Cybersecurity News
May 10th, 2025 - By If your internet has been lagging, or your home devices acting strangely, you might want to check your router model. The FBI has issued a cybersecurity warning urging consumers to replace 13 specific older routers, calling them "end-of-life" devices that are no longer supported by manufacturers and highly vulnerable to cyberattacks. In a flash bulletin issued May 7, the FBI warned that these outdated routers, many of them once-popular Linksys models from the 2000s and 2010s, are actively ... [Read More]
Source: miamiherald.com
May 8th, 2025 - A new malware called LOSTKEYS, capable of stealing files and system data, has been identified by Google's Threat Intelligence Group (GTIG) as part of a series of cyber-attacks attributed to COLDRIVER – a threat actor linked to the Russian government. The malware, observed in attacks during January, March and April 2025, marks a new step in COLDRIVER's evolving capabilities. Previously known primarily for credential phishing targeting Western diplomats, NGOs and intelligence ... [Read More]
Source: infosecurity-magazine.com
May 8th, 2025 - If you want to make Linux as productive an environment as possible, the terminal window is where it's at. Here are five things that can be done efficiently from the command line. As much as I tout that users don't have to work with the Linux terminal, I have to admit there are certain things I do from the command line that are far more productive than their GUI counterparts. It's part of what makes Linux such a great operating system. If you want to do things simply, use the GUI. If you want to ... [Read More]
Source: zdnet.com
May 8th, 2025 - As new malware delivery campaigns using the ClickFix social engineering tactic are spotted nearly every month, it's interesting to see how the various attackers are trying to refine the two main elements: the lure and the "instruction" page. In the latest email campaigns documented by the Google Threat Intelligence Group, the suspected Russian threat actor tried to trick the targets into downloading malware by urging them to "solve" a fake CAPTCHA page and then press a combination of keys that ... [Read More]
Source: helpnetsecurity.com
May 8th, 2025 - The presence of credentials in leaked "stealer logs" indicates his device was infected. Login credentials belonging to an employee at both the Cybersecurity and Infrastructure Security Agency and the Department of Government Efficiency have appeared in multiple public leaks from info-stealer malware, a strong indication that devices belonging to him have been hacked in recent years. Kyle Schutt is a 30-something-year-old software engineer who, according to , gained access in February to a "core ... [Read More]
Source: arstechnica.com
May 8th, 2025 - Education giant Pearson suffered a cyberattack, allowing threat actors to steal corporate data and customer information, BleepingComputer has learned. Pearson is a UK-based education company and one of the world's largest providers of academic publishing, digital learning tools, and standardized assessments. The company works with schools, universities, and individuals in over 70 countries through its print and online services. In a statement to BleepingComputer, Pearson confirmed they suffered ... [Read More]
Source: bleepingcomputer.com
May 8th, 2025 - FBI Warns Of Router Attacks — Is Yours On The List Of 13? By Davey Winder FBI Warns Of Router Attacks — Is Yours On The List Of 13? Davey Winder is a veteran cybersecurity writer, hacker and analyst. posed by a rise in internet swatting attacks. But that doesn't mean the more mundane alerts from the FBI shouldn't be taken just as seriously. Take, for example, the latest FBI Flash from its cyber division that warns users of end-of-life routers that they are under attack. Is your ... [Read More]
Source: forbes.com
May 7th, 2025 - Google has released fixes for a bucketload of Android security vulnerabilities, including a FreeType flaw (CVE-2025-27363) that "may be under limited, targeted exploitation." About CVE-2025-27363 CVE-2025-27363 is an out of bounds write vulnerability in FreeType, an open-source software library that renders fonts (thus, text) onto digital displays (e.g., screens) and is used across many platforms, including Android, iOS, macOS, and Linux. FreeType has been the source of multiple security ... [Read More]
Source: helpnetsecurity.com
May 7th, 2025 - Researchers found evidence that the CVE-2025-29824 privilege escalation flaw patched by Microsoft in April was known and used by the Play ransomware gang in addition to a group that Microsoft tracked as Storm-2460. A privilege escalation vulnerability that Microsoft patched as a zero-day in April was known and used by more groups than initially revealed, including the gang behind the Play ransomware that got into one network through a Cisco ASA firewall. When Microsoft patched CVE-2025-29824 on ... [Read More]
Source: csoonline.com
May 5th, 2025 - Attack that started in April and remains ongoing runs malicious code on visitors' devices. Hundreds of e-commerce sites, at least one owned by a large multinational company, were backdoored by malware that executes malicious code inside the browsers of visitors, where it can steal payment card information and other sensitive data, security researchers said Monday. The infections are the result of a supply-chain attack that compromised at least three software providers with malware that remained ... [Read More]
Source: arstechnica.com
May 10th, 2025 - By If your internet has been lagging, or your home devices acting strangely, you might want to check your router model. The FBI has issued a cybersecurity warning urging consumers to replace 13 specific older routers, calling them "end-of-life" devices that are no longer supported by manufacturers and highly vulnerable to cyberattacks. In a flash bulletin issued May 7, the FBI warned that these outdated routers, many of them once-popular Linksys models from the 2000s and 2010s, are actively ... [Read More]
Source: miamiherald.com
May 8th, 2025 - A new malware called LOSTKEYS, capable of stealing files and system data, has been identified by Google's Threat Intelligence Group (GTIG) as part of a series of cyber-attacks attributed to COLDRIVER – a threat actor linked to the Russian government. The malware, observed in attacks during January, March and April 2025, marks a new step in COLDRIVER's evolving capabilities. Previously known primarily for credential phishing targeting Western diplomats, NGOs and intelligence ... [Read More]
Source: infosecurity-magazine.com
May 8th, 2025 - If you want to make Linux as productive an environment as possible, the terminal window is where it's at. Here are five things that can be done efficiently from the command line. As much as I tout that users don't have to work with the Linux terminal, I have to admit there are certain things I do from the command line that are far more productive than their GUI counterparts. It's part of what makes Linux such a great operating system. If you want to do things simply, use the GUI. If you want to ... [Read More]
Source: zdnet.com
May 8th, 2025 - As new malware delivery campaigns using the ClickFix social engineering tactic are spotted nearly every month, it's interesting to see how the various attackers are trying to refine the two main elements: the lure and the "instruction" page. In the latest email campaigns documented by the Google Threat Intelligence Group, the suspected Russian threat actor tried to trick the targets into downloading malware by urging them to "solve" a fake CAPTCHA page and then press a combination of keys that ... [Read More]
Source: helpnetsecurity.com
May 8th, 2025 - The presence of credentials in leaked "stealer logs" indicates his device was infected. Login credentials belonging to an employee at both the Cybersecurity and Infrastructure Security Agency and the Department of Government Efficiency have appeared in multiple public leaks from info-stealer malware, a strong indication that devices belonging to him have been hacked in recent years. Kyle Schutt is a 30-something-year-old software engineer who, according to , gained access in February to a "core ... [Read More]
Source: arstechnica.com
May 8th, 2025 - Education giant Pearson suffered a cyberattack, allowing threat actors to steal corporate data and customer information, BleepingComputer has learned. Pearson is a UK-based education company and one of the world's largest providers of academic publishing, digital learning tools, and standardized assessments. The company works with schools, universities, and individuals in over 70 countries through its print and online services. In a statement to BleepingComputer, Pearson confirmed they suffered ... [Read More]
Source: bleepingcomputer.com
May 8th, 2025 - FBI Warns Of Router Attacks — Is Yours On The List Of 13? By Davey Winder FBI Warns Of Router Attacks — Is Yours On The List Of 13? Davey Winder is a veteran cybersecurity writer, hacker and analyst. posed by a rise in internet swatting attacks. But that doesn't mean the more mundane alerts from the FBI shouldn't be taken just as seriously. Take, for example, the latest FBI Flash from its cyber division that warns users of end-of-life routers that they are under attack. Is your ... [Read More]
Source: forbes.com
May 7th, 2025 - Google has released fixes for a bucketload of Android security vulnerabilities, including a FreeType flaw (CVE-2025-27363) that "may be under limited, targeted exploitation." About CVE-2025-27363 CVE-2025-27363 is an out of bounds write vulnerability in FreeType, an open-source software library that renders fonts (thus, text) onto digital displays (e.g., screens) and is used across many platforms, including Android, iOS, macOS, and Linux. FreeType has been the source of multiple security ... [Read More]
Source: helpnetsecurity.com
May 7th, 2025 - Researchers found evidence that the CVE-2025-29824 privilege escalation flaw patched by Microsoft in April was known and used by the Play ransomware gang in addition to a group that Microsoft tracked as Storm-2460. A privilege escalation vulnerability that Microsoft patched as a zero-day in April was known and used by more groups than initially revealed, including the gang behind the Play ransomware that got into one network through a Cisco ASA firewall. When Microsoft patched CVE-2025-29824 on ... [Read More]
Source: csoonline.com
May 5th, 2025 - Attack that started in April and remains ongoing runs malicious code on visitors' devices. Hundreds of e-commerce sites, at least one owned by a large multinational company, were backdoored by malware that executes malicious code inside the browsers of visitors, where it can steal payment card information and other sensitive data, security researchers said Monday. The infections are the result of a supply-chain attack that compromised at least three software providers with malware that remained ... [Read More]
Source: arstechnica.com
You May Also Like…
Private Equity Cybersecurity: Only as Strong as Your Weakest Vendor
Private equity firms face unprecedented cybersecurity challenges as Boards of Directors demand direct accountability from management teams for security postures. Modern threat actors specifically...
Third-Party Vendors Raise Cyber Risk for US Power Grid
Cyber-attacks on the US power grid have exposed a concerning weakness: third-party vendors who can access critical infrastructure systems. Security experts tracked 23 major cyber-attacks that...
Continuous Attack Surface Monitoring vs. Point-in-Time Assessments: What’s Better for Third-Party Risk Management?
How big is your company’s attack surface? An organization must audit its third-party vendors for that question to be answered. The attack surface expands when organizations bring in a third-party...