"Social Engineering just got smarter."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 03 April 2025, 1456 UTC.

Content and Source:  Email subscription via https://feedly.com.

 https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Fwww.darkreading.com%2Frss%2Fall.xml

Please check link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Dark Reading

166K followers40 articles per week

#security#tech

29

Today

Social Engineering Just Got Smarter

by Steve Stasiukonis / 44min

Polices that forbid employees from divulging company details are worthless if the same information can be obtained from sources employees have no control over.

Google Quick Share Bug Bypasses Allow Zero-Click File Transfer

5 TTPs

•

by Tara Seals, Managing Editor, News, Dark Reading / 1h

Google addresses patch bypasses for CVE-2024-38272 and CVE-2024-38271, part of the previously announced "QuickShell" silent RCE attack chain against Windows users.

SolarWinds Adds Incident Management Tool From Squadcast

SolarWinds enhances IT operational resilience

•

by Jeffrey Schwartz / 2h

The IT service management and observability tools company acquired Squadcast last month and is adding the automated incident response platform to the SolarWinds portfolio.

New PCI DSS Rules Say Merchants on Hook for Compliance, Not Providers

by Arielle Waldman / 2h

Merchants and retailers will now face penalties for not being compliant with PCI DSS 4.0.1, and the increased security standards make it clear they cannot transfer compliance responsibility to third-party service providers.

Yesterday

Israel Enters 'Stage 3' of Cyber Wars With Iran Proxies

by Nate Nelson, Contributing Writer / 8h

While Israel and Iranian proxies fight it out IRL, their conflict in cyberspace has developed in parallel. These days attacks have decelerated, but advanced in sophistication.

DPRK 'IT Workers' Pivot to Europe for Employment Scams

Exfiltration (Enterprise TA0010)

•

by Kristina Beek, Associate Editor, Dark Reading / 16h

•

North Korean IT workers expand operations

By using fake references and building connections with recruiters, some North Korean nationals are landing six-figure jobs that replenish DPRK coffers.

In Salt Typhoon's Wake, Congress Mulls Potential Options

Hearing on Salt Typhoon cyber attacks

•

by Alexander Culafi, Senior News Writer, Dark Reading / 17h

While the House Committee on Government Reform was looking for retaliatory options, cybersecurity experts pointed them toward building better defenses.

How an Interdiction Mindset Can Help Win War on Cyberattacks

by Mike McNerney / 1d

The US military and law enforcement learned to outthink insurgents. It's time for cybersecurity to learn to outsmart and outmaneuver threat actors with the same framework.

Gootloader Malware Resurfaces in Google Ads for Legal Docs

IoC > 2 domains and 1 email address

•

by Elizabeth Montalbano, Contributing Writer / 1d

•

14 TTPs

•

Gootloader malware targets legal document searches

Attackers target a familiar industry, law professionals, by hiding the infostealer in ads delivered via Google-based malvertising.

Visibility, Monitoring Key to Enterprise Endpoint Strategy

by George V. Hulme, Contributing Writer / 1d

A successful enterprise security defense requires a successful endpoint security effort. With options ranging from EDR, SIEM, SOAR, and more, how do security teams cut through the clutter and focus on what matters?

Apr 1, 2025

Malaysian Airport's Cyber Disruption a Warning for Asia

3 TTPs

•

by Robert Lemos, Contributing Writer / 1d

•

Anwar rejects airport cyberattack ransom

Transportation facilities and networks slowly adapt to changes and threats, leaving them vulnerable to agile cyberattackers, as demonstrated by the $10 million ransomware attack.

Google Brings End-to-End Encryption to Gmail

Gmail introduces end-to-end encryption

•

by Jeffrey Schwartz / 1d

The new Google Workspace features will make it easier for enterprise customers to implement end-to-end encryption within Gmail.

Surge in Scans on PAN GlobalProtect VPNs Hints at Attacks

24,000 IPs target Palo Alto GlobalProtect

•

by Jai Vijayan, Contributing Writer / 1d

Over the past few weeks, bad actors from different regions have been scanning devices with the VPN for potential vulnerabilities.

As CISA Downsizes, Where Can Enterprises Get Support?

by Alexander Culafi, Senior News Writer, Dark Reading / 1d

In this roundtable, cybersecurity experts — including two former CISA executives — weigh in on alternate sources for threat intel, incident response, and other essential cybersecurity services.

Japan Bolsters Cybersecurity Safeguards With Cyber Defense Bill

by Kristina Beek, Associate Editor, Dark Reading / 1d

The bill will allow Japan to implement safeguards and strategies that have been in use by other countries for some time.

Check Point Disputes Hacker's Breach Claims

Check Point breach claims disputed

•

by Kristina Beek, Associate Editor, Dark Reading / 1d

The security vendor counters that none of the information came directly from its systems but rather was acquired over a period of time by targeting individuals.

FDA's Critical Role in Keeping Medical Devices Secure

by Morey J. Haber / 2d

The FDA's regulations and guidance aim to strike a balance between ensuring rigorous oversight and enabling manufacturers to act swiftly when vulnerabilities are discovered.

Google 'ImageRunner' Bug Enabled Privilege Escalation

3 TTPs

•

by Alexander Culafi, Senior News Writer, Dark Reading / 2d

Tenable released details of a Google Cloud Run flaw that prior to remediation allowed a threat actor to escalate privileges.

Lazarus APT Jumps on ClickFix Bandwagon in Recent Attacks

10 TTPs

•

by Elizabeth Montalbano, Contributing Writer / 2d

•

Lazarus Group targets crypto job seekers

A continuation of the North Korean nation-state threat's campaign against employment seekers uses the social engineering attack to target CeFi organizations with the GolangGhost backdoor.

Top 10 Most-Used RDP Passwords Are Not Complex Enough

5 TTPs

•

by Arielle Waldman / 2d

New research from Specops Software shows attackers successfully attack and gain access to RDP with the most basic passwords.

Trend Micro Open Sources AI Tool Cybertron

by Arielle Waldman / 2d

The cybersecurity artificial intelligence (AI) model and agent will help organizations improve threat detection and incident response.

Mar 31, 2025

Oracle Cloud Users Urged to Take Action

3 TTPs

•

29by Jai Vijayan, Contributing Writer / 2d

Although Oracle has denied its cloud infrastructure services were breached, security experts recommend Oracle customers independently verify if they were affected and take measures to reduce exposure to potential fallout.

CoffeeLoader Malware Is Stacked With Vicious Evasion Tricks

9 TTPs

•

by Becky Bracken, Senior Editor, Dark Reading / 2d

•

CoffeeLoader malware evades detection

Next-level malware represents a new era of malicious code developed specifically to get around modern security software like digital forensics tools and EDR, new research warns.

DoJ Seizes Over $8M From Sprawling Pig Butchering Scheme

DOJ seizes 8.2M$ in crypto

•

by Kristina Beek, Associate Editor, Dark Reading / 2d

The department was able to trace the stolen funds to three main cryptocurrency accounts after being routed through a series of other platforms.

CISA Warns of Resurge Malware Connected to Ivanti Vuln

8 TTPs

•

by Kristina Beek, Associate Editor, Dark Reading / 2d

Threat actors are exploiting a vulnerability in Ivanti Connect Secure first disclosed by the vendor in January.

Bridging the Gap Between the CISO & the Board of Directors

by Michael Fanning / 3d

Positioning security leaders as more than risk managers turns them into business enablers, trusted advisers, and, eventually, integral members of the C-suite.

Qakbot Resurfaces in Fresh Wave of ClickFix Attacks

IoC > 2 URLs

•

by Elizabeth Montalbano, Contributing Writer / 3d

•

9 TTPs

•

ClickFix Captcha delivers malware attacks

Attackers post links to fake websites on LinkedIn to ask people to complete malicious CAPTCHA challenges that install malware.

GSA Plans FedRAMP Revamp

by Edge Editors / 3d

The General Services Administration is planning to use automation to speed up the process of determining which cloud services federal agencies are allowed to buy.

End of feed