IT Security News Daily Summary 2025-01-09

143 posts were published in the last hour

• 22:26 : Meta’s New Content Policy Will Harm Vulnerable Users. If It Really Valued Free Speech, It Would Make These Changes
• 22:26 : Look for the label: White House rolls out ‘Cyber Trust Mark’ for smart devices
• 21:32 : Rumble Among 15 Targets of Texas Attorney General’s Child Privacy Probe
• 21:31 : Candy Crush, Tinder, MyFitnessPal: See the Thousands of Apps Hijacked to Spy on Your Location
• 21:19 : Chinese-linked Hackers May Be Exploiting Latest Ivanti Vulnerability
• 20:22 : What’s Next for Open Source Software Security in 2025?
• 20:22 : How the US TikTok Ban Would Actually Work
• 20:22 : Randall Munroe’s XKCD ‘Features of Adulthood’
• 20:5 : IT Security News Hourly Summary 2025-01-09 21h : 3 posts
• 19:32 : Do we still have to keep doing it like this?
• 19:11 : The Key to AI-Enabled Multi-Coalition Warfare
• 19:11 : US Billionaire Proposes Bid For TikTok’s US Assets
• 18:32 : Harnessing AI for Proactive Threat Intelligence and Advanced Cyber Defense
• 18:3 : The Best of CES 2025 awards are in, as selected by ZDNET and the rest of CNET Group
• 18:2 : How to encrypt any email – in Outlook, Gmail, and other popular services
• 18:2 : Facebook awards researcher $100,000 for finding bug that granted internal access
• 18:2 : Banking Fraud: Jumped Deposit Scam Targets UPI Users
• 18:2 : RIBridges Data Breach: Sensitive Information of Rhode Islanders Exposed
• 18:2 : Banshee Stealer variant targets Russian-speaking macOS users
• 18:2 : Major Vulnerabilities Patched in SonicWall, Palo Alto Expedition, and Aviatrix Controllers
• 17:32 : Zero-Day Vulnerability in Ivanti VPN
• 17:32 : Fancy Product Designer Plugin Flaws Expose WordPress Sites
• 17:32 : Securing a city-sized event: How Amazon integrates physical and logical security at re:Invent
• 17:16 : Google Donates $1 Million To Donald Trump Inauguration Fund
• 17:16 : Space Bears Ransomware: What You Need To Know
• 17:15 : How Do Hackers Exploit Your Vulnerabilities?
• 17:15 : Google Chrome AI extensions deliver info-stealing malware in broad attack
• 17:15 : ‘FireScam’ Malware Targets Android Users with Fake Telegram Premium App
• 17:15 : Practical Tips to Avoid Oversharing and Protect Your Online Privacy
• 17:5 : IT Security News Hourly Summary 2025-01-09 18h : 12 posts
• 16:32 : PowerSchool says hackers stole students’ sensitive data, including Social Security numbers, in data breach
• 16:32 : The Hidden Costs of Poor Access Management: Why Small Businesses Can’t Afford to Ignore It
• 16:32 : Open Interfaces Needed to Cut Security Operations Costs & Boost Efficiency
• 16:32 : Japan Faces Prolonged Cyber-Attacks Linked to China’s MirrorFace
• 16:18 : PowerSchool software cyber attack might impact 45m students in the United States
• 16:18 : Microsoft Confirms Job Cuts Based On Performance
• 16:18 : Diffbot’s AI model doesn’t guess — it knows, thanks to a trillion-fact knowledge graph
• 16:18 : IPVanish VPN Review: Is It Really as Secure as Claimed?
• 16:18 : December ransomware attacks slam healthcare, public services
• 16:18 : Ukrainian Cyber Alliance destroyed the connectivity of Russian ISP Nodex
• 16:18 : Massive breach at location data seller: “Millions” of users affected
• 16:18 : PowerSchool Reportedly Pays Ransom to Prevent Student Data Leak
• 15:32 : Cybersecurity Risks in Crypto: Phishing, Ransomware and Other Emerging Threats
• 15:18 : Wordfence Intelligence Weekly WordPress Vulnerability Report (December 16, 2024 to January 5, 2025)
• 15:18 : Criminal IP Launches Real-Time Phishing Detection Tool on Microsoft Marketplace
• 15:18 : Diffbot’s AI model doesn’t guess—it knows, thanks to a trillion-fact knowledge graph
• 15:18 : Zero-day exploits plague Ivanti Connect Secure appliances for second year running
• 14:33 : Security Implications of Configuration Drift
• 14:33 : New Banshee Stealer Variant Bypasses Antivirus with Apple’s XProtect-Inspired Encryption
• 14:13 : Outgoing SEC Chair Gary Gensler Lashes Out At Crypto Industry
• 14:13 : A Hands-On Guide to Enable Amazon GuardDuty on AWS Account
• 14:13 : GroupGreeting e-card site attacked in “zqxq” campaign
• 14:13 : Darktrace to Acquire Incident Investigation Firm Cado Security
• 14:13 : Leveraging Government Grants to Enhance Critical Security Systems
• 14:5 : IT Security News Hourly Summary 2025-01-09 15h : 11 posts
• 13:32 : Security pros baited with fake Windows LDAP exploit traps
• 13:32 : Building Resilience Into Cyber-Physical Systems Has Never Been This Mission-Critical
• 13:32 : Code Intelligence Spark automates software testing
• 13:32 : Product Review: How Reco Discovers Shadow AI in SaaS
• 13:18 : Thousands of Live Hacker Backdoors Found in Expired Domains
• 13:18 : New PayPal Phishing Abusing Microsoft365 Domains for Sophisticated Attacks
• 13:18 : Cracking the Code: How Banshee Stealer Targets macOS Users
• 13:18 : Hackers are exploiting a new Ivanti VPN security bug to hack into company networks
• 13:17 : U.S. CISA adds Ivanti Connect Secure, Policy Secure, and ZTA Gateways flaw to its Known Exploited Vulnerabilities catalog
• 13:17 : GFI KerioControl Firewall Vulnerability Exploited in the Wild
• 13:17 : EU Commission Liable for Breaching EU’s Own Data Protection Rules
• 12:32 : Cybersecurity Resolutions for 2025
• 12:32 : The ‘Worst in Show’ CES Products Put Your Data at Risk and Cause Waste, Privacy Advocates Say
• 12:32 : Ivanti Connect Secure zero-day exploited since mid-December (CVE-2025-0282)
• 12:20 : Japan Links 200 Cyberattacks To Chinese Hackers MirrorFace
• 12:20 : APT32 Hacker Group Attacking Cybersecurity Professionals Poisoning GitHub
• 12:20 : The School Shootings Were Fake. The Terror Was Real
• 12:20 : WatchGuard Acquires ActZero
• 12:20 : From Silos to Synergy: Transforming Threat Intelligence Sharing in 2025
• 12:20 : India’s Growing Gaming Industry: Opportunities and Privacy Concerns
• 12:19 : MirrorFace Leverages ANEL and NOOPDOOR in Multi-Year Cyberattacks on Japan
• 12:19 : Webinar: Learn How to Stop Encrypted Attacks Before They Cost You Millions
• 11:31 : Fortinet CISO Details ‘Phish-Free’ Phishing Scheme Using PayPal
• 11:18 : Apple Says It Never Sold Recordings Made By Siri
• 11:18 : Cohere just launched ‘North’, its biggest AI bet yet for privacy-focused enterprises
• 11:18 : SOC Scalability: How AI Supports Growth Without Overloading Analysts
• 11:18 : Exploitation of New Ivanti VPN Zero-Day Linked to Chinese Cyberspies
• 11:18 : How to Secure Your Home Wi-Fi Network
• 11:17 : India Launches ‘Report and Check Suspect’ Feature to Combat Cybercrime
• 11:17 : Critical RCE Flaw in GFI KerioControl Allows Remote Code Execution via CRLF Injection
• 11:17 : Government Launches £1.9m Initiative to Boost UK’s Cyber Resilience
• 11:5 : IT Security News Hourly Summary 2025-01-09 12h : 8 posts
• 10:32 : Green Bay Packers Store Hacked – Thousands of Credit Cards Data Stolen
• 10:32 : New Great Morpheus Hacker Group Claims Hacking Into Arrotex Pharmaceuticals And PUS GmbH
• 10:31 : Malicious Solana Packages Attacking Devs Abusing Slack And ImgBB For Data Theft
• 10:20 : Is this Website Safe: How to Check Website Safety – 2025
• 10:20 : It’s Time Businesses Address the UK’s Cybersecurity Talent Shortage
• 10:20 : Top 10 Data Loss Prevention (DLP) Tools for 2025
• 10:19 : Top Cybersecurity Conferences & Events in India 2025
• 10:19 : Critical Ivanti Zero-Day Exploited in the Wild
• 9:32 : Green Bay Packers Pro Shop Data Breach Compromises Customers
• 9:9 : Research that builds detections
• 9:9 : Gitlab Patches Multiple Vulnerabilities Including Resource Exhaustion & User Manipulation
• 9:9 : AI Governance: Building Ethical and Transparent Systems for the Future
• 9:9 : Wireshark 4.4.3 released: Updated protocol support, bug fixes
• 8:32 : BreachLock Unified Platform provides visibility into the organization’s attack surface
• 8:32 : PowerSchool hacked, Cyber Force study, EC gets GDPR fine
• 8:13 : Non-Human Identity Security Strategy for Zero Trust Architecture
• 8:13 : The ongoing evolution of the CIS Critical Security Controls
• 8:5 : IT Security News Hourly Summary 2025-01-09 09h : 3 posts
• 7:32 : Synology ActiveProtect boosts enterprise data protection
• 7:15 : Information Stealer Masquerades as LDAPNightmare (CVE-2024-49113) PoC Exploit
• 7:15 : Palo Alto Networks Expedition Tool Vulnerability Let Attackers Access Cleartext Passwords
• 6:32 : Mitigating Risks with Privileged Access Management
• 6:32 : Optimizing Cloud Security with Advanced Secrets Scanning
• 6:18 : Wireshark 4.4.3 Released: What’s New!
• 6:17 : Ivanti 0-Day Vulnerability Exploited in Wild-Patch Now
• 6:17 : VIPRE Security Shares Cybersecurity Trends for 2025
• 6:17 : Ivanti Warns of Active Exploitation of a Vulnerability in Connect Secure
• 5:32 : Gravy Analytics data breach could put millions to data security risks
• 5:32 : State-aligned APT groups are increasingly deploying ransomware – and that’s bad news for everyone
• 5:32 : Japanese police claim China ran five-year cyberattack campaign targeting local orgs
• 5:32 : Sara: Open-source RouterOS security inspector
• 5:32 : GitLab CISO on proactive monitoring and metrics for DevSecOps success
• 5:31 : Ivanti Flaw CVE-2025-0282 Actively Exploited, Impacts Connect Secure and Policy Secure
• 5:13 : Mirai Botnet Variant Exploits Zero-Day Vulnerabilities in Routers
• 5:13 : Researchers Reveal Exploitation Techniques of North Korean Kimsuky APT Group
• 5:5 : IT Security News Hourly Summary 2025-01-09 06h : 4 posts
• 4:32 : Japanese Police claim China ran five-year cyberattack campaign targeting local orgs
• 4:32 : What Makes You… You? A Philosophical Take on Non-Human Identity
• 4:31 : Cybersecurity in 2025: Global conflict, grown-up AI, and the wisdom of the crowd
• 4:13 : Japanese Police claim China ran five-year cyberattack campaign
• 2:9 : ISC Stormcast For Thursday, January 9th, 2025 https://isc.sans.edu/podcastdetail/9272, (Thu, Jan 9th)
• 2:9 : Examining Redtail Analyzing a Sophisticated Cryptomining Malware and its Advanced Tactics [Guest Diary], (Thu, Jan 9th)
• 2:8 : The US has a new cybersecurity safety label for smart devices
• 2:5 : IT Security News Hourly Summary 2025-01-09 03h : 4 posts
• 1:11 : The U.S. has a new cybersecurity safety label for smart devices
• 1:11 : I tried hard, but didn’t fix all of cybersecurity, admits outgoing US National Cyber Director
• 1:11 : Database tables of student, teacher info stolen from PowerSchool in cyberattack
• 1:11 : DEF CON 32 – Student Engagement Doesn’t Have to Suck
• 0:9 : Ivanti Connect Secure VPN Targeted in New Zero-Day Exploitation
• 0:9 : SonicWall warns of an exploitable SonicOS vulnerability
• 0:8 : I tried hard, but didn’t fix cybersecurity, admits outgoing US National Cyber Director
• 23:32 : Fast Pace Health: Zero Phishing Incidents Since Harmony Email & Collaboration Implementation
• 23:32 : Ivanti Releases Security Updates for Connect Secure, Policy Secure, and ZTA Gateways
• 23:31 : CISA Adds One Vulnerability to the KEV Catalog
• 23:5 : IT Security News Hourly Summary 2025-01-09 00h : 5 posts
• 22:55 : IT Security News Daily Summary 2025-01-08