IT Security News Daily Summary 2025-01-30

199 posts were published in the last hour

• 22:20 : Recent Jailbreaks Demonstrate Emerging Threat to DeepSeek
• 22:20 : VMware plugs steal-my-credentials holes in Cloud Foundation
• 22:20 : Data resilience and data portability
• 22:20 : Executive Order to the State Department Sideswipes Freedom Tools, Threatens Censorship Resistance, Privacy, and Anonymity of Millions
• 21:34 : AngelSense exposed location data and personal information of tracked users
• 21:34 : The Internet Never Forgets: Fighting the Memory Hole
• 20:36 : Justice Department Sues to Block $14 Billion Juniper Buyout by Hewlett Packard Enterprise
• 20:36 : Hiya AI Phone App Protects Against Deepfakes, Other Scams
• 20:18 : How to Tell If Someone Hacked Your Router: 10 Signs + Tips
• 20:18 : What is blockchain? Definition, examples and how it works
• 20:18 : Tria Stealer Trojan Exploits Android Phones To Exfiltrate SMS Messages
• 20:17 : Phorpiex Botnet Distributes LockBit Ransomware Through Compromised Websites
• 20:5 : IT Security News Hourly Summary 2025-01-30 21h : 9 posts
• 19:34 : DeepSeek Locked Down Public Database Access That Exposed Chat History
• 19:34 : VMware Patches High-Risk Flaws in Oft-Targeted Aria Operations Products
• 19:16 : Defeating Future Threats Starts Today
• 19:16 : Fake Apps: What They Are and How to Spot Them
• 19:16 : US Justice Department says cybercrime forum allegedly affected 17 million Americans
• 19:16 : Top 3 Most Popular Malware TTPs of the Past Year
• 19:15 : Arcus Media Ransomware Delete Backup, Clear Logs, Disable Remote After Lock The Files
• 19:15 : Conifers.ai Scores $25M Investment for Agentic AI SOC Technology
• 19:15 : Randall Munroe’s XKCD ‘Humidifier Review’
• 18:35 : Mistral Small 3 brings open-source AI to the masses — smaller, faster and cheaper
• 18:35 : Brian Greene: Until the end of time | Starmus highlights
• 18:34 : Rockwell Automation FactoryTalk AssetCentre
• 18:34 : CISA Releases Fact Sheet Detailing Embedded Backdoor Function of Contec CMS8000 Firmware
• 18:34 : CISA Releases Eight Industrial Control Systems Advisories
• 18:34 : Hitachi Energy UNEM
• 18:34 : New Rock Technologies Cloud Connected Devices
• 18:34 : Trump admin’s purge of US cyber advisory boards was ‘foolish,’ says ex-Navy admiral
• 18:34 : Cybersecurity GRC (Governance, Risk, Compliance) | Kovrr
• 18:34 : RAG evaluation series: validating the RAG performance of Amazon Titan vs Cohere using Amazon Bedrock
• 18:34 : What is data privacy in healthcare? everything you need to know
• 18:34 : Amazon Redshift enhances security by changing default behavior in 2025
• 18:14 : New Android Malware Exploiting Wedding Invitations to Steal Victims WhatsApp Messages
• 18:14 : Hackers Exploiting DNS Poisoning to Compromise Active Directory Environments
• 18:14 : 2025-01-28: Malware infection from web inject activity
• 18:13 : 2025-01-30: XLoader infection
• 18:13 : Mistral Small 3 brings open source AI to the masses—smaller, faster, and cheaper
• 18:13 : CybaVerse AI launched to redefine how MSPs deliver security
• 18:13 : KnowBe4 Urges Organisations to Adopt Secure Password Practices on Change Your Password Day 2025
• 18:13 : How Spread Betting Platforms Safeguard Traders Against Cyber Risks
• 18:13 : Taming Shadow AI: Valence Security, Endor Labs Unveil New Protections to Counter Hidden AI Threats
• 17:37 : PCAPs or It Didn’t Happen: Exposing an Old Netgear Vulnerability Still Active in 2025 [Guest Diary], (Thu, Jan 30th)
• 17:37 : Doppler Announces Integration with Datadog to Streamline Security and Monitoring
• 17:36 : Cybercriminals Exploit Public-Facing IIS, Apache, and SQL Servers to Breach Gov & Telecom Systems
• 17:36 : Hackers Impersonate Top Tax Firm with 40,000 Phishing Messages to Steal Credentials
• 17:36 : Arcus Media Ransomware Strikes: Files Locked, Backups Erased, and Remote Access Disabled
• 17:36 : 500 Million Proton VPN & Pass Users at Risk Due to Memory Protection Vulnerability
• 17:36 : Infrastructure Laundering: Blending in with the Cloud
• 17:36 : DORA Compliance for MSPs – How to Help Your Clients
• 17:36 : Backline Emerges From Stealth With $9M in Funding for Vulnerability Remediation Platform
• 17:36 : Google Blocked 2.36 Million Policy-Violating Apps
• 17:9 : Microsoft Enhances Windows 11 Security with Admin Protection to Prevent Crowdstrike-Like Incident
• 17:9 : Cerebras becomes the world’s fastest host for DeepSeek R1, outpacing Nvidia GPUs by 57x
• 17:9 : New Android Malware Exploiting Wedding Invitations to Steal Victims WhatsApp Messages
• 17:9 : Cyber Insights 2025: Cyberinsurance – The Debate Continues
• 17:9 : Three Ways To Prevent Insider Threat Driven Data Leaks
• 17:9 : Cybercrime forums Cracked and Nulled seized, operators arrested
• 17:9 : Google: Over 57 Nation-State Threat Groups Using AI for Cyber Operations
• 17:5 : IT Security News Hourly Summary 2025-01-30 18h : 15 posts
• 16:36 : Seraphic Attracts $29M Investment to Chase Enterprise Browser Business
• 16:36 : DataDome Expands GraphQL Protection Across 7 Integrations
• 16:36 : Doppler announces integration with Datadog to streamline security and monitoring
• 16:36 : Attackers Increase Use of HTTP Clients for Account Takeovers
• 16:36 : How to deploy an Amazon OpenSearch cluster to ingest logs from Amazon Security Lake
• 16:21 : Wordfence Intelligence Weekly WordPress Vulnerability Report (January 20, 2025 to January 26, 2025)
• 16:20 : Ransomware news trending on Google
• 16:20 : Microsoft advertisers phished via malicious Google ads
• 16:20 : Microsoft’s latest optional patch is a bug-fix bonanza for Windows 11 24H2
• 16:20 : International police coalition takes down two prolific cybercrime and hacking forums
• 16:20 : Operation Talent: An international law enforcement operation seized Cracked, Nulled and other cybercrime websites
• 16:20 : TeamViewer fixed a vulnerability in Windows client and host applications
• 16:20 : Canon Printer Vulnerabilities Let Attackers Execute Arbitrary Code Remotely
• 16:20 : Windows 11 Start Menu Now Let Users Access Their Android & iPhones
• 16:20 : UnitedHealth Confirms Change Healthcare Cyberattack Impacted 190 Million People
• 15:34 : North Korean Hackers Suspected in $70M Phemex Crypto Exchange Exploit
• 15:34 : Hackers Use IT Support Disguise to Infiltrate Systems
• 15:34 : SimpleHelp RMM vulnerabilities may have been exploited to breach healthcare orgs
• 15:17 : Riffusion’s free AI music platform could be the Spotify of the future
• 15:17 : Hackers Exploit Public-facing Vulnerable IIS, Apache, SQL Servers to Attack Gov & Telcom Networks
• 15:17 : How vCISOs Can Enhance an Organization’s Cybersecurity Posture with Cyber Insurance
• 14:38 : Secrets Management With Datadog Secret Backend Utility
• 14:38 : What is a password?
• 14:38 : Backline automatically remediates security vulnerabilities
• 14:38 : World Economic Forum AI and Cyber Initiative Publishes Guidance on Mitigating AI Risks
• 14:38 : Coyote Banking Trojan: A Stealthy Attack via LNK Files
• 14:18 : SquareX Discloses “Browser Syncjacking” , a New Attack Technique that Provides Full Browser and Device Control, Putting Millions at Risk
• 14:18 : CISA Releases Seven ICS Advisories to Strengthen Cybersecurity Posture
• 14:18 : The DeepSeek controversy: Authorities ask where does the data come from and how safe is it?
• 14:18 : These Yale and Berkeley dropouts just raised $2 million to build an AI assistant that could rival OpenAI
• 14:18 : Ransomware attack at New York blood services provider – donors turned away during shortage crisis
• 14:17 : US Cyber Agency’s Future Role in Elections Remains Murky Under the Trump Administration
• 14:17 : Legit Security unveils root cause remediation capabilities to reduce AppSec risk
• 14:17 : Syncjacking Attack Enables Full Browser and Device Takeover
• 14:17 : Tenable acquires Vulcan Cyber, Chinese and Iranian hackers are using U.S. AI, US Navy bans use of DeepSeek
• 14:5 : IT Security News Hourly Summary 2025-01-30 15h : 16 posts
• 13:36 : The DeepSeek controversy: Authorities ask where the data comes from and where it goes
• 13:36 : Lightning AI Studio Vulnerability Allowed RCE via Hidden URL Parameter
• 13:36 : Authorities Seize Domains of Popular Hacking Forums in Major Cybercrime Crackdown
• 13:36 : DeepSeek exposed internal database containing chat histories and sensitive data
• 13:36 : North Korean APT Lazarus Compromises Developers via Malicious NPM Packages
• 13:36 : Hackers Use 10,000 WordPress Sites To Deliver Malware To macOS and Microsoft Systems
• 13:36 : TeamViewer Patches High-Severity Vulnerability in Windows Applications
• 13:29 : PCAPs or It Didn?t Happen: Exposing an Old Netgear Vulnerability Still Active in 2025 [Guest Diary], (Thu, Jan 30th)
• 13:29 : Bridging The Manufacturing Security “Air Gap”
• 13:29 : Lazarus Group Drop Malicious NPM Packages in Developers Systems Remotely
• 13:29 : How to Use Keeper Password Manager: A Comprehensive Guide
• 13:28 : US blood donation giant warns of disruption after ransomware attack
• 13:28 : PHP package Voyager flaws expose to one-click RCE exploits
• 13:28 : Fake Reddit and WeTransfer Sites are Pushing Malware
• 13:28 : Cortex Is the First SOC Platform to Achieve FedRAMP High Authorization
• 13:28 : DeepSeek Exposed Database Leaks Sensitive Data
• 12:34 : TeamViewer Clients Vulnerability Leads to Privilege Escalation
• 12:34 : Lazarus Hackers Tamper with Software Packages to Gain Backdoor Access to the Victims Device
• 12:34 : Protect Your Privacy on Bumble
• 12:34 : Canvassing apps used by UK political parties riddled with privacy, security issues
• 12:34 : Network Security Market to Hit $38 Billion by 2029: Cloud, AI Drive Growth
• 12:11 : Hackers Poisoning DNS Responses to Exploit Vulnerabilities in Active Directory Environments
• 12:11 : Lazarus Hackers Altering Legitimate Software Packages To Launch Large-Scale Cyber Attack
• 12:11 : Frederick Health Hit by Ransomware Attack
• 12:11 : TikTok’s Project Clover Evolves With PETs, Data Access Controls
• 12:11 : Ransomware Attack Disrupts Blood Donation Services in US
• 11:34 : Tria Stealer Malware Exploits Android Devices to Harvest SMS Data
• 11:34 : How Lack of Cybersecurity Training Makes Small Businesses Easy Targets
• 11:34 : New SystemBC RAT Attack Linux Systems to Hack Corporate Infrastructure
• 11:34 : DeepSeek AI is Now Powering With Huawei Ascend 910C Chip
• 11:34 : Critical RCE Vulnerability Found In AI Development Platform Lets Attackers Gain Root Access
• 11:34 : 152,000 Impacted by Data Breach at Berman & Rabin
• 11:34 : DeepSeek AI Database Exposed: Over 1 Million Log Lines, Secret Keys Leaked
• 11:34 : SOC Analysts – Reimagining Their Role Using AI
• 11:34 : UK Organizations Boosting Cybersecurity Budgets
• 11:22 : Talos IR trends Q4 2024: Web shell usage and exploitation of public-facing applications spike
• 11:22 : Microsoft Shares Sink After Cloud Unit Misses Projections
• 11:22 : Meta Shares Rise On Strong Revenues, Profits
• 11:22 : Vodafone Makes Satellite Video Call From Welsh Mountain
• 11:22 : Sensitive DeepSeek Data Exposed Online
• 11:22 : Hackers Sell Compromised Emails and Google Ads Accounts on Dark Web
• 11:22 : Unprotected DeepSeek Database Exposed Chats, Other Sensitive Information
• 11:5 : IT Security News Hourly Summary 2025-01-30 12h : 4 posts
• 10:34 : WFH with privacy? 85% of Brit bosses snoop on staff
• 10:11 : Italy’s Data Protection Authority Garante requested information from Deepseek
• 10:11 : Transforming Healthcare Security: Why Zero-Trust is Essential
• 10:11 : NCSC Calls on Vendors to Eradicate “Unforgivable” Vulnerabilities
• 9:34 : Microsoft Probes Whether DeepSeek Stole Data From OpenAI
• 9:34 : Meta Agrees To $25m Trump Settlement
• 9:34 : Speedio (unverified) – 27,501,041 breached accounts
• 9:7 : Cybercriminals Hijack Government Sites to Lauch Phishing Attacks
• 9:7 : TeamViewer Windows App Let Attackers Escalate Privileges to System User
• 9:7 : OPNsense 25.1 Released With Improved Security Zones & FreeBSD 14.2 Plus
• 9:7 : DeepSeek is Now Available With Microsoft Azure AI Foundry & GitHub
• 9:7 : AI – Top-of-Mind in 2025
• 9:6 : Top 6 DMARC Solutions for MSPs in 2025
• 8:34 : 10,000 WordPress Websites Hacked to Distributing MacOS and Microsoft Malware
• 8:34 : 7 Ransomware Predictions for 2025: From AI Threats to New Strategies
• 8:34 : One Explanation for DeepSeek’s Dramatic Savings: IP Theft
• 8:34 : Cybersecurity News: Tenable acquires Vulcan Cyber, Chinese and Iranian hackers are using U.S. AI, US Navy bans use of DeepSeek
• 8:20 : Lumma Stealer’s GitHub-Based Delivery Explored via Managed Detection and Response
• 8:20 : Garmin Smartwatch Users Report ‘Blue Triangle’ Crash
• 8:20 : DeepSeek Database Exposure: A Critical Security Breach Including 1 Million Log Enteries
• 8:20 : No need to RSVP: a closer look at the Tria stealer campaign
• 8:20 : Hackers Exploit RDP Protocol To Gain Windows Access To Control Browser Remotely
• 8:19 : Google’s Subdomain ‘g.co’ Hacked – A Tricky Phone Call Lets Hackers Access Your Google Account Remotely
• 8:19 : New Aquabot Botnet Exploits CVE-2024-41710 in Mitel Phones for DDoS Attacks
• 8:19 : Unpatched PHP Voyager Flaws Leave Servers Open to One-Click RCE Exploits
• 8:5 : IT Security News Hourly Summary 2025-01-30 09h : 2 posts
• 7:34 : Oasis Scout empowers security teams to identify attacks on NHIs
• 7:11 : New RDP Exploit Allows Attackers to Take Over Windows and Browser Sessions
• 6:18 : DeepSeek Database Publicly Exposed Sensitive Information, Secret Keys & Logs
• 6:18 : New SMS-Based Phishing Tool ‘DevilTraff’ Enables Mass Cyber Attacks
• 6:18 : Threat Actors Exploit Government Website Vulnerabilities For Phishing Attacks
• 6:18 : Staying Ahead with Enhanced IAM Protocols
• 6:18 : Scalable Solutions for Global Secrets Management
• 6:17 : Empower Your Security with Advanced NHI Detection
• 6:17 : Ensuring Compliance with Secure Secrets Vaulting
• 6:17 : Zscaler CISO on balancing security and user convenience in hybrid work environments
• 5:34 : OPNsense 25.1 Released, What’s New!
• 5:34 : ExtensionHound: Open-source tool for Chrome extension DNS forensics
• 5:24 : DeepSeek AI data under scrutiny as Microsoft investigates OpenAI data steal
• 5:24 : DeepSeek is Now Available With Microsoft Azure AI Foundry
• 5:24 : 89% of AI-powered APIs rely on insecure authentication mechanisms
• 5:5 : IT Security News Hourly Summary 2025-01-30 06h : 2 posts
• 4:35 : DeepSeek Database Leaked – Full Control Over DB Secret keys, Logs & Chat History Exposed
• 4:35 : How to use Hide My Email to protect your inbox from spam
• 3:17 : ISC Stormcast For Thursday, January 30th, 2025 https://isc.sans.edu/podcastdetail/9302, (Thu, Jan 30th)
• 2:38 : Alibaba’s Qwen 2.5-Max: The AI Marathoner Outpacing DeepSeek and Catching OpenAI’s Shadow
• 2:11 : Operation Talent: FBI Seizes Nulled.to, Cracked.to, Sellix.io and more
• 2:11 : DeepSeek helps speed up threat detection while raising national security concerns
• 2:5 : IT Security News Hourly Summary 2025-01-30 03h : 2 posts
• 1:31 : Wacom says crooks probably swiped customer credit cards from its online checkout
• 1:8 : Going (for) broke: 6 common online betting scams and how to avoid them
• 0:36 : ASRM: A New Pillar for Cyber Insurance Underwriting
• 0:36 : Dario Amodei challenges DeepSeek’s $6 million AI narrative: What Anthropic thinks about China’s latest AI move
• 0:36 : Guess who left a database wide open, exposing chat logs, API keys, and more? Yup, DeepSeek
• 0:20 : North Koreans clone open source projects to plant backdoors, steal credentials
• 23:34 : Lazarus Group cloned open source projects to plant backdoors, steal credentials
• 23:14 : CL-STA-0048: An Espionage Operation Against High-Value Targets in South Asia
• 23:5 : IT Security News Hourly Summary 2025-01-30 00h : 4 posts
• 22:55 : IT Security News Daily Summary 2025-01-29