Thursday, January 9, 2025

The Register-Security.

"DEF CON's hacker-in-chief faces fortune in medical bills after paralyzing neck injury."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 09 January 2025, 1422 UTC.

Content and Source:  Email subscription via https://feedly.com.

 https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Fwww.theregister.co.uk%2Fsecurity%2Fheadlines.atom

Please check link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

The Register – Security

92K followers18 articles per week#security#tech
19

Most popular

Security pros baited with fake Windows LDAP exploit traps

9 TTPs
by Connor Jones / 59min
Tricky attackers trying yet again to deceive the good guys on home territory Security researchers are once again being lured into traps by attackers, this time with fake exploits of serious Microsoft security flaws.…

Akamai to quit its CDN in China, seemingly not due to trouble from Beijing

Akamai ends CDN services in China
26by Simon Sharwood / 1d
Security and cloud compute have so much more upside than the boring business of shifting bits Akamai has decided to end its content delivery network services in China, but not because it’s finding it hard to do business in the Middle Kingdom.…

Yesterday

Japanese police claim China ran five-year cyberattack campaign targeting local orgs

6 TTPs
by Simon Sharwood / 10h
‘MirrorFace’ group found ways to run malware in the Windows sandbox, which may be worrying Japan’s National Police Agency and Center of Incident Readiness and Strategy for Cybersecurity have confirmed third party reports of attacks on local orgs by publishing details of a years-long series of attacks attributed to a China-backed source.…

Database tables of student, teacher info stolen from PowerSchool in cyberattack

4 TTPs
by Iain Thomson / 13h
PowerSchool data breach affects schools
Class act: Cloud biz only serves 60M-plus folks globally, no biggie A leading education software maker has admitted its IT environment was compromised in a cyberattack, with students and teachers' personal data – including some Social Security Numbers and medical info – stolen.…

Mitel 0-day, 5-year-old Oracle RCE bug under active exploit

4 TTPs
by Jessica Lyons / 17h
3 CVEs added to CISA's catalog Cybercriminals are actively exploiting two vulnerabilities in Mitel MiCollab, including a zero-day flaw – and a critical remote code execution vulnerability in Oracle WebLogic Server that has been abused for at least five years.…

UN's aviation agency confirms attack on recruitment database

ICAO data leak raises security concerns
by Connor Jones / 1d
Various data points compromised but no risk to flight security The International Civil Aviation Organization (ICAO), the United Nations' aviation agency, has confirmed to The Register that a cyber crim did indeed steal 42,000 records from its recruitment database.…

Crims backdoored the backdoors they supplied to other miscreants. Then the domains lapsed

6 TTPs
by Jessica Lyons / 1d
Here's what $20 gets you these days More than 4,000 unique backdoors are using expired domains and/or abandoned infrastructure, and many of these expose government and academia-owned hosts – thus setting these hosts up for hijacking by criminals who likely have less altruistic intentions than the security researchers who uncovered the very same backdoors.…

Jan 7, 2025

FCC boss urges speedy spectrum auction to fund 'Rip'n'Replace' of Chinese kit

FCC plans auction to fund Rip and Replace
by Jessica Lyons / 1d
Telcos would effectively fund grants paid to protect national security The outgoing boss of the FCC, Jessica Rosenworcel, has called on her colleagues to "quickly" adopt rules allowing the US regulator to stage a radio spectrum auction, the proceeds of which would fund the removal from American networks of equipment made by Chinese vendors Huawei and ZTE.…

Turbulence at UN aviation agency as probe into potential data theft begins

2 TTPs
by Connor Jones / 1d
ICAO data leak raises security concerns
Crime forum-dweller claims to have leaked 42,000 documents packed with personal info The United Nations' aviation agency is investigating "a potential information security incident" after a cybercriminal claimed they had laid hands on 42,000 of the branch's documents.…

Jan 6, 2025

US adds web and gaming giant Tencent to list of Chinese military companies

Tencent added to US blacklist
by Simon Sharwood / 2d
This could be the start of a saga to rival TikTok’s troubles, and embroil Tesla and Microsoft The US Department of Defense has added Chinese messaging, media, and gaming giant Tencent to its list of “Chinese military companies”, a designation that won’t necessarily result in a ban but is nonetheless unpleasant.…

Charter, Consolidated, Windstream reportedly join China's Salt Typhoon victim list

3 TTPs
by Jessica Lyons / 2d
Chinese hackers breach US telecoms
Slow drip of compromised telecom networks continues The list of telecommunications victims in the Salt Typhoon cyberattack continues to grow as a new report names Charter Communications, Consolidated Communications, and Windstream among those breached by Chinese government snoops.…

FireScam infostealer poses as Telegram Premium app to surveil Android devices

FireScam Android malware steals data
by Jessica Lyons / 2d
Once installed, it helps itself to your data like it's a free buffet Android malware dubbed FireScam tricks people into thinking they are downloading a Telegram Premium application that stealthily monitors victims' notifications, text messages, and app activity, while stealing sensitive information via Firebase services.…

MediaTek rings in the new year with a parade of chipset vulns

5 TTPs
by Connor Jones / 2d
Manufacturers should have had ample time to apply the fixes MediaTek kicked off the first full working week of the new year by disclosing a bevy of security vulnerabilities, including a critical remote code execution bug affecting 51 chipsets.…

Jan 5, 2025

After China's Salt Typhoon, the reconstruction starts now

21by Rupert Goodwins / 3d
If 40 years of faulty building gets blown down, don’t rebuild with the rubble Opinion When a typhoon devastates a land, it takes a while to understand the scale of the destruction. Disaster relief kicks in, communications rebuilt, and news flows out. Salt Typhoon is no different.…

Telemetry data from 800K VW Group EVs exposed online

7 TTPs
by Brandon Vigliarolo / 3d
PLUS: DoJ bans data sale to enemy nations; Do Kwon extradited to US; Tenable CEO passes away; and more Infosec in Brief Welcome to 2025: hopefully you enjoyed a pleasant holiday season and returned to the security operations center without incident - unlike Volkswagen, which last week admitted it exposed data describing journeys made by some of its electric vehicles, plus info about the vehicle’s

End of feed

at No comments:
Labels:

Wednesday, January 8, 2025

Cyber War Newswire.

"7 lessons from a year of unprecedented cyber attacks."

Views expressed in this cybersecurity, cyber espionage, and cyber crime update are those of the reporters and correspondents.  Accessed on 08 January 2025, 2151 UTC.

Content and Source:  https://cyberwar.einnews.com.

Please check link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

 

EIN Newsdesk 
 

Cyber War Newswire

Daily update · January 8, 2025
 
 

News

 
 
Forbes

From the boardroom to the battlefield, the past 12 months will go down as a year that society came ... [+] under attack from an unprecedented wave of digital threats.Adobe Stock From the boardroom to the battlefield, the past 12 months will go down as a …

 
 
Yeni Safak

Russia has a special cyber-unit targeting Poland, said the country's digital affairs minister, as reported by local media on Tuesday. No EU state faces more online Russian attacks than Poland, as showed by over 80,000 cyber-attacks from January to …

 
 
CTech

“Many writers, commentators, VCs, and founders have rightly talked about the resilience the Israeli ecosystem has showcased over this past year,” said Daniel Benjamin, Partner at Redseed. “However, as we start to see signs of hostilities calming and …

 
 
The Indian Express

On January 3, the Union government notified the draft Digital Personal Data Protection Rules, 2025 (DPDPR) and sought public comments by February 18. The Rules provide for the necessary details and implementation framework of the Digital Personal Data …

 
 
The Guardian

China’s military launched a record number of warplane incursions around Taiwan in 2024 as it builds its ability to launch full-scale invasion, something a former chief of Taiwan’s armed forces said Beijing could be capable of within a decade. Analysts said …

 
 
Security Boulevard

Imagine waking up one morning to find your city's power grid has failed, hospitals can't access patient records, and banking systems are frozen. This isn't science fiction – it's a reality that countries worldwide now face due to modern …

 
 
China Daily Global

JIN DING/CHINA DAILY Each year carries its own significance, but 2025 stands out as especially momentous from a global perspective. It will mark the 80th anniversary of two pivotal events in modern history: the end of World War II and the establishment …

 
 
Geographical

The deadliest pandemic in the world – the Black Death – killed at least a third of Europe’s population at the time. Image: Shutterstock By Victoria Heath Back in 2020, the unprecedented COVID-19 pandemic wreaked havoc on the world. Entire countries were …

 
 
Hackread

Ramat Gan, Israel, January 7th, 2025, CyberNewsWire CyTwist, a leader in advanced next-generation threat detection solutions, has launched its patented detection engine to combat the insidious rise of AI-generated malware. The cybersecurity landscape is …

 
 
Tech News World

When it comes to cybersecurity in 2025, artificial intelligence is top of mind for many analysts and professionals. Artificial intelligence will be deployed by both adversaries and defenders, but attackers will benefit more from it, maintained Willy …

 
 See more results | Edit this alert
at No comments:
Labels:
Subscribe to: Posts (Atom)

The Hacker News.

"THN Weekly Recap:  Top cybersecurity threats, tools and tips." Views expressed in this cybersecurity, cyber crime update are thos...

  • The Cyberwire Daily Briefing
    "Fortinet confirms breach of customer data." Views expressed in this cybersecurity, cyber crime update are those of the reporters ...
  • Cyber War News Today.
    "International Defence Cooperation:  A key to regional stability." Views expressed in this cybersecurity, cyber espionage, and cyb...
  • SecurityWeek Briefing
    "New RAMBO attack allows air-gapped data theft." Views expressed in this cybersecurity, cyber crime update are those of the report...