IT Security News Daily Summary 2025-02-21

135 posts were published in the last hour

• 21:31 : Bybit Hack: $1.4B Stolen from World’s 2nd Largest Crypto Exchange
• 21:31 : Google Announces Quantum-Safe Digital Signatures in Cloud KMS, Takes “Post-Quantum Computing Risks Seriously”
• 21:31 : Cornered by the UK’s Demand for an Encryption Backdoor, Apple Turns Off Its Strongest Security Setting
• 21:2 : Controlling Access to Google BigQuery Data
• 20:32 : Leaked Files Tie Chinese Cybersecurity Firm to Government Censorship
• 20:32 : Apple Breaks Silence on UK Probe, Removes Data Protection Tool From UK Users
• 20:31 : Palo Alto Networks vulnerabilities exploited in chained attack
• 20:31 : Auto-Generated Password Vulnerability In Sitevision Leaks Signing Key
• 20:5 : IT Security News Hourly Summary 2025-02-21 21h : 7 posts
• 20:2 : Harnessing Agentic AI To Supercharge Security Awareness Training
• 20:2 : DOGE’s USDS Purge Included the Guy Who Keeps Veterans’ Data Safe Online
• 19:31 : Cases of China-Backed Spy Groups Using Ransomware Come to Light
• 19:9 : Patch Now: Check Point Research Explains Shadow Pad, NailaoLocker, and its Protection
• 19:9 : Crypto exchange Bybit says it was hacked and lost around $1.4B
• 19:9 : Bridewell and I-TRACING Form Strategic Partnership
• 19:8 : How DDoS Attacks Work and How You Can Protect Your Business From Them
• 18:34 : From log analysis to rule creation: How AWS Network Firewall automates domain-based security for outbound traffic
• 18:7 : SPAWNCHIMERA Malware Exploits Ivanti Buffer Overflow Vulnerability by Applying a Critical Fix
• 18:7 : Check Point Research Explains Shadow Pad, NailaoLocker, and its Protection
• 18:7 : Fake job offers target software developers with infostealers
• 18:7 : Don’t Miss Out: 15 Months of Powerful Cyber Protection and Backup for Only $30
• 18:7 : Crypto exchange Bybit says it was hacked and lost around $1.4 billion
• 17:37 : ACRStealer Malware Abuses Google Docs as C2 to Steal Login Credentials
• 17:37 : NSA Allegedly Hacked Northwestern Polytechnical University, China Claims
• 17:37 : Sitevision Auto-Generated Password Vulnerability Lets Hackers Steal Signing Key
• 17:37 : What is a network packet?
• 17:37 : ACRStealer Malware Exploiting Google Docs as C2 To Steal Login Credentials
• 17:36 : China Claim That NSA Allegedly Hacked Northwestern Polytechnical University
• 17:36 : EFF at RightsCon 2025
• 17:36 : Data Leak Exposes TopSec’s Role in China’s Censorship-as-a-Service Operations
• 17:36 : Apple Drops iCloud’s Advanced Data Protection in the U.K. Amid Encryption Backdoor Demands
• 17:9 : CISA Adds One Known Exploited Vulnerability to Catalog
• 17:9 : Healthcare security lapses keep piling up
• 17:5 : IT Security News Hourly Summary 2025-02-21 18h : 12 posts
• 16:34 : Security and privacy concerns challenge public sector’s efforts to modernize
• 16:13 : Apple backs out of offering Data Security tool to UK customers
• 16:13 : Apple Withdraws Advanced Data Protection For UK, After Government Order
• 16:13 : American Airlines now lets you track your luggage with AirTags – here’s how
• 16:13 : Apple pulls iCloud end-to-end encryption feature for UK users after government demanded backdoor
• 16:13 : Implementing Cryptography in AI Systems
• 16:13 : Darcula 3.0 Tool Automatically Generates Phishing Kit For Any Brand
• 16:13 : Freelance Software Developers in North Korean Malware Crosshairs
• 16:13 : The Upcoming Tech Revolution Foreseen by Sundar Pichai
• 16:13 : Italian Spyware Firm SIO Linked to Malicious Android Apps Targeting WhatsApp Users
• 16:13 : whoAMI Name Assaults Can Compromise AWS Accounts to Malicious Code Execution
• 16:13 : Android Phishing Apps: A Growing Cybersecurity Threat in 2024
• 15:32 : Sweden Investigates Another Baltic Sea Cable Damage Incident
• 15:32 : Digital life protection: How Webroot keeps you safe in a constantly changing world
• 15:32 : Is your whole digital life protected? 4 ways to address common vulnerabilities
• 15:32 : A huge trove of leaked Black Basta chat logs expose the ransomware gang’s key members and victims
• 15:4 : Is your phone truly waterproof? Here’s what the IP rating tells you
• 15:4 : B1ack’s Stash released 1 Million credit cards
• 15:4 : Cisco Details ‘Salt Typhoon’ Network Hopping, Credential Theft Tactics
• 14:32 : Critical UniFi Protect Camera Vulnerability Enables Remote Code Execution Attacks
• 14:32 : Nagios XI Flaw Exposes User Details and Emails to Unauthenticated Attackers”
• 14:31 : CISA Adds Two Known Exploited Vulnerabilities to Catalog
• 14:31 : Salt Typhoon Exploited Cisco Devices With Custom Tool to Spy on US Telcos
• 14:11 : OpenAI’s ‘Operator’ AI Agent Starts Rollout In Select Countries
• 14:11 : Critical Vulnerability in Fluent Bit Exposes Cloud Services to Potential Cyber Attacks
• 14:11 : Cyber Criminals Using URL Tricks to Deceive Users
• 14:11 : What is application allowlisting?
• 14:11 : The US Is Considering a TP-Link Router Ban—Should You Worry?
• 14:11 : CL0P Ransomware Attacking Telecommunications & Healthcare Sectors In Large Scale
• 14:11 : Persistent Phishing Campaign Uses Surveymonkey and Cloudflare, Bypasses Gmail’s Spam Filter
• 14:11 : In Other News: Black Basta Chats Leaked, New SEC Cyber Unit, DOGE Site Hacked
• 14:11 : Cybercriminals Can Now Clone Any Brand’s Site in Minutes Using Darcula PhaaS v3
• 14:11 : DoD Contractor Pays $11.2M over False Cyber Certifications Claims
• 13:2 : Experts race to extract intel from Black Basta internal chat leaks
• 13:2 : What Is EDR? Endpoint Detection and Response
• 13:2 : Why Internal Audit Services Are Key to Risk Management in Today’s Business Landscape
• 13:2 : Webinar: Learn How to Identify High-Risk Identity Gaps and Slash Security Debt in 2025
• 12:34 : Top 9 Arctic Wolf Competitors and Alternatives
• 12:34 : How China Pinned University Cyberattacks on NSA Hackers
• 12:4 : CISA Warns of Attacks Exploiting Craft CMS Vulnerability
• 12:4 : Is Vibe Coding The Future of Software Development
• 11:32 : Investigating LLM Jailbreaking of Popular Generative AI Web Products
• 11:32 : Second Recently Patched Flaw Exploited to Hack Palo Alto Firewalls
• 11:32 : AI-Powered Deception is a Menace to Our Societies
• 11:32 : BlackBasta Ransomware Chatlogs Leaked Online
• 11:31 : OpenSSL 3.5 will be the next long term stable (LTS) release
• 11:5 : IT Security News Hourly Summary 2025-02-21 12h : 10 posts
• 11:2 : U.S. CISA adds Craft CMS and Palo Alto Networks PAN-OS flaws to its Known Exploited Vulnerabilities catalog
• 10:32 : New Darcula 3.0 Tool Generates Phishing Kits to Mimic Global Brands
• 10:32 : Angry Likho: Old beasts in a new forest
• 10:31 : Top 9 Arctic Wolf alternatives and competitors
• 10:31 : zkLend DeFi Platform Hacked, Loses $9.5 Million
• 10:13 : Adversary-in-the-Middle Hackers Exploit Vulnerabilities to Deploy Advanced Malware
• 10:13 : CL0P Ransomware Launches Large-Scale Attacks on Telecom and Healthcare Sectors
• 10:13 : Salt Typhoon Hackers Exploit Cisco Vulnerability to Gain Device Access on US.Telecom Networks
• 10:13 : Cyber Threat Actors Leveraging Exploits To Attack Financial Sector With Advanced Malware
• 10:13 : Google Cloud’s Multi-Factor Authentication Mandate: Setting a Standard or Creating an Illusion of Security?
• 9:31 : OpenText unveils AI-powered threat detection and response capabilities
• 9:31 : Microsoft’s Quantum Chip Breakthrough Accelerates Threat to Encryption Protocols
• 9:11 : Atlassian fixed critical flaws in Confluence and Crowd
• 9:11 : Cybersecurity Survey Indicates Organizations Favouring Consolidation and Automation
• 9:11 : Versa Sovereign SASE enables organizations to create self-protecting networks
• 8:32 : Symbiotic Security improves software vulnerability detection in the coding process
• 8:32 : CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks
• 8:32 : Cisco Confirms Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom Networks
• 8:31 : NioCorp BEC scam, Australian IVF breach, SEC’s cyber unit
• 8:11 : CISA Issues Seven ICS Advisories Highlighting Critical Vulnerabilities
• 8:11 : Chinese Hackers Using New Bookworm Malware In Attacks Targeting Southeast Asia
• 8:11 : SPAWNCHIMERA Malware Exploiting Ivanti Buffer Overflow Vulnerability By Applying A Fix
• 8:11 : Pegasus Spyware Used Widely to Target Individuals in Private Industry & Finance Sectors
• 8:11 : CISA Releases 7 ICS Advisories Detailing Vulnerabilities & Exploits
• 8:5 : IT Security News Hourly Summary 2025-02-21 09h : 2 posts
• 7:7 : Pegasus Spyware Now Targeting Business Executives and Financial Sector Professionals
• 7:6 : Ivanti endpoint manager can become endpoint ravager, thanks to quartet of critical flaws
• 6:32 : Genea Australia data breach and Black Basta Ransomware gang data leak
• 6:32 : Controlling Shadow AI: Protecting Knowledge Management from Cyber Threats
• 6:7 : Cybercriminals Leverage Google Tag Manager for Credit Card Data Theft
• 6:7 : How to secure Notes on iOS and macOS
• 6:6 : Mastering the cybersecurity tightrope of protection, detection, and response
• 5:31 : Baby, You Can Hack My Car: Upstream’s 2025 Automotive and Smart Mobility Cybersecurity Report
• 5:11 : Google Released PoC Exploit For Palo Alto Firewall Command Injection Vulnerability
• 5:5 : IT Security News Hourly Summary 2025-02-21 06h : 3 posts
• 4:31 : New infosec products of the week: February 21, 2025
• 4:9 : New Active Directory Pentesting Tool For KeyCredentialLink Management
• 4:8 : Thailand ready to welcome 7,000 trafficked scam call center victims back from Myanmar
• 2:6 : Windows Wi-Fi Password Stealer Malware Found Hosted on GitHub
• 2:5 : IT Security News Hourly Summary 2025-02-21 03h : 3 posts
• 1:31 : Life in the Swimlane with Gabriella Lopez, Senior Sales Development Representative
• 1:9 : ISC Stormcast For Friday, February 21st, 2025 https://isc.sans.edu/podcastdetail/9334, (Fri, Feb 21st)
• 1:8 : Linux royalty backs adoption of Rust for kernel code, says its rise is inevitable
• 0:32 : Cocospy – 1,798,059 breached accounts
• 0:32 : Spyic – 875,999 breached accounts
• 0:32 : Driving Innovation with Secure Cloud Practices
• 0:31 : Feel Empowered: Managing Access with Precision
• 0:31 : Build a Confident Security Posture with Proven Tactics
• 0:9 : Tool update: sigs.py – added check mode, (Fri, Feb 21st)
• 0:9 : Salt Typhoon used custom malware JumbledPath to spy U.S. telecom providers
• 0:8 : Microsoft expands Copilot bug bounty targets, adds payouts for even moderate messes
• 23:31 : How to Sue a Company Under GDPR for Data Misuse and Privacy Violations
• 23:31 : Oops, some of our customers’ Power Pages sites were exploited, says Microsoft
• 23:5 : IT Security News Hourly Summary 2025-02-21 00h : 5 posts