IT Security News Daily Summary 2025-02-25

167 posts were published in the last hour

• 22:32 : The people in Elon Musk’s DOGE universe
• 22:4 : Xi know what you did last summer: China was all up in Republicans’ email, says book
• 21:31 : The Senate Passed The TAKE IT DOWN Act, Threatening Free Expression and Due Process
• 21:6 : ALIEN TXTBASE Stealer Logs – 284,132,969 breached accounts
• 21:6 : MITRE Caldera security suite scores perfect 10 for insecurity
• 20:32 : Securing tomorrow’s software: the need for memory safety standards
• 20:32 : New Yorkers Deserve Stronger Health Data Protections Now—Governor Hochul Can Make It Happen
• 20:6 : A Team of Female Founders Is Launching Cloud Security Tech That Could Overhaul AI Protection
• 20:5 : IT Security News Hourly Summary 2025-02-25 21h : 3 posts
• 19:32 : NCSWIC Publishes Spring 2024 Bi-Annual Meeting Executive Summaries
• 19:32 : Microsoft’s Password Spray and Pray Attack: A Wake-Up Call for 2FA Adoption
• 19:32 : GitVenom Campaign Abusing Thousands of GitHub Repositories To Infect Users
• 19:4 : Rust vs. C — Linux’s Uncivil War
• 18:32 : Protecting Critical Infrastructure From Ransomware
• 18:31 : Daniel Stori’s Turnoff.US: ‘Ubuntu Core’
• 18:5 : Crypto and Cybersecurity: The Rising Threats and Why Reliable Wallets Matter
• 18:4 : Black Basta ransomware leak sheds light on targets, tactics
• 18:4 : 5 Essential Email Security Tips for Businesses
• 18:4 : DeepSeek Lure Using CAPTCHAs To Spread Malware
• 18:4 : What Is Cybersecurity Performance Management? | Kovrr
• 18:4 : Background check, drug testing provider DISA suffers data breach
• 17:32 : The Hidden Cost of Dirty Data in AI Development
• 17:32 : A new Android feature is scanning your photos for ‘sensitive content’ – how to stop it
• 17:32 : North Korean Hackers Steal $1.5B in Cryptocurrency
• 17:32 : UAC-0212 Hackers Launching Destructive Attack Targeting Critical Infrastructure
• 17:32 : Chinese Botnet Powered by 130,000 Devices Targets Microsoft 365 Accounts
• 17:32 : Belarus-Linked Ghostwriter Uses Macropack-Obfuscated Excel Macros to Deploy Malware
• 17:32 : LightSpy Expands to 100+ Commands, Increasing Control Over Windows, macOS, Linux, and Mobile
• 17:32 : There is a new PayPal Phishing Scam that you need to know about (using real PayPal emails)
• 17:5 : AI is coming for your passwords – better make them strong
• 17:5 : Hackers Exploit Fake GitHub Repositories to Spread GitVenom Malware
• 17:5 : Hackers Exploiting Cisco Small Business Routers RCE Vulnerability Deploying Webshell
• 17:5 : TgToxic Android Malware Updated it’s Features to Steal Login Credentials
• 17:4 : Google Issues Warning on Phishing Campaigns Targeting Higher Education Institutions
• 17:4 : You could get a cut of Avast’s $16.5 million FTC settlement – how to file a claim
• 17:4 : Keeping DEI on the Agenda: Most Inspiring Women in Cyber Award Organisers Set Panel Topic
• 17:4 : Understanding MFA Fatigue: Why Cybercriminals Are Exploiting Human Behaviour
• 17:4 : How Safe Are Online Entertainment Platforms?
• 16:32 : New Auto-Color Malware Attacking Linux Devices to Gain Full Remote Access
• 16:32 : Malicious npm Package Targets Developers for Supply Chain Attack
• 16:32 : Integrating AI Agent Workflows in the SOC
• 16:32 : Secure By Design: A Continued Priority in 2025 and Beyond
• 16:32 : Skybox Security Shuts Down, Lays off Entire Workforce
• 16:31 : Cybersecurity needs a leader, so let’s stop debating and start deciding
• 16:31 : China-based Silver Fox spoofs healthcare app to deliver malware
• 16:9 : Abusing VBS Enclaves to Create Evasive Malware
• 16:9 : Orange data breach details after HellCat Ransomware Attack
• 16:9 : The 10 Best Email Encryption Options for Enterprises in 2025
• 16:9 : How healthcare cyber risk teams can plan ahead for HIPAA’s Security Rule update
• 16:9 : New Attack Hijacks Popular YouTube Gaming Channels to Steal Steam Accounts
• 16:9 : Lumma Stealer Malware Delivered Through Weaponized Files Disguised as Videos
• 16:9 : How to check and verify file integrity
• 16:9 : Harassment allegations against DEF CON veteran detailed in court filing
• 16:9 : Untangling AWS Networks with Cloud WAN
• 16:9 : US Defense Industry Targeted in Infostealer Malware Campaign
• 16:9 : FBI And CISA Issues Warning of Ongoing ‘Ghost’ Ransomware Attack
• 16:9 : Hackers Release Powerful Tool to Unlock Microsoft Software for Free
• 16:8 : Lee Enterprises Faces Prolonged Ransomware Attack Disrupting Newspaper Operations
• 16:8 : 61% of Hackers Use New Exploit Code Within 48 Hours of Attack
• 15:32 : Over 35,000 Websites Hacked to Inject Malicious Scripts Redirecting Users to Chinese Websites
• 15:32 : Google Code Assist: Your FREE AI-Powered Coding Partner, Now Live!
• 15:32 : Check Point Expands Partner and Customer Advocacy Management Services, Strengthening Cyber Security Collaboration and Operational Resilience
• 15:32 : Data resilience and data portability
• 15:32 : Ghostwriter Cyber-Attack Targets Ukrainian, Belarusian Opposition
• 15:2 : EU sanctioned the leader of North Korea-linked APT groups
• 15:2 : 16 Malicious Chrome Extensions Infected Over 3.2 Million Users
• 15:2 : Research Jailbreaked OpenAI o1/o3, DeepSeek-R1, & Gemini 2.0 Flash Thinking Models
• 15:2 : Edera Banks $15M for Kubernetes Workload Isolation Tech
• 14:32 : Background check provider data breach affects 3 million people who may not have heard of the company
• 14:32 : DNS Amplification Attacks: Examples, Detection & Mitigation
• 14:32 : Halcyon RDR boosts ransomware protection for organizations
• 14:5 : IT Security News Hourly Summary 2025-02-25 15h : 16 posts
• 14:3 : How Skills-Based Hiring Can Help Combat Cybersecurity Skills Shortages
• 14:3 : Why this Android image-scanning feature is controversial – and how to get rid of it
• 14:3 : Leader of North Korean Hackers Sanctioned by EU
• 14:3 : Netskope One Enterprise Browser enhancements secure access for unmanaged devices
• 14:2 : Chinese-Backed Silver Fox Plants Backdoors in Healthcare Networks
• 13:32 : Zero Trust, Maximum Impact: Strategies from Leading Federal Agencies
• 13:32 : Silver Fox APT Hides ValleyRAT in Trojanized Medical Imaging Software
• 13:32 : 200 Malicious GitHub Repos Attacking Developers to Deliver Malware
• 13:32 : China’s Silver Fox spoofs medical imaging apps to hijack patients’ computers
• 13:32 : Open source strikes back: Nextcloud Hub 10 challenges Big Tech’s monopoly on AI and privacy
• 13:7 : Overcoming Critical AI Security Risks Uncovered in DeepSeek-R1
• 13:7 : Securing Latin America in 2025: How AI and Cyber Threat Intelligence Are Reshaping the Cyber Security Landscape
• 13:6 : Linux Grub Read Command Buffer Overflow Vulnerability Enabling Potential Secure Boot Bypass
• 13:6 : Qualcomm & Google Tied Up to Offer Eight Years of Software and Security Updates
• 13:6 : Nine Threat Groups Active in OT Operations in 2024: Dragos
• 13:6 : Only a Fifth of Ransomware Attacks Now Encrypt Data
• 12:31 : INE Secures Spot Top 50 Education Software Rankings 2025 in G2’s
• 12:31 : Researchers Jailbreak OpenAI o1/o3, DeepSeek-R1, and Gemini 2.0 Flash Models
• 12:7 : Why Android System SafetyCore is controversial – and how to get rid of it
• 12:7 : Why Apple’s disabling of iCloud encryption in the UK is bad news for everyone
• 12:7 : ‘OpenAI’ Job Scam Targeted International Workers Through Telegram
• 12:7 : Legit context turns raw data into actionable insights
• 12:7 : Chinese Botnet Bypasses MFA in Microsoft 365 Attacks
• 11:33 : Your item has sold! Avoiding scams targeting online sellers
• 11:33 : Nvidia Sues EU For Investigating Run:ai Acquisition
• 11:32 : South Africa Penalises Google, Social Media Firms Over Media Bias
• 11:32 : Educational Tech Firm Chegg Sues Google Over AI Overviews
• 11:32 : 200 Malicious GitHub Repositories Distributing Malware to Developers
• 11:32 : Silent Killers Exploit Windows Policy Loophole to Evade Detections and Deploy Malware
• 11:32 : Dragos: Ransomware attacks against industrial orgs up 87%
• 11:32 : This Russian Tech Bro Helped Steal $93 Million and Landed in US Prison. Then Putin Called
• 11:32 : Sliver C2 Server Vulnerability Let Attackers Open a TCP connection to Read Traffic
• 11:32 : CISA Warns of Attacks Exploiting Oracle Agile PLM Vulnerability
• 11:32 : GitVenom Malware Steals $456K in Bitcoin Using Fake GitHub Projects to Hijack Wallets
• 11:32 : 2,500+ Truesight.sys Driver Variants Exploited to Bypass EDR and Deploy HiddenGh0st RAT
• 11:32 : 5 Active Malware Campaigns in Q1 2025
• 11:7 : INE Secures Spot in G2’s 2025 Top 50 Education Software Rankings
• 11:7 : Poseidon Stealer Targets Mac Users via Fake DeepSeek Website
• 11:7 : How to Achieve Compliance with NIS Directive
• 11:7 : Key Updates in the OWASP Top 10 List for LLMs 2025
• 11:7 : Malware variants that target operational tech systems are very rare – but 2 were found last year
• 11:6 : U.S. CISA adds Adobe ColdFusion and Oracle Agile PLM flaws to its Known Exploited Vulnerabilities catalog
• 11:6 : ​​2025 Unit 42 Incident Response Report — Attacks Shift to Disruption
• 11:6 : Predatory app downloaded 100,000 times from Google Play Store steals data, uses it for blackmail
• 11:5 : IT Security News Hourly Summary 2025-02-25 12h : 8 posts
• 10:32 : PolarEdge: Unveiling an uncovered ORB network
• 10:32 : US employee screening giant DISA says hackers accessed data of more than 3M people
• 10:32 : Hackers Bypassing Outlook Spam Filter to Deliver Weaponized ISO Files
• 10:32 : KernelSnitch – A New Side-Channel Attack Targeting Data Structures
• 10:32 : Critical MITRE Caldera Vulnerability Let Attackers Execute Remote Code – PoC Released
• 10:32 : TSforge – A New Tool Exploits Every Version of Windows Activation
• 10:31 : OwnID introduces AI-native identity support for AI Agents
• 10:31 : Quarter of Brits Report Deepfake Phone Scams
• 10:2 : Beware of Fake Job Interview Challenges Targeting Developers to Deliver Malware
• 10:2 : Southern Water takes the fifth over alleged $750K Black Basta ransom offer
• 9:32 : Microsoft Cancels Data Centre Leases In AI Shift
• 9:32 : Apple To Invest $500bn In US As It Seeks Tariff Exemptions
• 9:32 : New Phishing Attack Targets Amazon Prime Users to Steal Login Credentials
• 9:32 : Threat Actors Mimic Commander Tool for Windows to Deploy LummaC2 Malware
• 9:32 : 10 Best Event Monitoring Tools – 2025
• 9:31 : Data Entanglement, AI and Privacy: Why the Law Isn’t Ready
• 9:2 : PolarEdge: Unveiling an uncovered IOT Botnet
• 9:2 : Russia warns financial sector organizations of IT service provider LANIT compromise
• 9:2 : A Gold Standard for Compliance: Why ISO 27001 is More Relevant Than Ever
• 8:32 : US Lawmaker Demands Answers On EU Antitrust Law
• 8:32 : LightSpy Malware Expands With 100+ Commands to Target Users Across All Major OS Platforms
• 8:31 : Master IT Fundamentals With This CompTIA Certification Prep Bundle
• 8:31 : Australia bans Kaspersky, Government screens hijacked, EU sanctions Lazarus Group
• 8:5 : IT Security News Hourly Summary 2025-02-25 09h : 3 posts
• 8:2 : How nice that state-of-the-art LLMs reveal their reasoning … for miscreants to exploit
• 7:14 : Critical RCE Vulnerability in MITRE Caldera – Proof of Concept Released
• 7:14 : FatalRAT Phishing Attacks Target APAC Industries Using Chinese Cloud Services
• 6:33 : Google to replace SMS authentication with QR Codes for enhanced Mobile Security
• 6:33 : Top Mobile Security Courses for App Developers
• 6:33 : CISA Alerts: Oracle Agile Vulnerability Actively Exploited
• 6:33 : Avoiding vendor lock-in when using managed cloud security services
• 6:6 : KernelSnitch: Uncovering a New Side-Channel Attack on Data Structures
• 6:6 : Hackers Evade Outlook Spam Filters to Deliver Malicious ISO Files
• 6:6 : What’s Superalignment and Why Is It Critical to Address with AI Regulation in the U.S.?
• 6:6 : 100+ Malicious IPs Actively Exploiting Vulnerabilities in Cisco Devices
• 5:32 : CISA, FBI, and MS-ISAC Warn of Ghost Ransomware Threat
• 5:32 : Massive Botnet Targets MS 365 Accounts with Password Spraying Attacks
• 5:31 : Cybersecurity jobs available right now: February 25, 2025
• 5:31 : The CISO’s dilemma of protecting the enterprise while driving innovation
• 5:5 : IT Security News Hourly Summary 2025-02-25 06h : 1 posts
• 5:2 : Two Actively Exploited Security Flaws in Adobe and Oracle Products Flagged by CISA
• 3:39 : How to Comply with PCI DSS 4.0 Requirements 6.4.3 and 11.6.1
• 3:39 : CISA Warns of Oracle Agile Vulnerability Exploited in the Wild
• 2:5 : IT Security News Hourly Summary 2025-02-25 03h : 1 posts
• 2:2 : ISC Stormcast For Tuesday, February 25th, 2025 https://isc.sans.edu/podcastdetail/9338, (Tue, Feb 25th)
• 0:32 : Google binning SMS MFA at last and replacing it with QR codes
• 0:6 : $1.5B Hack of Bybit Might Be the Largest Crypto Heist Ever
• 23:31 : Auto-Color: An Emerging and Evasive Linux Backdoor
• 23:5 : IT Security News Hourly Summary 2025-02-25 00h : 2 posts
• 23:2 : Google Cloud Takes Steps to Guard Against Quantum Security Risks