Latest Cybersecurity News and Articles
11 February 2025
Imagine you're considering a new car for your family. Before making a purchase, you evaluate its safety ratings, fuel efficiency, and reliability. You might even take it for a test drive to ensure it meets your needs. The same approach should be applied to software and hardware products before integrating them into an organization's environment. Just as you wouldn’t buy a car without knowing its
11 February 2025
Highlights from the last twelve months at the NCSC.
11 February 2025
A hacker recently offered to sell 20 million OpenAI credentials, but the data likely comes from information stealers, not the AI firm’s systems.
The post OpenAI Finds No Evidence of Breach After Hacker Offers to Sell 20M Credentials appeared first on SecurityWeek.
11 February 2025
Threat actors have observed the increasingly common ClickFix technique to deliver a remote access trojan named NetSupport RAT since early January 2025.
NetSupport RAT, typically propagated via bogus websites and fake browser updates, grants attackers full control over the victim's host, allowing them to monitor the device's screen in real-time, control the keyboard and mouse, upload and download
11 February 2025
Developments and highlights from the last twelve months at the NCSC.
11 February 2025
Source: The Nation
A coordinated law enforcement operation has taken down the dark web data leak and negotiation sites associated with the 8Base ransomware gang.
Visitors to the data leak site are now greeted with a seizure banner that says: "This hidden site and the criminal content have been seized by the Bavarian State Criminal Police Office on behalf of the Office of the Public Prosecutor
10 February 2025
Apple on Monday released out-of-band security updates to address a security flaw in iOS and iPadOS that it said has been exploited in the wild.
Assigned the CVE identifier CVE-2025-24200, the vulnerability has been described as an authorization issue that could make it possible for a malicious actor to disable USB Restricted Mode on a locked device as part of a cyber physical attack.
This
10 February 2025
Cupertino’s security response team said the flaw was used in “an extremely sophisticated attack against specific targeted individuals.”
The post Apple Confirms USB Restricted Mode Exploited in ‘Extremely Sophisticated’ Attack appeared first on SecurityWeek.
10 February 2025
Threat actors have been observed leveraging Google Tag Manager (GTM) to deliver credit card skimmer malware targeting Magento-based e-commerce websites.
Website security company Sucuri said the code, while appearing to be a typical GTM and Google Analytics script used for website analytics and advertising purposes, contains an obfuscated backdoor capable of providing attackers with persistent
10 February 2025
According to a Nuspire report, ransomware extortion publications rose by 46% compared to Q3, with Clop ransomware emerging as the most active group.
10 February 2025
French organizers said “the summit aims at promoting an ambitious French and European AI strategy” as advances in the sector have been led by the U.S. and China.
The post Trump’s AI Ambition and China’s DeepSeek Overshadow an AI Summit in Paris appeared first on SecurityWeek.
10 February 2025
A recent cybersecurity report by Clever found that 5% of U.S. school systems have implemented multi-factor authentication (MFA) for students.
10 February 2025
A critical vulnerability found in Orthanc servers can pose a serious risk to medical data and healthcare operations.
The post Orthanc Server Vulnerability Poses Risk to Medical Data, Healthcare Operations appeared first on SecurityWeek.
10 February 2025
Microsoft has added more Copilot consumer products to its bug bounty program and is offering higher rewards for medium-severity vulnerabilities.
The post Microsoft Expands Copilot Bug Bounty Program, Increases Payouts appeared first on SecurityWeek.
10 February 2025
In cybersecurity, the smallest crack can lead to the biggest breaches. A leaked encryption key, an unpatched software bug, or an abandoned cloud storage bucket—each one seems minor until it becomes the entry point for an attack.
This week, we’ve seen cybercriminals turn overlooked weaknesses into major security threats, proving once again that no system is too small to be targeted. The question
10 February 2025
HPE is notifying an unknown number of individuals that Russian hackers accessed their personal information in a December 2023 attack.
The post HPE Says Personal Information Stolen in 2023 Russian Hack appeared first on SecurityWeek.
10 February 2025
Evan Light was sentenced to 20 years in federal prison for hacking an investment holdings company and stealing $37 million in cryptocurrency.
The post Indiana Man Sentenced to 20 Years in Prison for Hacking, $37 Million Crypto Theft appeared first on SecurityWeek.
10 February 2025
Memorial Hospital and Manor says 120,000 people had their personal information stolen in a November 2024 ransomware attack.
The post Information of 120,000 Stolen in Ransomware Attack on Georgia Hospital appeared first on SecurityWeek.
10 February 2025
Given Okta's role as a critical part of identity infrastructure, strengthening Okta security is essential. This article covers six key Okta security settings that provide a strong starting point, along with recommendations for implementing continuous monitoring of your Okta security posture.
With over 18,000 customers, Okta serves as the cornerstone of identity governance and security for
10 February 2025
News analysis: The big AI platforms are emerging as frontline early warning systems, detecting nation-state hackers at the outset of their campaigns. Can this help save the threat intel industry?
The post Can AI Early Warning Systems Reboot the Threat Intel Industry? appeared first on SecurityWeek.