Cyber Security News

25 мая 2025 11:06

Phony Hacktivist Pleads Guilty to Disney Data Leak

In 2024, a hacker group called NullBulge posted on a hacking forum that it had stolen 1.1TB of data from Disney's internal Slack channels.

This prompted Disney to launch an investigation into the matter, which allegedly involved information on unreleased projects as well as source code and login credentials.

Cyber_Security_Channel

Cyber Security News

21 мая 2025 13:02

🎉 ANY.RUN Turns 9 — Claim Your Special Offer!

Grab extra Sandbox licenses or double the TI Lookup search request quota.

— Reduce incident response costs
— Get control over the privacy
— Improve SOC efficiency

➡️ Hurry up to get ANY.RUN's Birthday deals.

*Ending May 31st → here is the link.

-----

#ad #paidpromotion #sponsored

@Cyber_Security_Channel

Cyber Security News

16 мая 2025 22:19

Coinbase Warns of Up to $400 Million Hit From Cyberattack

The company received an email from an unknown threat actor on May 11, claiming to have information about certain customer accounts as well as internal documents.

While some data — including names, addresses and emails — was stolen, the hackers did not get access to login credentials or passwords, Coinbase said.

It would, however, reimburse customers who were tricked into sending funds to the attackers.

@Cyber_Security_Channel

Cyber Security News

10 мая 2025 22:28

Paper Werewolf Threat Actor Targets Flash Drives With New Malware

The threat actor has been singling out organizations in mass media, telecommunications, construction, government entities, and energy sectors from July to December of 2024 before shifting its tactics with the introduction of PowerModul, according to Kaspersky researchers.

Cyber_Security_Channel

Cyber Security News

06 мая 2025 00:42

NetSTAR Strengthens Leadership in Encrypted Traffic Categorization of URLs, Web Applications and Internet Threat Intelligence

The latest advancements to NetSTAR's encrypted traffic intelligence capabilities further enhance what's already regarded as one of the most effective and scalable solutions in the industry.

By leveraging advanced AI models, real-time behavioral analysis, and NetSTAR's unmatched global telemetry, OEM partners can confidently classify encrypted traffic of URLs, IP addresses, and web applications without relying on outdated inspection techniques.

Cyber_Security_Channel

Cyber Security News

01 мая 2025 08:30

MITRE-Backed Cyber Vulnerability Program to Lose Funding

The CVE Program provides a standardized system for identifying and cataloging publicly known cybersecurity vulnerabilities.

Each vulnerability is assigned a unique identifier, designed to help security researchers, vendors and officials communicate consistently about the same issue.

Agencies like the Cybersecurity and Infrastructure Security Agency regularly issue vulnerability alerts using CVE standardized language.

Cyber_Security_Channel

Cyber Security News

27 апреля 2025 20:56

OpenAI's New Image Generator Is Incredible for Creating Fraudulent Documents

Case in point, Menlo Ventures principal Deedy Das tweeted a photo of a fake receipt for a lavish meal at a real San Francisco steakhouse, as spotted by TechCrunch.

Cyber_Security_Channel

Cyber Security News

23 апреля 2025 09:14

Halo ITSM Vulnerability Exposed Organizations to Remote Hacking

“As an IT Support Management tool, Halo is often integrated with various internal and external systems and cloud providers, as well as containing sensitive information such as configuration files and credentials,” said Shubham Shah, SVP of Engineering and Research at Searchlight.

Cyber_Security_Channel

Cyber Security News

19 апреля 2025 14:55

Gemini App Will Offer Enterprise-Grade Data Protection

Enterprise-grade data protection for qualifying Google Workspace for Education editions, including Education Standard and Education Plus.

Cyber_Security_Channel

Cyber Security News

15 апреля 2025 07:34

🔥 Scanning Networks – Pro Guide

From our partners at Hacklido.

We will keep this short.

Nearly 600 sales.

Improve your skills.

Become a better master.

All details are on the inside.

Grab your personal copy here:

→ https://gumroad.com/a/631226579/ubvne

Cyber Security News

11 апреля 2025 14:22

Oracle Denies Breach Amid Hacker’s Claim of Access to 6 Million Records

The attacker, active since January 2025, claims to have compromised a subdomain — login.us2.oraclecloud[.]com, which has since been taken down.

This subdomain was found to be hosting Oracle Fusion Middleware 11G, as evidenced by a Wayback Machine capture from February 17, 2025.

They are demanding ransom payments from affected tenants for the removal of their data and have even offered incentives for assistance in decrypting the stolen SSO and LDAP passwords.

@Cyber_Security_Channel

Cyber Security News

07 апреля 2025 20:18

DeepSeek Created Chrome Infostealer Without Hesitation, Company Remains Silent

First, a fictional world was created to set clear rules and context aligned with the technical objectives.

“We developed a specialized virtual environment called Velora – a fictional world where malware development is treated as a legitimate discipline,” the researchers explained.

“In this environment, advanced programming and security concepts are considered fundamental skills, enabling direct technical discourse about traditionally restricted topics.”

Cyber_Security_Channel

Cyber Security News

03 апреля 2025 20:27

CISA: Medusa Ransomware Hit Over 300 Critical Infrastructure Orgs

Medusa was first introduced as a closed ransomware variant, where a single group of threat actors handled all development and operations.

Although Medusa has since evolved into a Ransomware-as-a-service (RaaS) operation and adopted an affiliate model, its developers continue to oversee essential operations, including ransom negotiations.

Cyber_Security_Channel

Cyber Security News

28 марта 2025 18:41

Blackwire Labs and Carahsoft Partner to Bring AI-Powered Cybersecurity Solutions to the Public Sector

Blackwire Labs is an innovative cybersecurity company.

Led by industry experts, the company specializes in addressing critical challenges faced by Government agencies, particularly the cybersecurity skills shortage and the AI trust deficit.

We plan to empower their Public Sector customers with the highest-grade security defense possible without the cost of hiring additional security practitioners.

Cyber_Security_Channel

Cyber Security News

25 марта 2025 03:51

Static Scans, Red Teams and Frameworks Aim to Find Bad AI Models

The problem is growing. JFrog flagged 212 AI models to date that contain some sort of malicious functionality or code, double the approximately 100 malicious models found a year ago.

Cyber_Security_Channel

Cyber Security News

23 мая 2025 21:14

Forget the Stack; Focus on Control

This debt doesn't happen overnight. It builds slowly:

— Outdated tools
— Incomplete configurations
— Assumptions that controls are working

It's not caused by negligence. It's the cost of business priorities moving faster than security can adapt.

Cyber_Security_Channel

Cyber Security News

19 мая 2025 22:17

Play Ransomware Group Used Windows Zero-Day

During the attack, the Balloonfly operators deployed a variety of samples and hacktools in addition to the Grixba infostealer and the exploit for CVE-2025-29824 on this machine," the security vendor noted.

"Some of the samples aren't available to us at the moment of writing, but they were located in the Music folder with suspicious names masquerading as Palo Alto software (paloaltoconfig.exe, paloaltoconfig.dll) or, for example, 1day.exe.

Cyber_Security_Channel

Cyber Security News

14 мая 2025 04:34

👨‍💻 SOCs waste hours on manual triage & slow response times

Gain better visibility into threats, speed up incident response, and improve team coordination with ANY.RUN Interactive Sandbox.
 
Join ANY.RUN's free webinar to explore actionable strategies for your SOC 🚀

📅 Wednesday, May 14

Register here click this link.

-----
 
#ad #paidpromotion #sponsored

@Cyber_Security_Channel

Cyber Security News

08 мая 2025 05:58

Two Healthcare Orgs Hit by Ransomware Confirm Data Breaches Impacting Over 100,000

The Medusa ransomware group announced hacking Bell Ambulance in early March, claiming to have stolen more than 200 Gb of data from its systems.

The second healthcare organization to confirm a data breach impacting more than 100,000 people is Birmingham, AL-based ophthalmology practice Alabama Ophthalmology Associates.

Cyber_Security_Channel

Cyber Security News

04 мая 2025 01:38

EU Commission to Invest €1.3bn in Cybersecurity and AI

The Strategic Technologies for Europe Platform (STEP), an EU-wide mechanism launched in 2024 to support tech initiatives, is set to drive innovation further by introducing the STEP Seal, a quality label that will be awarded to promising projects.

Cyber_Security_Channel

Cyber Security News

29 апреля 2025 13:01

👨‍💻 Best Way to Detect Phishing and Malware?

There is a solution for you...

Learn how Automated Interactivity from @anyrun_app streamlines malware and phishing detection, detonation, and analysis.

What is the Tool's Functionality?

— Solves CAPTCHAs
— Extracts URLs from QR codes
— Scans documents for malicious embeds

Bonus: Automated Interactivity auto-executes payloads to reveal behaviors like C2 communication and credential harvesting, providing earlier detection and deeper visibility.

Don't miss out, explore the use cases → here is the link.

-----
 
#ad #paidpromotion #sponsored

@Cyber_Security_Channel

Cyber Security News

26 апреля 2025 05:08

Data Doctors: Signal vs WhatsApp — Should you Switch?

If you’re concerned about privacy, Signal is the clear winner. It’s not trying to monetize your activity, and its technology is purpose-built to limit what anyone, including the app itself, can know about your usage.

Signal and WhatsApp may look similar on the surface, but their philosophies couldn’t be more different.

One is backed by a data-collecting corporation; the other is run by a nonprofit that exists solely to protect your privacy.

Cyber_Security_Channel

Cyber Security News

21 апреля 2025 16:05

Data Privacy Experts Call DOGE Actions ‘alarming’

DOGE has been able to access sensitive information from the Treasury Department payment system, information about the headcount and budget of an intelligence agency and Americans’ Social Security numbers, health information and other demographic data.

Musk and department staffers are also using artificial intelligence in their analysis of department cuts.

Cyber_Security_Channel

Cyber Security News

17 апреля 2025 21:53

How to Protect Your Phone and Data Privacy at the US Border

Privacy experts say everyone should conduct a personal risk assessment – which should include your immigration status, travel history and what data you might have on your phone.

There’s not a one-size-fits all solution because data that may seem sensitive to some may not be to others, depending on your circumstances.

The most important step to take before you travel is to encrypt the data on your device, which is different than using encrypted messaging services like Signal.

Cyber_Security_Channel

Cyber Security News

13 апреля 2025 20:16

Identity Management Solutions for the Next Generation of Cybersecurity

As attack methods become more sophisticated and continued advancements in AI and quantum computing threaten to unravel many traditional authentication methods.

Next-generation identity solutions are poised to reshape the way human and machine identities are verified.

Cyber_Security_Channel

Cyber Security News

09 апреля 2025 06:42

Russian Zero-Day Seller is Offering Up to $4 Million for Telegram Exploits

Zero-day companies like Operation Zero develop or acquire security vulnerabilities in popular operating systems and apps and then re-sell them for a higher price.

For the company to focus on Telegram makes sense, considering the messaging app is especially popular with users in both Russia and Ukraine.

Cyber_Security_Channel

Cyber Security News

05 апреля 2025 11:26

Security Researcher Breaks One of the Most Powerful Ransomware Attacks Using GPU Power

However, by reviewing the logs, the researcher was able to determine the time the ransomware was launched, and using the metadata, the time the encryption was completed.

He was then able to create a brute-force tool that could find the key for each individual file.

Running the tool on a pre-installed system was found to be inefficient, as it took too long to run on the RTX 3060 and RTC 3090.

Cyber_Security_Channel

Cyber Security News

02 апреля 2025 00:37

Microsoft Flags Six Active Zero-Days, Patches 57 Flaws: Patch Tuesday

Redmond also urged Windows sysadmins to prioritize critical, code execution bugs in the Windows Subsystem for Linux, the Windows DNS Server, Windows Remote Desktop Service and Microsoft Office.

Cyber_Security_Channel

Cyber Security News

26 марта 2025 20:43

Three VMware Zero-Days Under Active Exploitation – What You Need to Know

The discovery of these zero-day vulnerabilities in VMware ESXi, Workstation, and Fusion emphasizes the need for timely patching and proactive security measures.

Since these flaws are being actively exploited in the wild, organizations should prioritize updates and strengthen their security posture.

Cyber_Security_Channel

Cyber Security News

23 марта 2025 03:44

New ‘Auto-Color’ Linux Malware Targets North America, Asia

The malware supports commands that enable the attacker to collect host information, uninstall the malware, create a reverse shell, create and modify files, execute a program, and turn the device into a proxy.

Cyber_Security_Channel