Security

Trump Terminates DHS Advisory Committee Memberships, Disrupting Cybersecurity Review
The new Trump administration has terminated all memberships of advisory committees that report to the Department of Homeland Security (DHS).  "In alignment with the Department of Homeland Security's (DHS) commitment to eliminating the misuse of resour...
2025-01-22 21:47
local_offer
Hackers Exploit Zero-Day in cnPilot Routers to Deploy AIRASHI DDoS Botnet
Threat actors are exploiting an unspecified zero-day vulnerability in Cambium Networks cnPilot routers to deploy a variant of the AISURU botnet called AIRASHI to carry out distributed denial-of-service (DDoS) attacks. According to QiAnXin XLab, the att...
2025-01-22 19:23
local_offer
Discover Hidden Browsing Threats: Free Risk Assessment for GenAI, Identity, Web, and SaaS Risks
As GenAI tools and SaaS platforms become a staple component in the employee toolkit, the risks associated with data exposure, identity vulnerabilities, and unmonitored browsing behavior have skyrocketed. Forward-thinking security teams are looking for ...
2025-01-22 16:01
local_offer
President Trump Pardons Silk Road Creator Ross Ulbricht After 11 Years in Prison
U.S. President Donald Trump on Tuesday granted a "full and unconditional pardon" to Ross Ulbricht, the creator of the infamous Silk Road drug marketplace, after spending 11 years behind bars. "I just called the mother of Ross William Ulbricht to let he...
2025-01-22 16:00
local_offer
PlushDaemon APT Targets South Korean VPN Provider in Supply Chain Attack
A previously undocumented China-aligned advanced persistent threat (APT) group named PlushDaemon has been linked to a supply chain attack targeting a South Korean virtual private network (VPN) provider in 2023, according to new findings from ESET. "The...
2025-01-22 14:19
local_offer
Oracle Releases January 2025 Patch to Address 318 Flaws Across Major Products
Oracle is urging customers to apply its January 2025 Critical Patch Update (CPU) to address 318 new security vulnerabilities spanning its products and services. The most severe of the flaws is a bug in the Oracle Agile Product Lifecycle Management (PLM...
2025-01-22 12:55
local_offer
Mirai Botnet Launches Record 5.6 Tbps DDoS Attack with 13,000+ IoT Device
Web infrastructure and security company Cloudflare on Tuesday said it detected and blocked a 5.6 Terabit per second (Tbps) distributed denial-of-service (DDoS) attack, the largest ever attack to be reported to date. The UDP protocol-based attack took p...
2025-01-22 11:49
local_offer
Mirai Botnet Launches Record 5.6 Tbps DDoS Attack with 13,000+ IoT Devices
Web infrastructure and security company Cloudflare on Tuesday said it detected and blocked a 5.6 Terabit per second (Tbps) distributed denial-of-service (DDoS) attack, the largest ever attack to be reported to date. The UDP protocol-based attack took p...
2025-01-22 11:49
local_offer
Mirai Variant Murdoc_Botnet Exploits AVTECH IP Cameras and Huawei Routers
Cybersecurity researchers have warned of a new large-scale campaign that exploits security flaws in AVTECH IP cameras and Huawei HG532 routers to rope the devices into a Mirai botnet variant dubbed Murdoc_Botnet. The ongoing activity "demonstrates enha...
2025-01-21 19:30
local_offer
Mirai Variant Murdoc Botnet Exploits AVTECH IP Cameras and Huawei Routers
Cybersecurity researchers have warned of a new large-scale campaign that exploits security flaws in AVTECH IP cameras and Huawei HG532 routers to rope the devices into a Mirai botnet variant dubbed Murdoc Botnet. The ongoing activity "demonstrates enha...
2025-01-21 19:30
local_offer
13,000 MikroTik Routers Hijacked by Botnet for Malspam and Cyberattacks
A global network of about 13,000 hijacked Mikrotik routers has been employed as a botnet to propagate malware via spam campaigns, the latest addition to a list of botnets powered by MikroTik devices. The activity "take[s] advantage of misconfigured DNS...
2025-01-21 18:16
local_offer
Ex-CIA Analyst Pleads Guilty to Sharing Top-Secret Data with Unauthorized Parties
A former analyst working for the U.S. Central Intelligence Agency (CIA) pleaded guilty to transmitting top secret National Defense Information (NDI) to individuals who did not have the necessary authorization to receive it and attempted to cover up the...
2025-01-21 16:22
local_offer
HackGATE: Setting New Standards for Visibility and Control in Penetration Testing Projects
Imagine receiving a penetration test report that leaves you with more questions than answers. Questions like, "Were all functionalities of the web app tested?" or " Were there any security issues that could have been identified during testing?" often g...
2025-01-21 16:00
local_offer
PNGPlug Loader Delivers ValleyRAT Malware Through Fake Software Installers
Cybersecurity researchers are calling attention to a series of cyber attacks that have targeted Chinese-speaking regions like Hong Kong, Taiwan, and Mainland China with a known malware called ValleyRAT. The attacks leverage a multi-stage loader dubbed ...
2025-01-21 11:15
local_offer
CERT-UA Warns of Cyber Scams Using Fake AnyDesk Requests for Fraudulent Security Audits
The Computer Emergency Response Team of Ukraine (CERT-UA) is warning of ongoing attempts by unknown threat actors to impersonate the cybersecurity agency by sending AnyDesk connection requests. The AnyDesk requests claim to be for conducting an audit t...
2025-01-21 10:57
local_offer
Unsecured Tunneling Protocols Expose 4.2 Million Hosts, Including VPNs and Routers
New research has uncovered security vulnerabilities in multiple tunneling protocols that could allow attackers to perform a wide range of attacks. "Internet hosts that accept tunneling packets without verifying the sender's identity can be hijacked to ...
2025-01-20 20:38
local_offer
DoNot Team Linked to New Tanzeem Android Malware Targeting Intelligence Collection
The Threat actor known as DoNot Team has been linked to a new Android malware as part of highly targeted cyber attacks. The artifacts in question, named Tanzeem (meaning "organization" in Urdu) and Tanzeem Update, were spotted in October and December 2...
2025-01-20 20:23
local_offer
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [20 January]
As the digital world becomes more complicated, the lines between national security and cybersecurity are starting to fade. Recent cyber sanctions and intelligence moves show a reality where malware and fake news are used as tools in global politics. Ev...
2025-01-20 17:32
local_offer
Product Walkthrough: How Satori Secures Sensitive Data From Production to AI
Every week seems to bring news of another data breach, and it’s no surprise why: securing sensitive data has become harder than ever. And it’s not just because companies are dealing with orders of magnitude more data. Data flows and user roles are ...
2025-01-20 16:40
local_offer
Hackers Deploy Malicious npm Packages to Steal Solana Wallet Keys via Gmail SMTP
Cybersecurity researchers have identified three sets of malicious packages across the npm and Python Package Index (PyPI) repository that come with capabilities to steal data and even delete sensitive data from infected systems. The list of identified ...
2025-01-20 11:15
local_offer