IT Security News Weekly Summary February

210 posts were published in the last hour

• 22:55 : IT Security News Daily Summary 2025-01-31
• 22:7 : Community Health Center data breach impacted over 1 million patients
• 21:32 : 2025-01-31: Two pcaps of AgentTesla-style data exfil, one using FTP and one using SMTP
• 21:32 : DEF CON 32 – An Adversarial Approach To Airline Revenue Management Proving Ground
• 21:6 : AI-Generated Content: How Cybercriminals Are Using It for Phishing Scams
• 20:32 : Future of Cybersecurity: Will XDR Absorb SIEM & SOAR?
• 20:5 : IT Security News Hourly Summary 2025-01-31 21h : 6 posts
• 20:2 : Deepseek’s AI model proves easy to jailbreak – and worse
• 20:2 : Untrustworthy AI: How to deal with data poisoning
• 20:2 : This month in security with Tony Anscombe – January 2025 edition
• 19:32 : Operation Talent: Two Arrested as Authorities Dismantle Cracked and Nulled
• 19:32 : Copyright is a Civil Liberties Nightmare
• 19:31 : Julianna Lamb on Choosing Authentication Platforms Over DIY
• 19:2 : FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang
• 19:2 : DeepSeek’s Safety Guardrails Failed Every Test Researchers Threw at Its AI Chatbot
• 19:2 : Creating realistic, secure test data for Databricks
• 19:2 : Eric Brüggemann on Code Intelligence Launching Spark
• 18:32 : HeartSender Cybercrime Network Dismantled in Joint US-Dutch Operation
• 18:32 : What is a certificate revocation list (CRL) and how is it used?
• 18:32 : A brief history of mass hacks
• 18:2 : Google Has Blocked 2.28 Million Malicious Apps Entering Into Play Store
• 17:32 : Cable Damage Ship Claims Anchor Drag Was Due To Rough Waves
• 17:32 : In Other News: Browser Syncjacking, Fake AWS Hack, Google Blocked 2M Bad Apps
• 17:31 : Ransomware Scum — Out For Blood: NYBCe is Latest Victim
• 17:7 : New Threat Hunting Technique to Uncover Malicious Infrastructure Using SSL History
• 17:7 : Cybercrime gets a few punches on the nose
• 17:5 : IT Security News Hourly Summary 2025-01-31 18h : 10 posts
• 16:32 : FUNNULL Unmasked: AWS, Azure Abused for Global Cybercrime Operations
• 16:32 : Cybercriminals Exploit GitHub Infrastructure to Distribute Lumma Stealer
• 16:32 : Google Blocks 2.28 Million Malicious Apps from Play Store in Security Crackdown
• 16:32 : Researchers Launch Open-Source UEFI Memory Forensics Framework to Counter Advanced Bootkits
• 16:32 : New ‘SHIELD’ Platform Leverages FPGA and Off-Host Monitoring to Tackle Advanced Ransomware Threats
• 16:32 : A brief history of mass-hacks
• 16:32 : Third-party Delegation: Striking the Balance Between Risk, Trust, and Control
• 16:5 : Google says its Gemini Chatbot is being exploited by state funded hackers
• 16:5 : Apple iPhone Sales Dip Over Christmas Period, Despite AI
• 16:5 : Windows COM Object Vulnerability Enables Remote Code Execution for System Takeover
• 16:5 : DeepSeek’s Evolving Tactics Amplify the Fraud and Phishing Threat
• 16:4 : GitHub Copilot Vulnerability Exploited to Train Malicious AI Models
• 16:4 : SSL Intelligence – New Threat Hunting Technique to Uncover Malicious Infrastructure Using SSL History
• 16:4 : BitLocker Vulnerability Exposes Encryption Flaws: A New Challenge for Cybersecurity
• 15:32 : Coyote Banking Malware: Abusing Windows LNK Files to Deploy Malicious Scripts
• 15:32 : Risk & Repeat: DeepSeek security issues emerge
• 15:32 : What is cryptology?
• 15:32 : WhatsApp says it disrupted a hacking campaign targeting journalists with Paragon spyware
• 15:32 : Tata Technologies says ransomware attack hit IT assets, investigation ongoing
• 15:31 : Fenix24 Acquires vArmour to Boost Cyber Resiliency Services
• 15:5 : TAG-124 Hacked 1000+ WordPress Sites To Embed Payloads
• 15:5 : How The Right Application Server Can Protect Healthcare and Public Institutions from Cyber Attacks
• 15:5 : The Big Short on Cybersecurity
• 15:5 : Italy Blocks Access to the Chinese AI Application DeepSeek to Protect Users’ Data
• 15:4 : How Fraud is Eating Away at Food Delivery Profits
• 15:4 : PayPal Fined $2 Million for Data Breach: A Wake-Up Call for Cybersecurity
• 15:4 : CISA and FDA Warn of Critical Backdoor in Contec CMS8000 Patient Monitors
• 14:32 : The Evolution of Data Protection: Moving Beyond Passwords
• 14:32 : Threat Actors Target Public-Facing Apps for Initial Access
• 14:7 : The TechCrunch Cyber Glossary
• 14:7 : Searchlight Cyber Acquires Assetnote to Accelerate Remediation
• 14:5 : IT Security News Hourly Summary 2025-01-31 15h : 6 posts
• 13:32 : WAF Security Test Results – How Does Your Vendor Rate?
• 13:32 : US nonprofit healthcare provider says hacker stole medical and personal data of 1M+ patients
• 13:32 : Hackers Abusing GitHub Infrastructure to Deliver Lumma Stealer
• 13:32 : New York Blood Center Hit By Ransomware Attack – IT Systems Affected
• 13:32 : US, Dutch Authorities Disrupt Pakistani Hacking Shop Network
• 13:32 : Binarly helps organizations prepare for mandatory transition to PQC standards
• 13:3 : DoJ Sues To Halt HPE $14bn Acquisition Of Juniper Networks
• 13:3 : CRLF Injection Vulnerabilities Identified in Popular .NET Libraries RestSharp and Refit
• 13:2 : Italy’s data protection authority Garante blocked the DeepSeek AI platform
• 13:2 : DeepSeek’s Growing Influence Sparks a Surge in Frauds and Phishing Attacks
• 13:2 : GitHub Copilot Jailbreak Vulnerability Let Attackers Train Malicious Models
• 13:2 : To Combat Cyberbullying and Online Fraud, We Must Do More to Protect Minors
• 13:2 : 2 Arrested in Takedown of Nulled, Cracked Hacking Forums
• 13:2 : Tata Technologies Hit by Ransomware Attack
• 12:32 : New York Blood Center Targeted by Ransomware, IT Operations Impacted
• 12:32 : New York Blood Bank Hit by Ransomware
• 12:32 : The push for 47-day certificates: a win for digital security and trust
• 12:32 : JumpCloud Acquires Stack Identity to Extend Access Management Reach
• 12:31 : Patient monitors with backdoor are sending info to China, CISA warns
• 12:5 : How to find out if an AirTag is tracking you – and what to do about it
• 12:5 : CISA, FDA Warn of Dangerous Backdoor in Contec Patient Monitors
• 12:4 : Google Bans 158,000 Malicious Android App Developer Accounts in 2024
• 12:4 : Italy Bans Chinese DeepSeek AI Over Data Privacy and Ethical Concerns
• 12:4 : Top 5 AI-Powered Social Engineering Attacks
• 11:32 : US nonprofit healthcare provider says hackers stole medical and personal data of 1M+ patients
• 11:32 : One policy to rule them all
• 11:32 : Coyote Banking Malware Weaponizing Windows LNK Files To Execute Malicious Scripts
• 11:32 : ChatGPT, DeepSeek Vulnerable to AI Jailbreaks
• 11:11 : Authorities Seized 39 Websites that Selling Hacking Tools to Launch Cyber Attacks
• 11:11 : DeepSeek’s Flagship AI Model Under Fire for Security Vulnerabilities
• 11:5 : IT Security News Hourly Summary 2025-01-31 12h : 10 posts
• 10:34 : Restoring SOC Team Confidence Amid Waves of False Positives
• 10:34 : Cisco’s Webex Chat Vulnerabilities Let Attackers Access Organizations Chat Histories
• 10:34 : Malware Found in Healthcare Patient Monitors Linked to Chinese IP Address
• 10:34 : MSP Case Study: Hubelia Simplified Client Domain Security Management with PowerDMARC
• 10:9 : Yeti Forensic Platform Vulnerability Allows Attackers to Execute Remote Code
• 10:9 : Broadcom fixed information disclosure flaws in VMware Aria Operations
• 10:9 : NorthBay Health Data Breach Impacts 569,000 Individuals
• 10:9 : Pune Retired Banker Falls Victim to Insurance Fraud, Loses Rs 2.22 Crore
• 10:9 : Why Securing Online Accounts is Critical in Today’s Cybersecurity Landscape
• 10:9 : International Operation Dismantles Cracked and Nulled Cybercrime Hubs
• 9:36 : Cisco Webex Chat Vulnerabilities Expose Organization Chat Histories to Attackers
• 9:36 : Authorities Take Down Cracked & Nulled Hacking Forums Used by 10 Million Users
• 9:36 : D-Link Routers Vulnerability Let Attackers Gain Full Router Control Remotely
• 9:36 : Microsoft to Boost M365 Bounty Program With New Products & Rewards Up to $27,000
• 9:22 : Another banner year for ransomware gangs despite takedowns by the cops
• 9:22 : DeepSeek Security Failure: Cyber Security Today, Friday, January 31, 2025
• 8:36 : Is data minimization the new data ethics in subscription management?
• 8:36 : VMware Aria Operations Vulnerabilities Allow Attackers to Perform Admin-Level Actions
• 8:36 : Blood Center cyberattack, DeepSeek data leak, CISA’s future unclear
• 8:15 : Jailbreaking DeepSeek: Researchers Reveal Three New Methods to Override LLM Safety
• 8:15 : Malware Discovered in Healthcare Patient Monitors, Traced to Chinese IP Address
• 8:15 : VMware Aria Operations Vulnerabilities Let Attackers Perform Admin Operations
• 8:15 : Windows Vulnerability in COM Objects Trigger RCE To Control The Systems Remotely
• 8:5 : IT Security News Hourly Summary 2025-01-31 09h : 4 posts
• 7:32 : 5 cybersecurity practices for custom software development
• 7:32 : Broadcom Patches VMware Aria Flaws – Exploits May Lead to Credential Theft
• 7:13 : New Jailbreak Techniques Expose DeepSeek LLM Vulnerabilities, Enabling Malicious Exploits
• 7:13 : CyberArk Identity Bridge manages user access and authentication for Linux environments
• 6:32 : Critical D-Link Router Flaw Allows Attackers to Take Full Remote Control
• 6:20 : Ransomware attack makes Tata Technologies suspend whole of its IT services
• 6:20 : Microsoft Enhances M365 Bounty Program with New Services & Rewards Up to $27,000
• 6:20 : Massive Hacking Forum Network Dismantled by Authorities, Impacting 10M Users
• 6:20 : Regulating AI: Expert Insights on Compliance, Risk, and Security
• 6:20 : Deploying AI at the edge: The security trade-offs and how to manage them
• 5:34 : Tata Technologies Hacked – Ransomware Attack Compromises IT Systems
• 5:34 : Clutch Security Raises $20 Million for Non-Human Identity Protection Platform
• 5:34 : 5 Steps to a Secure and Streamlined SASE Rollout
• 5:34 : How to Train AI Dragons to Solve Network Security Problems
• 5:34 : Platformization is key to reduce cybersecurity complexity
• 5:18 : Tata Technologies Hit by Ransomware Attack, Some IT Services Suspended
• 5:18 : Nine out of ten emails are spam
• 5:5 : IT Security News Hourly Summary 2025-01-31 06h : 2 posts
• 4:11 : To Simulate or Replicate: Crafting Cyber Ranges, (Fri, Jan 31st)
• 4:11 : Infosec products of the month: January 2025
• 3:32 : ChatGPT-4o Jailbreak Vulnerability “Time Bandit” Let Attackers Create Malware
• 3:32 : Tor Project X Account Hacked to Promote Cryptocurrency Scheme
• 2:23 : ISC Stormcast For Friday, January 31st, 2025 https://isc.sans.edu/podcastdetail/9304, (Fri, Jan 31st)
• 2:5 : IT Security News Hourly Summary 2025-01-31 03h : 4 posts
• 1:36 : Google to Iran: Yes, we see you using Gemini for phishing and scripting. We’re onto you
• 1:36 : DeepSeek’s Rise Shows AI Security Remains a Moving Target
• 1:36 : Trump Administration Faces Security Balancing Act in Borderless Cyber Landscape
• 1:15 : Researchers combine holograms and AI to create uncrackable optical encryption system
• 0:13 : DeepSeek AI Leaks Over a Million Chat Logs and Sensitive Data Online
• 0:13 : DeepSeek database exposed highly sensitive information
• 23:17 : Understanding the Two Schools of Unit Testing
• 23:17 : Preparing for PCI DSS 4.0: How Sonatype SBOM Manager can streamline and accelerate your transition
• 23:17 : 2025 predictions: Security industry
• 23:5 : IT Security News Hourly Summary 2025-01-31 00h : 5 posts
• 22:55 : IT Security News Daily Summary 2025-01-30
• 22:20 : Recent Jailbreaks Demonstrate Emerging Threat to DeepSeek
• 22:20 : VMware plugs steal-my-credentials holes in Cloud Foundation
• 22:20 : Data resilience and data portability
• 22:20 : Executive Order to the State Department Sideswipes Freedom Tools, Threatens Censorship Resistance, Privacy, and Anonymity of Millions
• 21:34 : AngelSense exposed location data and personal information of tracked users
• 21:34 : The Internet Never Forgets: Fighting the Memory Hole
• 20:36 : Justice Department Sues to Block $14 Billion Juniper Buyout by Hewlett Packard Enterprise
• 20:36 : Hiya AI Phone App Protects Against Deepfakes, Other Scams
• 20:18 : How to Tell If Someone Hacked Your Router: 10 Signs + Tips
• 20:18 : What is blockchain? Definition, examples and how it works
• 20:18 : Tria Stealer Trojan Exploits Android Phones To Exfiltrate SMS Messages
• 20:17 : Phorpiex Botnet Distributes LockBit Ransomware Through Compromised Websites
• 20:5 : IT Security News Hourly Summary 2025-01-30 21h : 9 posts
• 19:34 : DeepSeek Locked Down Public Database Access That Exposed Chat History
• 19:34 : VMware Patches High-Risk Flaws in Oft-Targeted Aria Operations Products
• 19:16 : Defeating Future Threats Starts Today
• 19:16 : Fake Apps: What They Are and How to Spot Them
• 19:16 : US Justice Department says cybercrime forum allegedly affected 17 million Americans
• 19:16 : Top 3 Most Popular Malware TTPs of the Past Year
• 19:15 : Arcus Media Ransomware Delete Backup, Clear Logs, Disable Remote After Lock The Files
• 19:15 : Conifers.ai Scores $25M Investment for Agentic AI SOC Technology
• 19:15 : Randall Munroe’s XKCD ‘Humidifier Review’
• 18:35 : Mistral Small 3 brings open-source AI to the masses — smaller, faster and cheaper
• 18:35 : Brian Greene: Until the end of time | Starmus highlights
• 18:34 : Rockwell Automation FactoryTalk AssetCentre
• 18:34 : CISA Releases Fact Sheet Detailing Embedded Backdoor Function of Contec CMS8000 Firmware
• 18:34 : CISA Releases Eight Industrial Control Systems Advisories
• 18:34 : Hitachi Energy UNEM
• 18:34 : New Rock Technologies Cloud Connected Devices
• 18:34 : Trump admin’s purge of US cyber advisory boards was ‘foolish,’ says ex-Navy admiral
• 18:34 : Cybersecurity GRC (Governance, Risk, Compliance) | Kovrr
• 18:34 : RAG evaluation series: validating the RAG performance of Amazon Titan vs Cohere using Amazon Bedrock
• 18:34 : What is data privacy in healthcare? everything you need to know
• 18:34 : Amazon Redshift enhances security by changing default behavior in 2025
• 18:14 : New Android Malware Exploiting Wedding Invitations to Steal Victims WhatsApp Messages
• 18:14 : Hackers Exploiting DNS Poisoning to Compromise Active Directory Environments
• 18:14 : 2025-01-28: Malware infection from web inject activity
• 18:13 : 2025-01-30: XLoader infection
• 18:13 : Mistral Small 3 brings open source AI to the masses—smaller, faster, and cheaper
• 18:13 : CybaVerse AI launched to redefine how MSPs deliver security
• 18:13 : KnowBe4 Urges Organisations to Adopt Secure Password Practices on Change Your Password Day 2025
• 18:13 : How Spread Betting Platforms Safeguard Traders Against Cyber Risks
• 18:13 : Taming Shadow AI: Valence Security, Endor Labs Unveil New Protections to Counter Hidden AI Threats
• 17:37 : PCAPs or It Didn’t Happen: Exposing an Old Netgear Vulnerability Still Active in 2025 [Guest Diary], (Thu, Jan 30th)
• 17:37 : Doppler Announces Integration with Datadog to Streamline Security and Monitoring
• 17:36 : Cybercriminals Exploit Public-Facing IIS, Apache, and SQL Servers to Breach Gov & Telecom Systems
• 17:36 : Hackers Impersonate Top Tax Firm with 40,000 Phishing Messages to Steal Credentials
• 17:36 : Arcus Media Ransomware Strikes: Files Locked, Backups Erased, and Remote Access Disabled
• 17:36 : 500 Million Proton VPN & Pass Users at Risk Due to Memory Protection Vulnerability
• 17:36 : Infrastructure Laundering: Blending in with the Cloud
• 17:36 : DORA Compliance for MSPs – How to Help Your Clients
• 17:36 : Backline Emerges From Stealth With $9M in Funding for Vulnerability Remediation Platform
• 17:36 : Google Blocked 2.36 Million Policy-Violating Apps
• 17:9 : Microsoft Enhances Windows 11 Security with Admin Protection to Prevent Crowdstrike-Like Incident
• 17:9 : Cerebras becomes the world’s fastest host for DeepSeek R1, outpacing Nvidia GPUs by 57x
• 17:9 : New Android Malware Exploiting Wedding Invitations to Steal Victims WhatsApp Messages
• 17:9 : Cyber Insights 2025: Cyberinsurance – The Debate Continues
• 17:9 : Three Ways To Prevent Insider Threat Driven Data Leaks
• 17:9 : Cybercrime forums Cracked and Nulled seized, operators arrested
• 17:9 : Google: Over 57 Nation-State Threat Groups Using AI for Cyber Operations
• 17:5 : IT Security News Hourly Summary 2025-01-30 18h : 15 posts