IT Security News Weekly Summary March

210 posts were published in the last hour

• 22:55 : IT Security News Daily Summary 2025-02-28
• 22:32 : DEF CON 32 – Inside Dash Cam Custom Protocols And Discovered 0days
• 22:5 : What is a watering hole attack?
• 22:4 : Friday Squid Blogging: Eating Bioluminescent Squid
• 22:4 : DMARC Adoption among Europe’s Higher Education Sector
• 22:4 : Week in Review: Apple encryption, gamification for security, DISA breach
• 21:32 : Empowering Women in Cybersecurity: How Education and Training Are Key
• 21:2 : Microsoft Disrupts Storm-2139 for LLMjacking and Azure AI Exploitation
• 20:32 : Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab
• 20:32 : Amnesty Reveals Cellebrite Zero-Day Android Exploit on Serbian Student Activist
• 20:7 : Researchers uncover unknown Android flaws used to hack into a student’s phone
• 20:5 : IT Security News Hourly Summary 2025-02-28 21h : 2 posts
• 19:31 : $1.5B Bybit Hack is Linked to North Korea, FBI Says, in Potentially the Largest Crypto Heist Ever
• 19:31 : Ransomware criminals love CISA’s KEV list – and that’s a bug, not a feature
• 18:32 : Over 350 High-Profile Websites Hit by 360XSS Attack
• 18:31 : Microsoft to shut down Skype, Here is the Deadline
• 18:31 : Cisco Infuses Security into Networking with New Nexus Smart Switch and Hypershield Integration
• 18:4 : Cyber Security Today February 2025 Month In Review
• 17:32 : Microsoft To Retire Skype On 5 May
• 17:32 : What is multifactor authentication?
• 17:32 : Millions of stalkerware users exposed again
• 17:32 : Amnesty Finds Cellebrite’s Zero-Day Used to Unlock Serbian Activist’s Android Phone
• 17:5 : IT Security News Hourly Summary 2025-02-28 18h : 10 posts
• 17:2 : How to Avoid Costly Technical Debt and Get Your Software Project Back on Track
• 17:2 : Senator Susan Collins’ Betrayal of Maine Demands Accountability
• 17:2 : Apple Lets Stalkers Find YOU — ‘nRootTag’ Team Breaks AirTag Crypto
• 16:32 : Openreach To Start Telephone Exchange Closure Process
• 16:32 : Hacktivist Groups Emerge With Powerful Tools for Large-Scale Cyber Operations
• 16:32 : Chinese Hackers Breach Belgium State Security Service as Investigation Continues
• 16:32 : Microsoft targets AI deepfake cybercrime network in lawsuit
• 16:31 : The biggest data breaches of 2025 — so far
• 16:9 : Belgian Intelligence Agency emails leaked by Barracuda Vulnerability
• 16:9 : Enhanced capabilities sustain the rapid growth of Vo1d botnet
• 15:32 : Chinese Hackers Exploiting Check Point’s VPN Zero-Day Flaw to Attack Orgs Worldwide
• 15:32 : Bybit Crypto Exchange Hacked for $1.5 Billion in Largest Crypto Heist
• 15:32 : Building Robust AI Systems with Verified Data Inputs
• 15:32 : Role of Continuous Threat Exposure Management in Business Security
• 15:31 : OT/ICS cyber threats escalate as geopolitical conflicts intensify
• 15:9 : Lightning-Fast Requests with Early Data
• 15:9 : The best VPN services for torrenting in 2025: Expert tested and reviewed
• 15:9 : What is FCAPS (fault, configuration, accounting, performance and security)?
• 15:9 : Gabbard Decries Britain’s Reported Demand for Apple to Provide Backdoor Access to Users’ Cloud Data
• 15:9 : MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364)
• 15:9 : 5,000 Phishing PDFs on 260 Domains Distribute Lumma Stealer via Fake CAPTCHAs
• 15:9 : RDP: a Double-Edged Sword for IT Teams – Essential Yet Exploitable
• 14:31 : Top Tech Conferences & Events to Add to Your Calendar in 2025
• 14:31 : Next-Gen Phishing Techniques – How Back-End Tech Made Scams More Effective
• 14:31 : Third-Party Attacks Drive Major Financial Losses in 2024
• 14:5 : IT Security News Hourly Summary 2025-02-28 15h : 4 posts
• 14:4 : Belgium investigating alleged cyberattack on intelligence agency by China-linked hackers
• 14:4 : Nakivo Backup & Replication Tool Vulnerability Allows Attackers to Read Arbitrary Files – PoC Released
• 13:31 : Migrating from Hub and Spoke Network to Azure Virtual WAN
• 13:31 : In Other News: Krispy Kreme Breach Cost, Pwn2Own Berlin, Disney Hack Story
• 13:2 : Google Starts Layoffs In Cloud, HR Units
• 13:2 : DeepSeek Unveiled — Exposing the GenAI Risks Hiding in Plain Sight
• 13:2 : PingAM Java Agent Vulnerability Let Attackers Gain Unauthorized Access
• 13:2 : New Pass-the-Cookie Attack Bypass Microsoft 365 & YouTube MFA Logins
• 13:2 : Njrat Attacking Users Abusing Microsoft Dev Tunnels for C2 Communications
• 13:2 : Poco RAT Malware Exploits PDF Files to Infiltrate Systems and Steal Data
• 13:2 : OSPS Baseline: Practical security best practices for open source software projects
• 12:31 : Cisco fixed command injection and DoS flaws in Nexus switches
• 12:6 : Ransomware Group Takes Credit for Lee Enterprises Attack
• 12:6 : Microsoft Exposes LLMjacking Cybercriminals Behind Azure AI Abuse Scheme
• 12:6 : Cybersecurity M&A Roundup: SolarWinds Acquired for $4.4bn
• 11:32 : JavaGhost’s Persistent Phishing Attacks From the Cloud
• 11:32 : Man Jailed 24 Years for Running Dark Web CSAM Sites from Coffee Shop
• 11:32 : New Pass-the-Cookie Attacks Bypass MFA, Giving Hackers Full Account Access
• 11:32 : Telegram as #1 Messenger Used by Cybercriminals for Communications
• 11:32 : Vo1d Botnet Evolves as It Ensnares 1.6 Million Android TV Boxes
• 11:32 : Spotlight on Regulatory Compliance: The Challenges Your IT and Security Teams May Face
• 11:6 : Microsoft Names Suspects in Lawsuit Against AI Hackers
• 11:6 : Old Vulnerabilities Among the Most Widely Exploited
• 11:5 : IT Security News Hourly Summary 2025-02-28 12h : 4 posts
• 10:32 : How to Protect Your Digital Identity While Gaming Online
• 10:31 : Lynx Ransomware Attacking Organizations to Exfiltrate Sensitive Data
• 10:31 : Sticky Werewolf Uses Undocumented Implant to Deploy Lumma Stealer in Russia and Belarus
• 10:31 : 12,000+ API Keys and Passwords Found in Public Datasets Used for LLM Training
• 10:4 : New GitHub Scam With Thousand of “mods” & “cracks” Steal Your Data
• 10:4 : 1.6 Million Android TVs Worldwide Hacked by Vo1d Botnet
• 9:32 : Chinese Hackers Exploit Check Point VPN Zero-Day to Target Organizations Globally
• 9:32 : Prolific Data Extortion Actor Arrested in Thailand
• 9:4 : PingAM Java Agent Vulnerability Allows Attackers to Bypass Security
• 8:32 : China-linked threat actors stole 10% of Belgian State Security Service (VSSE)’s staff emails
• 8:32 : 18 Best Web Filtering Solutions – 2025
• 8:32 : Wallbleed Exposes Memory Vulnerability in China’s Great Firewall DNS System
• 8:32 : 260 Domains Hosting 5,000 Weaponized PDF Files Attacking Users to Steal Credit Card Data
• 8:31 : Massive Banking Data Leaks Under Scrutiny as Cyber Fraud Cases Surge
• 8:31 : Cyber espionage increase, Nakasone cyber warning, PolarEdge exploits Cisco
• 8:6 : New GitHub Scam Uses Fake “Mods” and “Cracks” to Steal User Data
• 7:2 : IRS contractor leaked the tax returns of over 400k Americans and businesses
• 7:2 : 5 Best Practices for Bolstering Physical Access Security in Data Centers in 2025
• 6:32 : Cyber Attack news headlines trending on Google
• 6:32 : 260 Domains Hosting 5,000 Malicious PDFs to Steal Credit Card Data
• 6:32 : The SOC files: Chasing the web shell
• 6:32 : Massive Cyberattack Exploits Legacy Windows Driver to Evade Detection
• 6:31 : Understanding the AI Act and its compliance challenges
• 6:4 : The First International AI Safety Report: A Call to Action
• 6:4 : Windows CE and ICS Security: A Ticking Time Bomb?
• 5:32 : DeepSeek Data Leak Exposes 12,000 Hardcoded API Keys and Passwords
• 5:32 : Winos4.0 Malware Targets Windows Users Through Malicious PDF Files
• 5:31 : The art of balancing data security with business goals
• 5:5 : IT Security News Hourly Summary 2025-02-28 06h : 4 posts
• 5:4 : Infosec products of the month: February 2025
• 4:32 : Microsoft names alleged credential-snatching ‘Azure Abuse Enterprise’ operators
• 4:31 : Beyond SMS: HYPR’s Perspective on Gmail’s Shift to QR Code Authentication
• 4:31 : University of Notre Dame Hit by Cyberattack— Hackers Say They Stole Everything
• 4:4 : DeepSeek Data Leak – 12,000 Hardcoded Live API keys and Passwords Exposed
• 4:4 : Feds: Army soldier suspected of AT&T heist Googled ‘can hacking be treason,’ ‘defecting to Russia’
• 3:3 : PayPal’s “no-code checkout” abused by scammers
• 2:32 : How Scalping Bots Exploited a Vulnerable API to Disrupt Online Retail Sales
• 2:5 : IT Security News Hourly Summary 2025-02-28 03h : 2 posts
• 2:2 : ISC Stormcast For Friday, February 28th, 2025 https://isc.sans.edu/podcastdetail/9344, (Fri, Feb 28th)
• 1:31 : Spyzie – 518,643 breached accounts
• 1:4 : Morpheus: Building Dynamic, Context-Specific Response Playbooks with AI
• 0:2 : Do Powerful Tools Enhance Your Data Security?
• 0:2 : Is Your NHI Lifecycle Management Capable?
• 0:2 : Optimistic About Future Cybersecurity Trends?
• 23:31 : GHOSTR Hacker Linked to 90+ Data Breaches Arrested
• 23:5 : IT Security News Hourly Summary 2025-02-28 00h : 5 posts
• 23:2 : Psychological Safety as a Competitive Edge
• 23:2 : Feds: Army soldier accused of AT&T heist Googled ‘can hacking be treason,’ ‘defecting to Russia’
• 22:55 : IT Security News Daily Summary 2025-02-27
• 22:6 : eCommerce Customer Service Tips For Online Support: The Basics
• 22:6 : FBI officially fingers North Korea for $1.5B Bybit crypto-burglary
• 21:31 : Lina’s Write-up
• 21:31 : Ninth Circuit Correctly Rules That Dating App Isn’t Liable for Matching Users
• 21:31 : CMMC is Here: Simplifying Compliance with Enclaves
• 21:5 : STRIDE: A Guide to Threat Modeling and Secure Implementation
• 21:5 : Are Your VM Scans Testing the Entirety of the Network?
• 21:5 : FBI: Lazarus Group behind $1.5 billion Bybit heist
• 21:4 : Record-Breaking Data Theft: 3.9 Billion Passwords Compromised by Infostealer Malware
• 20:32 : Ransomware Attacks Reach Record-Breaking Levels In 2024 – BlackFog
• 20:32 : How to Use Slack for Business: Workplace Communication
• 20:32 : Spyzie stalkerware is spying on thousands of Android and iPhone users
• 20:5 : IT Security News Hourly Summary 2025-02-27 21h : 5 posts
• 20:4 : New Backdoor Auto-color Linux Targets Systems in US and Asia
• 19:31 : 26 New Threat Groups Spotted in 2024: CrowdStrike
• 19:7 : Sellers can get scammed too, and Joe goes off on a rant about imposter syndrome
• 19:7 : How data centers can help balance the electrical grid
• 19:7 : FBI: North Korea-linked TraderTraitor is responsible for $1.5 Billion Bybit hack
• 18:32 : Strengthening Our Emissions Accounting Process Blog
• 18:32 : Lotus Blossom Hacker Group Uses Dropbox, Twitter, and Zimbra for C2 Communications
• 18:32 : “Emergent Misalignment” in LLMs
• 18:32 : Top 10 Best Dynamic Malware Analysis Tools in 2025
• 18:32 : Comic Agilé – Luxshan Ratnaravi, Mikkel Noe-Nygaard – #327 – Including QA Tasks At Sprint Planning
• 18:7 : Meta Fixes Fault After Violent Videos Hits Instagram Reels
• 18:7 : New Malware Uses Legitimate Antivirus Driver to Bypass All System Protections
• 18:7 : DragonForce Attacks Critical Infrastructure to Exfiltrate Data and Halt Operations
• 18:7 : Threat Actors Attack Job Seekers of Fortune 500 Companies to Steal Personal Details
• 18:7 : Unpatched Vulnerabilities Attract Cybercriminals as EDR Visibility Remains Limited
• 18:7 : Squidoor: Multi-Vector Malware Exploiting Outlook API, DNS & ICMP Tunneling for C2
• 18:7 : Schneider Electric Communication Modules for Modicon M580 and Quantum Controllers
• 18:6 : Dario Health USB-C Blood Glucose Monitoring System Starter Kit Android Application
• 17:32 : Amazon Joins Quantum Race With New ‘Ocelot’ Chip
• 17:32 : Hackers Impersonate Taiwan’s Tax Authority to Deploy Winos 4.0 Malware
• 17:32 : NordLayer set to release a new security-focused browser for the enterprise
• 17:32 : Archipelo comes out of stealth with $12M funding to secure human and AI-driven code
• 17:32 : Hacker Behind Over 90 Data Leaks Arrested in Thailand
• 17:5 : IT Security News Hourly Summary 2025-02-27 18h : 12 posts
• 17:4 : From Accidental Hacker to Cybersecurity Champion: The Story of Dr. Katie Paxton-Fear, Bug Bounty Hunter with HackerOne
• 17:4 : Survey: Nearly Half of Data Breaches Involved Third-Party Remote Access
• 17:4 : DragonForce Ransomware Hits Saudi Firm, 6TB Data Stolen
• 16:32 : How Kyocera’s CISO tackles the threat of cyber risk during AI adoption
• 16:32 : Nvidia FY25 Profit Rises 130 Percent, Amid AI Boom
• 16:32 : Microsoft battles more bugs in Windows 11 24H2 with new round of patches
• 16:32 : UK Demanded Apple Add a Backdoor to iCloud
• 16:32 : Outlook Drag-and-Drop Broken in Windows Updates – Microsoft Releaed Fix
• 16:32 : Hackers Exploited XSS Vulnerability in Popular Framework to Hijack 350+ Websites
• 16:32 : Google’s SafetyCore App Secretly Scans All Your Photos on Android Phones
• 16:32 : Black Basta’s Slowdown Coincides with BlackLock’s Growth
• 16:32 : Silver Fox APT Uses Winos 4.0 Malware in Cyber Attacks Against Taiwanese Organizations
• 16:3 : Wordfence Intelligence Weekly WordPress Vulnerability Report (February 17, 2025 to February 23, 2025)
• 16:3 : SIGNAL denies access to user data in Sweden, reverse of what Apple has done
• 16:3 : Fortifying the Nation’s Cybersecurity Posture in a New Administration
• 16:3 : Criminal group UAC-0173 targets the Notary Office of Ukraine
• 16:3 : Stopping CovertCatch – Securing Against Weaponized Job Offers
• 16:2 : A Comprehensive Look at OSINT
• 16:2 : For Unbiased Evaluation, Take on Real-World Security Testing
• 16:2 : Winos 4.0 Malware Targets Taiwan With Email Impersonation
• 15:32 : WordPress Admins Warned of Fake Plugins Injecting Malicious Links into Websites
• 15:32 : New Anubis Ransomware Targets Windows, Linux, NAS, and ESXi x64/x32 Environments
• 15:32 : VS Code Extension with 9 Million Installs Attacks Developers with Malicious Code
• 15:32 : Beware of Fake Cybersecurity Audits: Cybercriminals Use Scams to Breach Corporate Systems
• 15:32 : FBI says North Korea ‘responsible’ for $1.4 billion Bybit heist
• 15:32 : Countries and companies are fighting at the expense of our data privacy
• 15:32 : Agentic AI and software development: Here’s how to get ahead of rising risk
• 15:3 : Microsoft Defender Leverages Machine Learning to Block Malicious Command Executions
• 15:3 : RustDoor and Koi Stealer Malware Attack macOS to Steal Login Credentials
• 15:3 : LARVA-208 Hackers Compromise 618 Organizations Stealing Logins and Deploying Ransomware
• 15:3 : TechCrunch Disrupt 2025: Just 2 days left to save up to $1,130
• 15:3 : Winos 4.0 Spreads via Impersonation of Official Email to Target Users in Taiwan
• 15:3 : OpenSSF Released Security Baseline for Linux Projects
• 15:2 : Yodobashi Camera Users Under Attack from a New Wave of Phishing Attack
• 15:2 : Watch Now: Ransomware Resilience & Recovery Summit – All Sessions Available on Demand
• 15:2 : European Healthcare Entities Targeted With NailaoLocker Ransomware
• 15:2 : Hidden Bluetooth Security Threats and How to Protect Your Devices
• 14:31 : You can delete personal info directly from Google Search now – and it’s shockingly fast
• 14:31 : Fortinet Partners with Discovery Education and Verizon on Digital Citizenship Initiative
• 14:5 : IT Security News Hourly Summary 2025-02-27 15h : 11 posts
• 14:2 : Angry Likho APT Resurfaces with Lumma Stealer Attacks Against Russia
• 14:2 : The Hidden Cost of Compliance: When Regulations Weaken Security
• 14:2 : New TgToxic Banking Trojan Variant Evolves with Anti-Analysis Upgrades
• 14:2 : 89% of Enterprise GenAI Usage Is Invisible to Organizations Exposing Critical Security Risks, New Report Reveals
• 14:2 : Space Pirates Targets Russian IT Firms With New LuckyStrike Agent Malware
• 14:2 : LibreOffice: Windows vulnerability affects links in documents, patch available
• 13:32 : Google’s SafetyCore App Secretly Scans All Photos on Android Devices
• 13:32 : Networking in DevOps: Your Beginner Guide
• 13:32 : What is quantum in physics and computing?
• 13:32 : Sites of Major Orgs Abused in Spam Campaign Exploiting Virtual Tour Software Flaw
• 13:31 : The 2025 State of Application Risk Report: Understanding Toxic Combinations in Application Security