Category: SecurityNews
-
Cyberattacks by AI agents are coming
by
in SecurityNewsFirst seen on thesecurityblogger.com Jump to article: www.thesecurityblogger.com/cyberattacks-by-ai-agents-are-coming/
-
CISA adds Ivanti Connect Secure vulnerability to KEV catalog
by
in SecurityNewsCVE-2025-22457 is a critical stack buffer-overflow vulnerability that Ivanti had initially assessed as a low-level product bug that could not be exploited remotely. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-ivanti-connect-secure-vulnerability-kev/744603/
-
The AI Alibi Defense: How General-Purpose AI Agents Obscure Criminal Liability
by
in SecurityNewsAs these AI agents become more capable of behaving like autonomous actors, clicking, typing, downloading, exfiltrating, or engaging in arguably criminal behavior, they may also become unintended scapegoats or even tools of plausible deniability. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/the-ai-alibi-defense-how-general-purpose-ai-agents-obscure-criminal-liability/
-
Google Pushing ‘Sec-Gemini’ AI Model for Threat-Intel Workflows
Experimental Sec-Gemini v1 touts a combination of Google’s Gemini LLM capabilities with real-time security data and tooling from Mandiant. The post Google Pushing ‘Sec-Gemini’ AI Model for Threat-Intel Workflows appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/google-pushing-sec-gemini-ai-model-for-threat-intel-workflows/
-
Intergenerational Mentoring: Key to Cybersecurity’s AI Future
by
in SecurityNewsAs threats evolve and technology changes, our ability to work together across generations will determine our success. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/intergenerational-mentoring-key-cybersecuritys-ai-future
-
SpyCloud Research Shows that Endpoint Detection and Antivirus Solutions Miss Two-Thirds (66%) of Malware Infections
Austin, TX, USA, 7th April 2025, CyberNewsWire First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/spycloud-research-shows-that-endpoint-detection-and-antivirus-solutions-miss-two-thirds-66-of-malware-infections/
-
UK’s attempt to keep details of Apple ‘backdoor’ case secret”¦ denied
by
in SecurityNewsLast month’s secret hearing comes to light First seen on theregister.com Jump to article: www.theregister.com/2025/04/07/home_office_apple_backdoor/
-
A member of the Scattered Spider cybercrime group pleads guilty
by
in SecurityNewsA 20-year-old man linked to the Scattered Spider cybercrime group has pleaded guilty to charges filed in Florida and California. Noah Urban, a 20-year-old from Palm Coast, pleaded guilty to conspiracy, wire fraud, and identity theft in two federal cases, one in Florida and another in California. >>In the California case, he pleaded guilty to…
-
SpyCloud Research Shows that Endpoint Detection and Antivirus Solutions Miss Two-Thirds (66%) of Malware Infections
Austin, TX, USA, 7th April 2025, CyberNewsWire First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/spycloud-research-shows-that-endpoint-detection-and-antivirus-solutions-miss-two-thirds-66-of-malware-infections/
-
Threat Actors Use Windows Screensaver Files as Malware Delivery Method
by
in SecurityNewsCybersecurity experts at Symantec have uncovered a sophisticated phishing campaign targeting various sectors across multiple countries, leveraging the Windows screensaver file format (.scr) as a vector for malware distribution. This method, while seemingly innocuous, allows attackers to execute malicious code under the guise of a harmless screensaver file. Campaign Overview The campaign, observed by Symantec,…
-
Gmail Is Not a Secure Way to Send Sensitive Comms: A Friendly Reminder
by
in SecurityNewsNew end-to-end Gmail encryption alone isn’t secure enough for an enterprise’s most sensitive and prized data, experts say. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/gmail-not-secure-way-send-sensitive-comms
-
Untersuchung: PDF wird zur Seuchenschleuder
by
in SecurityNewsMit über 400 Milliarden geöffneten PDF-Dateien im letzten Jahr nutzen Cyber-Kriminelle das Format gezielt für versteckten Schadcode. Laut IT-Forensik erfolgen 68 Prozent aller Angriffe per E-Mail davon enthalten 22 Prozent bösartige PDF-Anhänge. First seen on itsicherheit-online.com Jump to article: www.itsicherheit-online.com/news/security-management/untersuchung-pdf-wird-zur-seuchenschleuder/
-
CISA and FBI Warn Fast Flux is Powering Resilient Malware, C2, and Phishing Networks
by
in SecurityNewsCybersecurity agencies from Australia, Canada, New Zealand, and the United States have published a joint advisory about the risks associated with a technique called fast flux that has been adopted by threat actors to obscure a command-and-control (C2) channel.”‘Fast flux’ is a technique used to obfuscate the locations of malicious servers through rapidly changing Domain…
-
Scott Schober on Fighting the New Age of Credit Card Fraud
by
in SecurityNewsIn my first interview with cybersecurity expert and author Scott Schober, we explored his personal experiences with being hacked and the eye-opening insights from his book Hacked Again. Now, we’re reconnecting with Scott to go deeper. Because the threat landscape… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/scott-schober-credit-card-fraud-interview/
-
Threat Actors Exploit Fake CAPTCHAs and Cloudflare Turnstile to Distribute LegionLoader
by
in SecurityNewsIn a sophisticated attack targeting individuals searching for PDF documents online, cybercriminals are using deceptive CAPTCHA mechanisms combined with Cloudflare’s Turnstile to distribute the LegionLoader malware. According to Netskope Threat Labs, this campaign, which started in February 2025, has affected over 140 customers primarily in North America, Asia, and Southern Europe, with the technology and…
-
Smishing Triad Fuels Surge in Toll Payment Scams in US, UK
by
in SecurityNewsA rise in smishing campaigns impersonating toll service providers has been linked to China’s Smishing Triad First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/smishing-triad-toll-payment-scams/
-
HellCat, Rey, and Grep Groups Dispute Claims in Orange and HighWire Press Cases
by
in SecurityNewsSuspectFile.com has uncovered a complex web of overlapping claims and accusations within the cybercrime underworld, highlighting a case involving the ransomware groups HellCat, Rey, and grep, along with the controversial group Babuk2. The investigation delves into two significant cyberattacks: one against the telecommunications company >>Orange>HighWire Press.
-
Signal-Gate: iPhone-Funktion steckt hinter Einladung von US-Journalist
by
in SecurityNewsWie gelangte ein Journalist in einen hochgeheimen Signal-Chat der US-Regierung? Eine interne Untersuchung soll nun den Vorgang geklärt haben. First seen on golem.de Jump to article: www.golem.de/news/signal-gate-iphone-funktion-steckt-hinter-einladung-von-us-journalist-2504-195104.html
-
UK court lifts secrecy veil, confirms Apple is suing British government over ‘backdoor’ request
by
in SecurityNewsA UK court confirmed Apple is suing the British government over a legal order regarding the company’s encryption of iCloud accounts. First seen on therecord.media Jump to article: therecord.media/uk-court-confirms-apple-suing-over-backdoor-request
-
Xanthorox AI The Next Generation of Malicious AI Threats Emerges
by
in SecurityNewsThe Next Evolution in Black-Hat AI A new player has entered the cybercrime AI landscape Xanthorox AI, a malicious tool that brands itself as the “Killer of WormGPT and all EvilGPT variants.” First spotted in late Q1 2025, Xanthorox began circulating in cybercrime communities across darknet forums and encrypted channels. The system is promoted… First…
-
SITA UND NEC kooperieren bei digitalen Identitätslösungen im Reissektor
by
in SecurityNews
Tags: unclassifiedDie Nachfrage nach biometrischen Identitätslösungen steigt rapide: Laut den SITA Air Transport IT Insights 2024 planen 28″¯% der Fluggesellschaften und 43″¯% der Flughäfen, solche Technologien innerhalb der nächsten zwölf Monate einzuführen. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/sita-und-nec-kooperieren-bei-digitalen-identitaetsloesungen-im-reissektor/a40410/
-
AI Surpasses Elite Red Teams in Crafting Effective Spear Phishing Attacks
by
in SecurityNewsIn a groundbreaking development in the field of cybersecurity, AI has reached a pivotal moment, surpassing elite human red teams in the creation of effective spear phishing attacks. According to research conducted by Hoxhunt, AI agents have demonstrated a 24% higher effectiveness rate compared to human teams in simulated phishing campaigns against millions of global…
-
Year in Review: In conversation with the report’s authors
by
in SecurityNews
Tags: unclassifiedWant to know the most notable findings in Talos’ Year in Review directly from our report’s authors? Watch our two part video series. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/year-in-review-in-conversation-with-the-reports-authors/
-
Chrome to patch decades-old flaw that let sites peek at your history
After 23 years, the privacy plumber has finally arrived to clean up this mess First seen on theregister.com Jump to article: www.theregister.com/2025/04/07/chrome_135_history_sniffing/
-
EDR Antivirus Solutions Miss Two-Thirds (66%) of Malware Infections SpyCloud Research
by
in SecurityNewsDeep visibility into malware-siphoned data can help close gaps in traditional defenses before they evolve into major cyber threats like ransomware and account takeover SpyCloud, the leading identity threat protection company, today released new analysis of its recaptured darknet data repository that shows threat actors are increasingly bypassing endpoint protection solutions: 66% of malware infections…
-
20-Year-Old Scattered Spider Hacker Pleads Guilty in Major Ransomware Case
by
in SecurityNewsA 20-year-old Noah Urban, a resident of Palm Coast, Florida, pleaded guilty to a series of federal charges in a Jacksonville courtroom. Urban, linked to the infamous Scattered Spider hacking group, admitted to charges of conspiracy, wire fraud, and aggravated identity theft in Florida, as well as conspiracy to commit wire fraud in a separate…
-
Darknet’s Xanthorox AI Offers Customizable Tools for Hackers
Xanthorox AI, a self-contained system for offensive cyber operations, has emerged on darknet forums First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/darknets-xanthorox-ai-hackers-tools/