Latest Cybersecurity News and Articles
11 February 2025
SAP has released 19 new and two updated security notes on its February 2025 patch day, including six notes for high-severity vulnerabilities.
The post SAP Releases 21 Security Patches appeared first on SecurityWeek.
11 February 2025
Google has stepped in to clarify that a newly introduced Android System SafetyCore app does not perform any client-side scanning of content.
"Android provides many on-device protections that safeguard users against threats like malware, messaging spam and abuse protections, and phone scam protections, while preserving user privacy and keeping users in control of their data," a spokesperson for
11 February 2025
Threat actors are exploiting exposed ASP.NET keys to deploy malware.
11 February 2025
A recent U.K. cybersecurity report found that 93% of companies were targeted by fraud in the past year, with 73% expecting risks to grow in 2025.
11 February 2025
Law enforcement agencies take down the 8Base ransomware group’s infrastructure, arrest four Russian operators.
The post Authorities Disrupt 8Base Ransomware, Arrest Four Russian Operators appeared first on SecurityWeek.
11 February 2025
Multi-factor authentication (MFA) has quickly become the standard for securing business accounts. Once a niche security measure, adoption is on the rise across industries. But while it’s undeniably effective at keeping bad actors out, the implementation of MFA solutions can be a tangled mess of competing designs and ideas. For businesses and employees, the reality is that MFA sometimes feels
11 February 2025
Intel says roughly 100 of the 374 vulnerabilities it patched last year were firmware and hardware security defects.
The post Intel Patched 374 Vulnerabilities in 2024 appeared first on SecurityWeek.
11 February 2025
Dozens of local newspapers owned by media company Lee Enterprises experienced disruptions as a result of a cyberattack.
The post Cyberattack on Lee Enterprises Causes Disruptions at Dozens of Newspapers appeared first on SecurityWeek.
11 February 2025
Eric Council Jr. pleaded guilty to hacking the X (formerly Twitter) account of the US Securities and Exchange Commission.
The post Alabama Man Pleads Guilty to Hacking SEC’s X Account appeared first on SecurityWeek.
11 February 2025
Progress Software has addressed multiple high-severity security flaws in its LoadMaster software that could be exploited by malicious actors to execute arbitrary system commands or download any file from the system.
Kemp LoadMaster is a high-performance application delivery controller (ADC) and load balancer that provides availability, scalability, performance, and security for business-critical
11 February 2025
Staffers at the nation’s cybersecurity agency whose job is to ensure the security of US elections have been placed on administrative leave.
The post US Cyber Agency Puts Election Security Staffers Who Worked With the States on Leave appeared first on SecurityWeek.
11 February 2025
Gcore’s latest DDoS Radar report analyzes attack data from Q3–Q4 2024, revealing a 56% YoY rise in the total number of DDoS attacks with the largest attack peaking at a record 2 Tbps. The financial services sector saw the most dramatic increase, with a 117% rise in attacks, while gaming remained the most-targeted industry. This period’s findings emphasize the need for robust, adaptive DDoS
11 February 2025
Imagine you're considering a new car for your family. Before making a purchase, you evaluate its safety ratings, fuel efficiency, and reliability. You might even take it for a test drive to ensure it meets your needs. The same approach should be applied to software and hardware products before integrating them into an organization's environment. Just as you wouldn’t buy a car without knowing its
11 February 2025
Highlights from the last twelve months at the NCSC.
11 February 2025
A hacker recently offered to sell 20 million OpenAI credentials, but the data likely comes from information stealers, not the AI firm’s systems.
The post OpenAI Finds No Evidence of Breach After Hacker Offers to Sell 20M Credentials appeared first on SecurityWeek.
11 February 2025
Threat actors have observed the increasingly common ClickFix technique to deliver a remote access trojan named NetSupport RAT since early January 2025.
NetSupport RAT, typically propagated via bogus websites and fake browser updates, grants attackers full control over the victim's host, allowing them to monitor the device's screen in real-time, control the keyboard and mouse, upload and download
11 February 2025
Developments and highlights from the last twelve months at the NCSC.
11 February 2025
Source: The Nation
A coordinated law enforcement operation has taken down the dark web data leak and negotiation sites associated with the 8Base ransomware gang.
Visitors to the data leak site are now greeted with a seizure banner that says: "This hidden site and the criminal content have been seized by the Bavarian State Criminal Police Office on behalf of the Office of the Public Prosecutor
10 February 2025
Apple on Monday released out-of-band security updates to address a security flaw in iOS and iPadOS that it said has been exploited in the wild.
Assigned the CVE identifier CVE-2025-24200, the vulnerability has been described as an authorization issue that could make it possible for a malicious actor to disable USB Restricted Mode on a locked device as part of a cyber physical attack.
This
10 February 2025
Cupertino’s security response team said the flaw was used in “an extremely sophisticated attack against specific targeted individuals.”
The post Apple Confirms USB Restricted Mode Exploited in ‘Extremely Sophisticated’ Attack appeared first on SecurityWeek.