IT Security News Daily Summary 2025-01-24

116 posts were published in the last hour

• 22:2 : Week in Review: Tik Tok’s return, Noem’s CISA plans, failed startup risks
• 21:4 : Unpatched Vulnerabilities Exist In RealHome Theme And Plugin
• 21:4 : U.S. CISA adds SonicWall SMA1000 flaw to its Known Exploited Vulnerabilities catalog
• 20:5 : IT Security News Hourly Summary 2025-01-24 21h : 6 posts
• 20:2 : Balancing Security and UX With Iterative Experimentation
• 20:2 : J-magic malware campaign targets Juniper routers
• 19:33 : Data sovereignty compliance challenges and best practices
• 19:13 : AMD processor vulnerability inadvertently leaked early
• 19:13 : Continuous Monitoring Guide: FedRAMP Meets Zero Trust
• 19:13 : Randall Munroe’s XKCD ‘Unit Circle’
• 18:31 : US Charges Five in North Korean IT Worker Hiring Scam
• 18:31 : Cybercriminals Exploit Cloud Services to Steal Login Information
• 18:8 : Three UK Investigates After Outage Impacted Some 999 Calls
• 18:8 : CISA Adds One Known Exploited Vulnerability to Catalog
• 17:32 : A Student Mentor’s TH-200 and OSTH Learning Experience
• 17:32 : My Journey with IR-200: Becoming an OffSec Certified Incident Responder (OSIR)
• 17:31 : How bots and fraudsters exploit video games with credential stuffing
• 17:8 : Texas scrutinizes four more car manufacturers on privacy issues
• 17:5 : IT Security News Hourly Summary 2025-01-24 18h : 5 posts
• 16:36 : CMA Secures Google Commitment To Tackle Fake Reviews
• 16:36 : Hackers Use XWorm RAT to Exploit Script Kiddies, Pwning 18,000 Devices
• 16:36 : The top 10 brands exploited in phishing attacks – and how to protect yourself
• 16:36 : Solving WAFs biggest challenge | Impart Security
• 16:15 : The best password managers for businesses in 2025: Expert tested
• 15:36 : Exploit Me, Baby, One More Time: Command Injection in Kubernetes Log Query
• 15:36 : Ransomware attacks surged in December 2024
• 15:36 : The best password managers for business in 2025: Expert tested
• 15:9 : Trump Signs AI ‘Free From Idealogical Bias’ Executive Order
• 15:9 : Don’t want your Kubernetes Windows nodes hijacked? Patch this hole now
• 15:9 : The Age of Unseen Truths And Deceptive Lies
• 15:8 : The Rise of Agentic AI: How Autonomous Intelligence Is Redefining the Future
• 15:8 : North Korean IT workers are extorting employers, FBI warns
• 14:31 : Subaru’s STARLINK Connected Car’s Vulnerability Let Attackers Gain Restricted Access
• 14:31 : Palo Alto Networks Makes Post Quantum Cryptography API Available
• 14:31 : AWS Announces £5m Grant for Cyber Education in the UK
• 14:7 : Seasoning email threats with hidden text salting
• 14:7 : Android Kiosk Tablets Vulnerability Let Attackers Control AC & Lights
• 14:7 : Hackers Earn $886,000 at Pwn2Own Automotive 2025, Targeting Charging Infrastructure
• 14:7 : North Korean dev who renamed himself ‘Bane’ accused of IT worker fraud scheme
• 14:7 : Subaru Starlink Vulnerability Exposed Cars to Remote Hacking
• 14:7 : GhostGPT: A Malicious AI Chatbot for Hackers
• 14:7 : Public Holidays And Weekends Make Companies More Vulnerable to Cyberattacks
• 14:6 : FortiGate Vulnerability Exposes 15,000 Devices to Risks
• 14:6 : Protect Your Tax Return from Fraud: Here’s What You Need to Know
• 14:6 : RANsacked: Over 100 Security Flaws Found in LTE and 5G Network Implementations
• 14:5 : IT Security News Hourly Summary 2025-01-24 15h : 5 posts
• 13:31 : North Korean Fake IT Workers More Aggressively Extorting Enterprises
• 13:13 : Android Kisok Tablets Vulnerability Let Attackers Control AC & Lights
• 13:13 : The 8 Things You Should Know About Cyber Attacks on the Education Sector and How to Prevent Them
• 13:13 : Tagged Files as a Road to Insider Threats
• 13:13 : US Charges Five People Over North Korean IT Worker Scheme
• 12:34 : CISA Warns of Old jQuery Vulnerability Linked to Chinese APT
• 12:34 : The Role of Data Governance in Strengthening Enterprise Cybersecurity
• 12:34 : Russian Scammers Target Crypto Influencers with Infostealers
• 12:33 : North America Faced Majority of Ransomware Incidents in December 2024
• 12:4 : CISA Releases Six ICS Advisories Details Security Issues
• 12:4 : The evolving landscape of data privacy: Key trends to shape 2025
• 12:4 : Cyber Insights 2025: Social Engineering Gets AI Wings
• 12:4 : “Always Verify”: Integrating Zero-Trust Security for Good Governance
• 11:34 : New Law Could Mean Prison for Reporting Data Leaks
• 11:34 : Palo Alto Networks Addresses Impact of BIOS, Bootloader Vulnerabilities on Its Firewalls
• 11:34 : Building Secure Multi-Cloud Architectures: A Framework for Modern Enterprise Applications
• 11:34 : 2025 State of SaaS Backup and Recovery Report
• 11:33 : North Korean IT Workers Holding Data Hostage for Extortion, FBI Warns
• 11:9 : PayPal Fined $2 Million Fine For Violating Cybersecurity Regulations
• 11:9 : KEYPLUG Infrastructure Exposed: Server Configurations and TLS Certificates Revealed
• 11:8 : Beware of Fake Captcha Verifications Spreading Lumma Malware
• 11:8 : Juniper Routers Exploited via Magic Packet Vulnerability to Deploy Custom Backdoor
• 11:8 : Cybersecurity Alert: Users Deceived By Fake Google CAPTCHA Pages
• 11:5 : IT Security News Hourly Summary 2025-01-24 12h : 6 posts
• 10:34 : Apono’s 2024 Achievements Set the Stage for Innovative Cloud Access Management in 2025
• 10:34 : Salt Typhoon Hacked Nine U.S. Telecoms, Tactics and Techniques Revealed
• 10:33 : DoJ Indicts 5 Individuals for $866K North Korean IT Worker Scheme Violations
• 10:9 : HellCat and Morpheus Ransomware Share Identical Payloads for Attacks
• 10:9 : SonicWall warns of a critical CVE-2025-23006 zero-day likely exploited in the wild
• 10:8 : Conduent Confirms Cyberattack After Government Agencies Report Outages
• 9:31 : Adapting fraud prevention for the hybrid working world
• 9:31 : US indicts five individuals in crackdown on North Korea’s illicit IT workforce
• 9:31 : Ransomware Gangs Linked by Shared Code and Ransom Notes
• 8:36 : Aviat Networks enhances software cybersecurity offering
• 8:36 : TSA’s Pekoske ousted, CISOs’ boardroom gain, Cisco vulnerability fix
• 8:36 : Stolen Credentials From Leading Cyber Security Vendors Selling For $10: Cyber Security Today, Friday, Jan 24, 2025
• 8:8 : Safeguarding Vital Sectors: The Need for Enhanced Security Practices in Critical Infrastructure Amid Rising Cyberattacks
• 8:8 : Android’s New Identity Check Feature Locks Device Settings Outside Trusted Locations
• 8:5 : IT Security News Hourly Summary 2025-01-24 09h : 4 posts
• 7:32 : 370+ Ivanti Connect Secure Exploited Using 0-Day Vulnerability
• 7:32 : Fear of Blame in Cybersecurity: Irish Workers Hesitant to Report Breaches
• 7:11 : BASHE Ransomware Allegedly Leaked ICICI Bank Customers Data
• 7:11 : The Unchanging Nature of Human Nature
• 6:34 : BCR Cyber and Maryland Association of Community Colleges Allocated $1.5 Million State Investment as Part of Maryland Governor’s Proposed Economic Growth Agenda
• 6:34 : Only 7 percent of organizations recover data after paying a ransom in malware attacks
• 6:34 : VPN Usage Surges Amid Age Verification Laws on Adult Websites
• 6:33 : CISA Adds Five-Year-Old jQuery XSS Flaw to Exploited Vulnerabilities List
• 6:6 : How is the world preparing for the future of AI?
• 6:6 : North Korean IT Workers Steal Companies Source Codes to Demand Ransomware
• 6:6 : China and friends claim success in push to stamp out tech support cyber-scam slave camps
• 5:34 : Zero-Click Outlook RCE Vulnerability (CVE-2025-21298), PoC Released
• 5:34 : GUI frontends for GnuPG, the free implementation of the OpenPGP standard
• 5:34 : Nearly half of CISOs now report to CEOs, showing their rising influence
• 5:8 : Court rules FISA Section 702 surveillance of US resident was unconstitutional
• 5:8 : Deepfakes force a new era in fraud detection, identity verification
• 5:5 : IT Security News Hourly Summary 2025-01-24 06h : 2 posts
• 4:31 : New infosec products of the week: January 24, 2025
• 4:6 : A K-12 Guide to the Digital Classroom
• 2:31 : Understanding the 3-Layers of Non-Human Identity (NHI) Security in TrustFour’s Posture and Attack Surface Management Framework
• 1:4 : [Guest Diary] How Access Brokers Maintain Persistence, (Fri, Jan 24th)
• 1:4 : Face Scans to Estimate Our Age: Harmful and Creepy AF
• 0:31 : ISC Stormcast For Friday, January 24th, 2025 https://isc.sans.edu/podcastdetail/9294, (Fri, Jan 24th)
• 0:13 : Trend Micro and CISA Secure-By-Design Pledge
• 0:13 : U.S. CISA adds JQuery flaw to its Known Exploited Vulnerabilities catalog
• 0:13 : Face Scans to Estimate Our Age: Creepy AF and Harmful
• 23:36 : One of Salt Typhoon’s favorite flaws still wide open on 91% of at-risk Exchange Servers
• 23:36 : Second Circuit Rejects Record Labels’ Attempt to Rewrite the DMCA
• 23:36 : Patch now: Cisco fixes critical 9.9-rated, make-me-admin bug in Meeting Management
• 23:11 : Insurance companies can reduce risk with Attack Path Management
• 23:5 : IT Security News Hourly Summary 2025-01-24 00h : 4 posts