IT Security News Daily Summary 2025-03-05

172 posts were published in the last hour

• 22:31 : SimilarWeb data: This obscure AI startup grew 8,658% while OpenAI crawled at 9%
• 21:32 : China-linked APT Silk Typhoon targets IT Supply Chain
• 21:31 : SandboxAQ Joins UN AI Hub to Bolster Cybersecurity and Drive AI Innovation
• 21:31 : Ransomware Attack Ends a 150 Year Company
• 20:31 : DEF CON 32 – War Stories – Stranger In A Changed Land
• 20:5 : IT Security News Hourly Summary 2025-03-05 21h : 10 posts
• 19:32 : KIAM vs AWS IAM Roles for Service Accounts (IRSA)
• 19:32 : Catalan court says NSO Group executives can be charged in spyware investigation
• 19:32 : Microsoft To Harden The Trust Boundary of VBS Enclaves
• 19:31 : US Indicts China’s iSoon ‘Hackers-for-Hire’ Operatives
• 19:9 : Why is Apple Taking Legal Action Against UK’s Government?
• 19:9 : Microsoft Blames Widespread Outage on “Problematic Code Change”
• 19:9 : Google Issues Urgent Alert for Exploited Android Vulnerabilities
• 19:9 : 7 container security best practices
• 19:9 : Apple vs. UK — ADP E2EE Back Door Faceoff
• 19:8 : AWS completes the annual Dubai Electronic Security Centre certification audit to operate as a Tier 1 cloud service provider in the Emirate of Dubai
• 18:32 : What is the Digital Operational Resilience Act (DORA)?
• 18:32 : US Charges 12 Alleged Spies in China’s Freewheeling Hacker-for-Hire Ecosystem
• 18:32 : Highly Targeted Cyber Espionage Campaign Targeting UAE Aviation Sector
• 18:32 : Key Takeaways from the SEON 2025 Digital Fraud Outlook
• 18:32 : Attackers Target Over 4000 IP Addresses of US, China ISPs
• 18:4 : Judge Denies Elon Musk’s Request To Block OpenAI Non-Profit Bid
• 18:4 : Former NSA official says federal worker cuts will have ‘devastating impact’ on cyber and national security
• 17:32 : Waymo Begins Robotaxi Rides In Austin Via Uber App
• 17:32 : Chinese Silk Typhoon Group Targets IT Tools for Network Breaches
• 17:32 : Apple Taking Legal Action Against UK Over Backdoor Demands
• 17:32 : US Charges 12 Alleged Spies in China’s Freewheeling Hacker-for-Hire Ecosystem
• 17:32 : Apple drags UK government to court over ‘backdoor’ order
• 17:31 : China’s Silk Typhoon, tied to US Treasury break-in, now hammers IT and govt targets
• 17:5 : IT Security News Hourly Summary 2025-03-05 18h : 12 posts
• 17:3 : Qualcomm Boss Touts Performance Of New Modem Against Apple’s C1
• 17:2 : Justice Department charges Chinese hackers-for-hire linked to Treasury breach
• 17:2 : Hunters International gang claims the theft of 1.4 TB of data allegedly stolen from Tata Technologies
• 17:2 : Preparing for the New European Machinery Compliance Regulation
• 17:2 : Microsoft Warns of Silk Typhoon Hackers Attacking IT Supply Chain
• 17:2 : SpecterOps Scores $75M Series B to Scale BloodHound Enterprise Platform
• 17:2 : DEF CON 32 – War Stories – Breaking Network Crypto In Popular Chinese Keyboard Apps
• 17:2 : Middle East Banks Strengthen Cybersecurity Amid Growing Threats
• 17:2 : The 5 stages of incident response grief
• 17:2 : Silk Typhoon Shifts Tactics to Exploit Common IT Solutions
• 16:5 : GoStringUngarbler: Deobfuscating Strings in Garbled Binaries
• 16:5 : North Korea exploits GitHub with fake profiles and Insider Threats
• 16:5 : Cactus Ransomware: What You Need To Know
• 16:4 : Cybereason CEO Resigns Amid Funding Dispute with Investors
• 16:4 : Russian Telecom Company “Beeline” Hit, Users Face Internet Outage
• 16:4 : India’s Escalating Crisis of Fake Institutions and Digital Fraud
• 16:4 : Genea Cyberattack: Termite Ransomware Leaks Sensitive Patient Data
• 16:4 : China-Linked Silk Typhoon Expands Cyber Attacks to IT Supply Chains for Initial Access
• 15:32 : Trump Says US Should Kill Landmark CHIPS And Science Act
• 15:31 : New Eleven11bot botnet infected +86K IoT devices
• 15:31 : Hong Kong Launches Its First Generative AI Model
• 15:5 : Alli AI Announces Upcoming Public Launch of AI-Powered Content Creation Platform
• 15:5 : Broadcom urges VMware customers to patch ‘emergency’ zero-day bugs under active exploitation
• 15:4 : Hackers Leveraging Business Relationship To Attack Arab Emirates Aviation Sector
• 15:4 : Cisco Webex for BroadWorks Vulnerability Let Remote Attackers Access Data & Credentials
• 15:4 : WordPress Plugin Vulnerability Exposes 10,000 Sites to Code Execution Attacks
• 15:4 : Apple takes UK government to court over ‘backdoor’ order
• 15:4 : Nonprofits Face Surge in Cyber-Attacks as Email Threats Rise 35%
• 14:32 : I spoke to a task scammer. Here’s how it went
• 14:32 : Eleven11bot Captures 86,000 IoT Devices for DDoS Attacks
• 14:32 : Google Rolls Out AI Scam Detection for Android to Combat Conversational Fraud
• 14:32 : Dark Caracal Uses Poco RAT to Target Spanish-Speaking Enterprises in Latin America
• 14:32 : Defending against USB drive attacks with Wazuh
• 14:5 : IT Security News Hourly Summary 2025-03-05 15h : 9 posts
• 14:4 : Why I use virtual cards for online purchases – and you should too
• 14:4 : CIA director says US has paused sharing intelligence with Ukraine
• 14:4 : Iranian Hackers Target UAE Firms With Polyglot Files
• 14:4 : Google Introduces New AI-Powered Scam Detection Features for Android
• 13:32 : CISA Issues Alert on Actively Exploited VMware Vulnerabilities
• 13:32 : Salesforce launches Agentforce 2dx, letting AI run autonomously across enterprise systems
• 13:32 : Tripwire Patch Priority Index for February 2025
• 13:32 : North Korean Fake IT Workers Pose as Blockchain Developers on GitHub
• 13:31 : Silk Typhoon targeting IT supply chain
• 12:32 : Cisco Webex for BroadWorks Flaw Opens Door for Attackers to Access Credentials
• 12:32 : Android zero-day vulnerabilities actively abused. Update as soon as you can
• 12:32 : Leeds United kick card swipers into Row Z after 5-day cyberattack
• 12:31 : Identity: The New Cybersecurity Battleground
• 12:31 : Chinese APT Lotus Panda Targets Governments With New Sagerunex Backdoor Variants
• 12:5 : Australia Bans Kaspersky Products From Government Systems
• 12:5 : Meta Fired Employees For Alleged Information Leaks
• 12:5 : Thousands of Misconfigured AMS Risk Buildings’ Security Globally
• 12:5 : Microsoft Retires Skype, Asks Users To Switch To Teams Free
• 12:5 : New Auto-Color Linux Malware Targets Universities, Government Organizations
• 12:5 : Apple Appeals UK Order For ‘Backdoor’ iCloud Access – Report
• 12:5 : North Korean IT Workers Exploit GitHub to Launch Global Cyber Attacks
• 12:5 : Operation Sea Elephant Targets Organizations to Steal Research Data
• 12:4 : Beware! Fake CAPTCHA Hidden LummaStealer Threat Installing Silently
• 12:4 : Over 10,000 WordPress Sites Exposed by Donation Plugin Code Execution Vulnerability
• 12:4 : CISA Identifies Five New Vulnerabilities Currently Being Exploited
• 12:4 : U.S Treasury Sanctions Admin of Nemesis Darknet Marketplace
• 12:4 : CISA Warns of Actively Exploited VMware Vulnerabilities, Urges Immediate Patching
• 12:4 : Ransomware Group Claims Attack on Tata Technologies
• 11:32 : Cybercriminals Impersonate Electronic Frontier Foundation to Target Gaming Community
• 11:32 : 1 Million Third-Party Android Devices Have a Secret Backdoor for Scammers
• 11:32 : November 2024 Cyber Attacks Statistics
• 11:32 : Chrome 134, Firefox 136 Patch High-Severity Vulnerabilities
• 11:31 : Stress and Burnout Impacting Vast Majority of IT Pros
• 11:5 : Use one Virtual Machine to own them all — active exploitation of ESXicape
• 11:5 : Beneath the Surface: Detecting and Blocking Hidden Malicious Traffic Distribution Systems
• 11:5 : Trump Suspends Offensive Cyber Operations Against Russia
• 11:5 : Hackers Exploit Cloud Misconfigurations to Spread Malware
• 11:5 : IT Security News Hourly Summary 2025-03-05 12h : 15 posts
• 11:4 : U.S. Cracks Down on Nemesis Darknet Admin with New Treasury Sanctions
• 11:4 : Microsoft To Remove DES Encryption from Windows 11 24H2 & Windows Server 2025
• 11:4 : Vim Editor Vulnerability Exploited Via TAR Files to Trigger Code Execution
• 11:4 : Telegram EvilVideo Vulnerability Exploited to Execute Malicious Code on Victim Device
• 11:4 : Knostic Secures $11 Million to Rein in Enterprise AI Data Leakage, Oversharing
• 11:4 : What is the Process of ISO 27001 Certification?
• 11:4 : What is Red Teaming?
• 11:4 : Top 7 Cyber Security Challenges Faced by SaaS Organizations
• 11:4 : Why Supply Chain Attacks Are The Biggest Threat To Businesses?
• 10:32 : Telegram EvilVideo Vulnerability Exploited to Run Malicious Code on Victims’ Devices
• 10:32 : Vim Vulnerability (CVE-2025-27423) Allows Code Execution via Malicious TAR Archives
• 10:32 : Polish Space Agency POLSA disconnected its network following a cyberattack
• 10:32 : Undercover miner: how YouTubers get pressed into distributing SilentCryptoMiner as a restriction bypass tool
• 10:31 : Qilin ransomware gang claims attacks on cancer clinic, OB-GYN facility
• 10:31 : Over Half of Organizations Report Serious OT Security Incidents
• 10:2 : LinkedIn Phishing Scam: Fake InMail Messages Spreading ConnectWise Trojan
• 10:2 : US Sanctions Iranian Administrator of Nemesis Darknet Marketplace
• 10:2 : Sonatype AI SCA delivers visibility and control over AI/ML usage
• 9:32 : Detection engineering at scale: one step closer (part three)
• 9:32 : Integrating Payroll Systems: Risks, Challenges, and Solutions
• 9:32 : eSentire Next Level MDR identifies, prioritizes, and mitigates exposures
• 9:31 : Sonatype AI SCA provides visibility and control over AI/ML usage
• 9:31 : Would-be Extortionists Send “BianLian” Ransom Notes in the Mail
• 9:31 : US Government Shuts Down Top Tech Unit: Hashtag Trending for Wednesday, March 5, 2025
• 9:5 : Silicon UK AI For Your Business Podcast: Entering the Age of Agentic AI in 2025?
• 9:5 : ICS Environments and Patch Management: What to Do If You Can’t Patch
• 9:5 : Understanding the Abu Dhabi Healthcare Information and Cyber Security Standard
• 9:5 : Apple is challenging U.K.’s iCloud encryption backdoor order
• 9:4 : NVIDIA Warns of Multiple Vulnerabilities that Let Attackers Execute Malicious Code
• 9:4 : Zoho ADSelfService Plus Vulnerability Let Attackers Gain Unauthorized Access
• 9:4 : HPE Remote Support Tool Vulnerability Let Attackers Execute Arbitrary code – PoC Released
• 9:4 : GrassCall Malware Attacking Job Seekers To Steal Login Credentials
• 9:4 : Researchers Detailed APT28’s HTA Trojan Multi-Layer Obfuscation Techniques
• 9:4 : How prevention is better than cure
• 8:32 : The UK’s Competition Watchdog Launches Investigation into Mobile Platforms
• 8:32 : VMware Urges Immediate Patching for Exploited Vulnerabilities: CISA Issues Emergency Directive
• 8:32 : New Eleven11bot DDoS Botnet Powered by 80,000 Hacked Devices
• 8:32 : Omega Systems’ Enterprise Password Management solution reduces the risk of cyberattacks
• 8:32 : Apple vs UK encryption backdoor, VMware bugs allow sandbox escape, JavaGhost targets AWS
• 8:6 : Zoho ADSelfService Plus Flaw Allows Hackers to Gain Unauthorized Access
• 8:6 : PoC Released for HPE Remote Support Tool Vulnerability Allowing Remote Code Execution
• 8:6 : Enhance Private 5G Security for Industrial Deployments
• 8:6 : Seven Malicious Go Packages Found Deploying Malware on Linux and macOS Systems
• 8:6 : US Cyber Security Confusion: Cyber Security Today for Wednesday, March 5, 2015
• 8:5 : IT Security News Hourly Summary 2025-03-05 09h : 2 posts
• 7:31 : From Event to Insight: Unpacking a B2B Business Email Compromise (BEC) Scenario
• 7:31 : U.S. CISA adds Linux kernel and VMware ESXi and Workstation flaws to its Known Exploited Vulnerabilities catalog
• 7:4 : Can Tokenization Help Secure Payment Data for Financial Institutions
• 7:4 : Chrome 134 Released, Fixes 14 Vulnerabilities That Could Crash the Browser
• 7:4 : New Mobile App Scanning Tool Created by Approov and CMU Africa
• 6:32 : DDoS Attack on Beeline Russia
• 6:31 : NVIDIA Issues Warning About Severe Security Flaws Enabling Code Attacks
• 6:3 : The UK’s Competition Watchdog Launches Investigation into Apple and Google’s Mobile Platforms
• 6:3 : Windows KDC Proxy RCE Vulnerability Allows Remote Server Takeover
• 6:3 : Chrome 134 Launches with Patches for 14 Crash-Inducing Vulnerabilities
• 6:3 : Why multi-cloud security needs a fresh approach to stay resilient
• 6:3 : Specops Secure Access strengthens security for Windows, RDP, and VPN logins
• 6:2 : Fix Inventory: Open-source cloud asset inventory tool
• 5:31 : Scammers take over social media
• 5:5 : IT Security News Hourly Summary 2025-03-05 06h : 1 posts
• 5:2 : News alert: Hunters announces ‘Pathfinder AI’ to enhance detection and response in SOC workflows
• 2:5 : IT Security News Hourly Summary 2025-03-05 03h : 3 posts
• 2:4 : ISC Stormcast For Wednesday, March 5th, 2025 https://isc.sans.edu/podcastdetail/9350, (Wed, Mar 5th)
• 2:4 : The best travel VPNs of 2025: Expert tested and reviewed
• 1:31 : Ransomware thugs threaten Tata Technologies with leak if demands not met
• 0:32 : Google Cuts Off uBlock Origin on Chrome as Firefox Stands Firm on Ad Blockers
• 0:31 : VMware fixed three actively exploited zero-days in ESX products
• 23:5 : IT Security News Hourly Summary 2025-03-05 00h : 3 posts
• 23:4 : Understanding PreVeil’s Approval Groups: A Revolutionary Approach to Security Administration
• 22:55 : IT Security News Daily Summary 2025-03-04