Category: Uncategorized
-
9 secure email gateway options for 2025
Post ContentRead More
-
10 must-have cybersecurity skills for career success in 2025
Post ContentRead More
-

Microsoft Sues Hacking Group Exploiting Azure AI for Harmful Content Creation [email protected] (The Hacker News)
Microsoft has revealed that it’s pursuing legal action against a “foreign-based threat–actor group” for operating a hacking-as-a-service infrastructure to intentionally get around the safety controls of its generative artificial intelligence (AI) services and produce offensive and harmful content. The tech giant’s Digital Crimes Unit (DCU) said it has observed the threat actors “developRead More
-

DoJ Indicts Three Russians for Operating Crypto Mixers Used in Cybercrime Laundering [email protected] (The Hacker News)
The U.S. Department of Justice (DoJ) on Friday indicted three Russian nationals for their alleged involvement in operating the cryptocurrency mixing services Blender.io and Sinbad.io. Roman Vitalyevich Ostapenko and Alexander Evgenievich Oleynik were arrested on December 1, 2024, in coordination with the Netherlands’ Financial Intelligence and Investigative Service, Finland’s National Bureau ofRead More
-

Taking the Pain Out of Cybersecurity Reporting: A Practical Guide for MSPs [email protected] (The Hacker News)
Cybersecurity reporting is a critical yet often overlooked opportunity for service providers managing cybersecurity for their clients, and specifically for virtual Chief Information Security Officers (vCISOs). While reporting is seen as a requirement for tracking cybersecurity progress, it often becomes bogged down with technical jargon, complex data, and disconnected spreadsheets that fail toRead More
-

AI-Driven Ransomware FunkSec Targets 85 Victims Using Double Extortion Tactics [email protected] (The Hacker News)
Cybersecurity researchers have shed light on a nascent artificial intelligence (AI) assisted ransomware family called FunkSec that sprang forth in late 2024, and has claimed more than 85 victims to date. “The group uses double extortion tactics, combining data theft with encryption to pressure victims into paying ransoms,” Check Point Research said in a new…
-

Hands-On Walkthrough: Microsegmentation For all Users, Workloads and Devices by Elisity [email protected] (The Hacker News)
Network segmentation remains a critical security requirement, yet organizations struggle with traditional approaches that demand extensive hardware investments, complex policy management, and disruptive network changes. Healthcare and manufacturing sectors face particular challenges as they integrate diverse endpoints – from legacy medical devices to IoT sensors – onto their production networks.Read More
-

Google Project Zero Researcher Uncovers Zero-Click Exploit Targeting Samsung Devices [email protected] (The Hacker News)
Cybersecurity researchers have detailed a now-patched security flaw impacting Monkey’s Audio (APE) decoder on Samsung smartphones that could lead to code execution. The high-severity vulnerability, tracked as CVE-2024-49415 (CVSS score: 8.1), affects Samsung devices running Android versions 12, 13, and 14. “Out-of-bounds write in libsaped.so prior to SMR Dec-2024 Release 1 allows remoteRead More
-

RedDelta Deploys PlugX Malware to Target Mongolia and Taiwan in Espionage Campaigns [email protected] (The Hacker News)
Mongolia, Taiwan, Myanmar, Vietnam, and Cambodia have been targeted by the China-nexus RedDelta threat actor to deliver a customized version of the PlugX backdoor between July 2023 and December 2024. “The group used lure documents themed around the 2024 Taiwanese presidential candidate Terry Gou, the Vietnamese National Holiday, flood protection in Mongolia, and meeting invitations,…
-

CrowdStrike Warns of Phishing Scam Targeting Job Seekers with XMRig Cryptominer [email protected] (The Hacker News)
Cybersecurity company CrowdStrike is alerting of a phishing campaign that exploits its own branding to distribute a cryptocurrency miner that’s disguised as an employee CRM application as part of a supposed recruitment process. “The attack begins with a phishing email impersonating CrowdStrike recruitment, directing recipients to a malicious website,” the company said. “Victims are prompted…
