Author: Andy Stern
-
SpyCloud Research Shows that Endpoint Detection and Antivirus Solutions Miss Two-Thirds (66%) of Malware Infections
Austin, TX, USA, 7th April 2025, CyberNewsWire First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/spycloud-research-shows-that-endpoint-detection-and-antivirus-solutions-miss-two-thirds-66-of-malware-infections/
-
UK court lifts secrecy veil, confirms Apple is suing British government over ‘backdoor’ request
by
in SecurityNewsA UK court confirmed Apple is suing the British government over a legal order regarding the company’s encryption of iCloud accounts. First seen on therecord.media Jump to article: therecord.media/uk-court-confirms-apple-suing-over-backdoor-request
-
Chrome to patch decades-old flaw that let sites peek at your history
After 23 years, the privacy plumber has finally arrived to clean up this mess First seen on theregister.com Jump to article: www.theregister.com/2025/04/07/chrome_135_history_sniffing/
-
Xanthorox AI The Next Generation of Malicious AI Threats Emerges
by
in SecurityNewsThe Next Evolution in Black-Hat AI A new player has entered the cybercrime AI landscape Xanthorox AI, a malicious tool that brands itself as the “Killer of WormGPT and all EvilGPT variants.” First spotted in late Q1 2025, Xanthorox began circulating in cybercrime communities across darknet forums and encrypted channels. The system is promoted… First…
-
SITA UND NEC kooperieren bei digitalen Identitätslösungen im Reissektor
by
in SecurityNews
Tags: unclassifiedDie Nachfrage nach biometrischen Identitätslösungen steigt rapide: Laut den SITA Air Transport IT Insights 2024 planen 28″¯% der Fluggesellschaften und 43″¯% der Flughäfen, solche Technologien innerhalb der nächsten zwölf Monate einzuführen. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/sita-und-nec-kooperieren-bei-digitalen-identitaetsloesungen-im-reissektor/a40410/
-
Untersuchung: PDF wird zur Seuchenschleuder
by
in SecurityNewsMit über 400 Milliarden geöffneten PDF-Dateien im letzten Jahr nutzen Cyber-Kriminelle das Format gezielt für versteckten Schadcode. Laut IT-Forensik erfolgen 68 Prozent aller Angriffe per E-Mail davon enthalten 22 Prozent bösartige PDF-Anhänge. First seen on itsicherheit-online.com Jump to article: www.itsicherheit-online.com/news/security-management/untersuchung-pdf-wird-zur-seuchenschleuder/
-
A member of the Scattered Spider cybercrime group pleads guilty
by
in SecurityNewsA 20-year-old man linked to the Scattered Spider cybercrime group has pleaded guilty to charges filed in Florida and California. Noah Urban, a 20-year-old from Palm Coast, pleaded guilty to conspiracy, wire fraud, and identity theft in two federal cases, one in Florida and another in California. >>In the California case, he pleaded guilty to…
-
Threat Actors Exploit Fake CAPTCHAs and Cloudflare Turnstile to Distribute LegionLoader
by
in SecurityNewsIn a sophisticated attack targeting individuals searching for PDF documents online, cybercriminals are using deceptive CAPTCHA mechanisms combined with Cloudflare’s Turnstile to distribute the LegionLoader malware. According to Netskope Threat Labs, this campaign, which started in February 2025, has affected over 140 customers primarily in North America, Asia, and Southern Europe, with the technology and…
-
Gmail Is Not a Secure Way to Send Sensitive Comms: A Friendly Reminder
by
in SecurityNewsNew end-to-end Gmail encryption alone isn’t secure enough for an enterprise’s most sensitive and prized data, experts say. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/gmail-not-secure-way-send-sensitive-comms
-
UK’s attempt to keep details of Apple ‘backdoor’ case secret”¦ denied
by
in SecurityNewsLast month’s secret hearing comes to light First seen on theregister.com Jump to article: www.theregister.com/2025/04/07/home_office_apple_backdoor/
-
Threat Actors Use Windows Screensaver Files as Malware Delivery Method
by
in SecurityNewsCybersecurity experts at Symantec have uncovered a sophisticated phishing campaign targeting various sectors across multiple countries, leveraging the Windows screensaver file format (.scr) as a vector for malware distribution. This method, while seemingly innocuous, allows attackers to execute malicious code under the guise of a harmless screensaver file. Campaign Overview The campaign, observed by Symantec,…
-
Signal-Gate: iPhone-Funktion steckt hinter Einladung von US-Journalist
by
in SecurityNewsWie gelangte ein Journalist in einen hochgeheimen Signal-Chat der US-Regierung? Eine interne Untersuchung soll nun den Vorgang geklärt haben. First seen on golem.de Jump to article: www.golem.de/news/signal-gate-iphone-funktion-steckt-hinter-einladung-von-us-journalist-2504-195104.html
-
Scott Schober on Fighting the New Age of Credit Card Fraud
by
in SecurityNewsIn my first interview with cybersecurity expert and author Scott Schober, we explored his personal experiences with being hacked and the eye-opening insights from his book Hacked Again. Now, we’re reconnecting with Scott to go deeper. Because the threat landscape… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/scott-schober-credit-card-fraud-interview/
-
Smishing Triad Fuels Surge in Toll Payment Scams in US, UK
by
in SecurityNewsA rise in smishing campaigns impersonating toll service providers has been linked to China’s Smishing Triad First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/smishing-triad-toll-payment-scams/
-
HellCat, Rey, and Grep Groups Dispute Claims in Orange and HighWire Press Cases
by
in SecurityNewsSuspectFile.com has uncovered a complex web of overlapping claims and accusations within the cybercrime underworld, highlighting a case involving the ransomware groups HellCat, Rey, and grep, along with the controversial group Babuk2. The investigation delves into two significant cyberattacks: one against the telecommunications company >>Orange>HighWire Press.
-
CISA and FBI Warn Fast Flux is Powering Resilient Malware, C2, and Phishing Networks
by
in SecurityNewsCybersecurity agencies from Australia, Canada, New Zealand, and the United States have published a joint advisory about the risks associated with a technique called fast flux that has been adopted by threat actors to obscure a command-and-control (C2) channel.”‘Fast flux’ is a technique used to obfuscate the locations of malicious servers through rapidly changing Domain…
-
Year in Review: In conversation with the report’s authors
by
in SecurityNews
Tags: unclassifiedWant to know the most notable findings in Talos’ Year in Review directly from our report’s authors? Watch our two part video series. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/year-in-review-in-conversation-with-the-reports-authors/
-
What are Verified Mark Certificates how do they help authenticate emails?
by
in SecurityNewsDigital certificates are a vital part of securing online communications, including email. While they primarily safeguard sensitive data, they can also enhance trust and brand recognition. Verified mark certificates (VMCs) are a specialized type of digital certificate used to authenticate emails by displaying a trademarked logo next to the sender’s name. VMCs offer a variety…
-
Darknet’s Xanthorox AI Offers Customizable Tools for Hackers
Xanthorox AI, a self-contained system for offensive cyber operations, has emerged on darknet forums First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/darknets-xanthorox-ai-hackers-tools/
-
King Bob pleads guilty to Scattered Spider-linked cryptocurrency thefts from investors
by
in SecurityNewsA Florida man, linked to the notorious Scattered Spider hacking gang, has pleaded guilty to charges related to cryptocurrency thefts which have netted hundreds of thousands of dollars. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/king-bob-pleads-guilty-to-scattered-spider-linked-cryptocurrency-thefts-from-investors
-
Tribunal denies UK’s attempt to keep details of Apple ‘backdoor’ case secret
by
in SecurityNewsLast month’s secret hearing comes to light First seen on theregister.com Jump to article: www.theregister.com/2025/04/07/home_office_apple_backdoor/
-
The Fastest Way to Secure Your APIs? We’ve Got That Covered with CrowdStrike
by
in SecurityNews
Tags: api, attack, cloud, crowdstrike, data, data-breach, endpoint, firewall, governance, identity, intelligence, risk, security-incident, siem, threat, tool, vulnerabilityAPIs are the backbone of modern apps, but they also introduce some serious security risks. Attackers are constantly on the lookout for vulnerable APIs, shadow APIs, zombie APIs, and exposed sensitive data”, all of which are tough to track if you don’t have the right tools in place. That’s why we’ve teamed up with CrowdStrike…
-
Vorteilhafte Nutzung von KI in Finanzdienstleistungen
by
in SecurityNews
Tags: aiDer Finanzdienstleistungssektor befindet sich an einem kritischen Punkt, da er zunehmend gezwungen ist, neue Spitzentechnologie, wie künstliche Intelligenz (KI), einzusetzen, um wettbewerbsfähig zu bleiben. Daher nutzen viele bereits große Sprachmodelle und abrufgestützte Generierung, um Innovationen voranzutreiben und das Kundenerlebnis zu verbessern. Um die Vorteile aber in Ruhe nutzen zu können, müssen sich die Firmen den…
-
Stand der Cloud- und SaaS-Sicherheit
by
in SecurityNewsEine aktuelle Studie von Dark Reading und Qualys mit über 100 befragten IT- und Sicherheitsexperten zeigt, dass die schnelle Einführung von Cloud-Technologien häufig die Fähigkeit der Unternehmen zur Risikominimierung übersteigt. 28 Prozent der Unternehmen haben 2024 eine Cloud- oder SaaS-bezogene Datenpanne erlitten. Besorgniserregend ist, dass 36 Prozent dieser Unternehmen mehrfach innerhalb eines Jahres betroffen waren. Die Studie…
-
SpyCloud Research Shows that Endpoint Detection and Antivirus Solutions Miss Two-Thirds (66%) of Malware Infections
Austin, TX, USA, 7th April 2025, CyberNewsWire First seen on hackread.com Jump to article: hackread.com/spycloud-research-shows-that-endpoint-detection-and-antivirus-solutions-miss-two-thirds-66-of-malware-infections/
-
The controversial case of the threat actor EncryptHub
by
in SecurityNewsMicrosoft credited controversial actor EncryptHub, a lone actor with ties to cybercrime, for reporting two Windows flaws. Microsoft credited the likely lone actor behind the EncryptHub alias (also known as SkorikARI) for reporting two Windows security flaws, highlighting a >>conflicted
-
EDR Antivirus Solutions Miss Two-Thirds (66%) of Malware Infections SpyCloud Research
by
in SecurityNewsDeep visibility into malware-siphoned data can help close gaps in traditional defenses before they evolve into major cyber threats like ransomware and account takeover SpyCloud, the leading identity threat protection company, today released new analysis of its recaptured darknet data repository that shows threat actors are increasingly bypassing endpoint protection solutions: 66% of malware infections…
-
5 der größten Cyberbedrohungen in der Öl- und Gasindustrie
by
in SecurityNewsDie Öl- und Gasindustrie ist als kritische Infrastruktur auf OT-Systeme angewiesen, um effiziente und sichere Abläufe zu gewährleisten. Doch mit der fortschreitenden Digitalisierung wächst auch die Gefahr von Cyberangriffen. Angreifer entwickeln ständig neue Methoden, um in OT-Umgebungen einzudringen. Ohne effektive Cybersicherheitsmaßnahmen drohen Datenschutzverletzungen, Betriebsunterbrechungen, finanzielle Verluste und sogar Sach- oder Personenschäden. Um diesen Risiken zu…