Cybersecurity

American Standard is allegedly breached by RansomHub⤵️
#ransomware #cybersecurity #infosec

https://cnews.link/american-standard-ransomware-attacked-ransomhub/

Davos leaders outlined bold plans to address cyber threats, from AI risks to geopolitical tensions, stressing digital resilience.

#AI #risks #Technology #cybersecurity #cyberthreats

https://cnews.link/world-economic-forum-cyber-complexity-1/

Cloudflare saw the number of distributed DDoS attacks surge by 53% in 2024. One record-breaking DDoS attack peaked at 5.6 Tbps.

#DDoS #cyberattack #cybersecurity #cybercrime #server

https://cnews.link/largest-ddos-attacks-torture-servers-with-5tbps-1/

Rostelecom, a major Russian telecommunications provider, says it’s investigating a cyberattack on one of its contractors.

#Russia #telecommunications #cyberattack #cybersecurity #Hacked

https://cnews.link/rostelecom-russia-telecom-data-leak-1/

Apparently there's a major #vulnerability in #AMD CPUs: "AMD Microcode Signature Verification Vulnerability."

The vulnerability was leaked by #ASUS in their beta BIOS changelog:

https://web.archive.org/web/20250106151231/https://rog.asus.com/motherboards/rog-strix/rog-strix-x870-i-gaming-wifi/helpdesk_bios/

ASUS has since removed this entry from the changelog since it likely broke the embargo. Either way, this is not great as the new firmware is largely not yet available and likely won't be for a long while.

#infosec #cybersecurity

🧪 NEW BETA RELEASES 🧪

📱 iOS 18.3 RC (22D60)
📱 iPadOS 17.7.4 RC (21H414)
📱 iPadOS 18.3 RC (22D60)
💻 macOS 15.3 RC (24D60)
📺 tvOS 18.3 RC (22K557)
🥽 visionOS 2.3 RC (22N896)
⌚ watchOS 11.3 RC (22S553)

#apple #cybersecurity #infosec #security #ios

The Medusa ransomware group has claimed an attack on Gateshead Council in North East England.

Learn what you need to know about the Medusa ransomware, in my article on the Tripwire blog:

https://www.tripwire.com/state-of-security/medusa-ransomware-what-you-need-know

#ransomware #cybersecurity

Researchers found two Office 365 campaigns stealing data and deploying ransomware, linked to Russian cybercriminals.

#Microsoft #teams #CyberSecurity #ransomware #cybercrime #Russian

https://cnews.link/russian-hackers-ransomware-microsoft-teams-sophos-3/

A new ransomware variant has appeared on various underground forums.

#ransomware #CyberSecurity #Hacking #cybercrime

https://cnews.link/dangerous-new-nnice-ransomware-laughs-at-victims-1/

Late last week, we announced that we'd been made aware of vulnerabilities in both the rsync server and client.

Here's what you should know about the impact and mitigation: https://almalinux.org/blog/2025-01-17-rsync-vulnerabilities/ #cybersecurity #OpenSource #Linux

FBI and the Cybersecurity and Infrastructure Security Agency (CISA) are urging vendors to prioritize security to reduce customer risk.

#FBI #CISA #CyberSecurity #software

https://cnews.link/fbi-cisa-alert-software-vendors-stop-hardcoding-secrets-1/

🚀 Cybersecurity is a global effort! Join LF Research, OpenSSF & LF Europe’s Cybersecurity Readiness Survey to shape best practices and access key insights.
👉 https://www.research.net/r/MR35RMF
#Cybersecurity #LFResearch

Apparently #macOS now considers #Docker malware.

#infosec #cybersecurity

Cybercriminals are scamming victims and good Samaritans amid the LA wildfire devastation.

#LosAngelesFire #cybersecurity #cybercriminals #scam #cybercrime

https://cnews.link/cybercriminals-exploit-la-wildfires-1/

Russian hacker group Star Blizzard's latest phishing campaign weaponizes QR codes on WhatsApp, signaling a new era of cyber warfare.

#Russia #hack #phishing #QR #WhatsApp #CyberSecurity

https://cnews.link/russian-hackers-whatsapp-ukraine-1/

The FBI is rushing to protect informants' identities after an AT&T breach exposed their numbers in April, Bloomberg reported.

#FBI #databreach #CyberSecurity #DataSecurity #dataprivacy

https://cnews.link/att-hackers-access-fbi-agents-call-logs-exposing-informants-3/

🐛 NEW SECURITY CONTENT 🐛

📺 tvOS 18.2.1 - no CVE entries

#apple #cybersecurity #infosec #security #ios

🧪 NEW BETA RELEASES 🧪

📱 iOS 18.3 beta 3 (22D5055b)
📱 iPadOS 18.3 beta 3 (22D5055b)
💻 macOS 15.3 beta 3 (24D5055b)
🥽 visionOS 2.3 beta 3 (22N5894a)

#apple #cybersecurity #infosec #security #ios

Cybercriminals with links to Russia are running a large-scale hacking operation, sending spoofed emails and delivering trojan malware.

#cybercrime #CyberSecurity #Russia #hacker #malware #trojan

https://cnews.link/mikrotik-router-botnet-spreads-malware-obscures-hackers-1/

The Cl0p gang, echoing MOVEit hacks, threatens to leak data from 59 companies breached via Cleo unless ransom talks start by Friday.

#cybersecurity #ransomware #cyberattack #Hacked #databreach

https://cnews.link/clop-ransomware-cleo-hack-threatens-to-publish-victim-data-1/

🔄 37 ENTRY CHANGES 🔄

📱 iOS and iPadOS 18.1 - 5 added, 1 updated
https://support.apple.com/en-us/121563
💻 macOS Sequoia 15.1 - 5 added
https://support.apple.com/en-us/121564
📱 iOS and iPadOS 17.5 - 4 added, 1 updated
https://support.apple.com/en-us/120905
⌚ watchOS 10.5 - 2 added, 1 updated
https://support.apple.com/en-us/120902
💻 macOS Sonoma 14.5 - 2 added, 1 updated
https://support.apple.com/en-us/120903
🥽 visionOS 1.2 - 2 added
https://support.apple.com/en-us/120906
📺 tvOS 17.5 - 2 added
https://support.apple.com/en-us/120901
📱 iOS and iPadOS 17.7.1 - 2 added
https://support.apple.com/en-us/121567
📱 iOS and iPadOS 16.7.8 - 2 added
https://support.apple.com/en-us/120898
⌚ watchOS 11.1 - 1 added
https://support.apple.com/en-us/121565
🥽 visionOS 2.1 - 1 added
https://support.apple.com/en-us/121566
💻 macOS Ventura 13.7.1 - 1 added
https://support.apple.com/en-us/121568
💻 macOS Ventura 13.6.7 - 1 added
https://support.apple.com/en-us/120900
💻 macOS Sonoma 14.7.1 - 1 added
https://support.apple.com/en-us/121570
💻 macOS Monterey 12.7.5 - 1 added
https://support.apple.com/en-us/120899
🌐 Safari 17.5 - 1 added
https://support.apple.com/en-us/120896

#apple #cybersecurity #infosec #security #ios

"Apart from Palm Beach Networks (as it was known at the time), Barcelona is home to several other exploit and spyware makers that are also making the most of the city’s sunny, temperate weather, fresh seafood, and vibrant expat community.

Among them are Paradigm Shift, which was founded by former employees of Variston in the aftermath of the company’s collapse last year; and Epsilon, which is led by Jeremy Fetiveau, an industry veteran who used to work for a division within U.S. defense giant L3Harris that was created after the company acquired the Australian startup Azimuth. Fetiveau did not return a request for comment.

The city is said to also be home to an unnamed group of Israeli researchers who moved to Barcelona from Singapore to work on developing zero-day exploits. The existence of this unnamed team as well as Epsilon’s presence in Barcelona was first reported by Israeli newspaper Haaretz, whose article sparked coverage in local newspapers and news websites.

Other cybersecurity companies have a presence in Barcelona, even if they are not headquartered there. Andrijana Šekularac, the chief executive of Austrian cybersecurity company SAFA, lives in the city, according to her public LinkedIn profile. SAFA has sponsored offensive cybersecurity conferences, including OffensiveCon and Hexacon, and employs at least two security researchers with past experience at spyware companies, according to their public LinkedIn profiles. Šekularac also did not respond to a request for comment.

These zero-day and spyware companies are part of a broader cybersecurity and startup ecosystem in Barcelona. As of last year, according to the Catalan regional government, there were more than 10,000 people working for more than 500 cybersecurity companies in Barcelona, or around 50% more workers than five years earlier."

https://techcrunch.com/2025/01/13/how-barcelona-became-an-unlikely-hub-for-spyware-startups/

#EU #Spain #Barcelona #CyberSecurity #Spyware #israel #ZeroDay #StartUps

Cybercriminals in Brazil and Asia use fake Google Ads to steal login credentials and compromise accounts.

#CyberSecurity #Google #account #Brazil #Asia #cybercrime

https://cnews.link/hackers-stealing-google-ads-accounts-publish-fake-ads-2/

La Roux duo might be bulletproof, as per their hit song, but artificial intelligence (AI) is not. At least not when it’s a sole defender of email against phishing emails.

#AI #email #cyberattack #cybersecurity #infosec #phishing

https://cnews.link/qr-code-and-captcha-combo-cyberattack-1/

▪ @cybernews@infosec.exchange research ▪ Arrival times, price paid, and contact details – over 24 million records with sensitive data were left passwordless online.

#cybersecurity #DataSecurity #DataPrivacy #online #infosec #hotel

https://cnews.link/honotel-data-leak-exposes-millions-of-guests-3/