IT Security News Daily Summary 2025-04-14

170 posts were published in the last hour

• 21:35 : Amex GBT puts AI at the center of SOC automation, threat modeling, incident response
• 21:35 : Beware of $5 SMS Phishing Attack Targeting Toll Road Users
• 21:34 : The Rise of Cyber Insurance – What CISOs Need to Consider
• 21:34 : Post-Breach Communication – How CISOs Should Talk to the Board
• 21:34 : Integrate Modern Strategies for Zero Trust with Identity & Access Management (IAM)
• 21:34 : Meta slurps up EU user data for AI training
• 21:2 : Incomplete Patch Leaves NVIDIA and Docker Users at Risk
• 21:2 : Jira Restore And Disaster Recovery: Scenarios and Use Cases
• 21:2 : Microsoft’s Recall AI Tool Is Making an Unwelcome Return
• 21:2 : Beyond Schema Enforcement: Imperva’s Approach to Delivering Holistic API Security
• 21:2 : EFF Joins Amicus Briefs Supporting Two More Law Firms Against Unconstitutional Executive Orders
• 20:7 : OpenAI slashes prices for GPT-4.1, igniting AI price war among tech giants
• 20:7 : How to Integrate Security into Agile Dev Teams
• 20:7 : Top 10 Malware Threats of the Week – Lumma & Snake Lead the Surge, Reports ANY.RUN
• 20:6 : News alert: AcceleTrex unveils referral exchange that turns trusted conversations into scalable growth
• 20:5 : IT Security News Hourly Summary 2025-04-14 21h : 10 posts
• 19:34 : OpenAI’s new GPT-4.1 models can process a million tokens and solve coding problems better than ever
• 19:34 : New malware ‘ResolverRAT’ targets healthcare, pharmaceutical firms
• 19:3 : Sharing Is (Not) Caring: How Shared Credentials Open the Door to Breaches
• 19:3 : Pre-Installed Malware on Cheap Android Phones Steals Crypto via Fake WhatsApp
• 19:3 : Overcoming MFA Test Automation Challenges
• 19:3 : China Reportedly Admits Their Role in Cyber Attacks Against U.S. Infrastructure
• 19:3 : Threat Actors Enhances HijackLoader With New Module for Stealth and Evasion
• 19:2 : Surge in Cloud Threats Spikes Rapid Adoption of CNAPPs for Cloud-Native Security
• 19:2 : How to Build a Cyber Risk Tolerance Statement for Your Organization as a CISO
• 19:2 : Slow Pisces Hackers Attacking Developers With Coding Challenges & Python Malware
• 19:2 : Cyber congressman demands answers before CISA gets cut down to size
• 18:34 : Hertz says customers’ personal data and driver’s licenses stolen in data breach
• 18:4 : Randall Munroe’s XKCD ‘Tariffs’
• 17:32 : Modernizing Federal Security with Prisma Access
• 17:32 : Huntress Documents In-The-Wild Exploitation of Critical Gladinet Vulnerabilities
• 17:32 : New Virus Spreading Through YouTube Puts Windows Users at Risk
• 17:6 : 2025-04-13: Twelve days of scans and probes and web traffic hitting my web server
• 17:6 : SSL/TLS Certificates Validity To Be Reduced From 398 Days to 47 Days
• 17:5 : New Stealthy ResolverRAT With Advanced in-memory Execution Techniques
• 17:5 : Trend Micro Flags Incomplete Nvidia Patch That Leaves AI Containers Exposed
• 17:5 : BSidesLV24 – Breaking Ground – The Dark Side of The Moon
• 17:5 : IT Security News Hourly Summary 2025-04-14 18h : 7 posts
• 16:34 : How Newport School District Strengthens Google Cybersecurity and Stops Threats Fast
• 16:34 : Explore how to secure AI by attending our Learn Live Series
• 16:34 : ResolverRAT Campaign Targets Healthcare, Pharma via Phishing and DLL Side-Loading
• 16:34 : Nomination Deadline Extended: Technical Advisory Committees
• 16:5 : DaVita hit by ransomware attack
• 16:4 : 2025-04-04: KongTuke activity
• 16:4 : US regulator OCC Claims Email Hack Exposed Sensitive Bank Details
• 16:4 : Cybercriminals Target QuickBooks Users with Phishing Attacks via Google Ads Ahead of Tax Deadline
• 16:4 : FBI Operated ElonmuskWHM: Undercover Money Laundering Site That Handled $90M in Crypto
• 15:32 : How to create custom sudo configuration files in /etc/sudoers
• 15:32 : How to conduct ransomware awareness training for employees
• 15:31 : How to configure and manage sudo commands
• 15:4 : Windows warning: Don’t delete that weird ‘inetpub’ folder. Already did? Here’s your fix
• 15:4 : AI-Powered Phishing Detection – Does It Actually Work?
• 15:4 : Chinese Hackers Attacking Critical Infrastructure to Sabotage Networks
• 15:3 : Trusted & Resilient Saas Data Is Essential for Successful Agentic AI Within Government Agencies
• 15:3 : GRC for Building Customer Trust: A Strategic Imperative for Long-Term Success
• 15:3 : ⚡ Weekly Recap: Windows 0-Day, VPN Exploits, Weaponized AI, Hijacked Antivirus and More
• 15:2 : Phishing Campaigns Use Real-Time Checks to Validate Victim Emails Before Credential Theft
• 15:2 : Major WordPress Plugin Flaw Exploited in Under 4 Hours
• 14:38 : Morocco Investigation Major Data Breach Allegedly Claimed by Algerian Hackers
• 14:38 : EU’s GDPR Article 7 Poses New Challenges for Businesses To Secure AI-Generated Image Data
• 14:38 : BPFDoor Malware Uses Reverse Shell to Expand Control Over Compromised Networks
• 14:38 : No, it’s not OK to delete that new inetpub folder
• 14:38 : Infinity Global Services’ Cyber Park Launches “Beacon in the Dark” – A New Cyber Security Escape Room Adventure
• 14:37 : Collateral Damage: The Hidden Cost of Cyber Risks
• 14:37 : Silicon Valley crosswalk buttons hacked to imitate Musk, Zuckerberg’s voices
• 14:37 : Malicious NPM packages target PayPal users
• 14:37 : Vulnerability Summary for the Week of April 7, 2025
• 14:36 : ⚡ Weekly Recap: Windows 0-Day, VPN Exploits, Weaponized AI, Hijacked Antivirus and More
• 14:5 : IT Security News Hourly Summary 2025-04-14 15h : 5 posts
• 14:3 : CISOs Turn to Cyber Risk Quantification to Bridge the Gap Between Security and Business
• 14:2 : Zero Trust 2025 – Emerging Trends Every Security Leader Needs to Know
• 14:2 : 69% of Critical & High Severity Vulnerabilities Not Patched by Organizations
• 14:2 : Threat Actor Allegedly Selling Fortinet Firewall Zero-Day Exploit
• 14:2 : ⚡ Weekly Recap: Windows 0-Day, VPN Exploits, Weaponized AI, Hijacked Antivirus and More
• 14:2 : Prodaft Offers “No Judgment” Deal to Buy Dark Web Accounts from Cybercrime Forum Users
• 13:35 : Ireland Data Regulator Opens X Probe Over Grok AI Training
• 13:35 : US Regulator Rejects Appeal Over Amazon Nuclear Deal
• 13:35 : Amazon Chief Jassy Defends AI Spending
• 13:35 : EV Maker Lucid Buys Plant From Bankrupt Nikola
• 13:34 : Smishing Campaign Hits Toll Road Users with $5 Payment Scam
• 13:34 : OpenAI used to test its AI models for months – now it’s days. Why that matters
• 13:34 : ⚡ Weekly Recap: Windows 0-Day, VPN Exploits, Weaponized AI, Hijacked Antivirus and More
• 13:6 : Training Skillset Transfer
• 13:6 : IBM Aspera Faspex Flaw Allows Injection of Malicious JavaScript in Web UI
• 13:5 : How to Use LastPass Password Manager
• 13:5 : AI Hallucinations Create a New Software Supply Chain Threat
• 13:5 : Don’t Be Robotic About Your Robots’ Cybersecurity
• 13:5 : Package hallucination: LLMs may deliver malicious code to careless devs
• 13:5 : ⚡ Weekly Recap: Windows 0-Day, VPN Exploits, Weaponized AI, Hijacked Antivirus and More
• 13:5 : New Malware ResolverRAT Targets Healthcare and Pharma Sectors
• 12:36 : The evolution of the AI SOC: From Hype to Hyper
• 12:36 : VMware ESXi 8.0 Update 3e Is Now Free — Here’s What’s New
• 12:36 : Chinese APT Group Targets Ivanti VPN Vulnerabilities to Breach Networks
• 12:36 : What is corporate governance?
• 12:36 : ⚡ Weekly Recap: Windows 0-Day, VPN Exploits, Weaponized AI, Hijacked Antivirus and More
• 12:4 : Windows Server 2025 Restart Bug Breaks Connection with Active Directory Domain Controller
• 11:35 : China Sort of Admits to Being Behind Volt Typhoon
• 11:35 : Reasoning in the Age of Artificial Intelligence
• 11:35 : Digital Certificate Lifespans to Fall to 47 Days by 2029
• 11:35 : US Blocks Foreign Governments from Acquiring Citizen Data
• 11:5 : IT Security News Hourly Summary 2025-04-14 12h : 15 posts
• 11:3 : BPFDoor’s Hidden Controller Used Against Asia, Middle East Targets
• 11:3 : DoJ Launches Critical National Security Program to Protect Americans’ Sensitive Data
• 11:3 : Slow Pisces Group Targets Developers Using Coding Challenges Laced with Python Malware
• 11:3 : MIWIC25: Anastasiia Ostrovska, co-founder & CEO Women’s Leadership and Strategic Initiatives Foundation (WLSIF)
• 11:2 : Medusa Ransomware Claims NASCAR Hack, Demands $4 Million Ransom
• 11:2 : CISOs Face Cyber Threats 2025 with Shrinking Budgets and High Demands
• 11:2 : Industry Moves for the week of April 14, 2025 – SecurityWeek
• 11:2 : Malicious NPM Packages Target Cryptocurrency, PayPal Users
• 11:2 : Cybersecurity in the AI Era: Evolve Faster Than the Threats or Get Left Behind
• 10:34 : FortiGate 0-Day Exploit Allegedly Up for Sale on Dark Web
• 10:34 : Black Basta: The Fallen Ransomware Gang That Lives On
• 10:34 : TraderTraitor: The Kings of the Crypto Heist
• 10:34 : CyberAv3ngers: The Iranian Saboteurs Hacking Water and Gas Systems Worldwide
• 10:34 : Brass Typhoon: The Chinese Hacking Group Lurking in the Shadows
• 10:34 : The Most Dangerous Hackers You’ve Never Heard Of
• 10:34 : Hackers Demand $4 Million After Alleged NASCAR Data Breach.
• 10:9 : Alleged FUD Malware ‘GYware’ Advertised on Hacker Forum for $35/Month
• 9:35 : xorsearch.py: Searching With Regexes, (Mon, Apr 14th)
• 9:35 : Slow Pisces Targets Developers With Coding Challenges and Introduces New Customized Python Malware
• 9:35 : April Patch Tuesday From Microsoft Fixed Over 130 Vulnerabilities
• 9:34 : Tycoon2FA phishing kit rolled out significant updates
• 9:34 : VMware ESXi 8.0 Update 3e Released for Free, What’s New!
• 9:34 : Threat Actors Weaponize Shell Techniques to Maintain Persistence and Exfiltrate Data
• 9:34 : Chinese Hackers Exploit Ivanti VPN Vulnerabilities to Infiltrate Organizations
• 9:34 : Official abuse of state security has always been bad, now it’s horrifying
• 9:34 : AI Hallucinations Create “Slopsquatting” Supply Chain Threat
• 9:6 : Fortinet Issues Fixes After Attackers Bypass Patches to Maintain Access
• 9:5 : Article 7 of GDPR: Preserving Data Integrity in Image Publication
• 9:5 : Energy Under Siege: How the Industry is Fighting Against Cyber Attacks
• 9:5 : Adaptive MFA: The Future of Dynamic Identity Security in 2025
• 9:5 : Anthropic Launches Claude: AI Chatbot for Higher Education
• 9:5 : Netflix Tests OpenAI-Powered AI Search Tool for Easier Show Discovery
• 9:4 : PlanetScale Vectors GA: A Game-Changer for MySQL and AI Databases
• 8:32 : Tesla Stops Taking China Orders For US-Made Vehicles
• 8:32 : China Exempts Outsourced Chips From Tariffs
• 8:32 : Cybersecurity Leadership in Crisis? CISO Resignations Spike After Major Breaches
• 8:31 : Hackers Allegedly Leaked 1.59 Million Rows of Indian Insurance User’s Sensitive Data
• 8:31 : CIO and digi VP to depart UK retail giant Asda as Walmart divorce woes settle
• 8:5 : IT Security News Hourly Summary 2025-04-14 09h : 4 posts
• 8:4 : Data Breach at Planned Parenthood Lab Partner Exposes Info of 1.6M
• 8:4 : Malwarebytes named “Best Antivirus Software” and “Best Malware Removal Service”
• 7:35 : Microsoft Pushes Ahead With Launch Of ‘Recall’ AI Snapshots
• 7:35 : Kaspersky Shares 12 Essential Tips for Messaging App Security and Privacy
• 7:35 : A week in security (April 7 – April 13)
• 7:34 : Pakistan-Linked Hackers Expand Targets in India with CurlBack RAT and Spark RAT
• 7:34 : CISA cuts planned, Windows ‘inetpub’ warning, health lab breach
• 7:34 : Fortinet Exploits, Windows INET Folder, and AI Code Risks: Cyber Security Today for April 14
• 7:5 : Can you get emotionally attached to AI tools such as ChatGPT and Grok?
• 7:5 : CISOs Respond to Surge in AI-Powered Attacks with Advanced Defense Strategies
• 7:4 : Google Chrome 136 Getting Update with 20-Year-Old Visited Links Privacy Bug Fix
• 7:4 : The CISO’s Guide to Managing Ransomware Threats in 2025
• 6:34 : South African telecom provider Cell C disclosed a data breach following a cyberattack
• 6:2 : Old Fortinet flaws under attack with new method its patch didn’t prevent
• 5:34 : Tirreno: Open-source fraud prevention platform
• 5:34 : The quiet data breach hiding in AI workflows
• 5:5 : Cyber Attack Targets Military Aid Relief Aircraft in Historic GPS Spoofing Incident
• 5:5 : IT Security News Hourly Summary 2025-04-14 06h : 3 posts
• 5:4 : The Hidden Cybersecurity threats in Old Hard Drives and Smartphones
• 5:4 : Sector by sector: How data breaches are wrecking bottom lines
• 4:2 : Hackers Allegedly Selling FortiGate Firewall 0-Day Exploit on Dark Web Forum
• 4:2 : China reportedly admitted directing cyberattacks on US infrastructure
• 4:2 : Organizations can’t afford to be non-compliant
• 2:2 : ISC Stormcast For Monday, April 14th, 2025 https://isc.sans.edu/podcastdetail/9406, (Mon, Apr 14th)
• 2:2 : Hacktivism resurges – but don’t be fooled, it’s often state-backed goons in masks
• 23:32 : Free to Innovate with Secure Machine Identity Management
• 23:31 : Gaining Ground with Advanced NHIs Analysis
• 23:5 : IT Security News Hourly Summary 2025-04-14 00h : 2 posts
• 22:58 : IT Security News Weekly Summary 15
• 22:55 : IT Security News Daily Summary 2025-04-13