IT Security News Daily Summary 2025-01-27

152 posts were published in the last hour

• 22:32 : DeepSeek’s Popular AI App Is Explicitly Sending US Data to China
• 22:32 : US freezes foreign aid, halting cybersecurity defense and policy funds for allies
• 21:31 : Fast-track generative AI security with Microsoft Purview
• 21:11 : TalkTalk confirms data breach involving a third-party platform
• 21:10 : DeepSeek Hit by Large-Scale Cyber Attack, Temporarily Limits Registrations
• 20:34 : Low-Cost Chinese AI Chatbot Roils Tech Stocks
• 20:11 : Inexpensive Chinese AI Chatbot Roils Tech Stocks
• 20:11 : TikTok bans explained: Everything you need to know
• 20:11 : Hackers Use Malicious PDFs, pose as USPS in Mobile Phishing Scam
• 20:11 : Building a culture of security: AWS partners with the BBC
• 20:5 : IT Security News Hourly Summary 2025-01-27 21h : 3 posts
• 19:31 : 6 ways to get the most from Data Privacy Week
• 19:6 : DeepSeek limits new accounts amid cyberattack
• 19:6 : Critical Flaws in VPN Protocols Leave Millions Vulnerable
• 18:36 : Hidden in Plain Sight: PDF Mishing Attack
• 18:36 : News alert: INE Security announces new initiative to help companies accelerate CMMC 2.0 compliance
• 18:36 : Vulnerability Summary for the Week of January 20, 2025
• 18:13 : DeepSeek Faces Large-scale Cyberattack, Halts New User Registrations
• 18:13 : It’s Copyright Week 2025: Join Us in the Fight for Better Copyright Law and Policy
• 17:34 : Managed Detection and Response: Key trends MSPs can’t afford to ignore
• 17:34 : DeepSeek suspends new registrations amid cyberattack
• 17:34 : Best Tor Browser Substitute for Risk-Free Web Surfing
• 17:34 : 2024 C5 Type 2 attestation report available with 179 services in scope
• 17:13 : Brave Desktop Browser Vulnerability Lets Malicious Sites Appear Trusted
• 17:13 : Critical Apache Solr Vulnerability Grants Write Access to Attackers on Windows
• 17:13 : Critical Vulnerability in IBM Security Directory Enables Session Cookie Theft
• 17:13 : White House Considers Oracle-Led Takeover of TikTok with U.S. Investors
• 17:13 : Google takes action after coder reports ‘most sophisticated attack I’ve ever seen’
• 17:13 : TalkTalk Confirms Data Breach, Downplays Impact
• 17:5 : IT Security News Hourly Summary 2025-01-27 18h : 1 posts
• 16:39 : Hidden Text Salting Disrupts Brand Name Detection Systems
• 16:3 : Google launches new Identity Check feature for data security
• 16:2 : Critical Isolation Vulnerability in Intel Trust Domain Extensions Exposes Sensitive Data
• 16:2 : GitHub Vulnerability Exposes User Credentials via Malicious Repositories
• 16:2 : How the ransomware attack at Change Healthcare went down: A timeline
• 16:2 : New Phishing Attack Using zero-width Characters to Bypass Security Filters
• 16:2 : Xerox Workplace Suite Vulnerability Let Attackers Bypass API Security
• 16:2 : New Attack Abusing Multicast Poisoning for PreAuthenticated Kerberos Relay
• 16:2 : Cyber Insights 2025: Cybersecurity Regulatory Mayhem
• 16:2 : Vulnerability Summary for the Week of January 13, 2025
• 16:2 : ⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [27 January]
• 16:2 : GitHub Desktop Vulnerability Risks Credential Leaks via Malicious Remote URLs
• 15:34 : Royal Mail SMS Phishing Scam Targets Victims with Fake Delivery Fee Requests
• 15:34 : Endor Labs and Allies Launch Opengrep, Reviving True OSS for SAST
• 15:34 : 5,000+ SonicWall firewalls still open to attack (CVE-2024-53704)
• 15:34 : ⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [27 January]
• 15:13 : Multiple Git flaws led to credentials compromise
• 15:13 : Burp Suite 2025.1 With New Intruder Options & Bug Fixes
• 15:13 : New Malware Campaign Using 7z & UltraVNC Tool To Deploy Malware
• 15:13 : Three Big Reasons Ransomware Payments Are Up More Than 5X Over Last Year
• 15:13 : ⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [27 January]
• 14:34 : The Role of Identity Verification in Financial Institutions
• 14:34 : UnitedHealth almost doubles victim numbers from massive Change Healthcare data breach
• 14:34 : Building Automation Protocols Increasingly Targeted in OT Attacks: Report
• 14:33 : ⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [27 January]
• 14:33 : Cybersecurity Experts Warn of Privacy Risks in Modern Automobiles
• 14:9 : Continuing the Sustainability Conversation
• 14:9 : World Economic Forum Annual Meeting 2025: Collectively Disrupting Cybercrime
• 14:9 : Exabeam Extends Generative AI Reach to LogRhythm SIEM
• 14:9 : A Closer Look at Torrenting and Its Applications
• 14:9 : ⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [27 January]
• 14:8 : SaaS Breaches Skyrocket 300% as Traditional Defenses Fall Short
• 14:8 : New Phishing Campaign Targets Mobile Devices with Malicious PDFs
• 14:5 : IT Security News Hourly Summary 2025-01-27 15h : 15 posts
• 13:36 : The Evolution of User Authentication With Generative AI
• 13:36 : 1Password Review: Features, Pricing & Security
• 13:36 : Threat Actors Weaponized XWorm RAT Builder To Attack Script Kiddies
• 13:36 : Chrome Security Update – Memory Corruption & Access Vulnerabilities Patched
• 13:36 : New Phishing Framework Attacking Multiple Brands To Steal Customer Logins
• 13:36 : Sweden seizes cargo ship after another undersea cable hit in suspected sabotage
• 13:36 : T-Mobile Enhances Cybersecurity with Yubikey Security Keys
• 13:36 : Silobreaker Tickets empowers intelligence teams with AI-augmented tools
• 13:36 : ⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [27 January]
• 13:11 : Introducing HT-ML Guard to Automatically Analyze and Secure HTML Files
• 13:11 : Industry Optimism Grows as TSA Proposes Balanced Cybersecurity Measures
• 13:11 : Best Practices for Securing Your SaaS Environment
• 13:11 : GamaCopy targets Russia mimicking Russia-linked Gamaredon APT
• 13:11 : The Rise in Phishing Scams
• 13:11 : Git Vulnerabilities Led to Credentials Exposure
• 12:34 : New VPN Backdoor
• 12:34 : SCAVY – Framework to Detect Memory Corruption in Linux Kernel for Privilege Escalation
• 12:34 : Apache Solr For Windows Vulnerability Allows Arbitrary Path write-access
• 12:33 : Humans are the Beating Heart of the Autonomous SOC
• 12:9 : Burp Suite 2025.1 Released, What’s New!
• 12:9 : Scammers Are Creating Fake News Videos to Blackmail Victims
• 12:9 : CDNs: Great for speeding up the internet, bad for location privacy
• 12:9 : Do You Know What Your Assets Are?
• 12:8 : Do We Really Need The OWASP NHI Top 10?
• 12:8 : CISOs Boost Crisis Simulation Budgets Amid High-Profile Cyber-Attacks
• 11:35 : An unusual “shy z-wasp” phishing, (Mon, Jan 27th)
• 11:34 : Meta Tests Advertising On Threads In US, Japan
• 11:34 : X Refused To Remove Video Viewed By Southport Killer
• 11:34 : SonicWall SMA Appliances Exploited in Zero-Day Attacks
• 11:34 : New Phishing Framework Attack Multiple Brands Login Pages To Steal Credentials
• 11:34 : Chrome Security Update – Patch for 3 High-Severity Vulnerabilities
• 11:34 : ESXi ransomware attacks use SSH tunnels to avoid detection
• 11:34 : Critical Intel Trust Domain Extensions Isolation Vulnerability Exposes Sensitive Data
• 11:34 : Industry Moves for the week of January 27, 2025 – SecurityWeek
• 11:34 : Change Healthcare Data Breach Impact Grows to 190 Million Individuals
• 11:34 : DMARC Email Security: A Guide to Protecting Your Domain
• 11:34 : Are Third-Party Risk Management Solutions Effective Enough?
• 11:8 : Subaru Bug Enabled Remote Vehicle Tracking and Hijacking
• 11:5 : IT Security News Hourly Summary 2025-01-27 12h : 11 posts
• 10:34 : Hackers stole sensitive information belonging to 62 million kids and almost 10 million teachers
• 10:34 : Meta To Spend Up To $65bn On AI This Year
• 10:34 : Banks Look To Sell Twitter Takeover Debt
• 10:34 : Silicon UK In Focus Podcast: Disruptive Trends Shaping Our Future
• 10:34 : Apache Solr For Windows instances Vulnerability Allows Arbitrary Path Write-Access
• 10:34 : LockBit Ransomware: 11-Day Timeline from Initial Compromise to Deployment
• 10:34 : Weaponised XWorm RAT Builder Attacking Script Kiddies To Hack 18,000 Devices
• 10:34 : Change Healthcare Breach Almost Doubles in Size to 190 Million Victims
• 10:9 : TalkTalk investigating data breach after hacker claims theft of customer data
• 10:9 : Attackers allegedly stole $69 million from cryptocurrency platform Phemex
• 10:9 : British Museum says ex-contractor ‘shut down’ IT systems, wreaked havoc
• 9:31 : ByteDance In Talks With US Over Non-Sale Options For TikTok
• 9:31 : Crypto Firms Sign Up To Trump-Linked Lobby Group
• 9:11 : New SCAVY Framework to Detect Memory Corruption Privilege Escalation in Linux Kernel
• 9:11 : Windows Charset Conversion Feature Exploited to Execute Remote Code
• 9:11 : Critical Fleet Server Vulnerability Exposes Sensitive Information
• 9:11 : GamaCopy Mimics Gamaredon Tactics in Cyber Espionage Targeting Russian Entities
• 9:11 : When Hackers Get Hacked: Cyber Security Today for January 27, 2025
• 8:37 : Trump Executive Order Sets Out Pro-Crypto Policy Shift
• 8:37 : Hackers Using RID Hijacking Technique To Create Secret Windows Admin Account
• 8:37 : Hackers Tool 11 Days To Deploy LockBit Ransomware From Initial Compromise
• 8:36 : GitLab Security Update – Patch for XSS Vulnerability in File Rendering
• 8:36 : A week in security (January 20 – January 26)
• 8:36 : CISA Board closed, UnitedHealth numbers rise, Llama’s LLM vulnerability
• 8:5 : IT Security News Hourly Summary 2025-01-27 09h : 3 posts
• 8:4 : A Strategic Approach to Container Security
• 7:32 : Researchers Exploited Windows Charset Conversion Feature to Execute Remote Code
• 7:32 : MintsLoader Delivers StealC Malware and BOINC in Targeted Cyber Attacks
• 7:2 : Gravy Analytics Breach, Subaru Starlink Vulnerability Exposed
• 6:31 : Protection Against Deepfake Cyber Threats: Navigating the Future of Digital Security
• 6:31 : GitLab Security Update – Patch for Multiple Vulnerabilities
• 6:31 : GitHub Vulnerability Let Malicious Repos To Leaks Users Credentials
• 6:11 : Generative AI fuels more Cyber Crime
• 6:10 : AI security posture management will be needed before agentic AI takes hold
• 5:31 : Critical Vulnerability in Meta Llama Framework Let Remote Attackers Execute Arbitrary Code
• 5:31 : Don’t let these open-source cybersecurity tools slip under your radar
• 5:5 : IT Security News Hourly Summary 2025-01-27 06h : 5 posts
• 5:4 : Three privacy rules for 2025 (Lock and Code S06E02)
• 5:4 : Cyber trends set to influence business strategies
• 4:31 : How to use Apple’s App Privacy Report to monitor data tracking
• 4:8 : Critical Vulnerability in Meta’s Llama Framework Exposes AI Systems to Remote Attacks
• 4:8 : UnitedHealth Ransomware Attack Exposes 190 Million Users’ Personal & Healthcare Data
• 2:15 : Cobalt Strike and a Pair of SOCKS Lead to LockBit Ransomware
• 0:33 : ISC Stormcast For Monday, January 27th, 2025 https://isc.sans.edu/podcastdetail/9296, (Mon, Jan 27th)
• 0:13 : Innovative Approaches to Secrets Scanning
• 0:13 : Scaling Security with Automated Identity Management
• 0:13 : Empowering Cloud Compliance with Seamless Security
• 23:5 : IT Security News Hourly Summary 2025-01-27 00h : 2 posts
• 22:58 : IT Security News Weekly Summary 04