30Articles
7Categories
2025-01-21Date
🐛 COMMON VULNERABILITIES AND EXPOSURES 2[−]
21 JanContinued Scanning for CVE-2023-1389TP-Link draws the attention of the US Government.F5.COM
21 JanContinued Scanning for CVE-2023-1389TP-Link draws the attention of the US Government.F5.COM
⚠️ VULNERABILITY DISCLOSURE 5[−]
21 JanMirai Variant Murdoc Botnet Exploits AVTECH IP Cameras and Huawei RoutersCybersecurity researchers have warned of a new large-scale campaign that exploits security flaws in AVTECH IP cameras and Huawei HG532 routers to rope the devices into a Mirai botnet variant dubbed Murdoc Botnet. The ongoing activity "demonstrates enhanced capabilities, exploitin…THEHACKERNEWS.COM
21 JanOracle Quarterly Critical Patches Issued January 21, 2025Multiple vulnerabilities have been discovered in Oracle products, the most severe of which could allow for remote code execution.CISECURITY.ORG
21 JanCISA Releases Three Industrial Control Systems AdvisoriesCISA released three Industrial Control Systems (ICS) advisories on January 21, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-021-01 Traffic Alert and Collision Avoidance System (TCAS) II ICS…CISA.GOV
21 JanHPE investigating security breach after hacker claims theft of sensitive dataA well-known hacker claims to have stolen source code and user data from the enterprise IT giant © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
21 JanScaling Dynamic Application Security Testing (DAST)Introduction Microsoft engineering teams use the Security Development Lifecycle to ensure our products are built in alignment with Microsoft’s Secure Future Initiative security principles: Secure by Design, Secure by Default, and Secure Operations. A key component of the Security…MSRC.MICROSOFT.COM
📢 SECURITY ADVISORIES 1[−]
21 JanAre attackers already embedded in U.S. critical infrastructure networks?The threat of cyberattacks against critical infrastructure in the United States has evolved beyond data theft and espionage. Intruders are already entrenched in the nation’s most vital systems, waiting to unleash attacks. For instance, CISA has raised alarms about Volt Typh…SECURITYINTELLIGENCE.COM
🔥 INCIDENT REPORTING 8[−]
21 JanWeekly Update 435Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite If I'm honest, I was in two minds about adding additional stealer logs to HIBP. Even with the new feature to include the domains a…TROYHUNT.COM
21 Jan13,000 MikroTik Routers Hijacked by Botnet for Malspam and CyberattacksA global network of about 13,000 hijacked Mikrotik routers has been employed as a botnet to propagate malware via spam campaigns, the latest addition to a list of botnets powered by MikroTik devices. The activity "take[s] advantage of misconfigured DNS records to pass email prote…THEHACKERNEWS.COM
21 JanPNGPlug Loader Delivers ValleyRAT Malware Through Fake Software InstallersCybersecurity researchers are calling attention to a series of cyber attacks that have targeted Chinese-speaking regions like Hong Kong, Taiwan, and Mainland China with a known malware called ValleyRAT. The attacks leverage a multi-stage loader dubbed PNGPlug to deliver the Valle…THEHACKERNEWS.COM
21 JanGovtech giant Conduent won’t rule out cyberattack as outage drags onAt least four states reported being affected by the outage, which Conduent says is ongoing. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
21 JanToronto school district says 40 years of student data stolen in PowerSchool breachCanada’s largest school board says hackers may have accessed some 40 years’ worth of student data during the recent PowerSchool breach.  In a letter sent to parents this week, the Toronto District School Board (TDSB) said that the data breach affected all students enro…TECHCRUNCH.COM
21 JanMedusa ransomware: what you need to knowMedusa is a ransomware-as-a-service (RaaS) platform that has targeted organisations around the world. Read more about it in my article on the Tripwire State of Security blog.TRIPWIRE.COM
21 Jan50,000 critical exposures + one of the most vulnerable IT environments: our schools - ... - ESW #390I've been so excited to see the external attack surface management (EASM) market take off in the past few years. This market category focuses exclusively on security issues exposed to the public Internet - issues ANYONE can see. All organizations have exposure management problems…YOUTUBE.COM
21 JanUnder lock and key: Protecting corporate data from cyberthreats in 2025Data breaches can cause a loss of revenue and market value as a result of diminished customer trust and reputational damageWELIVESECURITY.COM
🕵️ THREAT INTELLIGENCE 8[−]
21 JanCERT-UA Warns of Cyber Scams Using Fake AnyDesk Requests for Fraudulent Security AuditsThe Computer Emergency Response Team of Ukraine (CERT-UA) is warning of ongoing attempts by unknown threat actors to impersonate the cybersecurity agency by sending AnyDesk connection requests. The AnyDesk requests claim to be for conducting an audit to assess the "level of secur…THEHACKERNEWS.COM
21 JanGeolocation and Starlink, (Tue, Jan 21st)Until now, satellite internet access has been more of a niche solution for internet access. But with the wide availability of Starlink, this is changing. Starlink&#39&#x3b;s performance and price are competitive for many rural users to forgo solution…ISC.SANS.EDU
21 JanISC Stormcast For Tuesday, January 21st, 2025 https://isc.sans.edu/podcastdetail/9288, (Tue, Jan 21st)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
21 JanWhy maintaining data cleanliness is essential to cybersecurityData, in all its shapes and forms, is one of the most critical assets a business possesses. Not only does it provide organizations with critical information regarding their systems and processes, but it also fuels growth and enables better decision-making on all levels. However, …SECURITYINTELLIGENCE.COM
21 JanSmishing, Microsoft, Star Blizzard, Sneaky Log, VMARE, Josh Marpet, and more... - SWN #444Smishing, Microsoft, Star Blizzard, Sneaky Log, VMARE, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-444YOUTUBE.COM
21 JanBotnet Unleashes Record-Breaking 5.6Tbps DDoS Attacksubmitted by cm0002 to cybersecurity 5 points | 0 comments https://www.pcmag.com/news/botnet-unleashes-record-breaking-56tbps-ddos-attackINFOSEC.PUB
21 JanSecurity audit of the Notary ProjectThe OSTIF engaged with Quarkslab to perform a security audit of the Notary project , focused on new features.QUARKSLAB.COM
🎙️ PODCASTS 1[−]
21 JanThe AI Fix #34: Fake Brad Pitt and why AI means we will lose our jobsIn episode 34 of The AI Fix, our hosts watch in horror as a vacuum cleaner sprouts a robotic arm and tiny little robot legs, a mind-reading helps a man chat up some French students, a robot dog runs as fast as Usain Bolt, and AI podcast hosts get impatient with their listeners. M…GRAHAMCLULEY.COM
📡 INFOSEC NEWS 5[−]
21 JanEx-CIA Analyst Pleads Guilty to Sharing Top-Secret Data with Unauthorized PartiesA former analyst working for the U.S. Central Intelligence Agency (CIA) pleaded guilty to transmitting top secret National Defense Information (NDI) to individuals who did not have the necessary authorization to receive it and attempted to cover up the activity. Asif William Rahm…THEHACKERNEWS.COM
21 JanHackGATE: Setting New Standards for Visibility and Control in Penetration Testing ProjectsImagine receiving a penetration test report that leaves you with more questions than answers. Questions like, "Were all functionalities of the web app tested?" or " Were there any security issues that could have been identified during testing?" often go unresolved, raising concer…THEHACKERNEWS.COM
21 JanHow to download, install, and update Kaspersky apps for Android | Kaspersky official blogHow to download, install, and update Kaspersky apps for Android from alternative stores.KASPERSKY.COM
21 JanThe AI Phrase That Breaks ChatGPT! 😱Ever wondered what happens when you push AI to its limits? 🤔 Some phrases can break the system, and "David Mayor" is one of them! But why? Is it a glitch, a rule, or something more? Dive into this strange AI mystery and discover the story behind it. The truth might surprise you! …YOUTUBE.COM