IT Security News Daily Summary 2025-02-05

173 posts were published in the last hour

• 22:32 : BADBOX Botnet Infected Over 190,000 Android Devices Including LED TVs
• 22:31 : 242,000 Times Downloaded Malicious Apps from Android and iOS Stealing Crypto Recovery Keys
• 22:5 : CISA Adds Four Vulnerabilities to Catalog for Federal Enterprise
• 22:5 : The biggest breach of US government data is under way
• 22:4 : U.S. CISA adds Linux kernel flaw to its Known Exploited Vulnerabilities catalog
• 22:4 : Paraguay’s Broadband Providers Continue to Struggle to Attain Best Practices at Protecting Users’ Data
• 22:4 : Semgrep Raises $100M for AI-Powered Code Security Platform
• 22:4 : AWS renews MTCS Level 3 certification under the SS584:2020 standard
• 21:32 : 5 great Chrome browser alternatives that put your privacy first
• 21:32 : Paragon spyware used to target citizens across Europe, says Italian government
• 21:7 : Proton Pass vs. 1Password: Which password manager is right for you?
• 21:6 : DOGE latest: Citrix supremo has ‘read-only’ access to US Treasury payment system
• 21:6 : Passkeys: The future of secure and seamless authentication
• 21:6 : Victory! EFF Helps Defeat Meritless Lawsuit Against Journalist
• 20:32 : Building a Cyber-Resilient Public Sector Through Hands-on Security Training
• 20:9 : DeepSeek Sends Data To Blacklisted China Mobile – Report
• 20:9 : Musky minion granted ‘read-only’ access to federal payment systems
• 20:9 : Experts Find Hidden Backdoors Inside Chinese Software Stealing Patient Data
• 20:5 : IT Security News Hourly Summary 2025-02-05 21h : 3 posts
• 19:32 : Google releases responsible AI report while removing its anti-weapons pledge
• 19:31 : Hackers Using AI Agents To Validate Stolen Credit Cards
• 19:31 : CISA Adds Actively Exploited Linux Kernel Vulnerability to Known Exploited Vuln Catalog
• 19:4 : OpenText Secure Cloud: Streamline workflows with integrations
• 19:4 : Ransomware payments dropped in 2024 as victims refused to pay hackers
• 19:4 : DeepSeek AI Model Riddled With Security Vulnerabilities
• 18:32 : The Collapse of USAID Is Already Fueling Human Trafficking and Slavery at Scammer Compounds
• 18:32 : 4 Ways to Mitigate the Human Factors of Cybersecurity
• 18:7 : Phishing via “com-” prefix domains, (Wed, Feb 5th)
• 18:7 : Alphabet Disappoints Investors, Despite Profit, Revenue Increases
• 18:7 : The Collapse of USAID Is Fueling Human Trafficking and Slavery at Scammer Compounds
• 18:6 : New target of Paragon spyware comes forward
• 17:31 : How AWS Network Firewall session state replication maximizes high availability for your application traffic
• 17:5 : 21% of CISOs Have Been Pressured Not to Report a Compliance Issue, Research Finds
• 17:5 : What is a cyberthreat hunter (cybersecurity threat analyst)?
• 17:5 : IT Security News Hourly Summary 2025-02-05 18h : 21 posts
• 17:5 : CISA Adds One Known Exploited Vulnerability to Catalog
• 17:4 : Threat Actors Exploiting DeepSeek’s Rise To Fuel Cyber Attacks
• 17:4 : Ransomware Attack Disrupts New York Blood Center Operations Amid Critical Shortage
• 17:4 : Cybercrime gang exploited VeraCore zero-day vulnerabilities for years (CVE-2025-25181, CVE-2024-57968)
• 16:32 : Amazon To Face Legal Action Over Warehouse Closures
• 16:32 : Banking Malware Uses Live Numbers to Hijack OTPs, Targeting 50,000 Victims
• 16:32 : Cybercriminals Leveraging AI to Verify Stolen Credit Card Data
• 16:32 : Malicious Android & iOS Apps Downloaded Over 242,000 Times, Stealing Crypto Recovery Keys
• 16:32 : BADBOX Botnet Surges: Over 190,000 Android Devices Infected, Including LED TVs
• 16:32 : Netgear fixes critical bugs as Five Eyes warn about break-ins at the edge
• 16:32 : In the Search for Talent, Candidates with Certifications Stand Out
• 16:32 : Small business owners, secure your web shop
• 16:32 : How Agentic AI will be Weaponized for Social Engineering Attacks
• 16:32 : Sophisticated Phishing Campaign Targets Ukraine’s Largest Bank
• 16:5 : Good news as ransomware pay fell by 35 percent in 2024
• 16:5 : Threat Actors Exploiting Free Email Services to Target Government and Educational Institutions
• 16:5 : Zero-Day Vulnerabilities in Microsoft Sysinternals Tools Enable DLL Injection Attacks on Windows
• 16:5 : Hackers Using AI Agents to Validate Stolen Credit Cards
• 16:5 : AI Regulation in the U.S.: Navigating Post-EO 14110
• 16:5 : The best AirTag wallets of 2025: Expert tested
• 16:5 : Man Sentenced to 7 Years in Prison for Role in $50M Internet Scam
• 16:4 : U.S. CISA adds Microsoft .NET Framework, Apache OFBiz, and Paessler PRTG Network Monitor flaws to its Known Exploited Vulnerabilities catalog
• 16:4 : Cross-Platform JavaScript Stealer Targets Crypto Wallets in New Lazarus Group Campaign
• 16:4 : Ransomware Payments Decline 35% as Victims Resist Demands
• 15:32 : Alphabet Lifts Ban On AI For Weapons
• 15:32 : 5 great Chrome-like browsers that put your privacy first
• 15:32 : How to create a third-party risk management policy
• 15:32 : Multiple IBM Cloud Pak Vulnerabilities Let Attackers Execute Remote Code
• 15:32 : Hacker Conversations: David Kennedy – an Atypical Typical Hacker
• 15:31 : Preventing account takeover on centralized cryptocurrency exchanges in 2025
• 15:3 : How to turn on Private DNS Mode on Android – and why it’s a must for security
• 15:3 : The best Wyze Cam alternative I’ve tested is only $20 with this deal
• 15:3 : New ‘Browser Syncjacking’ Attack Exploits Chrome Extensions for Full Device Takeover
• 15:2 : Community Health Centre Data Breach Impacts Over 1 Million Patients
• 15:2 : Two-Month Cyber Breach at Mizuno USA Under Investigation
• 15:2 : Bengaluru Woman Loses ₹2 Lakh to Sophisticated IVR-Based Cyber Scam
• 15:2 : SafeBreach exposure validation platform identifies security gaps
• 14:32 : Cyber Insights 2025: OT Security
• 14:31 : Swap EOL Zyxel routers, upgrade Netgear ones!
• 14:5 : Canadian Charged in $65M KyberSwap, Indexed Finance DeFi Hack
• 14:5 : Michael Trites Joins Aembit as Senior Vice President of Global Sales
• 14:5 : SparkCat campaign target crypto wallets using OCR to steal recovery phrases
• 14:5 : Apple’s macOS Kernel Vulnerability Let Attackers Escalate Privileges – PoC Released
• 14:5 : IT Security News Hourly Summary 2025-02-05 15h : 12 posts
• 14:5 : US cranks up espionage charges against ex-Googler accused of trade secrets heist
• 14:4 : Cybersecurity M&A Roundup: 45 Deals Announced in January 2025
• 14:4 : Silent Lynx Using PowerShell, Golang, and C++ Loaders in Multi-Stage Cyberattacks
• 14:4 : Cybercriminals Use Go Resty and Node Fetch in 13 Million Password Spraying Attempts
• 14:4 : Mobile Malware Targeting Indian Banks Exposes 50,000 Users
• 13:32 : SystemBC Strikes Linux: Why Proactive Defense Is Now Critical
• 13:32 : IBM Cloud Pak Security Vulnerabilities Expose Sensitive Data to Attackers
• 13:32 : Check Point Software Collaborates with AppDirect to Offer Streamlined Cyber Security Solutions
• 13:32 : How to Add Fingerprint Authentication to Your Windows 11 Computer
• 13:32 : Despite Catastrophic Hacks, Ransomware Payments Dropped Dramatically Last Year
• 13:31 : 2024: The Year Data Security Took a Beating
• 13:31 : Satori provides visibility into data store risk levels
• 13:2 : Apple’s macOS Kernel Vulnerability (CVE-2025-24118) Exposes Users to Privilege Escalation Attacks – PoC Released
• 13:2 : INDIA Finance Ministry Bans ChatGPT, DeepSeek For Official Use
• 13:2 : How App Orchid’s AI and Google Cloud are changing the game for business data analytics
• 13:2 : Critical Netgear Vulnerabilities Let Attackers Execute Remote Code
• 13:2 : Hackers Exploit GPU Vulnerabilities to Take Complete Control of Your Device
• 13:2 : Riot Raises $30 Million for Employee Cybersecurity Solution
• 12:32 : China Retaliates Against Trump’s Tariffs, Starts Google Probe
• 12:32 : Australia Bans China’s DeepSeek On Government Devices
• 12:32 : Investors, Trump and the Illuminati: What the “Nigerian prince” scams became in 2024
• 12:31 : Russian Hackers Exploited 7-Zip Zero-Day Against Ukraine
• 12:31 : New Veeam Flaw Allows Arbitrary Code Execution via Man-in-the-Middle Attack
• 12:7 : CIS Control 03: Data Protection
• 12:7 : Zero Trust Principles for Critical Infrastructure Security
• 12:7 : Threat Actors Leveraging Free Email Services To Attack Govt & Education Entities
• 12:7 : CISA Releases Nine Advisories Detailing Vulnerabilities and Exploits Surrounding ICS
• 12:7 : Chrome 133, Firefox 135 Patch High-Severity Vulnerabilities
• 12:6 : Cybersecurity in IT Infrastructure: Protecting Digital Assets
• 12:6 : The Path of Least Resistance to Privileged Access Management
• 11:32 : Webinar Today: Defenders on the Frontline – Incident Response and Threat Intel Under the Microscope
• 11:32 : Crypto-stealing iOS, Android malware found on App Store, Google Play
• 11:31 : Navigating the Future: Key IT Vulnerability Management Trends
• 11:7 : Hackers Using Fake Microsoft ADFS Login Pages to Steal Credentials
• 11:7 : Hackers Exploits ADFS to Bypass MFA & Gain Access to Critical Systems
• 11:7 : CISA Issues Exploitation Warning for .NET Vulnerability
• 11:7 : Five Eyes Launch Guidance to Improve Edge Device Security
• 11:5 : IT Security News Hourly Summary 2025-02-05 12h : 5 posts
• 10:32 : Critical Netgear Vulnerabilities Allow Hackers to Execute Remote Code
• 10:32 : Router maker Zyxel tells customers to replace vulnerable hardware exploited by hackers
• 10:32 : AsyncRAT Campaign Uses Python Payloads and TryCloudflare Tunnels for Stealth Attacks
• 10:32 : Destructive Attacks on Financial Institutions Surge
• 10:32 : Cybercriminals Eye DeepSeek, Alibaba LLMs for Malware Development
• 10:3 : Giddy Up! It’s Time for Defense Tech Companies to Get Ahead of CMMC Before They Get Left Behind
• 10:3 : CISA Adds Actively Exploited Apache and Microsoft Vulnerabilities to its Database
• 10:3 : Threat Actors Exploiting DeepSeek’s Rise to Fuel Cyber Attacks
• 10:3 : Hackers Can Exploit GPU Flaws to Gain Full Control of Your Device
• 10:2 : Comparing “Records of Processing Activities” (ROPA) and “Data Protection Impact Assessments” (DPIA)
• 10:2 : Zyxel Issues ‘No Patch’ Warning for Exploited Zero-Days
• 10:2 : Tenable Acquires Vulcan Cyber, Building on AI-Powered Risk Prioritization
• 10:2 : Atrinet URL Scanner helps comabat SMS phishing
• 10:2 : Veriti Cloud automates remediation across both on-premises and cloud environments
• 10:2 : Dynatrace strengthens cloud security posture management
• 10:2 : Destructive Attacks on Financial Institutions Surge 13%
• 9:4 : International Civil Aviation Organization (ICAO) and ACAO Breached: Cyberespionage Groups Targeting Aviation Safety Specialists
• 8:32 : Chinese Hackers Attacking Linux Devices With New SSH Backdoor
• 8:32 : Take my money: OCR crypto stealers in Google Play and App Store
• 8:32 : CISA Releases Guidance to Protect Firewalls, Routers, & Internet-Facing Servers
• 8:32 : Critical Veeam Backup Vulnerability Let Attackers Execute Arbitrary Code to Gain Root Access
• 8:32 : 0-Day Vulnerabilities in Microsoft Sysinternals Tools Allow Attackers To Launch DLL Injection Attacks on Windows
• 8:32 : Hackers Exploiting A Six-Year-Old IIS Vulnerability To Gain Remote Access
• 8:32 : TinyZero – Researchers Replicated DeepSeek’s R1-Zero Model for Just $30
• 8:32 : Meta identifies risky AI systems, Ferret malware joins ‘Contagious Interview’ campaign, credential theft rises as a target
• 8:32 : DeepSeek AI Controversies, Shadow AI Risks: Cyber Security Today for Wednesday February 5, 2025
• 8:5 : IT Security News Hourly Summary 2025-02-05 09h : 3 posts
• 8:4 : Hackers Exploit ADFS to Bypass MFA and Access Critical Systems
• 7:7 : NSA asks iPhone users to use flap covers to banish privacy concerns
• 7:7 : Can Smartwatches Be Targeted by Cyber Attacks?
• 6:31 : CISA Releases Nine Security Advisories on ICS Vulnerabilities and Exploits
• 6:31 : Hackers Exploiting a Six-year-old IIS Vulnerability to Gain Remote Access
• 6:6 : Veeam Backup Vulnerability Allows Attackers to Execute Arbitrary Code
• 6:6 : CISA Adds Apache, Microsoft Vulnerabilities to Its Database that Are Actively Exploited in the Wild
• 6:6 : CISA Adds Four Actively Exploited Vulnerabilities to KEV Catalog, Urges Fixes by Feb 25
• 5:31 : Upskilling the UK workforce for the AI revolution
• 5:31 : OpenNHP: Cryptography-driven zero trust protocol
• 5:5 : IT Security News Hourly Summary 2025-02-05 06h : 7 posts
• 5:4 : CISA Releases New Guidelines to Secure Firewalls, Routers, and Internet-Facing Servers
• 5:4 : Arctic Wolf and BlackBerry Announce Closing of Acquisition for Cylance
• 5:4 : AI-Powered Cyber Warfare, Ransomware Evolution, and Cloud Threats Shape 2025 Cyber Landscape
• 5:4 : Cato Networks Appoints Karl Soderlund as Global Channel Chief to Accelerate Channel Growth in SASE Market
• 5:4 : Chrome Use-After-Free Vulnerabilities Let Attackers Execute Remote Code – Update Now
• 4:32 : More destructive cyberattacks target financial institutions
• 4:31 : The API security crisis and why businesses are at risk
• 3:6 : AMD SEV Vulnerability Allows Malicious CPU Microcode Injection as Admin
• 2:5 : IT Security News Hourly Summary 2025-02-05 03h : 1 posts
• 2:2 : ISC Stormcast For Wednesday, February 5th, 2025 https://isc.sans.edu/podcastdetail/9310, (Wed, Feb 5th)
• 1:4 : Keycloak and Docker Integration: A Step-by-Step Tutorial
• 1:4 : Online food ordering and delivery platform GrubHub discloses a data breach
• 0:2 : Sophos Acquires Secureworks for $859 Million
• 0:2 : Google: How to make any AMD Zen CPU always generate 4 as a random number
• 23:6 : Netgear urges users to upgrade two flaws impacting WiFi router models
• 23:6 : How Imperva Infused AI Throughout Research and Development
• 23:6 : European Commission Gets Dinged for Unlawful Data Transfer, Sending a Big Message About Accountability
• 23:5 : IT Security News Hourly Summary 2025-02-05 00h : 1 posts