IT Information Security News and Insights cover

IT Information Security News and Insights

Explore the latest news, insights, and analysis on IT, information security, malware threats, and security incidents from reputable sources.
Posts

Emerging malware targets developers; ransomware actors offer bribes for company secrets; espionage operation identified in South Asia

  • Emerging malware and threats: Recent reports highlight new malware families targeting developers, zero-day exploits, and significant vulnerabilities in VMware products, emphasizing the need for enterprise cybersecurity teams to stay vigilant.
  • Cybersecurity insights for 2025: Analysis on the future of cybersecurity discusses trends in malware, the impact of quantum computing on encryption, and the evolving role of Chief Information Security Officers (CISOs).
  • Recent cybersecurity developments: The exploitation of over 700 vulnerabilities in 2024, data breaches affecting personal information, and vulnerabilities in mobile devices are significant concerns for cybersecurity professionals.
  • Ransomware actors' new tactics: A new cybercrime tactic involves ransomware actors offering individuals large sums to betray their employers by revealing private company information.
  • Spike in malicious DNS requests: DNSFilter's Annual Security Report indicates a worrying increase in malicious DNS requests, highlighting a growing threat landscape.
  • Espionage operation in South Asia: A nation-state advanced persistent threat (APT) operation has been identified, targeting high-value government employees and organizations to steal sensitive data.
7 minutes ago
3
avatar1.
social.cyware.com
Breaches and Incidents
avatar2.
darkreading.com
Cyberattacks & Data Breaches recent news
avatar3.
securityweek.com
Malware & Threats Archives

January 2025 Cyber Attacks Report Released; UnitedHealth Suffers Largest Medical Data Breach; $85 Million Stolen in Phemex Cryptocurrency Theft

  • January 2025 Cyber Attacks Report: A report highlights major cyber attacks, data breaches, and ransomware incidents in January 2025, affecting sectors like healthcare and technology, and emphasizes the need for cybersecurity resilience against increasing threats .
  • UnitedHealth Ransomware Attack: The largest medical data breach in U.S. history exposed personal and healthcare data of approximately 190 million individuals, raising concerns about data security in the healthcare sector .
  • DeepSeek Cyber Attack: A significant cyber attack forced DeepSeek to halt new user registrations, indicating vulnerabilities in their security measures .
  • $85 Million Cryptocurrency Theft: A major breach at Phemex Exchange resulted in the theft of $85 million in digital assets, highlighting the risks associated with cryptocurrency exchanges .
  • Zero-Click WhatsApp Spyware Attack: A zero-click spyware attack targeted around 90 journalists and activists globally, utilizing spyware from an Israeli company, which was neutralized in December 2024 .
  • Emerging Cyber Threats for 2025: A newsletter outlines various types of cyberattacks to be aware of in 2025, including malware, phishing, and ransomware, stressing the importance of cybersecurity for all businesses and individuals .
Yesterday, 9:43 AM
4
avatar1.
social.cyware.com
Breaches and Incidents
avatar2.
cm-alliance.com
January 2025: Recent Cyber Attacks, Data Breaches ...
avatar3.
reviewob.com
10 Big Cyberattack Threats to Be Aware of in 2025
avatar4.
linkedin.com
Recent Cyber Attacks, Vulnerabilities, and Data Breaches

DeepSeek Cyber Attack Suspends User Registrations; $85 Million Stolen from Phemex Exchange; Zero-Click Spyware Affects WhatsApp Users

  • DeepSeek Faces Large-Scale Cyber Attack: DeepSeek experienced a significant cyber attack that led to the suspension of new user registrations. This incident highlights the ongoing vulnerabilities in digital platforms and the need for enhanced security measures.
  • $85 Million Cryptocurrency Theft from Phemex Exchange: A major breach at Phemex Exchange resulted in the theft of $85 million in digital assets, underscoring the risks associated with cryptocurrency exchanges.
  • Hackers Take 11 Days to Deploy LockBit Ransomware: A methodical approach was noted in the deployment of LockBit ransomware, indicating a sophisticated level of planning by cybercriminals.
  • New Hellcat Ransomware Gang Employs Humiliation Tactics: The newly emerged HellCat ransomware group is utilizing psychological tactics to pressure victims, marking a shift in ransomware strategies.
  • Zero-Click Spyware Targets WhatsApp Users: A zero-click spyware attack affected nearly 100 WhatsApp users globally, demonstrating the pervasive threat of spyware in personal communications.
  • Intel TDX Vulnerability: A critical flaw in Intel’s TDX technology has been identified, exposing sensitive data and raising concerns about hardware security.
  • Malware Campaign Leveraging 7-Zip: A new malware campaign is targeting Russian-speaking entities by exploiting vulnerabilities in 7-Zip and UltraVNC software.
  • Akira Ransomware Targets VMware ESXi Servers: A new variant of Akira ransomware has been identified, specifically targeting VMware ESXi servers, which could impact numerous organizations relying on this technology.
  • Fake DeepSeek Campaign: A campaign exploiting the popularity of DeepSeek has been delivering Poseidon malware to macOS users, indicating a rise in targeted attacks against specific software.
  • API Supply Chain Flaw: A vulnerability in API supply chains has exposed millions of airline users to potential account takeovers, highlighting the importance of securing API integrations.
  • Espionage Campaign Exploiting IIS and Apache: A cyberespionage campaign has targeted vulnerabilities in public-facing servers, emphasizing the need for robust security measures in web server configurations.
Mon, 9:44 AM
2
avatar1.
linkedin.com
Recent Cyber Attacks, Vulnerabilities, and Data Breaches
avatar2.
infosecurity-magazine.com
Malware News and Articles

Phemex Loses Over $69 Million in Cyberattack; DeepSeek Database Exposes Sensitive Data; Cybercrime Costs Hit $9.22 Trillion

  • Over $69 Million Stolen From Crypto Platform Phemex: A suspected cyberattack led to the theft of over $69 million from the crypto platform Phemex. The CEO announced that they are working on restoring withdrawals and will manually review withdrawal requests during this period .
  • Exposed DeepSeek Database Revealed Chat Prompts and Internal Data: A significant data exposure incident revealed over a million lines of sensitive information, including chat history and API secrets, raising concerns about data security .
  • Cybercrime Financial Damage Reaches USD 9.22 Trillion: The financial impact of global cybercrime has reached USD 9.22 trillion in 2024, with projections to rise to USD 13.82 trillion by 2028, highlighting the increasing severity of cyber threats .
  • Top 10 Malware Q4 2024: The MS-ISAC reported that the downloader SocGholish was the leading malware in Q4 2024, making up 53% of the top malware list, with various infection vectors identified .
  • Solana Pump.fun Tool DogWifTool Compromised: A supply-chain attack compromised the Windows version of DogWifTools, a software for promoting meme coins on the Solana blockchain, resulting in drained user wallets .
Sat, 9:43 AM
3
avatar1.
social.cyware.com
Breaches and Incidents
avatar2.
cisecurity.org
Top 10 Malware Q4 2024
avatar3.
sentinelone.com
Cyber Security Breaches: Examples & Prevention Strategies

Google Play blocks 2.36 million harmful apps; Ransomware attack disrupts blood donation services; Change Healthcare breach affects 190 million customers

  • Google Play takes action against harmful apps: In 2024, Google Play blocked 2.36 million apps violating policies and banned 158,000 harmful developer accounts, highlighting ongoing efforts to enhance security on the platform.
  • Ransomware attack disrupts blood donation services: A ransomware attack in the US significantly impacted blood donation services, showcasing the vulnerabilities in critical infrastructure.
  • New phishing campaign targets mobile devices: A recent phishing campaign has emerged, specifically targeting mobile devices with malicious PDFs, indicating a shift in tactics by cybercriminals.
  • Change Healthcare mega-breach affects millions: A major data breach at Change Healthcare compromised the information of 190 million customers, raising concerns about data security in the healthcare sector.
  • Lynx Ransomware Group revealed: The Lynx Ransomware Group has been identified, featuring a sophisticated affiliate program that poses a significant threat to organizations.
  • Nation-state hackers exploit Gemini AI tool: Reports indicate that nation-state hackers are abusing the Gemini AI tool, reflecting the growing intersection of AI technology and cybersecurity threats.
  • Ransomware victims face operational shutdowns: A staggering 58% of ransomware victims reported being forced to shut down operations, underscoring the severe impact of these attacks on businesses.
Fri, 9:44 AM
1
avatar1.
infosecurity-magazine.com
Malware News and Articles

Data breach at Scholastic affects 4 million users; FBI neutralizes Chinese malware on US systems; Aquabotv3 botnet exploits Mitel vulnerabilities

  • Major cyber security incidents in January 2025: A series of high-profile incidents occurred, including a data breach at Scholastic affecting over 4 million users, the FBI neutralizing Chinese malware on thousands of US systems, and vulnerabilities in macOS and WordPress. These events underscore the critical need for enhanced security measures and regular updates to combat evolving threats.
  • Ongoing threats from the Lazarus Group and ransomware: Researchers have identified the Lazarus Group's command and control servers, indicating persistent cyber threats, alongside a phishing campaign using malicious Amazon PDFs. The Lynx Ransomware Group is also noted for its industrialized approach to cybercrime.
  • Emergence of Aquabotv3 botnet malware: The Aquabotv3 botnet malware has been reported to exploit a command injection vulnerability in Mitel systems, highlighting the ongoing risks associated with malware targeting specific software vulnerabilities.
  • Infection of 'script kiddies' with fake malware builder: A hacker has infected 18,000 individuals, known as 'script kiddies', with a counterfeit malware builder, raising alarms about the spread of fake tools that could lead to increased security incidents.
  • Unpatched vulnerabilities in Zyxel and Mitel devices: Reports indicate an unpatched zero-day vulnerability in Zyxel CPE devices being actively exploited, along with a new variant of the Mirai botnet, named 'Aquabot', targeting flaws in Mitel devices, raising concerns about endpoint security.
Thu, 9:43 AM
3
avatar1.
darkreading.com
Cyberattacks & Data Breaches recent news
avatar2.
bleepingcomputer.com
Latest Malware news
avatar3.
indelibledata.co.uk
Cyber security Highlights: Major Incidents in January 2025

ENGlobal data breach exposes sensitive information; Change Healthcare breach affects 190 million; Lynx Ransomware Group enhances operations with affiliate program

  • ENGlobal Cyber-Attack Exposes Sensitive Data: A significant cyber-attack has compromised sensitive data, highlighting vulnerabilities in cybersecurity practices. This incident underscores the ongoing threat posed by cybercriminals in the digital landscape.
  • Lynx Ransomware Group Unveiled with Sophisticated Affiliate Program: The Lynx Ransomware Group has developed a structured affiliate program that enhances their cybercrime operations, making it easier for criminals to engage in ransomware attacks.
  • Change Healthcare Breach Almost Doubles in Size to 190 Million Victims: A major data breach at Change Healthcare has escalated, now affecting 190 million individuals, raising concerns about data security in healthcare systems.
  • New Phishing Campaign Targets Mobile Devices with Malicious PDFs: A phishing campaign is deceiving users with malicious PDFs disguised as Amazon documents, aiming to extract sensitive information from mobile device users.
  • Apple Patches Actively Exploited Zero-Day Vulnerability: Apple has addressed a zero-day vulnerability that was being actively exploited, reinforcing the importance of timely security updates for users.
  • Broadcom Alerts High-Severity Security Flaw in VMware: A critical security flaw in VMware Avi Load Balancer has been identified, which could allow malicious actors to gain unauthorized access to databases.
  • Critical SQL Injection Flaws Hit Centreon: Centreon has reported critical SQL injection vulnerabilities, emphasizing the need for robust security measures in software applications.
  • New GhostGPT AI Chatbot Facilitates Malware Creation and Phishing: The emergence of GhostGPT, an AI chatbot, is raising alarms as it aids in the creation of malware and phishing schemes, showcasing the evolving nature of cyber threats.
Jan 29, 9:45 AM
4
avatar1.
infosecurity-magazine.com
Malware News and Articles
avatar2.
darkreading.com
Cyberattacks & Data Breaches recent news
avatar3.
sentinelone.com
12 Cyber Security Issues and How to Mitigate Them?
avatar4.
social.cyware.com
Articles on Cyber Security, Malware Attack updates

Mitel fixes OpenScape vulnerabilities; Cybersecurity newsletter reports ransomware attacks; Account hijacking service operators sentenced

  • Mitel addresses vulnerabilities in OpenScape systems: Mitel has released fixes for vulnerabilities in its OpenScape systems, urging users to update. This comes amid reports of hackers exploiting the XWorm RAT, which has compromised over 18,000 devices globally.
  • Cybersecurity newsletter highlights recent attacks and vulnerabilities: The latest Cybersecurity Newsletter discusses emerging threats, including sophisticated ransomware attacks and state-sponsored cyber activities, with specific incidents like the ransomware attack on Blacon High School and the ICICI Bank data breach.
  • Account hijacking service operators sentenced: Three men have been sentenced after pleading guilty to running an account hijacking service that facilitated fraud. This case highlights the ongoing issue of cybercrime and the legal repercussions for those involved.
  • New phishing tactics and vulnerabilities identified: Cisco Talos has identified a new phishing tactic using hidden text salting to evade email security measures, while Zimperium reported a campaign targeting mobile users with malicious PDFs impersonating USPS.
  • CISA warns of chained Ivanti vulnerabilities: The Cybersecurity and Infrastructure Security Agency (CISA) has reported that vulnerabilities in Ivanti products have been chained together in a series of cyberattacks, raising concerns about their security implications.
  • Major data breach affects Change Healthcare customers: Change Healthcare has disclosed that a mega-breach last year affected 190 million customers, underscoring the significant risks associated with data security in healthcare.
  • Cybercriminals exploit NFTs and cryptocurrencies: The group Crazy Evil has been targeting influencers and tech professionals with malware that exploits NFTs and cryptocurrencies, indicating a growing trend in cybercrime.
  • Increased cyber crisis simulation budgets anticipated: A survey revealed that 74% of Chief Information Security Officers (CISOs) plan to increase their budgets for cyber crisis simulations in 2025, reflecting a proactive approach to cybersecurity preparedness.
Jan 28, 9:45 AM
4
avatar1.
social.cyware.com
Articles on Cyber Security, Malware Attack updates
avatar2.
linkedin.com
Recent Cyber Attacks, Vulnerabilities, and Data Breaches
avatar3.
darkreading.com
Vulnerabilities & Threats recent news
avatar4.
infosecurity-magazine.com
Information Security and IT Security News

Cisco Meeting Management vulnerability discovered; New 'Black Magic' malware targets Juniper routers; Subaru's Starlink service flaw allows vehicle hijacking

  • Critical vulnerability in Cisco Meeting Management software: Cisco has identified a critical vulnerability in its Meeting Management software that requires immediate attention and patching to ensure security.
  • New malware 'Black Magic' targets Juniper routers: A new malware known as 'Black Magic' has been discovered, specifically targeting Juniper routers, which poses a significant threat to enterprise security.
  • Arbitrary account takeover flaw in Subaru's Starlink service: Security researchers have found a flaw in Subaru's Starlink service that could allow attackers to track, control, and hijack vehicles in the U.S., Canada, and Japan using just a license plate.
  • Upgraded Tycoon 2FA phishing kit bypasses security measures: Threat researchers have analyzed an updated version of the Tycoon 2FA phishing kit, which is capable of bypassing multi-factor authentication security measures.
  • Over 100 security vulnerabilities in LTE and 5G implementations disclosed: Academics have disclosed details of over 100 security vulnerabilities affecting LTE and 5G implementations, which could be exploited to disrupt services and gain access to cellular networks.
  • Latest data breaches and cyberattacks: A daily alert service provides updates on the latest cyberattacks, hacks, and data breaches, keeping executives and cybersecurity professionals informed of critical incidents.
Jan 27, 9:44 AM
4
avatar1.
darkreading.com
Cyberattacks & Data Breaches recent news
avatar2.
infosecurity-magazine.com
Information Security and IT Security News
avatar3.
social.cyware.com
Articles on Cyber Security, Malware Attack updates
avatar4.
cybersecurityventures.com
Who's Hacked? Latest Data Breaches And Cyberattacks

Cloudflare Stops 5.6Tbps DDoS Attack; Chinese Cyberspies Target South Korean VPN; GhostGPT AI Chatbot Enables Malware Creation

  • Cloudflare Mitigates Record-Breaking 5.6Tbps DDoS Attack: Cloudflare successfully stopped a massive DDoS attack that peaked at 5.6Tbps, highlighting a surge in hyper-volumetric attacks targeting various sectors. This incident underscores the growing threat landscape in cybersecurity.
  • Chinese Cyberspies Target South Korean VPN in Supply Chain Attack: Reports indicate that Chinese cyber espionage groups are targeting South Korean VPN services as part of a broader strategy to compromise supply chains, raising concerns about national security and data integrity.
  • Mirai Botnet Spinoffs Unleash Global Wave of DDoS Attacks: Spinoffs of the Mirai botnet have been linked to a series of global DDoS attacks, affecting multiple sectors and demonstrating the ongoing evolution of botnet threats.
  • New GhostGPT AI Chatbot Facilitates Malware Creation and Phishing: A new generative AI chatbot named GhostGPT is being sold on Telegram, providing cybercriminals with tools for malware creation and phishing, which poses significant risks to online security.
  • These Passwords Can Be Bought For $10—What You Need To Know: A report reveals that stolen credentials from major cybersecurity vendors are being sold on dark web marketplaces, emphasizing the need for robust dark web monitoring to prevent security breaches.
  • Tycoon 2FA Phishing Kit Upgraded to Bypass Security Measures: Researchers have analyzed an upgraded version of the Tycoon 2FA phishing kit, which now has the capability to bypass multi-factor authentication, raising alarms about the effectiveness of current security measures.
  • Kibana Patches High Severity Vulnerability Exposing Sensitive Information: A critical vulnerability in Kibana, identified as CVE-2024-43707, has been patched to prevent unauthorized access to sensitive information, highlighting the importance of timely updates in cybersecurity.
Jan 26, 9:43 AM
4
avatar1.
darkreading.com
Cyberattacks & Data Breaches recent news
avatar2.
forbes.com
New Security Alert—1 Billion Passwords Stolen By ...
avatar3.
infosecurity-magazine.com
Information Security and IT Security News
avatar4.
social.cyware.com
Articles on Cyber Security, Malware Attack updates