IT Security News Daily Summary 2025-01-28

171 posts were published in the last hour

• 22:34 : Baguette bandits strike again with ransomware and a side of mockery
• 22:34 : Updated whitepaper available: Aligning to the NIST Cybersecurity Framework in the AWS Cloud
• 22:9 : What is spyware?
• 22:9 : Cato Networks Appoints Nicolas Warnier as VP of Sales for EMEA
• 22:8 : 3 priorities for adopting proactive identity and access security in 2025
• 21:34 : DeepSeek claims ‘malicious attacks’ disrupting AI service
• 21:34 : DEF CON 32 – Top War Stories From A TryHard Bug Bounty Hunter
• 21:2 : Apple zero-day vulnerability under attack on iOS devices
• 21:2 : VMware Warns of High-Risk Blind SQL Injection Bug in Avi Load Balancer
• 20:34 : AI is a double-edged sword: Why you need new controls to manage risk
• 20:13 : Testing and evaluating GuardDuty detections
• 20:5 : IT Security News Hourly Summary 2025-01-28 21h : 2 posts
• 19:7 : Hackers Claim 2nd Breach at HP Enterprise, Plan to Sell Access
• 19:6 : What Proponents of Digital Replica Laws Can Learn from the Digital Millennium Copyright Act
• 18:36 : Hackers Could Bypassing EDR Using Windows Symbolic Links to Disable Service Executables
• 18:36 : TorNet Backdoor Exploits Windows Scheduled Tasks to Deploy Malware
• 18:36 : Cloudflare CDN Vulnerability Exposes User Locations on Signal, Discord
• 18:36 : Japan’s New Active Cyber Defence Strategy to Counter Growing Threats
• 18:8 : How to Protect and Secure Your Data in 10 Ways
• 18:8 : IPany VPN Compromised in Supply Chain Attack Deploying Custom Malware
• 17:36 : This new Android feature protects your phone, even if someone has your PIN
• 17:36 : How SOC/DFIR Teams Prevent Ransomware Threats in Healthcare – A Case Study on Interlock Ransomware
• 17:36 : Complete Guide to AI Tokens: Understanding, Optimization, and Cost Management
• 17:36 : PureCrypter Deploys Agent Tesla and New TorNet Backdoor in Ongoing Cyberattacks
• 17:36 : AWS Firewall Manager retrofitting: Harmonizing central security with application team flexibility
• 17:5 : IT Security News Hourly Summary 2025-01-28 18h : 11 posts
• 17:4 : New TorNet Backdoor Exploits TOR Network in Advanced Phishing Attack
• 17:4 : Implementing and Testing Cryptographic Primitives With Go
• 17:4 : Outsmarting AI-powered cyber attacks: A 2025 playbook for real-time endpoint defense
• 17:4 : Ransomware attack on ENGlobal compromised personal information
• 17:4 : ENGlobal Cyber-Attack Exposes Sensitive Data
• 16:34 : Active Exploitation: New Aquabot Variant Phones Home
• 16:34 : Check Point Software champions data privacy on International Data Protection Day
• 16:34 : Microsoft Edge offers new tool to combat scareware – here’s how it works
• 16:34 : Apple fixes zero-day flaw affecting all devices
• 16:34 : California Law Enforcement Misused State Databases More Than 7,000 Times in 2023
• 16:34 : Lynx Ransomware Group Unveiled with Sophisticated Affiliate Program
• 16:4 : ScatterBrain: Unmasking the Shadow of PoisonPlug’s Obfuscator
• 16:4 : Rockwell Automation DataMosaix Private Cloud
• 16:4 : Schneider Electric Power Logic
• 16:4 : Rockwell Automation FactoryTalk
• 16:4 : Schneider Electric RemoteConnect and SCADAPack x70 Utilities
• 16:4 : B&R Automation Runtime
• 16:4 : Eclypsium Eyes Global Expansion with $45 Million Series C Investment
• 15:34 : Broadcom offers adapters with secure data encryption
• 15:34 : EU Sanctioned Three Russian Hackers for Attacking Govt Agencies
• 15:34 : Hackers Stolen $85 Million Worth of Cryptocurrency from Phemex
• 15:34 : Vulnerabilities in Telecom Networks Let Hackers Gain Access to 3,000 Companies
• 15:34 : New TorNet Backdoor Abusing Windows Schedule Task to Deliver Malware
• 15:34 : Protecting AWS environments from cyberthreats
• 15:34 : write waf rules faster with WAF Rule Writer | Impart Security
• 15:2 : OpenAI launches ChatGPT plan for U.S. government agencies
• 15:2 : PowerSchool begins notifying students and teachers after massive data breach
• 15:2 : Why Cybersecurity Compliance in Rail Transportation Has Never Been More Important, Or More Challenging to Keep on Track
• 15:2 : Leostream Privileged Remote Access secures access to corporate resources
• 15:2 : BackBox releases Network Cyber Resilience Platform
• 15:2 : Barracuda strengthens security capabilities in Email Protection
• 15:2 : OAuth Redirect Flaw in Airline Travel Integration Exposes Millions to Account Hijacking
• 14:34 : Lumma Stealer Found in Fake Crypto Tools and Game Mods on GitHub
• 14:34 : Survey Surfaces Extent of Financial Damage Caused by Ransomware Scourge
• 14:9 : How to protect your privacy from Facebook – and what doesn’t work
• 14:9 : Security pros more confident about fending off ransomware, despite being battered by attacks
• 14:9 : Hackers Exploit Outdated Electricity Controller Using Flipper Zero to Disconnect Power Supply
• 14:9 : NVIDIA GPU Display Driver Vulnerabilities Let Attackers Trigger DoS
• 14:9 : Apple users: Update your devices now to patch zero-day vulnerability
• 14:9 : Hackers Drain Over $85 Million From Crypto Exchange Phemex
• 14:9 : 58% of Ransomware Victims Forced to Shut Down Operations
• 14:8 : API Supply Chain Attacks Put Millions of Airline Users at Risk
• 14:5 : IT Security News Hourly Summary 2025-01-28 15h : 13 posts
• 13:36 : How to Use 1Password: A Guide for Beginners
• 13:36 : ENGlobal says hackers accessed ‘sensitive personal’ data during cyberattack
• 13:36 : European Union Sanctions Russian Nationals for Hacking Estonia
• 13:14 : Why Use AWS Lambda Layers? Advantages and Considerations
• 13:13 : Continuing to Pioneer Cyber Security Excellence and Shaping the Future
• 13:13 : C-Suite Leaders Embrace Platformization for Security Success
• 13:13 : Destroying EDR Service Executable File by Using a Combination of Windows Symbolic Links
• 13:13 : Why Cybersecurity At The Olympics (And All Major Global Events) Shouldn’t Take A Backseat
• 13:13 : DeepSeek Blames Disruption on Cyberattack as Vulnerabilities Emerge
• 13:13 : Hiya AI Phone blocks spam and irrelevant calls
• 13:13 : ForensicScope Regula 4125 detects counterfeit documents
• 13:13 : Europeans targeted with new Tor-using backdoor and infostealers
• 13:13 : Mega Data Breaches Push US Victim Count to 1.7 Billion
• 12:34 : CISA Under Trump
• 12:34 : Hiya AI Phone detects scammers in real-time
• 12:33 : AI SOC Analysts: Propelling SecOps into the future
• 12:7 : AI’s New Challenger: How DeepSeek is Shaking Up the Tech Giants
• 12:7 : Microsoft Unveils Phishing Attack Protection for Teams Chat
• 12:6 : Microsoft tests ‘scareware blocker’ for Edge that uses computer vision to detect scams
• 12:6 : ENGlobal Says Personal Information Accessed in Ransomware Attack
• 12:6 : Ransomware Threats, Led by FunkSec, Rise to New Heights
• 12:6 : EU Sanctions Three Russians For 2020 Cyber-Attack on Estonia
• 11:36 : Trump Says DeepSeek Is AI ‘Wake-Up Call’
• 11:36 : SonicWall Confirms Exploitation of New SMA Zero-Day
• 11:36 : Apple zero-day vulnerability exploited to target iPhone users (CVE-2025-24085)
• 11:36 : How Long Does It Take Hackers to Crack Modern Hashing Algorithms?
• 11:36 : Ransomware Targets ESXi Systems via Stealthy SSH Tunnels for C2 Operations
• 11:9 : New TorNet backdoor seen in widespread campaign
• 11:9 : Apple Security Update – Patch for iOS Zero-day, MacOS & More
• 11:9 : EU announced sanctions on three members of Russia’s GRU Unit 29155
• 11:9 : Hackers Using Hidden Text Salting Technique To Confuse Spam Filters & Evade Detection
• 11:9 : New Attack Mimics USPS To Deliver Malicious PDF In To Attack Mobile Devices
• 11:8 : Apple Patches First Exploited iOS Zero-Day of 2025
• 11:5 : IT Security News Hourly Summary 2025-01-28 12h : 15 posts
• 10:34 : Crypto Exchange KuCoin To Pay $297m In US Settlement
• 10:34 : Indian News Publishers Join OpenAI Legal Action
• 10:34 : New Phishing Scam Targets Amazon Prime Membership to Steal Credit Card Data
• 10:34 : Hackers Use Hidden Text Salting to Bypass Spam Filters and Evade Detection
• 10:34 : New Hacker Group Using 7z & UltraVNC Tool to Deploy Malware Evading Detection
• 10:34 : Hackers Mimic USPS To Deliver Malicious PDF In Attack Targeted Mobile Devices
• 10:34 : Stratoshark – A New Wireshark Tool Released for Cloud
• 10:34 : DeepSeek AI Rising Star Hit By CyberAttack
• 10:34 : Credentials of Major Cybersecurity Vendors Found on Dark Web for $10
• 10:9 : Empower individuals to control their biometric data: the new challenge across all sectors
• 10:9 : Fortinet Authentication Vulnerability Exploited to Gain Super-Admin Access
• 10:9 : Tackling the New CIS Controls
• 10:9 : Identifying and Responding to Investment Scams
• 10:8 : HeatGames – 647,896 breached accounts
• 10:8 : Google Issues Cloud Security Wake-Up Call as Threats Evolve
• 9:34 : Sweden Detains Ship In Latest Baltic Cable Damage Incident
• 9:34 : DeepSeek Says Open Source AI Image Model Beats OpenAI, Stability
• 9:34 : British Vishing-as-a-Service Trio Sentenced
• 9:7 : Ransomware Insurance: Rising Premiums, Uncertain Returns, and Alternative Strategies
• 9:7 : Chinese AI platform DeepSeek faced a “large-scale” cyberattack
• 9:7 : Critical One Identity Manager Vulnerability Let Attackers Escalate Privileges
• 9:7 : Akira’s New Linux Ransomware Attacking VMware ESXi Servers
• 9:7 : Certificate Management Self-Service Capabilities to Simplify Access and Boost Efficiency
• 8:34 : YMTC Achieves Memory Breakthrough In Spite Of US Sanctions
• 8:34 : Apple plugs security hole in its iThings that’s already been exploited in iOS
• 8:34 : What Makes This “Data Privacy Day” Different?
• 8:34 : Compliance Scorecard Version 7 simplifies compliance management for MSPs
• 8:34 : Sophisticated voice phishing, Opengrep consortium, DeepSeek suspends registrations
• 8:5 : IT Security News Hourly Summary 2025-01-28 09h : 11 posts
• 8:2 : Apple Security Update Fixed Actively Exploited Zero-day Vulnerability Affected iOS, macOS and More
• 8:2 : Apple Zero-day Vulnerability Actively Exploited to Attack iPhone Users
• 8:2 : Stratoshark – Wireshark Has Got a Friend for Cloud
• 8:2 : New Docker 1-Click RCE Attack Exploits Misconfigured API Settings
• 8:2 : New Phishing Campaign Mimic Amazon Prime Membership To Steal Credit Card Data
• 7:36 : Fileless Python InfoStealer Targeting Exodus, (Tue, Jan 28th)
• 7:36 : Data Privacy Day 2025: Protecting Sensitive Information Has Never Been More Critical
• 7:6 : Attackers Exploit PDFs in Sophisticated Mishing Attack
• 7:6 : GoDaddy’s Cybersecurity Called into Question
• 7:6 : Don’t Make Copyright Law in Smoke-Filled Rooms
• 7:6 : Top-Rated Chinese AI App DeepSeek Limits Registrations Amid Cyberattacks
• 6:36 : InvisibleFerret: Everything About Lazarus APT’s New Backdoor
• 6:36 : Bitwarden to enable two-step login for all users in the next days, sort of
• 6:13 : Cyber Attack on China AI startup DeepSeek halts registrations on iPhones
• 6:13 : Cyber Threats of Keeping Mobile Wi-Fi On: A Growing Concern
• 5:33 : FortiOS Authentication Bypass Vulnerability Exploited to Gain Super-Admin Access
• 5:13 : 74% of CISOs are increasing crisis simulation budgets
• 5:13 : BloodyAD: Open-source Active Directory privilege escalation framework
• 5:5 : IT Security News Hourly Summary 2025-01-28 06h : 2 posts
• 4:34 : Cybersecurity jobs available right now: January 28, 2025
• 4:33 : Apple Patches Actively Exploited Zero-Day Affecting iPhones, Macs, and More
• 4:4 : Microsoft Announces Phishing Attack Protection for Teams Chat Starting February 2025
• 3:31 : Doxbin Scrape – 435,784 breached accounts
• 3:4 : A Tumultuous Week for Federal Cybersecurity Efforts
• 2:8 : ISC Stormcast For Tuesday, January 28th, 2025 https://isc.sans.edu/podcastdetail/9298, (Tue, Jan 28th)
• 2:5 : IT Security News Hourly Summary 2025-01-28 03h : 1 posts
• 1:8 : 2025-01-23: Fake installer leads to Koi Loader/Koi Stealer
• 0:4 : Subaru STARLINK Flaw Enabled Remote Tracking and Control of Vehicles
• 0:4 : U.S. Shuts Down Another N. Korean IT Worker Scam, Indicting 5
• 23:34 : SonicWall says hackers are exploiting a new zero-day bug to breach customer networks
• 23:34 : Africa’s Payment Revolution: A Conversation With Flutterwave’s Olugbenga “GB” Agboola
• 23:34 : Passkeys are gaining popularity, but too much authentication is hard to manage
• 23:34 : DEF CON 32 – Simulating Attacks Against Hydroelectric Power Plants
• 23:34 : BTS #44 – Network Appliances: A Growing Concern
• 23:34 : Announcing upcoming changes to the AWS Security Token Service global endpoint
• 23:6 : In Gaming Item Scams and How to Avoid Them?
• 23:6 : How to switch off Apple Intelligence on your iPhone, iPad, and Mac
• 23:6 : Apple fixed the first actively exploited zero-day of 2025
• 23:5 : IT Security News Hourly Summary 2025-01-28 00h : 3 posts