Latest Cybersecurity News and Articles
07 March 2025
Noteworthy stories that might have slipped under the radar: Google discloses AMD CPU flaw named EntrySign, ISPs in the US and China targeted in massive attack, ENISA report on NIS2 Directive.
The post In Other News: EntrySign AMD Flaw, Massive Attack Targets ISPs, ENISA Report appeared first on SecurityWeek.
07 March 2025
Cybersecurity experts share their insights on the YouTube CEO deepfake scam.
07 March 2025
Threat hunters have shed light on a "sophisticated and evolving malware toolkit" called Ragnar Loader that's used by various cybercrime and ransomware groups like Ragnar Locker (aka Monstrous Mantis), FIN7, FIN8, and Ruthless Mantis (ex-REvil).
"Ragnar Loader plays a key role in keeping access to compromised systems, helping attackers stay in networks for long-term operations," Swiss
07 March 2025
An extortion group has been sending physical mail to corporate executives, threatening to leak their data unless a ransom is paid.
The post FBI: Fake Ransomware Attack Claims Sent to US Executives via Snail Mail appeared first on SecurityWeek.
07 March 2025
Microsoft has uncovered a malvertising campaign that redirected users to information stealers hosted on GitHub.
The post Microsoft Says One Million Devices Impacted by Infostealer Campaign appeared first on SecurityWeek.
07 March 2025
National Presto Industries says a cyberattack has resulted in a system outage and operational disruptions.
The post Cyberattack Disrupts National Presto Industries Operations appeared first on SecurityWeek.
07 March 2025
Microsoft has disclosed details of a large-scale malvertising campaign that's estimated to have impacted over one million devices globally as part of what it said is an opportunistic attack designed to steal sensitive information.
The tech giant, which detected the activity in early December 2024, is tracking it under the broader umbrella Storm-0408, a moniker used for a set of threat actors
07 March 2025
Silk Typhoon, Chinese espionage group, is targeting common IT solutions.
07 March 2025
NTT Communications Corporation has disclosed a data breach impacting the information of nearly 18,000 customer organizations.
The post 18,000 Organizations Impacted by NTT Com Data Breach appeared first on SecurityWeek.
07 March 2025
Dozens of schools and thousands of individuals are impacted by a data breach resulting from a ransomware attack on Carruth Compliance Consulting.
The post Many Schools Report Data Breach After Retirement Services Firm Hit by Ransomware appeared first on SecurityWeek.
07 March 2025
Are you tired of dealing with outdated security tools that never seem to give you the full picture? You’re not alone.
Many organizations struggle with piecing together scattered information, leaving your apps vulnerable to modern threats. That’s why we’re excited to introduce a smarter, unified approach: Application Security Posture Management (ASPM).
ASPM brings together the best of both
07 March 2025
Google Cloud’s AI Protection helps discover AI inventory, secure AI assets, and manage threats with detect, investigate, and respond capabilities.
The post New AI Protection from Google Cloud Tackles AI Risks, Threats, and Compliance appeared first on SecurityWeek.
07 March 2025
Access on-demand webinar here
Avoid a $100,000/month Compliance Disaster
March 31, 2025: The Clock is Ticking. What if a single overlooked script could cost your business $100,000 per month in non-compliance fines? PCI DSS v4 is coming, and businesses handling payment card data must be prepared.
Beyond fines, non-compliance exposes businesses to web skimming, third-party script attacks, and
07 March 2025
The number of Medusa ransomware attacks observed in the first two months of 2025 doubled compared to the same period last year.
The post Medusa Ransomware Attacks Increase appeared first on SecurityWeek.
07 March 2025
Cybersecurity researchers have discovered a malicious Python package on the Python Package Index (PyPI) repository that's equipped to steal a victim's Ethereum private keys by impersonating popular libraries.
The package in question is set-utils, which has received 1,077 downloads to date. It's no longer available for download from the official registry.
"Disguised as a simple utility for Python
07 March 2025
A coalition of international law enforcement agencies has seized the website associated with the cryptocurrency exchange Garantex ("garantex[.]org"), nearly three years after the service was sanctioned by the U.S. Treasury Department in April 2022.
"The domain for Garantex has been seized by the United States Secret Service pursuant to a seizure warrant obtained by the United States Attorney's
07 March 2025
Multiple Mirai-based botnets are exploiting CVE-2025-1316, an Edimax IP camera vulnerability that allows remote command execution.
The post Edimax Camera Zero-Day Disclosed by CISA Exploited by Botnets appeared first on SecurityWeek.
07 March 2025
Safe{Wallet} has revealed that the cybersecurity incident that led to the Bybit $1.5 billion crypto heist is a "highly sophisticated, state-sponsored attack," stating the North Korean threat actors behind the hack took steps to erase traces of the malicious activity in an effort to hamper investigation efforts.
The multi-signature (multisig) platform, which has roped in Google Cloud Mandiant to
06 March 2025
Threat actors of unknown provenance have been attributed to a malicious campaign predominantly targeting organizations in Japan since January 2025.
"The attacker has exploited the vulnerability CVE-2024-4577, a remote code execution (RCE) flaw in the PHP-CGI implementation of PHP on Windows, to gain initial access to victim machines," Cisco Talos researcher Chetan Raghuprasad said in a technical
06 March 2025
At 49, Branden Spikes isn't just one of the oldest technologists who has been involved in Elon Musk's Department of Government Efficiency (DOGE). As the current director of information technology at X/Twitter and an early hire at PayPal, Zip2, Tesla and SpaceX, Spikes is also among Musk's most loyal employees. Here's a closer look at this trusted Musk lieutenant, whose Russian ex-wife was once married to Elon's cousin.