CyberAlerts

PowerSchool starts notifying victims of massive data breach

Description: Education software giant PowerSchool has started notifying individuals in the U.S. and Canada whose personal data was exposed in a late December 2024 cyberattack. [...]

Source: BleepingComputer

January 28th, 2025 (5 months ago)

2024 Annual Report

Description: Discover key insights from Recorded Future's 2024 report on cyber threats, criminal networks, SaaS identity risks, and strategies for 2025 cybersecurity.

Source: RecordedFuture

January 28th, 2025 (5 months ago)

Protecting AWS environments from cyberthreats

Source: TheRegister

January 28th, 2025 (5 months ago)

Chinese AI DeepSeek R1 Is a Privacy and Security Nightmare

Description: Chinese AI model DeepSeek R1, hailed as a major breakthrough in reasoning capabilities, has been found to be highly vulnerable to security exploits, allowing it to generate harmful content, including malware, disinformation, and instructions for criminal activities. A recent investigation by cyber-intelligence firm KELA revealed that the model is particularly easy to jailbreak, posing a … The post Chinese AI DeepSeek R1 Is a Privacy and Security Nightmare appeared first on CyberInsider.

Source: CyberInsider

January 28th, 2025 (5 months ago)

Cryptographic Agility's Legislative Possibilities & Business Benefits

Description: Quantum computing will bring new security risks. Both professionals and legislators need to use this time to prepare.

Source: Dark Reading

January 28th, 2025 (5 months ago)

OAuth Redirect Flaw in Airline Travel Integration Exposes Millions to Account Hijacking

Description: Cybersecurity researchers have disclosed details of a now-patched account takeover vulnerability affecting a popular online travel service for hotel and car rentals. "By exploiting this flaw, attackers can gain unauthorized access to any user’s account within the system, effectively allowing them to impersonate the victim and perform an array of actions on their behalf – including

Source: TheHackerNews

January 28th, 2025 (5 months ago)

Microsoft tests Edge Scareware Blocker to block tech support scams

Description: Microsoft has started testing a new "scareware blocker" feature for the Edge web browser on Windows PCs, which uses machine learning (ML) to detect tech support scams. [...]

Source: BleepingComputer

January 28th, 2025 (5 months ago)

Security pros more confident about fending off ransomware, despite being battered by attacks

Source: TheRegister

January 28th, 2025 (5 months ago)

Ransomware Targets ESXi Systems via Stealthy SSH Tunnels for C2 Operations

Description: Cybersecurity researchers have found that ransomware attacks targeting ESXi systems are also leveraging the access to repurpose the appliances as a conduit to tunnel traffic to command-and-control (C2) infrastructure and stay under the radar. "ESXi appliances, which are unmonitored, are increasingly exploited as a persistence mechanism and gateway to access corporate networks widely," Sygnia

Source: TheHackerNews

January 28th, 2025 (5 months ago)

New TorNet backdoor seen in widespread campaign

Description: Cisco Talos discovered an ongoing malicious campaign operated by a financially motivated threat actor targeting users, predominantly in Poland and Germany.

Source: Cisco Talos Blog

January 28th, 2025 (5 months ago)

Threat and Vulnerability Intelligence Database

Example Searches:

	PowerSchool starts notifying victims of massive data breach Description: Education software giant PowerSchool has started notifying individuals in the U.S. and Canada whose personal data was exposed in a late December 2024 cyberattack. [...] Source: BleepingComputer January 28th, 2025 (5 months ago)
	2024 Annual Report Description: Discover key insights from Recorded Future's 2024 report on cyber threats, criminal networks, SaaS identity risks, and strategies for 2025 cybersecurity. Source: RecordedFuture January 28th, 2025 (5 months ago)
	Protecting AWS environments from cyberthreats Source: TheRegister January 28th, 2025 (5 months ago)
	Chinese AI DeepSeek R1 Is a Privacy and Security Nightmare Description: Chinese AI model DeepSeek R1, hailed as a major breakthrough in reasoning capabilities, has been found to be highly vulnerable to security exploits, allowing it to generate harmful content, including malware, disinformation, and instructions for criminal activities. A recent investigation by cyber-intelligence firm KELA revealed that the model is particularly easy to jailbreak, posing a … The post Chinese AI DeepSeek R1 Is a Privacy and Security Nightmare appeared first on CyberInsider. Source: CyberInsider January 28th, 2025 (5 months ago)
	Cryptographic Agility's Legislative Possibilities & Business Benefits Description: Quantum computing will bring new security risks. Both professionals and legislators need to use this time to prepare. Source: Dark Reading January 28th, 2025 (5 months ago)
	OAuth Redirect Flaw in Airline Travel Integration Exposes Millions to Account Hijacking Description: Cybersecurity researchers have disclosed details of a now-patched account takeover vulnerability affecting a popular online travel service for hotel and car rentals. "By exploiting this flaw, attackers can gain unauthorized access to any user’s account within the system, effectively allowing them to impersonate the victim and perform an array of actions on their behalf – including Source: TheHackerNews January 28th, 2025 (5 months ago)
	Microsoft tests Edge Scareware Blocker to block tech support scams Description: Microsoft has started testing a new "scareware blocker" feature for the Edge web browser on Windows PCs, which uses machine learning (ML) to detect tech support scams. [...] Source: BleepingComputer January 28th, 2025 (5 months ago)
	Security pros more confident about fending off ransomware, despite being battered by attacks Source: TheRegister January 28th, 2025 (5 months ago)
	Ransomware Targets ESXi Systems via Stealthy SSH Tunnels for C2 Operations Description: Cybersecurity researchers have found that ransomware attacks targeting ESXi systems are also leveraging the access to repurpose the appliances as a conduit to tunnel traffic to command-and-control (C2) infrastructure and stay under the radar. "ESXi appliances, which are unmonitored, are increasingly exploited as a persistence mechanism and gateway to access corporate networks widely," Sygnia Source: TheHackerNews January 28th, 2025 (5 months ago)
	New TorNet backdoor seen in widespread campaign Description: Cisco Talos discovered an ongoing malicious campaign operated by a financially motivated threat actor targeting users, predominantly in Poland and Germany. Source: Cisco Talos Blog January 28th, 2025 (5 months ago)