raises Fresh Security Concerns
Confirmation by South Korea's data protection agency that the AI chatbot sent data to TikTok's Chinese parent company has spurred a ban in that nation, and is again is calling into question DeepSeek's safety.
Published on: February 24, 2025 | Source:Could the Plot of Netflix's 'Zero Day' Occur IRL?
A new streaming series about a catastrophic, nationwide cyberattack against US critical infrastructure is about as believable as its main character: an honest, bipartisan, universally beloved politician.
Published on: February 24, 2025 | Source:What Microsoftβs Majorana 1 Chip Means for Quantum Decryption
The question is whether Majorana 1 advances progress toward quantum computing β or for security professionals, the arrival of computers powerful enough to break PKE. The post What Microsoftβs Majorana 1 Chip Means for Quantum Decryption appeared first on SecurityWeek.
Published on: February 24, 2025 | Source:Rad Security Raises $14 Million for AI, Cloud Security PlatformΒ
Rad Security has raised $14 million in Series A funding for a defense platform for AI workloads and cloud infrastructure. The post Rad Security Raises $14 Million for AI, Cloud Security Platform appeared first on SecurityWeek.
Published on: February 24, 2025 | Source:New Malware Campaign Uses Cracked Software to Spread Lumma and ACR Stealer
Cybersecurity researchers are warning of a new campaign that leverages cracked versions of software as a lure to distribute information stealers like Lumma and ACR Stealer. The AhnLab Security Intelligence Center (ASEC) said it has observed a spike in the distribution volume of ACR Stealer since January 2025. A notable aspect of the stealer malware is the use of a technique called dead drop
Published on: February 24, 2025 | Source:What defenders are learning from Black Bastaβs leaked chat logs
The ransomware syndicateβs internal chats exposed a wide swath of the groupβs inner workings. The post What defenders are learning from Black Bastaβs leaked chat logs appeared first on CyberScoop.
Published on: February 24, 2025 | Source:How APT Naming Conventions Make Us Less Safe
Only by addressing the inefficiencies of current naming conventions can we create a safer, more resilient landscape for all defenders.
Published on: February 24, 2025 | Source:Kaspersky Banned on Australian Government Systems
Australian government entities have been banned from using products and services of Russian cybersecurity company Kaspersky. The post Kaspersky Banned on Australian Government Systems appeared first on SecurityWeek.
Published on: February 24, 2025 | Source:More Research Showing AI Breaking the Rules
These researchers had LLMs play chess against better opponents. When they couldnβt win, they sometimes resorted to cheating. Researchers gave the models a seemingly impossible task: to win against Stockfish, which is one of the strongest chess engines in the world and a much better player than any human, or any of the AI models in the study. Researchers also gave the models what they call a βscratchpad:β a text box the...
Published on: February 24, 2025 | Source:US Charges Genesis Market User
A Michigan man has been charged for buying compromised credentials on Genesis Market and using and selling them. The post US Charges Genesis Market User appeared first on SecurityWeek.
Published on: February 24, 2025 | Source:β‘ THN Weekly Recap: From $1.5B Crypto Heist to AI Misuse & Appleβs Data Dilemma
Welcome to your weekly roundup of cyber news, where every headline gives you a peek into the world of online battles. This week, we look at a huge crypto theft, reveal some sneaky AI scam tricks, and discuss big changes in data protection. Let these stories spark your interest and help you understand the changing threats in our digital world. Threat of the Week Lazarus Group Linked to
Published on: February 24, 2025 | Source:Google Cloud KMS Adds Quantum-Safe Digital Signatures to Defend Against Future Threats
Google Cloud has announced quantum-safe digital signatures in Google Cloud Key Management Service (Cloud KMS) for software-based keys as a way to bulletproof encryption systems against the threat posed by cryptographically-relevant quantum computers. The feature, currently in preview, coexists with the National Institute of Standards and Technology's (NIST) post-quantum cryptography (PQC)
Published on: February 24, 2025 | Source:Becoming Ransomware Ready: Why Continuous Validation Is Your Best Defense
Ransomware doesnβt hit all at onceβit slowly floods your defenses in stages. Like a ship subsumed with water, the attack starts quietly, below the surface, with subtle warning signs that are easy to miss. By the time encryption starts, itβs too late to stop the flood. Each stage of a ransomware attack offers a small window to detect and stop the threat before itβs too late. The problem is
Published on: February 24, 2025 | Source:Laurie Anderson: Building an ARK | Starmus highlights
The pioneering multi-media artist reveals the creative process behind her stage show called ARK, which challenges audiences to reflect on some of the most pressing issues of our times
Published on: February 24, 2025 | Source:Australia Bans Kaspersky Software Over National Security and Espionage Concerns
Australia has become the latest country to ban the installation of security software from Russian company Kaspersky, citing national security concerns. "After considering threat and risk analysis, I have determined that the use of Kaspersky Lab, Inc. products and web services by Australian Government entities poses an unacceptable security risk to Australian Government, networks and data,
Published on: February 24, 2025 | Source:$1.5 Billion Bybit Heist Linked to North Korean Hackers
Companies and experts have found evidence linking the $1.5 billion Bybit cryptocurrency heist to North Korean Lazarus hackers. The post $1.5 Billion Bybit Heist Linked to North Korean Hackers appeared first on SecurityWeek.
Published on: February 24, 2025 | Source:Thailand Targets Cyber Sweatshops to Free 1,000s of Captives
Thai police said it was expecting to soon welcome 7,000 human trafficking victims, forced to work on cybercrime scams in call centers in Mynmar, in a first wave of people being freed from captivity.
Published on: February 24, 2025 | Source:Trump 2.0 Brings Cuts to Cyber, Consumer Protections
One month into his second term, President Trump's actions to shrink the government through mass layoffs, firings and withholding funds allocated by Congress have thrown federal cybersecurity and consumer protection programs into disarray. At the same time, agencies are battling an ongoing effort by the world's richest man to wrest control over their networks and data.
Published on: February 23, 2025 | Source:Former NSA, Cyber Command chief Paul Nakasone says U.S. falling behind its enemies in cyberspace
In a wide-ranging speech and interview, Nakasone also talked about Trump administration moves and the shape of cyber offensive operations. The post Former NSA, Cyber Command chief Paul Nakasone says U.S. falling behind its enemies in cyberspace appeared first on CyberScoop.
Published on: February 22, 2025 | Source:OpenAI Bans Accounts Misusing ChatGPT for Surveillance and Influence Campaigns
OpenAI on Friday revealed that it banned a set of accounts that used its ChatGPT tool to develop a suspected artificial intelligence (AI)-powered surveillance tool. The social media listening tool is said to likely originate from China and is powered by one of Meta's Llama models, with the accounts in question using the AI company's models to generate detailed descriptions and analyze documents
Published on: February 22, 2025 | Source:Top House E&C Republicans query public for ideas on data privacy law
A request for information from GOP leaders on the House Energy and Commerce Committee is Congressβ latest attempt to push comprehensive data privacy standards. The post Top House E&C Republicans query public for ideas on data privacy law appeared first on CyberScoop.
Published on: February 21, 2025 | Source:Friday Squid Blogging: New Squid Fossil
A 450-million-year-old squid fossil was dug up in upstate New York. Blog moderation policy.
Published on: February 21, 2025 | Source:Black Basta Goes Dark Amid Infighting, Chat Leaks Show
One of 2024's most active ransomware outfits has been asleep through early 2025, thanks to reality-show-style, behind-the-scenes drama.
Published on: February 21, 2025 | Source:Apple pulls end-to-end encryption feature from UK after demands for law enforcement accessΒ
Appleβs choice has caused some U.S. encryption defenders to worry about how the company may respond to similar requests from other governments. The post Apple pulls end-to-end encryption feature from UK after demands for law enforcement access appeared first on CyberScoop.
Published on: February 21, 2025 | Source: