"Dogged by Trump, Chris Krebs resigns from SentinelOne."

 Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 20 April 2025, 1522 UTC.

Content and Source:  Email subscription via https://feedly.com.

https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Fwww.darkreading.com%2Frss%2Fall.xml

Please check link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Dark Reading

167K followers37 articles per week

#security#tech

70

Most popular

Dogged by Trump, Chris Krebs Resigns From SentinelOne

23by Nate Nelson, Contributing Writer / 2d

The president revoked the former CISA director's security clearance, half a decade after Krebs challenged right-wing election disinformation, prompting his eventual resignation.

Chinese APT Mustang Panda Debuts 4 New Attack Tools

14 TTPs

•

by Nate Nelson, Contributing Writer / 1d

The notorious nation-state-backed threat actor has added two new keyloggers, a lateral movement tool, and an endpoint detection and response (EDR) evasion driver to its arsenal.

Multiple Groups Exploit NTLM Flaw in Microsoft Windows

8 TTPs

•

by Jai Vijayan, Contributing Writer / 3d

The attacks have been going on since shortly after Microsoft patched the vulnerability in March.

Apr 18, 2025

Could Ransomware Survive Without Cryptocurrency?

by Arielle Waldman / 1d

Threat actors would be at least temporarily derailed, experts say. But the real issue ladders back to organizations’ weak cyber hygiene.

AWWA Supports Introduction of Collaborative Cybersecurity Legislation

1d

[no content]

Organizations Fix Less Than Half of All Exploitable Vulnerabilities, With Just 21% of GenAI App Flaws Resolved

Organizations neglect vulnerability patching

•

1d

[no content]

Attackers and Defenders Lean on AI in Identity Fraud Battle

by Robert Lemos, Contributing Writer / 1d

Identity verification, insurance claims, and financial services are all seeing surges in AI-enabled fraud, but organizations are taking advantage of AI systems to fight fire with fire.

CISA Weighs In on Alleged Oracle Cloud Breach

2 TTPs

•

by Kristina Beek, Associate Editor, Dark Reading / 2d

The agency is recommending that organizations and individuals implement its recommendations to prevent the misuse of stolen data, though Oracle has yet to publicly do the same for its customers.

Apple Zero-Days Under 'Sophisticated Attack,' but Details Lacking

2 TTPs

•

by Rob Wright / 2d

The technology giant said two zero-day vulnerabilities were used in attacks on iOS devices against "specific targeted individuals," which suggests spyware or nation-state threat activity.

If Boards Don't Fix OT Security, Regulators Will

by Warren O’Driscoll / 2d

Around the world, governments are setting higher-bar regulations with clear corporate accountability for breaches on the belief organizations won't drive up security maturity for operational technology unless they're made to.

PromptArmor Launches to Help Assess, Monitor Third-Party AI Risks

by Arielle Waldman / 2d

The AI security startup has already made waves with critical vulnerability discoveries and seeks to address emerging AI concerns with its PromptArmor platform.

Apr 17, 2025

Android Phones Pre-Downloaded With Malware Target User Crypto Wallets

Malware on cheap Android steals crypto

•

by Kristina Beek, Associate Editor, Dark Reading / 2d

The threat actors lace pre-downloaded applications with malware to steal cryptocurrency by covertly swapping users' wallet addresses with their own.

CVE Program Cuts Send the Cyber Sector Into Panic Mode

by Becky Bracken, Senior Editor, Dark Reading / 2d

After threatening to slash support for the CVE program, CISA threw MITRE a lifeline at the last minute — extending its government contract for another 11 months. After that, it looks like it's up to the private sector to find the cash to keep it going.

Cybersecurity by Design: When Humans Meet Technology

by Matthew Warner / 3d

If security tools are challenging to use, people will look for workarounds to get around the restrictions.

NIST Updates Privacy Framework With AI and Governance Revisions

NIST updates Privacy Framework guidelines

•

by Arielle Waldman / 3d

Changes aim to tighten integration with the National Institute of Standards and Technology's Cybersecurity Framework and help organizations develop a stronger posture to handle privacy risks.

Apr 16, 2025

Middle East, North Africa Security Spending to Top $3B

by Nate Nelson, Contributing Writer / 3d

Gartner projects IT security spending in the MENA region will continue to increase in 2025, with security services accounting for the most growth.

GPS Spoofing Attacks Spike in Middle East, Southeast Asia

IAF aircraft face GPS spoofing

•

by Robert Lemos, Contributing Writer / 3d

An Indian disaster-relief flight delivering aid is the latest air-traffic incident, as attacks increase in the Middle East and Myanmar and along the India-Pakistan border.

China-Linked Hackers Lay Brickstorm Backdoors on Euro Networks

14 TTPs

•

by Rob Wright, Senior News Director, Dark Reading / 3d

•

BRICKSTORM malware targets European industries

Researchers discovered new variants of the malware, which is tied to a China-nexus threat group, targeting Windows environments of critical infrastructure networks in Europe.

Ransomware gang 'CrazyHunter' Targets Critical Taiwanese Orgs

5 TTPs

•

by Alexander Culafi, Senior News Writer, Dark Reading / 3d

•

CrazyHunter targets Taiwan's critical sectors

Trend Micro researchers detailed an emerging ransomware campaign by a new group known as "CrazyHunter" that is targeting critical sectors in Taiwan.

Patch Now: NVDIA Flaws Expose AI Models, Critical Infrastructure

4 TTPs

•

by Elizabeth Montalbano, Contributing Writer / 3d

A fix for a critical flaw in a tool allowing organizations to run GPU-accelerated containers released last year did not fully mitigate the issue, spurring the need to patch a secondary flaw to protect organizations that rely on NVIDIA processors for AI workloads.

Cloud, Cryptography Flaws in Mobile Apps Leak Enterprise Data

Mobile apps expose sensitive data

•

by Elizabeth Montalbano, Contributing Writer / 3d

Cloud misconfigurations and cryptography flaws plague some of the top apps used in work environments, exposing organizations to risk and intrusion.

Active Directory Recovery Can't Be an Afterthought

by Dan Conrad / 4d

Active Directory is one of the most vulnerable access points in an organization's IT environment. Companies cannot wait for a real attack to pressure-test their AD recovery strategy.

Accounting Firms Can't Skimp on Cybersecurity

4d

Cybercriminals capitalize on tax preparation stress, technology sprawl, and lax communications. Accounting teams can't afford to treat cybersecurity as an afterthought.

Apr 15, 2025

Max Severity Bug in Apache Roller Enabled Persistent Access

7 TTPs

•

by Jai Vijayan, Contributing Writer / 4d

•

CVE-2025-24859

The remediated flaw gave adversaries a way to maintain access to the app through password resets.

AI-Powered Presentation Tool Leveraged in Phishing Attacks

8 TTPs

•

by Alexander Culafi, Senior News Writer, Dark Reading / 4d

Researchers at Abnormal Security said threat actors are using a legitimate presentation and graphic design tool named "Gamma" in phishing attacks.

With AI's Help, Bad Bots Are Taking Over the Web

AI bots dominate internet traffic

•

by Kristina Beek, Associate Editor, Dark Reading / 4d

Bad bots are becoming increasingly difficult to detect as they more easily mimic human behaviors and utilize evasion techniques, researchers say.

Hertz Falls Victim to Cleo Zero-Day Attacks

Hertz data breach exposes personal information

•

by Kristina Beek, Associate Editor, Dark Reading / 4d

Customer data such as birth dates, credit card numbers, and driver's license information were stolen when threat actors exploited zero-day vulnerabilities in Cleo-managed file-transfer products.

Wave of Wine-Inspired Phishing Attacks Targets EU Diplomats

18 TTPs

•

by Elizabeth Montalbano, Contributing Writer / 4d

•

APT29 targets European diplomats phishing

Russia-backed APT29's latest campaign once again uses malicious invites to wine-tasting events as its lure, but this time targets a different set of vintages — errr, victims — and delivers a novel backdoor, GrapeLoader.

China-Backed Threat Actor 'UNC5174' Using Open Source Tools in Stealthy Attacks

6 TTPs

•

by Alexander Culafi, Senior News Writer, Dark Reading / 5d

•

Chinese hackers target Linux systems

Sysdig researchers detailed an ongoing campaign from China-backed threat actor UNC5174, which is using open source hacking tools to stay under the radar.

Are We Prioritizing the Wrong Security Metrics?

by Swati Babbar / 5d

True security isn't about meeting deadlines — it's about mitigating risk in a way that aligns with business objectives while protecting against real-world threats.

Apr 14, 2025

AI Code Tools Widely Hallucinate Packages

2 TTPs

•

by Jai Vijayan, Contributing Writer / 5d

•

UTSA studies AI risks in coding

The hallucination problem is not just pervasive, it is persistent as well, according to new research.

Threat Intel Firm Offers Crypto in Exchange for Dark Web Accounts

Prodaft buys dark web accounts

•

by Kristina Beek, Associate Editor, Dark Reading / 5d

Prodaft is currently buying accounts from five Dark Web forums and offers to pay extra for administrator or moderator accounts. The idea is to infiltrate forums to boost its threat intelligence.

Fortinet Zero-Day Bug May Lead to Arbitrary Code Execution

Execution (Enterprise TA0002)

•

20by Kristina Beek, Associate Editor, Dark Reading / 5d

A threat actor posted about the zero-day exploit on the same day that Fortinet published a warning about known vulnerabilities under active exploitation.

Chinese APTs Exploit EDR 'Visibility Gap' for Cyber Espionage

by Becky Bracken, Senior Editor, Dark Reading / 5d

Blind spots in network visibility, including in firewalls, IoT devices, and the cloud, are being exploited by Chinese state-backed threat actors with increasing success, according to new threat intelligence. Here's how experts say you can get eyes on it all.

A New 'It RAT': Stealthy 'Resolver' Malware Burrows In

13 TTPs

•

by Nate Nelson, Contributing Writer / 5d

A new infostealer on the market is making big waves globally, replacing Lumma et al. in attacks and employing so many stealth, persistence, and anti-analysis tricks that it's downright difficult to count them all.

7 RSAC 2025 Cloud Security Sessions You Don't Want to Miss

by Snir Ben Shimol / 6d

Some of the brightest minds in the industry will discuss how to strengthen cloud security.

How DigitalOcean Moved Away From Manual Identity Management

by Mercedes Cardona / 6d

DigitalOcean executives describe how they automated and streamlined many of the identity and access management