Latest Cybersecurity News and Articles
03 March 2025
Threat actors are targeting Amazon Web Services (AWS) environments to push out phishing campaigns to unsuspecting targets, according to findings from Palo Alto Networks Unit 42.
The cybersecurity company is tracking the activity cluster under the name TGR-UNK-0011 (short for a threat group with unknown motivation), which it said overlaps with a group known as JavaGhost. TGR-UNK-0011 is known to
03 March 2025
Kash Patel has been sworn in as ninth Director of the FBI.
03 March 2025
Cybersecurity researchers are calling attention to a new phishing campaign that employs the ClickFix technique to deliver an open-source command-and-control (C2) framework called Havoc.
"The threat actor hides each malware stage behind a SharePoint site and uses a modified version of Havoc Demon in conjunction with the Microsoft Graph API to obscure C2 communications within trusted, well-known
03 March 2025
The U.K.'s Information Commissioner's Office (ICO) has opened an investigation into online platforms TikTok, Reddit, and Imgur to assess the steps they are taking to protect children between the ages of 13 and 17 in the country.
To that end, the watchdog said it's probing how the ByteDance-owned video-sharing service uses the personal data of children in the age range to surface recommendations
03 March 2025
Threat actors have been exploiting a security vulnerability in Paragon Partition Manager's BioNTdrv.sys driver in ransomware attacks to escalate privileges and execute arbitrary code.
The zero-day flaw (CVE-2025-0289) is part of a set of five vulnerabilities that was discovered by Microsoft, according to the CERT Coordination Center (CERT/CC).
"These include arbitrary kernel memory mapping and
03 March 2025
A property tracking and return service supporting multiple airports had nearly 1M records exposed.
03 March 2025
Amazon claims its researchers have combined cat qubit technology and additional quantum error correction components onto a microchip that can be manufactured in a scalable fashion.
The post Quantum Wars: Google, Microsoft, and Amazon’s Competing Paths to Fault-Tolerant Qubits appeared first on SecurityWeek.
03 March 2025
Ransomware defense startup Mimic has raised $50 million in a Series A funding round led by Google Ventures and Menlo Ventures.
The post Mimic Raises $50 Million to Stop Ransomware Attacks appeared first on SecurityWeek.
03 March 2025
The US government has seized roughly $31 million in cryptocurrency stolen in 2021 from Uranium Finance.
The post US Seizes $31 Million Worth of Crypto Stolen in Uranium Finance Hack appeared first on SecurityWeek.
03 March 2025
Cybersecurity-related merger and acquisition (M&A) deals announced in February 2025.
The post Cybersecurity M&A Roundup: 28 Deals Announced in February 2025 appeared first on SecurityWeek.
03 March 2025
Ransomware operators exploit a vulnerable Paragon driver in BYOVD attacks to elevate privileges to System.
The post Vulnerable Paragon Driver Exploited in Ransomware Attacks appeared first on SecurityWeek.
03 March 2025
This week, a 23-year-old Serbian activist found themselves at the crossroads of digital danger when a sneaky zero-day exploit turned their Android device into a target. Meanwhile, Microsoft pulled back the curtain on a scheme where cybercriminals used AI tools for harmful pranks, and a massive trove of live secrets was discovered, reminding us that even the tools we rely on can hide risky
03 March 2025
Angel One says client information was compromised in a data breach involving its AWS account.
The post Indian Stock Broker Angel One Discloses Data Breach appeared first on SecurityWeek.
03 March 2025
In 2024, global ransomware attacks hit 5,414, an 11% increase from 2023.
After a slow start, attacks spiked in Q2 and surged in Q4, with 1,827 incidents (33% of the year's total). Law enforcement actions against major groups like LockBit caused fragmentation, leading to more competition and a rise in smaller gangs. The number of active ransomware groups jumped 40%, from 68 in 2023 to 95
03 March 2025
A massive hoard of internal chats has been leaked from Black Basta, rivalling the Conti leaks of late February 2022.
The post Black Basta Leak Offers Glimpse Into Group’s Inner Workings appeared first on SecurityWeek.
03 March 2025
Explore industry moves and significant changes in the industry for the week of March 3, 2025. Stay updated with the latest industry trends and shifts.
03 March 2025
Brazil, South Africa, Indonesia, Argentina, and Thailand have become the targets of a campaign that has infected Android TV devices with a botnet malware dubbed Vo1d.
The improved variant of Vo1d has been found to encompass 800,000 daily active IP addresses, with the botnet scaling a peak of 1,590,299 on January 19, 2025, spanning 226 countries. As of February 25, 2025, India has experienced a
02 March 2025
A Minnesota cybersecurity and computer forensics expert whose testimony has featured in thousands of courtroom trials over the past 30 years is facing questions about his credentials and an inquiry from the Federal Bureau of Investigation (FBI). Legal experts say the inquiry could be grounds to reopen a number of adjudicated cases in which the expert's testimony may have been pivotal.
01 March 2025
Firefox browser maker Mozilla on Friday updated its Terms of Use a second time within a week following criticism overbroad language that appeared to give the company the rights to all information uploaded by users.
The revised Terms of Use now states -
You give Mozilla the rights necessary to operate Firefox. This includes processing your data as we describe in the Firefox Privacy Notice. It
28 February 2025
Amnesty International publishes technical details on zero-day vulnerabilities exploited by Cellebrite’s mobile forensic tools to spy on a Serbian student activist.
The post Amnesty Reveals Cellebrite Zero-Day Android Exploit on Serbian Student Activist appeared first on SecurityWeek.