IT Security News Daily Summary 2025-04-01

171 posts were published in the last hour

• 21:11 : APT34 Deploys Custom Malware Targeting Finance and Telecom Sectors
• 21:11 : KoiLoader Exploits PowerShell Scripts to Drop Malicious Payloads
• 21:11 : New Surge of IRS-Themed Attacks Targets Taxpayers’ Mobile Devices
• 21:11 : Ransomware Threatens 93% of Industries— Resilience Is Critical
• 21:11 : Sliver Framework Customized Enhances Evasion and Bypasses EDR Detection
• 21:11 : Developers Wanted: OpenAI Seeks Feedback About Open Model That Will Be Revealed ‘In the Coming Months’
• 20:34 : Don’t take the bait – How to spot and stop phishing scams
• 20:7 : Vote for “How to Fix the Internet” in the Webby Awards People’s Voice Competition!
• 20:5 : IT Security News Hourly Summary 2025-04-01 21h : 7 posts
• 19:32 : Microsoft warns of critical flaw in Canon printer drivers
• 19:32 : APT34 hackers Using New Custom Malware to Attack Finance & Telecomm Industries
• 19:32 : Hackers Could Unleash Chaos Through Backdoor in China-Made Robot Dogs
• 19:8 : Turning Your Photos Ghibli: The Hidden Risks You Need to Know
• 18:34 : Oracle Hit with Lawsuit Over Alleged Cloud Breach Affecting Millions
• 18:34 : Windows 11 is getting a secret weapon for boot failures – how it works
• 18:34 : March Recap: New AWS Sensitive Permissions and Services
• 18:34 : When AI Fights Back: Simbian’s 2025 Hackathon Challenges Humans to Outsmart the Machines
• 18:9 : Unlocking the Next Wave of Edge Computing with Serverless WebAssembly
• 18:9 : Building Resilient ICT Supply Chains:  8th Annual Supply Chain Integrity Month
• 18:8 : IONIX Unveils Parked Domain Classification
• 17:38 : Genetic sharing site openSNP to shut down, citing concerns of data privacy and ‘rise in authoritarian governments’
• 17:38 : The 2025 WAF Wave from the Other Side
• 17:38 : Over 1,500 PostgreSQL Servers Compromised in Fileless Cryptocurrency Mining Campaign
• 17:8 : Safeguarding Sensitive Data: Content Detection Technologies in DLP
• 17:8 : 5 tools I trust to keep my online conversations private and anonymous
• 17:8 : CISA Releases Two Industrial Control Systems Advisories
• 17:8 : Rockwell Automation Lifecycle Services with Veeam Backup and Replication
• 17:7 : Someone is trying to recruit security researchers in bizarre hacking campaign
• 17:7 : Platformization Maximizes Security Efficacy & IT Operations Efficiency
• 17:7 : Top 3 Techniques To Improve Threat Hunting In Your Company
• 17:7 : Kentico Xperience CMS XSS Vulnerability Let Attackers Execute Remote Code
• 17:7 : EncGPT – AI-agent that Dynamically Generates Encryption & Decryption Rules
• 17:7 : VMware Aria Operations Vulnerability Exposes Systems to Privilege Escalation Attacks
• 17:7 : Plantronics Hub Vulnerability Let Attackers Escalate Privileges
• 17:7 : BSidesLV24 – Keynotes – Day One: “Secure AI” Is 20 Years Old
• 17:7 : Hackers Target ‘Counter Strike-2’ Players Via Fake Steam Login Pop-ups
• 17:7 : Experts Warn Trump Officials Using Signal for War Plans Risk Massive Leaks
• 17:7 : Sanctioned Russian Crypto Exchange Garantex Allegedly Rebrands as Grinex
• 17:7 : Cyber Threats Surge Across Africa’s Financial Sector, Urging Stronger Cybersecurity Defenses
• 17:6 : Cyberattack Exposes Confidential Defence Data, Raising Security Concerns
• 17:6 : Transforming public sector security operations in the AI era
• 17:6 : Enterprise Gmail Users Can Now Send End-to-End Encrypted Emails to Any Platform
• 17:5 : IT Security News Hourly Summary 2025-04-01 18h : 10 posts
• 16:11 : Massive 400GB X (Twitter) Data Leaked – 2.8 Billion Records Exposed
• 16:11 : Microsoft to mark five decades of Ctrl-Alt-Deleting the competition
• 16:11 : Hackers Looking for Vulnerable Palo Alto Networks GlobalProtect Portals
• 16:11 : Navigating the Quantum Shift: A Practical Approach to Crypto-Agility with PQC-Enabled PKI
• 16:11 : You Feel Like an Imposter and That’s Okay: Here’s How to Build Up Confidence
• 16:10 : Attackers are targeting CrushFTP vulnerability with public PoC (CVE-2025-2825)
• 15:36 : Russian Railways hit by DDoS Cyber Attack from Hacker Army
• 15:36 : Ukraine Blames Russia for Railway Hack, Labels It “Act of Terrorism”
• 15:36 : WP Ultimate CSV Importer Flaws Expose 20,000 Websites to Attacks
• 15:15 : Anatomy of a SYN-ACK Attack
• 15:15 : Windows 11 PC won’t boot? Microsoft’s new tool tries to fix it before you even panic – here’s how
• 15:15 : How ESET is using AI PCs to boost endpoint security
• 15:15 : HijackLoader With New Modules to Hide Functions & Detect Malware Analysis
• 15:15 : Samsung Data Leak – Threat Actors Leak 270,000 Customers Tickets Data
• 15:15 : Rockwell Automation Vulnerability Let Attackers Gain Access to Run Arbitrary Commands
• 15:15 : Lucid PhaaS Hits 169 Targets in 88 Countries Using iMessage and RCS Smishing
• 14:34 : April is Emergency Communications Month!
• 14:34 : CrushFTP CVE-2025-2825 flaw actively exploited in the wild
• 14:34 : OpenSSF guidelines encourage OSS developers to build securely
• 14:9 : How to disable ACR on your TV (and why doing makes such a big difference for privacy)
• 14:8 : Tax Season Threat Surge
• 14:5 : IT Security News Hourly Summary 2025-04-01 15h : 14 posts
• 13:36 : Massive 400GB X (Twitter) Data Leak Surfaces on Hacker Forums
• 13:36 : Employee Spotlight: Getting to Know Vanessa Johnson
• 13:36 : The NHS Cybersecurity Challenge. Why Agent Fatigue Makes It Worse?
• 13:36 : Building a reasonable cyber defense program
• 13:36 : New Phishing Attack Combines Vishing and DLL Sideloading Techniques
• 13:9 : PortSwigger Launches Burp AI to Enhance Penetration Testing with AI
• 13:9 : Google says easy email encryption is on the way – for some users
• 13:9 : Google makes end-to-end encrypted Gmail easy for all – even Outlook users
• 13:9 : Happy 21st Birthday, Gmail! Google’s Present to Enterprise Gmail Users: End-to-End Encryption
• 13:9 : Security Operations Firm ReliaQuest Raises $500M at $3.4B Valuation
• 13:9 : Stellar Cyber Open Cybersecurity Alliance enhances threat detection and response
• 13:9 : ExaGrid announces three models and additional security features in software version update
• 13:9 : Apple Backports Critical Fixes for 3 Recent 0-Days Impacting Older iOS and macOS Devices
• 13:8 : Google to Switch on E2EE for All Gmail Users
• 12:32 : DPRK IT Workers Expanding in Scope and Scale
• 12:32 : Chord Specialty Dental Partners Data Breach Exposes Customer Personal Data
• 12:32 : France’s antitrust authority fines Apple €150M for issues related to its App Tracking Transparency
• 12:31 : Ransomware Group Takes Credit for National Presto Industries Attack
• 12:7 : Microsoft Teams Vishing Used to Deploy Malware via TeamViewer
• 12:7 : LensDeal Data Breach Exposes 100,000 Customers’ Personal Information
• 12:7 : Kentico Xperience CMS XSS Vulnerability Allows Remote Code Execution
• 12:7 : IAM compliance: Know the system controls at your disposal
• 12:7 : How to talk to your family and friends about online security – before it’s too late
• 12:6 : Top 30 Best Penetration Testing Tools – 2025
• 12:6 : Check Point Acknowledges Data Breach, Claims Information is ‘Old
• 12:6 : Intimate images from kink and LGBTQ+ dating apps left exposed online
• 12:6 : UK threatens £100K-a-day fines under new cyber bill
• 12:6 : Critical Vulnerability Found in Canon Printer Drivers
• 11:32 : Microsoft Discovers GRUB2, U-Boot, and Barebox Bootloader Flaws with Copilot
• 11:32 : Apple Issues Warning on Three 0-Day Vulnerabilities Under Active Exploitation
• 11:32 : Cell Phone OPSEC for Border Crossings
• 11:32 : CrushFTP Blames Security Firms for Fast Exploitation of Vulnerability
• 11:32 : HaveIBeenPwned Founder Compromised in Phishing Incident
• 11:32 : LoftLabs vNode simplifies Kubernetes operations
• 11:32 : Attackers are probing Palo Alto Networks GlobalProtect portals
• 11:32 : New Case Study: Global Retailer Overshares CSRF Tokens with Facebook
• 11:32 : China-Linked Earth Alux Uses VARGEIT and COBEACON in Multi-Stage Cyber Intrusions
• 11:32 : Nearly 24,000 IPs Target PAN-OS GlobalProtect in Coordinated Login Scan Campaign
• 11:31 : Apple Backports Critical Fixes for 3 Live Exploits Impacting iOS and macOS Legacy Devices
• 11:31 : Cybercriminals Expand Use of Lookalike Domains in Email Attacks
• 11:9 : Cryptocurrency in 2025: Exploring Bitcoin Growth, AI, and the Next Wave of Tools
• 11:9 : Why multi-factor authentication is absolutely essential in 2025
• 11:8 : Linux Lite 7.4 Final Released with GUI Updates & Bug Fixes
• 11:8 : Check Point Responds to Hacking Claims
• 11:5 : IT Security News Hourly Summary 2025-04-01 12h : 9 posts
• 10:34 : France Fines Apple Over Ad Tracking Feature
• 10:34 : Apple Patches Recent Zero-Days in Older iPhones
• 10:9 : Evolution of Sophisticated Phishing Tactics: The QR Code Phenomenon
• 10:9 : Why delaying software updates is a terrible idea
• 10:9 : Top Cybersecurity Considerations When Moving Commercial Premises
• 10:9 : Japan Passes Active Cyber Defense Bill
• 10:9 : Microsoft Uncovers Several Vulnerabilities in GRUB2, U-Boot, Barebox Bootloaders Using Copilot
• 10:9 : “Urgent reminder” tax scam wants to phish your Microsoft credentials
• 10:8 : Next.js Vulnerability Exposes Middleware Security Gaps
• 9:32 : Samsung AI Fridge Creates Shopping Lists, Adjusts AC
• 9:32 : OpenAI To Release Open-Weight AI Model
• 9:32 : Why no small business is too small for hackers – and 8 security best practices for SMBs
• 9:31 : Help! I clicked on a phishing link – now what?
• 9:9 : Rockwell Automation Vulnerability Allows Attackers to Execute Arbitrary Commands
• 9:9 : I clicked on four sneaky online scams on purpose – to show you how they work
• 9:9 : TechRepublic Premium Editorial Calendar: Policies, Hiring Kits, and Glossaries for Download
• 9:8 : GCHQ intern took top secret spy tool home, now faces prison
• 9:8 : Cyber Security and Resilience Bill Will Apply to 1000 UK Firms
• 8:34 : China Approves First ‘Flying Car’ Licences
• 8:34 : Huawei Consumer Revenues Surge Amidst Smartphone Comeback
• 8:34 : Hiding WordPress malware in the mu-plugins directory to avoid detection
• 8:34 : CISA Warns of Cisco Smart Licensing Utility Credential Vulnerability Exploited in Attacks
• 8:34 : CrushFTP Vulnerability Exploited in Attacks Following PoC Release
• 8:33 : Apple Warns of Three 0-Day Vulnerabilities Actively Exploited in Attacks
• 8:8 : The Unique Challenges of Securing Agentic AI
• 8:5 : IT Security News Hourly Summary 2025-04-01 09h : 10 posts
• 7:35 : What is the New Jersey Data Protection Act and How does it Affect Businesses?
• 7:35 : Why AI Literacy Matters
• 7:35 : Microsoft Shutters Shanghai Lab In Latest China Pullback
• 7:35 : FTC’s warning to 23andMe buyer, global phishing threats, Samsung breach
• 7:4 : Check Point Confirms Data Breach, Says Leaked Information is ‘Old’
• 6:34 : Quantum Sensors: From Lab to Chip Through Semiconductor Fabs
• 6:34 : CrushFTP Security Vulnerability Under Attack After PoC Release
• 6:34 : Hackers Scanning From 24,000 IPs to Gain Access to Palo Alto Networks GlobalProtect Portals
• 6:34 : Digital Payment Security: Trends and Realities of 2025
• 6:34 : Why global tensions are a cybersecurity problem for every business
• 6:9 : Over 1.5m personal photos from dating apps leak online
• 6:9 : Why China is considered a Big Cyber Threat to U.S. IT Infrastructure
• 6:9 : CISA Warns of Cisco Smart Licensing Utility Credential Flaw Exploited in Attacks
• 6:9 : Apple Fined €150 Million by French Regulator Over Discriminatory ATT Consent Practices
• 5:31 : The human side of insider threats: People, pressure, and payback
• 5:31 : How to build an effective cybersecurity simulation
• 5:9 : Upgrading Email Security: Why Legacy Systems Struggle with Modern Threats and How to Fix Them
• 5:9 : Linux Lite 7.4 Final Released: Enhanced GUI and Bug Fixes
• 5:8 : Hackers Deploy 24,000 IPs to Breach Palo Alto Networks GlobalProtect
• 5:8 : Generative AI Is reshaping financial fraud. Can security keep up?
• 4:6 : Cybersecurity jobs available right now: April 1, 2025
• 2:5 : IT Security News Hourly Summary 2025-04-01 03h : 3 posts
• 2:4 : ISC Stormcast For Tuesday, April 1st, 2025 https://isc.sans.edu/podcastdetail/9388, (Tue, Apr 1st)
• 1:36 : CISA spots spawn of Spawn malware targeting Ivanti flaw
• 1:7 : OpenAI to release open-source model as AI economics force strategic shift
• 0:36 : EFF Urges Third Circuit to Join the Legal Chorus: No One Owns the Law
• 0:8 : Apple Patches Everything: March 31st 2025 Edition, (Mon, Mar 31st)
• 0:8 : Hacker Claims Breach of Check Point Cybersecurity Firm, Sells Access
• 23:34 : Oracle Cloud security SNAFU latest: IT giant accused of pedantry as evidence scrubbed
• 23:34 : Top cybersecurity boffin, wife vanish as FBI raids homes
• 23:33 : Top Passwordless Identity Assurance Trends for 2025
• 23:5 : IT Security News Hourly Summary 2025-04-01 00h : 8 posts
• 23:1 : IT Security News Weekly Summary April
• 22:55 : IT Security News Daily Summary 2025-03-31
• 22:4 : Oracle Cloud security SNAFU latest: IT giant accused of pedantry as evidence vanishes