DoJ Shutters Cybercrime Forums Behind Attacks on 17M Americans

The "Cracked" and "Nulled" Dark Web sites are now offline, along with the Pakistani "Saim Raza" network of underground forums (aka HeartSender).

Tenable to Acquire Vulcan Cyber to Boost Exposure Management Focus

The deal, expected to close this quarter, will give Tenable One Exposure Management much-needed integration with over 100 third-party security tools and platforms.

Code-Scanning Tool's License at Heart of Security Breakup

Nine application security toolmakers band together to fork the popular Semgrep code-scanning project, touching off a controversy over access to features and fairness.

Can AI & the Cyber Trust Mark Rebuild Endpoint Confidence?

The Cyber Trust Mark has the potential to change how we define and measure security at the endpoint level. But potential isn't enough.

Healthcare Sector Charts 2 More Ransomware Attacks

No ransomware groups have yet to claim responsibility for either attack, and both institutions have yet to reveal what may have been stolen.

Automated Pen Testing Is Improving — Slowly

The rate of evolution has been glacial, but tools now understand cloud environments and can target Web applications.

PrintNightmare Aftermath: Windows Print Spooler is Better. What's Next?

While Microsoft has boosted the security of Windows Print Spooler in the three years since the disclosure of the PrintNightmare vulnerability, the service remains a spooky threat that organizations cannot afford to ignore.

Researchers Uncover Lazarus Group Admin Layer for C2 Servers

The threat actor is using a sophisticated network of VPNs and proxies to centrally manage command-and-control servers from Pyongyang.

Unpatched Zyxel CPE Zero-Day Pummeled by Cyberattackers

VulnCheck initially disclosed the critical command-injection vulnerability (CVE-2024-40891) six months ago, but Zyxel has yet to mention its existence or offer users a patch to mitigate threats.

Mirai Variant ‘Aquabot’ Exploits Mitel Device Flaws

Yet another spinoff of the infamous DDoS botnet is exploiting a known vulnerability in active attacks, while its threat actors are promoting it on Telegram for other attackers to use as well, in a DDoS-as-a-service model.

Reporting a Breach or Vuln? Be Sure Your Lawyer's on Call

Globally, security researchers and whistleblowers face increasingly hostile laws and judiciaries that are ready to levy fines and prison sentences.

Actively Exploited Fortinet Zero-Day Gives Attackers Super-Admin Privileges

The firewall specialist has patched the security flaw, which was responsible for a series of attacks reported earlier this month that compromised FortiOS and FortiProxy products exposed to the public Internet.

Spectral Capital Files Quantum Cybersecurity Patent

Change Healthcare Breach Impact Doubles to 190M People

One of the largest data breaches in history was apparently twice as impactful as previously thought, with PII belonging to hundreds of millions of people sitting in the hands of cybercriminals.

USPS Impersonators Tap Trust in PDFs in Smishing Attack Wave

Attackers aim to steal people's personal and payment-card data in the campaign, which dangles the threat of an undelivered package and has the potential to reach organizations in more than 50 countries.

Crisis Simulations: A Top 2025 Concern for CISOs

CISOs are planning to adjust their budgets this year to reflect their growing concerns for cybersecurity preparedness in the event of a cyberattack.

The Case for Proactive, Scalable Data Protection

Whether you're facing growing data demands and increased cyber threats, or simply looking to future-proof your business, it's time to consider the long-term benefits of transitioning to a cloud-first infrastructure.

DoJ Busts Up Another Multinational DPRK IT Worker Scam

A departmentwide initiative has now led to five major law enforcement actions, in an attempt to curb the increasingly common trend of North Korean hackers posing as IT job applicants.

MITRE's Latest ATT&CK Simulations Tackles Cloud Defenses

The MITRE framework's applied exercise provides defenders with critical feedback about how to detect and defend against common, but sophisticated, attacks.

Cisco: Critical Meeting Management Bug Requires Urgent Patch

The bug has been given a 9.9 CVSS score, and could allow authenticated threat actors to escalate their privileges to admin-level if exploited.

3 Use Cases for Third-Party API Security

Third-party API security requires a tailored approach for different scenarios. Learn how to adapt your security strategy to outbound data flows, inbound traffic, and SaaS-to-SaaS interconnections.

84% of Healthcare Organizations Spotted a Cyberattack in the Late Year

Cloudflare CDN Bug Outs User Locations on Signal, Discord

Attackers can use a zero- or one-click flaw to send a malicious image to targets — an image that can deanonymize a user within seconds, posing a threat to journalists, activists, hackers, and others whose locations are sensitive.

CISA: Ivanti Vulns Chained Together in Cyberattack Onslaught

The threat actors are abusing the vulnerabilities to gain initial access, obtain credentials, and install malicious scripts on user devices.

Security Needs to Start Saying 'No' Again

The rush to say 'yes' allows cybersecurity teams to avoid hard conversations with business stakeholders, but also risks losing their ability to effectively protect organizations.

Trump Overturns Biden Rules on AI Development, Security

The new administration moved quickly to remove any constraints on AI development and collected $500 billion in investment pledges for an American-owned AI joint venture.

Chinese Cyberspies Target South Korean VPN in Supply Chain Attack

Advanced persistent threat group PlushDaemon, active since 2019, is using a sophisticated modular backdoor to collect data from infected systems in South Korea.

Trump Pardons 'Silk Road' Dark Web Drug Market Creator

The pardon comes after 11 years in prison for Ross Ulbricht, who was sentenced to life without parole on several charges, including computer hacking, distribution of narcotics, and money laundering.

Email Bombing, 'Vishing' Tactics Abound in Microsoft 365 Attacks

Sophos noted more than 15 attacks have been reported during the past three months.

DONOT Group Deploys Malicious Android Apps in India

The advanced persistent threat (APT) group is likely India-based and targeting individuals with connections to the country's intelligence community.

HPE Investigates After Alleged Data Breach

The company reports that it is not experiencing any operational issues within its business, so far.

Mirai Botnet Spinoffs Unleash Global Wave of DDoS Attacks

Two separate campaigns are targeting flaws in various IoT devices globally, with the goal of compromising them and propagating malware worldwide.

Why CISOs Must Think Clearly Amid Regulatory Chaos

Even as the rule book changes, the profession of the CISO remains unchanged: protecting the organization in a world of constant, continually evolving threats.

Phishing Attacks Are the Most Common Smartphone Security Issue for Consumers

New hands-on testing results show that most devices are unable to catch phishing emails, texts, or calls, leaving users at risk.

US Ban on Automotive Components Could Curb Supply Chain

The US Department of Commerce will prohibit the import of components for connected vehicles from China or Russia, as the US continues to ban technology it sees as potential national security threats.

Has the TikTok Ban Already Backfired on US Cybersecurity?

The Supreme Court has affirmed TikTok's ban in the US, which has its users in revolt and is creating a whole new set of national cybersecurity concerns.

US Sanctions Chinese Hacker & Firm for Treasury, Critical Infrastructure Breaches

The cyber actor played a role in the Treasury breach as well as attacks on critical infrastructure, linked to China-backed advanced persistent threat (APT) group Salt Typhoon.

CISA and US and International Partners Publish Guidance for OT Owners and Operators

SEALSQ in Cooperation With WISeKey Expands Post-Quantum Footprint in Saudi Arabia

FTC Orders GoDaddy to Fix Inadequate Security Practices

The FTC claims that the Web hosting company's security failures led to several major breaches in the past few years.

Biden's Cybersecurity EO Leaves Trump a Comprehensive Blueprint for Defense

New order mandates securing the federal software supply chain and communications networks, as well as deploying AI tools to protect critical infrastructure from cyberattacks — but will the Trump administration follow through?

CISA's AI Playbook Pushes For More Information Sharing

The Joint Cyber Defense Collaborative playbook seeks to establish a "a unified approach" on how to handle AI-related cybersecurity threats.

Trusted Apps Sneak a Bug Into the UEFI Boot Process

Seven system recovery programs contained what amounted to a backdoor for injecting any untrusted file into the system startup process.

Attackers Hijack Google Advertiser Accounts to Spread Malware

It's an especially brazen form of malvertising, researchers say, striking at the heart of Google's business; the tech giant says it's aware of the issue and is working quickly to address the problem.

CISA: Second BeyondTrust Vulnerability Added to KEV Catalog

BeyondTrust has patched all cloud instances of the vulnerability and has released patches for self-hosted versions.

Microsoft Rings in 2025 With Record Security Update

Company has issued patches for an unprecedented 159 CVEs, including eight zero-days, three of which attackers are already exploiting.

Apple Bug Allows Root Protections Bypass Without Physical Access

Emergent macOS vulnerability lets adversaries circumvent Apple's System Integrity Protection (SIP) by loading third-party kernels.

FBI Wraps Up Eradication Effort of Chinese 'PlugX' Malware

Two hacker groups were paid to develop malware targeting victims in the US, Europe, and Asia, as well as various Chinese dissident groups.

Zero-Day Security Bug Likely Fueling Fortinet Firewall Attacks

An ongoing campaign targeting FortiGate devices with management interfaces exposed on the public Internet is leading to unauthorized administrative logins and configuration changes, creating new accounts, and performing SSL VPN authentication.

Cloud Attackers Exploit Max-Critical Aviatrix RCE Flaw

The security vulnerability tracked as CVE-2024-50603, which rates 10 out of 10 on the CVSS scale, enables unauthenticated remote code execution on affected systems, which cyberattackers are using to plant malware.

Cyberattackers Hide Infostealers in YouTube Comments, Google Search Results

Threat actors are targeting people searching for pirated or cracked software with fake downloaders that include infostealing malware such as Lumma and Vidar.

Telefonica Breach Exposes Jira Tickets, Customer Data

The Hellcat ransomware group has stolen roughly 5,000 documents, potentially containing confidential information, from the telecom giant's internal database.

The Shifting Landscape of Open Source Security

By focusing on vigilant security practices, responsible AI deployment, and alignment with global regulatory standards, the OSS community can make 2025 a transformative year for security.

Threat Actors Exploit a Critical Ivanti RCE Bug, Again

New year, same story. Despite Ivanti's commitment to secure-by-design principles, threat actors — possibly the same ones as before — are exploiting its edge devices for the nth time.

China's UNC5337 Exploits a Critical Ivanti RCE Bug, Again

New year, same story. Despite Ivanti's commitment to secure-by-design principles, Chinese threat actors are exploiting its edge devices for the nth time.

Fake CrowdStrike 'Job Interviews' Become Latest Hacker Tactic

Cybercriminals are luring victims into downloading the XMRig cryptomining malware via convincing emails, inviting them to schedule fake interviews using a malicious link.

Russia Carves Out Commercial Surveillance Success Globally

Growing sales of the System for Operative Investigative Activities (SORM), a Russian wiretapping platform, in Central Asia and Latin American suggests increasing risks for Western businesses.

The Path Toward Championing Diversity in Cybersecurity Education

To build a truly inclusive and diverse cybersecurity workforce, we need a comprehensive approach beyond recruitment and retention.

Chinese APT Group Is Ransacking Japan's Secrets

Since 2019, MirrorFace has been stealing information from myriad Japanese organizations to gain leverage over Japan in the event of hostilities between the two countries, experts said.

Banshee 2.0 Malware Steals Apple's Encryption to Hide on Macs

The most recent iteration of the open source infostealer skates by antivirus programs on Macs, using an encryption mechanism stolen from Apple's own antivirus product.

Hacking Group 'Silk Typhoon' Linked to US Treasury Breach

The attack used a stolen remote support SaaS API key to exfiltrate data from workstations in the Treasury Department's Office of Foreign Assets Control.

Green Bay Packers' Online Pro Shop Sacked by Payment Skimmer

Cyberattackers injected the NFL Wild Card team's online Pro Shop with malicious code to steal credit-card data from 8,500 fans.

New Docuseries Spotlights Hackers Who Shaped Cybersecurity

"Where Warlocks Stay Up Late" project speaks to hackers who have played pivotal roles in shaping the field of cybersecurity. The video interviews are complemented by an encyclopedia and an anthropological map.

Ransomware Targeting Infrastructure Hits Telecom Namibia

The southern African telco is the latest entity on the continent to have its critical infrastructure hacked, and attackers release sensitive info online when Telecom Namibia refuses to negotiate.

Sharing of Telegram User Data Surged After CEO Arrest

Until September 2024, the encrypted messaging service acceded to 14 requests for user data from the US; that number jumped to 900 after its CEO was detained by French authorities in August.

Pentagon Adds Chinese Gaming Giant Tencent to Federal Ban

The sprawling social media and gaming platform says that being considered a Chinese military business must be a mistake.

CISA: Third-Party Data Breach Limited to Treasury Dept.

The breach was carried out by exploiting CVE-2024-12356 in BeyondTrust cybersecurity company, just last week.

Will AI Code Generators Overcome Their Insecurities This Year?

In just two years, LLMs have become standard for developers — and non-developers — to generate code, but companies still need to improve security processes to reduce software vulnerabilities.

EagerBee Backdoor Takes Flight Against Mideast ISPs, Government Targets

The malware, operated by China-backed cyberattackers, has been significantly fortified with new evasive and post-infection capabilities.

IoT's Regulatory Reckoning Is Overdue

New security regulations are more than compliance hurdles — they're opportunities to build better products, restore trust, and lead the next chapter of innovation.

Thousands of Buggy BeyondTrust Systems Remain Exposed

Weeks after the critical vulnerability was reported and a hacking of the Treasury Department, nearly 9,000 BeyondTrust instances remain wide open to the Internet, researchers say.

New HIPAA Cybersecurity Rules Pull No Punches

Healthcare organizations of all shapes and sizes will be held to a stricter standard of cybersecurity starting in 2025 with new proposed rules, but not all have the budget for it.

Treasury Dept. Sanctions Chinese Tech Vendor for Complicity

Integrity Technology Group was found complicit with Flax Typhoon as part of a broader Chinese strategy to infiltrate the IT systems of US critical infrastructure.

Apple Offers $95M to Settle Siri Privacy Lawsuit

The proposed settlement would amount to roughly $20 per Apple product that has Siri enabled, for each plaintiff.

VicOne and Zero Day Initiative (ZDI) to Lead Pwn2Own Automotive

US Soldier Arrested in Verizon, AT&T Hacks

Wagenius posted about hacking more than 15 telecom providers on the Telegram messaging service.

Volkswagen Breach Exposes Data of 800K EV Customers

Ethical hacking group Chaos Computer Club uncovered exposed data of electrical vehicle owners across the company's VW, Audi, Seat, and Skoda brands.

'Bad Likert Judge' Jailbreak Bypasses Guardrails of OpenAI, Other Top LLMs

A novel technique to stump artificial intelligence (AI) text-based systems increases the likelihood of a successful cyberattack by 60%.

Managing Cloud Risks Gave Security Teams a Big Headache in 2024

The results of Dark Reading's 2024 Strategic Security survey suggest that security teams continue to grapple with the challenges that come with increased cloud adoption such as data visibility and loss of controls. Managing cloud risks will be a focus for security teams in 2025.