Be Cyber Aware. Our vacancies channel: @CyberSecurityJobs Our chat: t.me/cybersecuritynewschat LinkedIn: https://www.linkedin.com/company/securitynews/ Facebook: https://www.facebook.com/BreakingCyberSecNews 📩 Cooperation: @cybersecadmin
New PhishWP Plugin Enables Sophisticated Payment Page Scams
Cybercriminals deploy PhishWP either by compromising existing WordPress sites or creating fraudulent ones.
The plugin’s design closely replicates trusted payment gateways, making it difficult for users to detect the deception.
Cyber_Security_Channel
33 Open-Source Cybersecurity Solutions You Didn’t Know You Needed
• Authentik: Open-source identity provider
• Cryptomator: Open-source cloud storage encryption
• Cirrus: Open-source Google Cloud forensic collection
• IntelOwl: Open-source threat intelligence management
• BunkerWeb: Open-source Web Application Firewall (WAF)
• Ghidra: Open-source software reverse engineering framework
• Cilium: Open-source eBPF-based networking, security, observability
Read more here — find out the remainder.
-----
🚀 Want to see your company featured in our content?
→ Ping us a message at @cybersecadmin
Free promos available — let's chat!
Cyber_Security_Channel
Top 12 Ways Hackers Broke Into Your Systems in 2024
— Check Point bug enabled Iranian hacks
— Ivanti Connect flaws found Chinese abuse
— Fortinet flaw Zero-day’ed by nation state actors
— Alibaba and Adobe users tricked into giving up credentials
Cyber_Security_Channel
What Security Lessons Did We Learn in 2024?
— Telecom Can't Be Trusted
— Surging Zero-Day Exploits
— Nation-State Collaboration
— Resiliency Planning Needs More Focus
— Critical Infrastructure Is a Growing Target
Read more about this topic via the previous link.
Cyber_Security_Channel
AI Fuels Reported Rise in ‘Polished’ Phishing Scams
AI helped add to a larger cyberattack landscape in 2024, PYMNTS wrote recently, part of a catalogue of threats that include ransomware, zero-day exploits and supply chain attacks.
According to the report, cyber security experts say these attacks are increasing as AI grows in sophistication.
AI bots can quickly consume mass quantities of information about a company’s or person’s style and tone and recreate them to plot an effective scam.
Cyber_Security_Channel
HIPAA Rules Update Proposed to Combat Healthcare Data Breaches
The Department of Health and Human Services (HHS) said the new obligations reflect advances in technology and changes in breach trends and cyber-attacks, helping healthcare providers ensure compliance with their data protection duties.
Cyber_Security_Channel
China Accuses the U.S. of Hacking Back as Cyber Conflict Grows
China’s counter charges to U.S. cyber espionage claims have largely been based on decade-old NSA leaks, so the PRC’s latest claims are notable for their focus on two recent specific incidents while avoiding those larger claims.
Cyber_Security_Channel
What Skills Will the Tech Workforce Need in 2025?
The conversation explored many tech trends expected to change the future of work as we look at the year ahead, from ongoing challenges around managing a hybrid and remote workforce to the increasing need to attract talent with the right skills.
Cyber_Security_Channel
📩 CyberWeekly by Hacklido — Issue №14; 7th of December, 2024
With a little delay, please find attached the newest issue of the CyberWeekly Newsletter from our long-lasting partners at Hacklido.
A list of topics from the other side:
• OT IoT risks
• Veeam flaws
• Deloitte hack
• Cisco vulnerability
• Cybersecurity news
• Encrypted messaging
• Legacy systems security
• Brain Cipher ransomware
• Ransomware threats, data breach
Read the full publication via the following link.
-----
→ If your Company / Project / Community wants to become a partner of Cyber Security News...
Please, do not hesitate to contact us by sending a direct message to @cybersecadmin
-----
@Cyber_Security_Channel
Snowflake Pledges to Make MFA Mandatory
The commitment to making MFA mandatory aims to prevent similar incidents occurring in the future by ensuring a separate line of defense when an account password is compromised.
Cyber_Security_Channel
South Bend Dentist Office Notifies Patients of Data Breach
The company suggests that you take the proper steps to protect yourself if your information was exposed, including placing an initial or extended fraud alert and monitoring your bank account statements.
Cyber_Security_Channel
📩 CyberWeekly by Hacklido — Issue №13; 1st of December, 2024
Please welcome the most recent issue of the informative CyberWeekly Newsletter from Hacklido.
What can be found inside?
• Russian hackers leveraged unsecured nearby Wi-Fi to breach networks, bypassing MFA protections.
• Another campaign exploited an old Avast driver to disable endpoint security tools through a BYOVD attack.
• DEF CON volunteers teamed up with U.S. water utilities to strengthen cybersecurity for under-resourced critical infrastructure.
• Meanwhile, SCOTUS allowed a class-action lawsuit against Meta to proceed, stemming from the Cambridge Analytica data scandal.
• Lastly, a Microsoft 365 outage disrupted services like Teams, Exchange, and SharePoint.
Visit this webpage for the full piece.
-----
→ If your Company / Project / Community wants to become a partner of Cyber Security News...
Please, do not hesitate to contact us by sending a direct message to @cybersecadmin
-----
@Cyber_Security_Channel
GodLoader Malware Infects Thousands via Game Development Tools
The distribution of GodLoader occurred through the Stargazers Ghost Network, a malware-as-a-service platform.
Between September and October 2024, 200 GitHub repositories were used to deliver infected files, targeting gamers, developers and general users.
Cyber_Security_Channel
Ransomware Attack on Blue Yonder Disrupts U.S. Supply Chains and Retail Operations
Experts believe the fallout will be felt across the United States, as Blue Yonder’s software supports numerous Fortune 500 companies.
The attack highlights vulnerabilities in private cloud environments and the increasing threat ransomware poses to supply chain infrastructure.
Cyber_Security_Channel
T-Mobile Breached in Major Chinese Cyber-Attack on Telecoms
While T-Mobile has stated that no significant impacts to its systems or customer data have been identified, federal agencies and security experts remain concerned about the scope of the breach.
Cyber_Security_Channel
ℹ️ The Worst Hacks of 2024
1. China's Salt Typhoon Telecom Breaches
2. Snowflake Customer Breaches
3. Change Healthcare Ransomware Attack.
Did we miss anything in the list?
Cyber_Security_Channel
The Biggest Cybersecurity and Cyberattack Stories of 2024
Including, but not limited to:
• Internet Archive hacked;
• Bad CrowdStrike updates crashed 8.5 million Wndows devices;
• Russian state-sponsored hackers breached Microsoft's corporate email;
• National Public data breach exposed your Social Security Number;
• Attacks on edge networking devices run rampant.
Cyber_Security_Channel
Slovakia Hit by Historic Cyber-Attack on Land Registry
Speaking to Infosecurity, cyber policy expert from Slovakia and New America Fellow, Pavlina Pavlova, said that while the Slovakian government is politicizing the attack, swift system recovery is the key concern for citizens right now.
Cyber_Security_Channel
⚡️Unconventional Cyberattacks Aim to Take Over PayPal Accounts
The campaign works because the scammer appears to have registered a Microsoft 365 test domain — which is free for three months — and then created a distribution list containing target emails.
This allows any messages sent from the domain to bypass standard email security checks, Windsor explained in the post.
Cyber_Security_Channel
Apple's AI Photo Analyzer Faces Privacy Backlash
Apple said in November that the privacy-preserving techniques it uses, including differential privacy and the use of OHTTP relays, mean that user data is anonymous.
So neither Apple nor its cloud partner Cloudflare can see the actual image data or any associated metadata when processing.
Cyber_Security_Channel
2️⃣0️⃣2️⃣5️⃣ Happy New Year from the Cyber Security News Team!
We would like to say thank you for continously supporting our community throughout the year of 2024.
Together we have managed to reach important milestones and expand our sphere of influence even further.
♥️ We are grateful for all the members, partners and supporters that engaged with our content, purchased digital products, and showed appreciation to our channels =)
Our team hopes that all the content on this channel was useful and enjoyable for you.
We are planning to show dedication by continuing our mission next year, and are always open to your feedback!
Thank you once again, and all the best in the New Year of 2025!
Warm regards to all of you,
The Cyber Security News Team
@Cyber_Security_Channel 🎅🏻
Fraud or Fallacy? Is Meezan Bank Covering Up a Data Breach?
In a customer advisory, Meezan Bank labeled the rumors of a data breach as “entirely false.”
The bank guaranteed customers that all disputed transactions were unsecured e-commerce transactions.
They were fully covered under international chargeback mechanisms.
Furthermore, the bank also promised quick compensation for affected users.
However, the bank’s reassurances have done little to repress customer anxieties.
The question arises of how cards never used for Internet banking—or even ATMs—could be exploited for unauthorized transactions.
Cyber_Security_Channel
New APIs Discovered by Attackers in Just 29 Seconds
The most common attack types were CVE exploitation (40%), discovery (34%) and authentication checks (26%).
The most frequently probed API endpoint was named “/status,” according to the report.
Cyber_Security_Channel
US Charges 14 Members of North Korean IT Worker Scam That Bagged $88 Million in Six Years
The DoJ said the campaign had generated in excess of $88 million throughout the approximately six-years it had been in operation, with the proceeds being sent back to DPRK-controlled accounts based in China.
Cyber_Security_Channel
🔐 Protect Your Digital World with Kaspersky!
01. Safeguard: Your online life with cutting-edge cybersecurity solutions.
02. Smart Protection: Defend against threats without compromising your speed.
03. Unlimited VPN: Browse privately and securely, anywhere in the world.
04. Gamer-Friendly Mode: Stay secure without interruptions.
🚀 Your safety, redefined. Upgrade to Kaspersky today!
→ https://tglink.io/f615de5908fe
Use the above link for a special offer — exclusive to our Community members!
-----
#ad #paidpromotion #sponsored
@Cyber_Security_Channel
UK Underestimates Threat From Hostile States, Says New NCSC Head
The Annual Review highlights the way conflicts are fuelling a volatile threat landscape.
Examples include Russia's use of destructive malware against Ukrainian targets and routine attempts to interfere with the systems of NATO countries in support of its war effort.
Cyber_Security_Channel
What It Costs to Hire a Hacker on the Dark Web
If you’re wondering how big the Dark Web is, then cybersecurity software company Avast explains:
“It’s difficult to measure dark web statistics, but it’s estimated that there are tens of millions of URLs on the dark web and tens of thousands of active dark web websites, including thousands of forums and marketplaces.”
Cyber_Security_Channel
📩 CyberWeekly by Hacklido — Issue №12; 23rd of November, 2024
Consistency is key — here is the newest issue of the value-packed CyberWeekly Newsletter from our partners at Hacklido.
Below is everything you should know, at a glance:
• Google’s AI-enhanced OSS-Fuzz found 26 open-source vulnerabilities, improving detection, raising concerns about AI blind spots.
• Change Healthcare restored services nine months after a ransomware attack that disrupted 94% of US hospitals.
• CISA’s red team audit revealed gaps in critical infrastructure defenses.
• D-Link urged users to replace EOL routers vulnerable to remote code execution.
Want more detail? Read the full breakdown here.
-----
→ If your Company / Project / Community wants to become a partner of Cyber Security News...
Please, do not hesitate to contact us by sending a direct message to @cybersecadmin
-----
@Cyber_Security_Channel
Meta Shutters Two Million Scam Accounts in Two-Year Crackdown
Meta warned that most pig butchering scams start on dating apps, text and messaging apps, email or social media, and then move to scammer-controlled accounts on crypto apps or scam websites masquerading as investment platforms.
Cyber_Security_Channel
🚀 Scanning Networks – Pro Guide for Cybersecurity Specialists
→ Our partners at Hacklido are offering you the opportunity to grab a copy of their bestselling digital product!
Become pro in scanning networks by understanding types, mitigations and using various tools involved in network security.
You will learn:
↳ IDS & Firewall evasion
↳ Understanding networks
↳ Scanning, countermeasures and tools
New additions:
✔️Real world examples
✔️Clear commands & terminology
✔️Practice questions with explanations for each unit
Among many other useful topics…
More than 570+ sales & happy customers served!