IT Security News Daily Summary 2025-03-17

165 posts were published in the last hour

• 22:34 : Amazon to kill off local Alexa processing, all voice requests shipped to the cloud
• 22:6 : Randall Munroe’s XKCD ‘Omniroll’
• 22:6 : BSides Exeter 2024 – Red Track – OfCORS! How To Do Cross Origin Resource Sharing (im)properly
• 21:34 : Hackers Exploit ChatGPT with CVE-2024-27564, 10,000+ Attacks in a Week
• 21:34 : Amazon boots local Alexa processing: All your voice requests shipped to the cloud
• 21:13 : Building Security into the Feature During the Design Phase
• 21:13 : This slick Linux browser is like a tricked-out Opera – and it’s faster than Firefox
• 21:13 : Medusa Ransomware Strikes 300+ Targets: FBI & CISA Urge Immediate Action to #StopRansomware
• 20:32 : StilachiRAT Exploits Chrome for Crypto Wallets and Credentials
• 20:32 : Mistral AI drops new open-source model that outperforms GPT-4o Mini with fraction of parameters
• 20:32 : Threat actors rapidly exploit new Apache Tomcat flaw following PoC release
• 20:13 : ChatGPT Down as Users Report “Gateway Time-out” Error
• 20:13 : The Blink Mini 2 is the best $20 security camera you can buy – Here’s why
• 20:5 : IT Security News Hourly Summary 2025-03-17 21h : 2 posts
• 19:36 : 23,000 GitHub Repositories Targeted In Supply Chain Attack
• 19:11 : Creating an Inclusive Cybersecurity Culture
• 18:36 : Medusa Ransomware Warning: CISA and FBI Issue Urgent Advisory
• 18:36 : Exploit Code for Apache Tomcat RCE Vulnerability Published on Chinese Forum
• 18:8 : Custom vs. Off-the-shelf Educational Software
• 18:8 : SocGholish Exploits Compromised Websites to Deliver RansomHub Ransomware
• 18:8 : MassJacker Clipper Malware Targets Users Installing Pirated Software
• 18:7 : Beware! Malware Hidden in Free Word-to-PDF Converters
• 18:7 : Supply Chain Attack Targets 23,000 GitHub Repositories
• 18:7 : Hackers Rapidly Adopt ClickFix Technique for Sophisticated Attacks
• 18:7 : Texas man faces prison for activating ‘kill switch’ on former employer’s network
• 18:7 : Announcing OSV-Scanner V2: Vulnerability scanner and remediation tool for open source
• 18:7 : Telegram CEO Returns to Dubai Amid French Investigation Continues
• 18:7 : Kentico Xperience CMS Authentication Bypass Vulnerability Allow Attackers Execute Arbitrary Code Remotely
• 18:7 : Beware of Free File Word To PDF Converter That Delivers Malware
• 18:7 : NIST Announces HQC as Fifth Standardized Post Quantum Algorithm
• 18:7 : Software Developer vs. Software Engineer
• 18:7 : Addressing The Growing Challenge of Generic Secrets: Beyond GitHub’s Push Protection
• 18:7 : Sunflower and CCA Suffer Data Breaches, Exposing Hundreds of Thousands of Records
• 18:6 : StilachiRAT analysis: From system reconnaissance to cryptocurrency theft
• 18:6 : Apache Tomcat Vulnerability Actively Exploited Just 30 Hours After Public Disclosure
• 18:6 : AWS KMS CloudWatch metrics help you better track and understand how your KMS keys are being used
• 17:32 : Amazon’s Controversial Change to Echo’s Privacy Settings Takes Effect Soon
• 17:32 : Cloudflare Introduces E2E Post-Quantum Cryptography Protections
• 17:7 : All your Alexa recordings will go to the cloud soon, as Amazon sunsets Echo privacy
• 17:6 : Automobile Giant Jaguar Land Rover Allegedly Suffers Major Data Breach
• 17:6 : Fake CAPTCHA Scams Trick Windows Users into Downloading Malware
• 17:6 : What Is Kali Linux? Everything You Need to Know
• 17:6 : UK’s Online Safety Act: Ofcom Can Now Issue Sanctions
• 17:5 : IT Security News Hourly Summary 2025-03-17 18h : 10 posts
• 16:32 : 5 clever ways to use Chromecast on your TV (including one for smart home enthusiasts)
• 16:32 : WMI
• 16:32 : Attackers use CSS to create evasive phishing messages
• 16:32 : 8,000 New WordPress Vulnerabilities Reported in 2024
• 16:32 : How to encrypt and secure sensitive files on macOS
• 16:31 : Researchers Confirm BlackLock as Eldorado Rebrand
• 16:7 : Cloud Storage buckets holding sensitive information vulnerable to ransomware attacks
• 16:7 : Hackers are exploiting Fortinet firewall bugs to plant ransomware
• 16:7 : MassJacker Clipper Malware Attacking Users Installing Pirated Software
• 16:6 : Proactive Cybersecurity – Staying Ahead of Threats with a Preventive Approach
• 15:32 : Visa’s AI edge: How RAG-as-a-service and deep learning are strengthening security and speeding up data retrieval
• 15:32 : Your Chromecast is seriously underrated: 5 clever ways to utilize the streaming device
• 15:32 : DOGE staffer violated Treasury rules by emailing unencrypted personal data
• 15:32 : Improvements in Brute Force Attacks
• 15:31 : New KnowBe4 Report Finds Education Sector Unprepared for Escalating Cyberattacks
• 15:31 : Warning over free online file converters that actually install malware
• 15:5 : Vote for the session you want to see at TechCrunch Sessions: AI
• 15:5 : Manage Engine Analytics Vulnerability Allows User Account Takeover
• 15:4 : Zoom Team Chat Decrypted to Uncover User Activities
• 15:4 : Wazuh Open Source SIEM Vulnerability Allows Malicious Code Execution Remotely
• 15:4 : Espressif Systems Vulnerabilities Let Attackers Execute Arbitrary Code
• 15:4 : Chinese Volt Typhoon Hackers Exploiting Cisco & NetGear Routers To Compromise Organizations
• 14:34 : BitM Up! Session Stealing in Seconds Using the Browser-in-the-Middle Technique
• 14:34 : Malicious Code Hits ‘tj-actions/changed-files’ in 23,000 GitHub Repos
• 14:34 : 5 fundamental strategies for REST API authentication
• 14:34 : Cloudflare boosts defenses against future quantum threats
• 14:7 : Wazuh SIEM Vulnerability Enables Remote Malicious Code Execution
• 14:7 : Kentico Xperience CMS Vulnerability Enables Remote Code Execution
• 14:7 : Check Point Named Gold Winner for Cloud Security in 2025 Globee Cybersecurity Awards
• 14:6 : NordPass vs Bitwarden: Which Is Safer and Easier to Use in 2025?
• 14:6 : What is a buffer overflow? How do these types of attacks work?
• 14:6 : Bedrock Security’s metadata lake technology strengthens data security
• 14:6 : US Legislators Demand Transparency in Apple’s UK Backdoor Court Fight
• 14:5 : IT Security News Hourly Summary 2025-03-17 15h : 7 posts
• 13:36 : New C++ Based IIS Malware With Numerous Functionalities Mimics cmd.exe To Stay Undetected
• 13:36 : Bedrock Security Embraces Generative AI and Graph Technologies to Improve Data Security
• 13:36 : New Akira Ransomware Decryptor Leans on Nvidia GPU Power
• 13:36 : Vulnerability Summary for the Week of March 10, 2025
• 13:36 : ⚡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More
• 13:36 : Cybercriminals Exploit CSS to Evade Spam Filters and Track Email Users’ Actions
• 13:36 : Unpatched Edimax Camera Flaw Exploited for Mirai Botnet Attacks Since Last Year
• 13:3 : Preparing For The AI-Generated Cyber Threats Of 2025
• 13:3 : Scammers Pose as Cl0p Ransomware to Send Fake Extortion Letters
• 13:2 : Cyver Core Reports 50% Reduction in Pentest Reporting Time with Generative AI
• 13:2 : Espressif Systems Flaws Allow Hackers to Execute Arbitrary Code
• 13:2 : GitHub supply chain attack spills secrets from 23,000 projects
• 13:2 : Microsoft 365 Targeted in New Phishing, Account Takeover Attacks
• 13:2 : Windsor Schools’ Proactive Approach to Cybersecurity and Student Safety
• 13:2 : ⚡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More
• 12:34 : AI Operator Agents Helping Hackers Generate Malicious Code
• 12:34 : 1 in 10 people do nothing to stay secure and private on vacation
• 12:34 : 100 Car Dealerships Hit by Supply Chain Attack
• 12:34 : ⚡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More
• 12:11 : AI-Powered DEI Web Accessibility Hackathon 2025: Technical Innovations and Real-World Impact
• 12:11 : Researchers Remotely Hack Commercial Trucks & Buses to Unlock Them
• 12:11 : Zoom Team Chat Decrypted, Exposing User Activity Data
• 12:11 : Millions of RSA Keys Exposed, Revealing Serious Exploitable Flaws
• 12:11 : Android Malware Disguised as DeepSeek Steals Users’ Login Credentials
• 12:11 : BlackLock Ransomware Strikes Over 40 Organizations in Just Two Months
• 12:11 : Top Security Automation Tools for Auto-Remediation
• 12:11 : SANS Institute Warns of Novel Cloud-Native Ransomware Attacks
• 12:11 : ⚡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More
• 11:32 : OpenAI Argues Case For AI-Friendly US Rules
• 11:32 : Jaguar Land Rover Hit by HELLCAT Ransomware Using Stolen Jira Credentials
• 11:32 : Millions Of RSA Key Exposes Serious Flaws That Can Be Exploited
• 11:32 : Researcher Criticizes Microsoft Over Video Requirement for Bug Reports
• 11:32 : Apple Adds RCS End-to-End Encryption for Sending Text Messages Using iPhone
• 11:32 : BlackLock Ransomware Hacked 40+ Organization Within Two Months
• 11:32 : Jaguar Land Rover Breached by HELLCAT Ransomware Group using Jira Credentials
• 11:32 : Nvidia Riva Vulnerabilities Allow Unauthorized Use of AI Services
• 11:32 : £1M Lost as UK Social Media and Email Account Hacks Skyrocket
• 11:7 : Strengthening Critical Infrastructure with the NCSC CAF
• 11:7 : The Role of Localization in Cybersecurity Threat Mitigation
• 11:6 : Hackers Infiltrated PowerSchool Network Well Before December Attack
• 11:6 : GitHub project maintainers targeted with fake security alert
• 11:6 : Security Database Aims to Empower Non-Profits
• 11:5 : IT Security News Hourly Summary 2025-03-17 12h : 8 posts
• 10:32 : Corporate Investigation with Belkasoft X: A Digital Forensics Tool Revolutionizing Data Analysis
• 10:32 : Tesla Developing Cheaper Model Y To Stem China Losses
• 10:32 : Foxconn Misses Profit Expectations After iPhone Sales Drop
• 10:32 : UK government to open £16B IT services competition after 6-month delay
• 10:32 : UK’s internet watchdog puts storage and file-sharing services on watch over CSAM
• 10:32 : Android Malware Mimic As DeepSeek To Steal Users Login Credentials
• 10:32 : GitHub Action Compromise Puts CI/CD Secrets at Risk in Over 23,000 Repositories
• 10:31 : Tj-actions Supply Chain Attack Exposes 23,000 Organizations
• 10:3 : Microsoft wouldn’t look at a bug report without a video. Researcher maliciously complied
• 10:3 : Industry Moves for the week of March 17, 2025 – SecurityWeek
• 10:3 : Popular GitHub Action Targeted in Supply Chain Attack
• 9:32 : European Cyber Report 2025: 137% more DDoS attacks than last year – what companies need to know
• 9:32 : Researcher releases free GPU-Based decryptor for Linux Akira ransomware
• 9:32 : Tackling Data Overload: Strategies for Effective Vulnerability Remediation
• 9:9 : Medusa Ransomware Hits Critical Infrastructure
• 9:9 : European Parliament Bans Huawei Lobbyists After Arrests
• 9:9 : Global Smartwatch Sales Fall For First Time
• 9:9 : Silicon UK In Focus Podcast: Leadership and Culture in the Age of AI
• 9:9 : Apple Introduces RCS End-to-End Encryption for iPhone Messages
• 9:9 : Hackers Exploit Tomcat Vulnerability to Hijack Apache Servers
• 9:9 : Hackers Exploiting CSS to Evade Spam Filters & Track User Actions
• 9:8 : Adobe Acrobat Reader Vulnerabilities Let Attackers Execute Arbitrary Code
• 9:8 : Researchers Hacked Into Commercial Trucks & Buses To Unlock Remotely
• 8:31 : A week in security (March 10 – March 16)
• 8:6 : Static Analysis of GUID Encoded Shellcode, (Mon, Mar 17th)
• 8:5 : IT Security News Hourly Summary 2025-03-17 09h : 5 posts
• 7:34 : Hackers Use CSS Tricks to Bypass Spam Filters and Monitor Users
• 7:34 : Adobe Acrobat Vulnerabilities Enable Remote Code Execution
• 7:34 : EFF Joins 7amleh Campaign to #ReconnectGaza
• 7:33 : VPN brute-force attacks, water utilities bill, LockBit developer extradited
• 7:8 : Hackers Exploiting TP-Link Vulnerability to Gain Root Access
• 6:32 : Pay, fight, or stall? The dilemma of ransomware negotiations
• 6:31 : Black Basta’s New Automated Brute Force Tool: Cyber Security Today For Monday, March 17, 2025
• 6:11 : Social Media and Email hacking surged in 2024
• 6:11 : Technical Tips to Evade AI-Based Cyber Threats
• 6:11 : European tech industry coalition calls for ‘radical action’ on digital sovereignty — starting with buying local
• 6:11 : Review: Cybersecurity Tabletop Exercises
• 5:34 : Hackers Target TP-Link Vulnerability to Gain Full System Control
• 5:34 : IntelMQ: Open-source tool for collecting and processing security feeds
• 2:9 : ISC Stormcast For Monday, March 17th, 2025 https://isc.sans.edu/podcastdetail/9366, (Mon, Mar 17th)
• 0:34 : Denmark warns of increased state-sponsored campaigns targeting the European telcos
• 23:9 : FCC stands up Council on National Security to fight China in ways that CISA used to
• 23:5 : IT Security News Hourly Summary 2025-03-17 00h : 3 posts
• 22:58 : IT Security News Weekly Summary 11