Collecting Cyber-News from over 60 sources

Tag: tool

Microsoft accuses group of developing tool to abuse its AI service in new lawsuit

Jan 11, 2025 11:42 AM

by

Andy Stern

in SecurityNews

Tags: ai, cloud, group, microsoft, service, tool

Microsoft has taken legal action against a group the company claims intentionally developed and used tools to bypass the safety guardrails of its cloud AI products. According to a complaint filed by the company in December in the U.S. District Court for the Eastern District of Virginia, a group of 10 unnamed defendants allegedly used…
New Paper: “Future of SOC: Transform the ‘How’” (Paper 5)

Jan 11, 2025 11:42 AM

by

Andy Stern

in SecurityNews

Tags: automation, business, cloud, data, detection, edr, endpoint, google, lessons-learned, risk, service, siem, soar, soc, tool

After a long, long, long writing effort “¦ eh “¦ break, we are ready with our 5th Deloitte and Google Cloud Future of the SOC paper “Future of SOC: Transform the ‘How’.” As a reminder (and I promise you do need it; it has been years”¦), the previous 4 papers are: “New Paper: “Future of the SOC: Evolution or…
Malware targets Mac users by using Apple’s security tool

Jan 10, 2025 1:18 PM

by

Andy Stern

in SecurityNews

Tags: antivirus, apple, breach, browser, chrome, credentials, crypto, data, data-breach, defense, detection, edr, encryption, exploit, github, google, leak, macOS, malicious, malware, phishing, russia, software, threat, tool, xss

A variant of the Banshee macOS infostealer was seen duping detection systems with new string encryption copied from Apple’s in-house algorithm.A Check Point research, which caught the variant after two months of successful evasion, said threat actors distributed Banshee using phishing websites and fake GitHub repositories, often impersonating popular software like Google Chrome, Telegram, and…
Weaponized LDAP Exploit Deploys Information-Stealing Malware

Jan 10, 2025 1:18 PM

by

Andy Stern

in SecurityNews

Tags: cve, cyber, cybercrime, exploit, malicious, malware, tool, vulnerability

Cybercriminals are exploiting the recent critical LDAP vulnerabilities (CVE-2024-49112 and CVE-2024-49113) by distributing fake proof-of-concept exploits for CVE-2024-49113 (dubbed >>LDAPNightmare
Legitimate PoC exploited to spread information stealer

Jan 10, 2025 5:18 AM

by

Andy Stern

in SecurityNews

Tags: access, awareness, backdoor, ceo, computer, cve, exploit, github, hacker, identity, infosec, Internet, linux, malicious, malware, open-source, RedTeam, social-engineering, software, tactics, threat, tool, training, vulnerability, windows

A recently copied and abused open source proof of concept (PoC) exploit from a reputable security company, aimed at helping threat researchers, is the latest example of the novel tactics hackers will use to spread malware.PoCs for known vulnerabilities are created to be shared by students, researchers, and IT pros to improve software and toughen…
Ivanti zero-day exploited by APT group that previously targeted Connect Secure appliances

Jan 10, 2025 5:18 AM

by

Andy Stern

in SecurityNews

Tags: access, advisory, api, apt, attack, authentication, backdoor, china, credentials, cve, cyberespionage, data, espionage, exploit, flaw, google, group, ivanti, malicious, malware, mandiant, network, remote-code-execution, service, software, threat, tool, vpn, vulnerability, zero-day

Researchers from Google’s Mandiant division believe the critical remote code execution vulnerability patched on Wednesday by software vendor Ivanti has been exploited since mid-December by a Chinese cyberespionage group. This is the same group that has exploited zero-day vulnerabilities in Ivanti Connect Secure appliances back in January 2024 and throughout the year.The latest attacks, exploiting…
8 Cyber Predictions for 2025: A CSO’s Perspective

Jan 10, 2025 1:18 AM

by

Andy Stern

in SecurityNews

Tags: access, ai, attack, authentication, business, ceo, ciso, cloud, compliance, computing, control, credentials, cryptography, cyber, cyberattack, cybercrime, cybersecurity, data, defense, detection, encryption, exploit, extortion, firewall, framework, governance, group, hacker, hacking, healthcare, identity, intelligence, international, law, leak, malicious, mfa, microsoft, network, north-korea, organized, phishing, privacy, ransom, ransomware, regulation, risk, risk-management, service, social-engineering, software, strategy, supply-chain, theft, threat, tool, update, wifi, zero-trust

As we step into 2025, the cyberthreat landscape is once again more dynamic and challenging than the year before. In 2024, we witnessed a remarkable acceleration in cyberattacks of all types, many fueled by advancements in generative AI. For security leaders, the stakes are higher than ever. In this post, I’ll explore cyberthreat projections and…
Ongoing attacks on Ivanti VPNs install a ton of sneaky, well-written malware

Jan 10, 2025 12:20 AM

by

Andy Stern

in SecurityNews

Tags: attack, infection, ivanti, malware, tool, vpn

In-the-wild attacks tamper with built-in security tool to suppress infection warnings. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/01/ivanti-vpn-users-are-getting-hacked-by-actors-exploiting-a-critical-vulnerability/
Smashing Security podcast #399: Honey in hot water, and reset your devices

Jan 9, 2025 9:18 PM

by

Andy Stern

in SecurityNews

Tags: finance, tool

Ever wonder how those “free” browser extensions that promise to save you money actually work? We dive deep into the controversial world of Honey, the coupon-finding tool owned by PayPal, and uncover a scheme that might be leaving you with less savings and your favorite YouTubers with empty pockets. First seen on grahamcluley.com Jump to…
Escape vs Probely (acquired by Snyk)

Jan 9, 2025 8:18 PM

by

Andy Stern

in SecurityNews

Tags: tool

Discover the differences between these tools for Application Discovery and DAST. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/01/escape-vs-probely-acquired-by-snyk/
WatchGuard Strengthens MDR Services With ActZero Acquisition

Jan 9, 2025 7:20 PM

by

Andy Stern

in SecurityNews

Tags: ai, intelligence, microsoft, service, tool

ActZero Purchase Adds Artificial Intelligence, Open Platform and Process Maturity. With its acquisition of ActZero, WatchGuard gains advanced machine learning capabilities and expertise to improve its MDR service. ActZero’s mature processes and open platform enable seamless integration of WatchGuard products as well as third-party tools like Microsoft Defender. First seen on govinfosecurity.com Jump to article:…
Major Vulnerabilities Patched in SonicWall, Palo Alto Expedition, and Aviatrix Controllers

Jan 9, 2025 7:20 PM

by

Andy Stern

in SecurityNews

Tags: access, exploit, flaw, network, software, tool, vulnerability

Palo Alto Networks has released software patches to address several security flaws in its Expedition migration tool, including a high-severity bug that an authenticated attacker could exploit to access sensitive data.”Multiple vulnerabilities in the Palo Alto Networks Expedition migration tool enable an attacker to read Expedition database contents and arbitrary files, as well as create…
Product Walkthrough: How Reco Discovers Shadow AI in SaaS

Jan 9, 2025 7:20 PM

by

Andy Stern

in SecurityNews

Tags: ai, chatgpt, saas, tool, unauthorized

As SaaS providers race to integrate AI into their product offerings to stay competitive and relevant, a new challenge has emerged in the world of AI: shadow AI. Shadow AI refers to the unauthorized use of AI tools and copilots at organizations. For example, a developer using ChatGPT to assist with writing code, a salesperson…
Criminal IP: Bringing Real-Time Phishing Detection to Microsoft Outlook

Jan 9, 2025 5:18 PM

by

Andy Stern

in SecurityNews

Tags: ai, detection, email, malicious, microsoft, phishing, tool

AI SPERA announced today that it launched its Criminal IP Malicious Link Detector add-in on the Microsoft Marketplace. Learn more about how this tool provides real-time phishing email detection and URL blocking for Microsoft Outlook. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/criminal-ip-bringing-real-time-phishing-detection-to-microsoft-outlook/
Criminal IP Launches Real-Time Phishing Detection Tool on Microsoft Marketplace

Jan 9, 2025 4:18 PM

by

Andy Stern

in SecurityNews

Tags: detection, marketplace, microsoft, phishing, tool

Torrance, United States / California, 9th January 2025, CyberNewsWire First seen on hackread.com Jump to article: hackread.com/criminal-ip-launches-real-time-phishing-detection-tool-on-microsoft-marketplace/
China-linked hackers target Japan’s national security and high-tech industries

Jan 9, 2025 2:20 PM

by

Andy Stern

in SecurityNews

Tags: advisory, ai, attack, automation, breach, business, china, ciso, communications, corporate, cyber, cyberattack, cybersecurity, data, data-breach, defense, detection, endpoint, espionage, exploit, finance, government, group, hacker, healthcare, incident response, infrastructure, intelligence, malicious, malware, microsoft, network, organized, penetration-testing, phishing, powershell, risk, risk-management, social-engineering, spear-phishing, strategy, supply-chain, tactics, technology, threat, tool, training, vulnerability, windows, zero-day

Japan’s National Police Agency (NPA) and the National Center of Incident Readiness and Strategy for Cybersecurity (NISC) have exposed a long-running cyber espionage campaign, “MirrorFace” (also known as Earth Kasha), allegedly linked to China.The campaign, operational since 2019, has targeted Japanese organizations, businesses, and individuals, primarily to exfiltrate sensitive data related to national security and…
APT32 Hacker Group Attacking Cybersecurity Professionals Poisoning GitHub

Jan 9, 2025 2:20 PM

by

Andy Stern

in SecurityNews

Tags: apt, attack, breach, cyber, cybersecurity, data, github, group, hacker, identity, malicious, privacy, tool

The malicious Southeast Asian APT group known as OceanLotus (APT32) has been implicated in a sophisticated attack that compromises the privacy of cybersecurity professionals. A recent investigation by the ThreatBook Research and Response Team revealed that a popular privilege escalation tool utilized by cybersecurity experts had been backdoored, leading to significant data breaches and identity…
Product Review: How Reco Discovers Shadow AI in SaaS

Jan 9, 2025 2:20 PM

by

Andy Stern

in SecurityNews

Tags: ai, chatgpt, saas, tool, unauthorized

As SaaS providers race to integrate AI into their product offerings to stay competitive and relevant, a new challenge has emerged in the world of AI: shadow AI. Shadow AI refers to the unauthorized use of AI tools and copilots at organizations. For example, a developer using ChatGPT to assist with writing code, a salesperson…
Palo Alto Networks Patches High-Severity Vulnerability in Retired Migration Tool

Jan 9, 2025 1:18 PM

by

Andy Stern

in SecurityNews

Tags: network, tool, vulnerability

Palo Alto Networks has released patches for multiple vulnerabilities in the Expedition migration tool, which was retired on December 31, 2024. The post Palo Alto Networks Patches High-Severity Vulnerability in Retired Migration Tool appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/palo-alto-networks-patches-high-severity-vulnerability-in-retired-migration-tool/
Top 10 Data Loss Prevention (DLP) Tools for 2025

Jan 9, 2025 11:18 AM

by

Andy Stern

in SecurityNews

Tags: access, breach, business, cyber, data, finance, threat, tool, unauthorized

DLP tools protect sensitive information from unauthorized access, sharing, or accidental loss. With the rise in data breaches and cyber threats, companies must safeguard their intellectual property, personally identifiable information (PII), and financial data. Are Data Loss Prevention Tools Required? While not every business is legally required to implement DLP tools, the growing prevalence of……
Palo Alto Networks Expedition Tool Vulnerability Let Attackers Access Cleartext Passwords

Jan 9, 2025 9:18 AM

by

Andy Stern

in SecurityNews

Tags: access, cyber, data, network, password, risk, tool, unauthorized, vulnerability

A series of serious vulnerabilities have been identified in Palo Alto Networks’ Expedition migration tool, which could allow attackers to gain unauthorized access to sensitive data, including cleartext passwords and device configurations. The vulnerabilities, detailed in multiple Common Vulnerabilities and Exposures (CVE) reports, highlight significant risks for organizations using this tool for transitioning to Palo…
SOAR buyer’s guide: 11 security orchestration, automation, and response products, and how to choose

Jan 9, 2025 8:19 AM

by

Andy Stern

in SecurityNews

Tags: access, ai, api, attack, automation, business, chatgpt, cisco, cloud, compliance, container, cybersecurity, data, detection, edr, endpoint, firewall, fortinet, gartner, google, group, guide, Hardware, ibm, incident response, infrastructure, intelligence, jobs, LLM, malware, mandiant, marketplace, microsoft, mitigation, monitoring, network, okta, risk, saas, security-incident, service, siem, soar, soc, software, technology, threat, tool, training, vulnerability, vulnerability-management, zero-day

Security orchestration, automation, and response (SOAR) has undergone a major transformation in the past few years. Features in each of the words in its description that were once exclusive to SOAR have bled into other tools. For example, responses can be found now in endpoint detection and response (EDR) tools. Orchestration is now a joint…
Wireshark 4.4.3 Released: What’s New!

Jan 9, 2025 7:18 AM

by

Andy Stern

in SecurityNews

Tags: cyber, network, tool, update

The Wireshark development team announced the release of Wireshark version 4.4.3, a critical update that brings several bug fixes and enhancements to this widely used network protocol analyzer. Renowned for its ability to troubleshoot, analyze, and educate users about network protocols, Wireshark continues to evolve, making it an indispensable tool for network professionals. Key Bug…
Lerntrends für 2025 GenAIKompetenz meistgefragte Fähigkeit

Jan 9, 2025 6:20 AM

by

Andy Stern

in SecurityNews

Tags: ai, germany, tool

Doppelt so hohes GenAI-Interesse in Deutschland wie im Vorjahr (gemessen an Top-10-Kursen). Vier Cybersicherheitskurse unter den zehn weltweit am schnellsten wachsenden Skills. Weiterbildende investieren massiv in GenAI. Doch welche Schwerpunkte setzen Beschäftigte, Jobsuchende und Studierende dabei? Was sind die aktuell gefragtesten Kurse und Fähigkeiten in Deutschland und weltweit? Das analysiert der jährliche »Job Skills… First…
Sara: Open-source RouterOS security inspector

Jan 9, 2025 6:20 AM

by

Andy Stern

in SecurityNews

Tags: open-source, tool, vulnerability

Sara is an open-source tool designed to analyze RouterOS configurations and identify security vulnerabilities on MikroTik hardware. Sara’s main feature is using regular … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/01/09/sara-open-source-routeros-security-inspector/
Ivanti warns critical RCE flaw in Connect Secure exploited as zero-day

Jan 9, 2025 5:18 AM

by

Andy Stern

in SecurityNews

Tags: advisory, apt, attack, authentication, cve, cvss, cybersecurity, data-breach, exploit, flaw, google, government, group, intelligence, Internet, ivanti, law, mandiant, microsoft, network, rce, remote-code-execution, risk, software, threat, tool, vpn, vulnerability, zero-day

IT software provider Ivanti released patches Wednesday for its Connect Secure SSL VPN appliances to address two memory corruption vulnerabilities, one of which has already been exploited in the wild as a zero-day to compromise devices.The exploited vulnerability, tracked as CVE-2025-0282, is a stack-based buffer overflow rated as critical with a CVSS score of 9.0.…
CVE-2025-0282: Ivanti Connect Secure Zero-Day Vulnerability Exploited In The Wild

Jan 8, 2025 11:18 PM

by

Andy Stern

in SecurityNews

Tags: access, advisory, attack, authentication, cve, exploit, flaw, group, injection, ivanti, malware, ransomware, remote-code-execution, threat, tool, update, vulnerability, zero-day, zero-trust

Ivanti disclosed two vulnerabilities in its Connect Secure, Policy Secure and Neurons for ZTA gateway devices, including one flaw that was exploited in the wild as a zero-day. Background On January 8, Ivanti published a security advisory for two vulnerabilities affecting multiple products including Ivanti Connect Secure, Ivanti Policy Secure and Ivanti Neurons for Zero…
Meet the WAF Squad – Impart Security

Jan 8, 2025 4:18 PM

by

Andy Stern

in SecurityNews

Tags: ai, api, application-security, attack, business, cloud, data, detection, endpoint, jobs, monitoring, risk, saas, soc, software, strategy, tactics, threat, tool, waf, zero-day

Introduction Web applications and APIs are critical parts of your attack surface, but managing WAFs has never been easy. False positives, rule tuning, risks of production outages, and log analysis – all of this work has made WAF historically difficult to operationalize. Well, that time is over. Meet Impart’s WAF Squad – a five-member squad…
New PayPal Phishing Scam Exploits MS365 Tools and Genuine-Looking Emails

Jan 8, 2025 3:18 PM

by

Andy Stern

in SecurityNews

Tags: attack, email, exploit, finance, fortinet, phishing, scam, tool

Fortinet uncovers a new PayPal phishing scam exploiting legitimate platform features. Learn how this sophisticated attack works and how to protect yourself from falling victim. First seen on hackread.com Jump to article: hackread.com/paypal-phishing-scam-exploits-ms365-genuine-emails/
Sophos stellt Sprachmodell-Tool zur Verfügung – Tuning-Tool für LLMs als Open-Source-Programm

Jan 8, 2025 2:18 PM

by

Andy Stern

in SecurityNews

Tags: LLM, open-source, sophos, tool

First seen on security-insider.de Jump to article: www.security-insider.de/sophosai-open-source-tool-large-language-models-a-7f503f54ce6f32d4c318a41e873e2a54/