⚠️ VULNERABILITY DISCLOSURE 4[−]
18 JanTikTok Says It Will ‘Go Dark’ Unless It Gets Clarity From Biden Following Supreme Court RulingTikTok said it will have to “go dark” this weekend unless Biden assures the company it won’t enforce a shutdown after the Supreme Court upheld the ban. The post TikTok Says It Will ‘Go Dark’ Unless It Gets Clarity From Biden Following Supreme Court Ruling appeared fir…SECURITYWEEK.COM
18 JanHackers Easily Bypass Active Directory Group Policy to Allow Vulnerable NTLMv1 Auth ProtocolResearchers have discovered a critical flaw in Active Directory’s NTLMv1 mitigation strategy, where misconfigured on-premises applications can bypass Group Policy settings intended to disable NTLMv1. This vulnerability enables attackers to exploit the outdated authentication prot…GBHACKERS.COM
18 JanHow victims of PowerSchool’s data breach helped each other investigate ‘massive’ hackSchool workers say they resorted to crowdsourcing help among each other following PowerSchool's breach, fueled by solidarity and the slow response from PowerSchool. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
18 JanOtelier - 436,855 breached accountsIn July 2024, a threat actor gained access to the hotel management platform Otelier and retrieved customer data from well-known hotel brands including Marriott, Hilton, and Hyatt . The data included 437k customer email addresses (a further 868k generated email addresses from the …HAVEIBEENPWNED.COM
📢 SECURITY ADVISORIES 25[−]
🔥 INCIDENT REPORTING 3[−]
18 JanTreasury Levels Sanctions Tied to a Massive Hack of Telecom Companies and Breach of Its Own NetworkThe Treasury Department announced sanctions in connection with a massive Chinese hack of American telecommunications companies and a breach of its own computer network. The post Treasury Levels Sanctions Tied to a Massive Hack of Telecom Companies and Breach of Its Own Network ap…SECURITYWEEK.COM
18 JanNew tool: immutable.py, (Sat, Jan 18th)When performing triage on a Linux system you suspect might be compromised, there are many aspects of the system that you may want to look at. In SANS FOR577 , we talk about some existing tools and even writing your own bash script to collect triage data. In a case I worked a year…ISC.SANS.EDU
🕵️ THREAT INTELLIGENCE 3[−]
18 JanSecure AI? Dream on, says AI red teamThe group responsible for red teaming of over 100 generative AI products at Microsoft has concluded that the work of building safe and secure AI systems will never be complete. In a paper published this week, the authors, including Microsoft Azure CTO Mark Russinovich, described …INFOWORLD.COM
18 JanHow Scammers Steal Millions Without You NoticingScammers have taken their tricks to a whole new level, but the game hasn’t changed much. From old-school postcards to modern-day emails, they’ve adapted to stay one step ahead. Have you heard about the “simple task” scam? It promises easy money, but it’s designed to drain your wa…YOUTUBE.COM
18 JanInvestigating USB-to-Ethernet Dongles With “Malware” Claimssubmitted by cm0002 to cybersecurity 13 points | 2 comments https://hackaday.com/2025/01/18/investigating-usb-to-ethernet-dongles-with-malware-claims/INFOSEC.PUB
🌐 CYBER THREAT LANDSCAPE 1[−]
18 JanSocial Media Fraud Targets Truth Social: Cyber Security Today Weekend with Netcraft's Robert Duncan - Jan 18, 2025Addressing Social Media Fraud: Insights from Netcraft's Robert Duncan In this weekend edition of Cybersecurity Today, host Jim Love discusses the growing issue of fraud in the cybersecurity landscape. Jim interviews Robert Duncan, VP of Product Strategy at Netcraft, who sheds lig…CYBERSECURITYTODAY.LIBSYN.COM
📡 INFOSEC NEWS 11[−]
18 JanJoint guidance on secure by demand and priority considerations for operational technology owners and operators when selecting digital productsCYBER.GC.CA
18 JanU.S. Sanctions Chinese Cybersecurity Firm Over Treasury Hack Tied to Silk TyphoonThe U.S. Treasury Department's Office of Foreign Assets Control (OFAC) has imposed sanctions against a Chinese cybersecurity company and a Shanghai-based cyber actor for their alleged links to the Salt Typhoon group and the recent compromise of the federal agency. "People's Repub…THEHACKERNEWS.COM
18 JanDOJ confirms arrested US Army soldier is linked to AT&T and Verizon hacksThe alleged hacker claimed to have access to huge amounts of call records, including VP Kamala Harris and President Trump. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
18 JanFrom Leadership Lessons to DeLorean Dreams!Ever wondered what leadership and time travel have in common? 🤔 Join us in this hilarious and thought-provoking discussion as we dive into cigars, whiskey, and the real challenges of influencing organizations. From DeLoreans to hot tubs, this is the ultimate leadership talk with …YOUTUBE.COM
18 JanFTC orders GM to stop collecting and selling driver’s dataThe Federal Trade Commission (FTC) has announced action against General Motors (GM) and its subsidiary, OnStar, for unlawful collection and sale of drivers' precise geolocation and driving behavior data without first obtaining their consent. [...]BLEEPINGCOMPUTER.COM
18 JanMicrosoft removes Assassin’s Creed Windows 11 upgrade blocksEarlier this week, Ubisoft released Assassin's Creed Valhalla and Assassin's Creed Origins patches to fix Windows 11 24H2 compatibility issues that caused crashes, freezes, and audio problems. [...]BLEEPINGCOMPUTER.COM
18 JanERP Systems: Are You Sure They're Safe?" 🧐Are you confident your ERP system is secure? 🚨 From conflicting roles to unauthorized payroll access, many organizations face hidden vulnerabilities that could jeopardize their operations. Learn why elevated permissions and segregation of duties are critical for securing your ent…YOUTUBE.COM
18 JanIs There a Perfect MDM? IT Pros Weigh In! 💻Finding the perfect Mobile Device Management (MDM) solution feels like chasing a myth! 🚀 IT experts Adrian Sanabria and Guillaume Ross dive into the challenges of managing devices across platforms. From the constant Slack chatter about what works best to the wild idea of needing …YOUTUBE.COM