Microsoft has released its monthly security update for January of 2025 which includes 159 vulnerabilities, including 10 that Microsoft marked as “critical.” The remaining vulnerabilities listed...
Get all the details about how Uniqa Group AG was able to optimize employee productivity, improve employees’ daily experience, and boost overall security in this case study blog.
U.S law enforcement accused the People’s Republic of China of paying hackers that are part of a well-known group called Mustang Panda to deploy the PlugX malware — which allows them to “infect,...
In late November and December 2024, Arctic Wolf observed evidence of a mass compromise of Fortinet FortiGate. While the initial attack vector was unknown at the time, evidence of compromise (with...
Cybersecurity is facing new challenges with advances in AI, cloud tech, and increasing cyber threats. Solutions like blockchain…
The remote access trojan was being used by a Chinese collective operating since 2014. The post Law enforcement action deletes PlugX malware from thousands of machines appeared first on CyberScoop.
The Commerce Department on Tuesday announced a new rule barring certain Chinese and Russian connected car technology from being imported to the United States.
Are you ready to tackle the evolving challenges in OT cybersecurity? Over the past year, the operational technology (OT) cybersecurity... The post The 2025 Dragos OT Cybersecurity Year in Review...
Microsoft is warning that the January 2025 Windows 11 and Windows 10 cumulative updates may fail if Citrix Session Recording Agent (SRA) version 2411 is installed on the device. [...]
A list of various Solana articles. Range from Solana internals, MEV, validator setup and more. Just a good resource to have if you want to read about Solana.
The FBI says it was authorized to mass-remove “PlugX” malware from more than 4,000 compromised machines in the United States © 2024 TechCrunch. All rights reserved. For personal use only.
Wiz named as a Customers’ Choice for Cloud Native Application Protection Platforms (CNAPP)
A new Interim Final Rule on Artificial Intelligence Diffusion issued in the US strengthens security, streamlines chip sales and prevents misuse of AI technology
Texas Attorney General Ken Paxton has filed a lawsuit against Allstate and its data subsidiary Arity for unlawfully collecting, using, and selling driving data from over 45 million Americans. [...]
2024-12-26 • Weixin • 360 Threat Intelligence Center • win.comebacker Open article on Malpedia
A new malware campaign has compromised more than 5,000 WordPress sites to create admin accounts, install a malicious plugin, and steal data. [...]
Tennessee-based Mortgage Investors Group (MIG) did not outline how many customers were impacted by the attack but said they have hired a vendor to identify the affected individuals. The company...
The government of West Haven, a Connecticut city of more than 50,000 people, says it's investigating an incident that forced it to shut down its IT systems recently.
What do identity risks, data security risks and third-party risks all have in common? They are all made much worse by SaaS sprawl. Every new SaaS account adds a new identity to secure, a new place...
North Korean state-backed hacking groups have stolen over $659 million worth of cryptocurrency in multiple crypto-heists, according to a joint statement issued by the United States, South Korea,...
Fortinet patched a zero day authentication bypass vulnerability in FortiOS and FortiProxy that has been actively exploited in the wild as a zero-day since November 2024.BackgroundOn January 14,...
Browser-based cyber-threats surged in 2024, with credential abuse and infostealers on the rise
The following is the information on Yara and Snort rules (week 3, January 2025) collected and shared by the AhnLab TIP service. 5 YARA Rules Detection name Description Source...
The Telegram-based online marketplace known as HuiOne Guarantee and its vendors have cumulatively received at least $24 billion in cryptocurrency, dwarfing the now-defunct Hydra to become the...
Threat hunters are calling attention to a new campaign that has targeted Fortinet FortiGate firewall devices with management interfaces exposed on the public internet. "The campaign involved...
Russia-linked threat actors have been attributed to an ongoing cyber espionage campaign targeting Kazakhstan as part of the Kremlin's efforts to gather economic and political intelligence in...
In a recent Telegram statement, Roseltorg disclosed that it had been targeted by "an external attempt to destroy data and the entire infrastructure of electronic trading."
Microsoft has released the KB5049981 cumulative update for Windows 10 22H2 and Windows 10 21H2, which contains an updated Kernel driver blocklist to prevent Bring Your Own Vulnerable Driver...
It won’t solve all of your privacy problems, but a virtual private network can make you a less tempting target for hackers.
Today is Microsoft's January 2025 Patch Tuesday, which includes security updates for 159 flaws, including eight zero-day vulnerabilities, with three actively exploited in attacks. [...]