Latest Cybersecurity News and Articles
03 February 2025
This week, our news radar shows that every new tech idea comes with its own challenges. A hot AI tool is under close watch, law enforcement is shutting down online spots that help cybercriminals, and teams are busy fixing software bugs that could let attackers in. From better locks on our devices to stopping sneaky tricks online, simple steps are making a big difference.
Let’s take a
03 February 2025
Brazilian Windows users are the target of a campaign that delivers a banking malware known as Coyote.
"Once deployed, the Coyote Banking Trojan can carry out various malicious activities, including keylogging, capturing screenshots, and displaying phishing overlays to steal sensitive credentials," Fortinet FortiGuard Labs researcher Cara Lin said in an analysis published last week.
The
03 February 2025
Insurance firm Globe Life says a threat actor may have compromised the personal information of roughly 850,000 individuals.
The post Insurance Company Globe Life Notifying 850,000 People of Data Breach appeared first on SecurityWeek.
03 February 2025
Attack surfaces are growing faster than security teams can keep up – to stay ahead, you need to know what’s exposed and where attackers are most likely to strike.
With cloud adoption dramatically increasing the ease of exposing new systems and services to the internet, prioritizing threats and managing your attack surface from an attacker’s perspective has never been more important.
In this
03 February 2025
Researchers have observed an increase in malicious domains and campaigns impersonating tax agencies and financial institutions.
03 February 2025
Community Health Center, Inc. says hackers stole the personal and health information of over one million individuals.
The post 1 Million Impacted by Data Breach at Connecticut Healthcare Provider appeared first on SecurityWeek.
03 February 2025
A Russian-speaking cybercrime gang known as Crazy Evil has been linked to over 10 active social media scams that leverage a wide range of tailored lures to deceive victims and trick them into installing malware such as StealC, Atomic macOS Stealer (aka AMOS), and Angel Drainer.
"Specializing in identity fraud, cryptocurrency theft, and information-stealing malware, Crazy Evil employs a
03 February 2025
The Chief Secure Networking Officer (CSNO) is a transformative role designed to ensure seamless performance and security for next-generation technologies.
02 February 2025
Explore industry moves and significant changes in the industry for the week of February 3, 2025. Stay updated with the latest industry trends and shifts.
01 February 2025
“Texas will not allow the Chinese Communist Party to infiltrate our state’s critical infrastructure through data-harvesting AI and social media apps,” Abbott said.
The post Texas Governor Orders Ban on DeepSeek, RedNote for Government Devices appeared first on SecurityWeek.
01 February 2025
U.S. and Dutch law enforcement agencies have announced that they have dismantled 39 domains and their associated servers as part of efforts to disrupt a network of online marketplaces originating from Pakistan.
The action, which took place on January 29, 2025, has been codenamed Operation Heart Blocker.
The vast array of sites in question peddled phishing toolkits and fraud-enabling tools and
01 February 2025
BeyondTrust has revealed it completed an investigation into a recent cybersecurity incident that targeted some of the company's Remote Support SaaS instances by making use of a compromised API key.
The company said the breach involved 17 Remote Support SaaS customers and that the API key was used to enable unauthorized access by resetting local application passwords. The breach was first flagged
01 February 2025
Meta-owned WhatsApp on Friday said it disrupted a campaign that involved the use of spyware to target journalists and civil society members.
The campaign, which targeted around 90 members, involved the use of spyware from an Israeli company known as Paragon Solutions. The attackers were neutralized in December 2024.
In a statement to The Guardian, the encrypted messaging app said it has reached
31 January 2025
Cybersecurity researchers have discovered a malvertising campaign that's targeting Microsoft advertisers with bogus Google ads that aim to take them to phishing pages that are capable of harvesting their credentials.
"These malicious ads, appearing on Google Search, are designed to steal the login information of users trying to access Microsoft's advertising platform," Jérôme Segura, senior
31 January 2025
The FBI and authorities in The Netherlands this week seized a number of servers and domains for a hugely popular spam and malware dissemination service operating out of Pakistan. The proprietors of the service, who use the collective nickname "The Manipulaters," have been the subject of three stories published here since 2015. The FBI said the main clientele are organized crime groups that try to trick victim companies into making payments to a third party.
31 January 2025
Noteworthy stories that might have slipped under the radar: stealing browser data via Syncjacking, hackers falsely claim AWS breach, Google prevented 2 million bad apps from reaching Google Play.
The post In Other News: Browser Syncjacking, Fake AWS Hack, Google Blocked 2M Bad Apps appeared first on SecurityWeek.
31 January 2025
Italy’s data protection authority expressed dissatisfaction with DeepSeek’s response to its query about what personal data is collected, where it is stored and how users are notified.
The post Italy Blocks Access to the Chinese AI Application DeepSeek to Protect Users’ Data appeared first on SecurityWeek.
31 January 2025
US and Dutch authorities seized 39 domains to disrupt a network of hacking and fraud marketplaces operated by Saim Raza.
The post US, Dutch Authorities Disrupt Pakistani Hacking Shop Network appeared first on SecurityWeek.
31 January 2025
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Food and Drug Administration (FDA) have issued alerts about the presence of hidden functionality in Contec CMS8000 patient monitors and Epsimed MN-120 patient monitors.
The vulnerability, tracked as CVE-2025-0626, carries a CVSS v4 score of 7.7 on a scale of 10.0. The flaw, alongside two other issues, was reported to CISA
31 January 2025
APIs have become a prominent attack surface over the past year.