🦿 DeepSeek Locked Down Public Database Access That Exposed Chat History 🦿
📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
Research Firm Wiz Research began investigating DeepSeek soon after its generative AI took the tech world by storm.📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
TechRepublic
DeepSeek Locked Down Public Database Access That Exposed Chat History
Research Firm Wiz Research began investigating DeepSeek soon after its generative AI took the tech world by storm.
🕵️♂️ Healthcare Sector Charts 2 More Ransomware Attacks 🕵️♂️
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
No ransomware groups have yet to claim responsibility for either attack, and both institutions have yet to reveal what may have been stolen.📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Darkreading
Healthcare Sector Charts 2 More Ransomware Attacks
No ransomware groups have yet to claim responsibility for either attack, and both institutions have yet to reveal what may have been stolen.
🖋️ Broadcom Patches VMware Aria Flaws – Exploits May Lead to Credential Theft 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Broadcom has released security updates to patch five security flaws impacting VMware Aria Operations and Aria Operations for Logs, warning customers that attackers could exploit them to gain elevated access or obtain sensitive information. The list of identified flaws, which impact versions 8.x of the software, is below CVE202522218 CVSS score 8.5 A malicious actor with View Only Admin.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🦅 Dark Web Activity January 2025: A New Hacktivist Group Emerges 🦅
📖 Read more.
🔗 Via "CYBLE"
----------
👁️ Seen on @cibsecurity
Overview Cyble dark web researchers investigated more than 250 dark web claims by threat actors in January 2025, with more than a quarter of those targeting U.S.based organizations. Of threat actors TAs on the dark web targeting U.S. organizations during the month, 15 were ransomware groups claiming successful attacks or selling data from those attacks. Ransomware group claims accounted for about 40 of the Cyble investigations. Most of the investigations examined threat actors claiming to be selling data stolen from organizations, or selling access to those organizations networks. Several investigations focused on cyberattacks orchestrated by hacktivist groups including a new Russian threat group identified here for the first time. Sector 16 Teams Up With Russian Hackti...📖 Read more.
🔗 Via "CYBLE"
----------
👁️ Seen on @cibsecurity
📔 DeepSeek's Flagship AI Model Under Fire for Security Vulnerabilities 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Cyber reports exposed major security flaws in DeepSeeks R1 LLM.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
DeepSeek's Flagship AI Model Under Fire for Security Vulnerabilities
Cyber reports exposed major security flaws in DeepSeek’s R1 LLM
📔 International Operation Dismantles Cracked and Nulled Cybercrime Hubs 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
A global law enforcement operation has taken down infrastructure used by Cracked.io and Nulled.io, which provide cybercriminal tools and services.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
International Operation Dismantles Cracked and Nulled Cybercrime Hubs
A global law enforcement operation has taken down infrastructure used by Cracked.io and Nulled.io, which provide cybercriminal tools and services
🦅 Cyble’s Weekly Vulnerability Update: Critical SonicWall Zero-Day and Exploited Flaws Discovered 🦅
📖 Read more.
🔗 Via "CYBLE"
----------
👁️ Seen on @cibsecurity
Overview Cybles weekly vulnerability insights to clients cover key vulnerabilities discovered between January 22 and January 28, 2025. The findings highlight a range of vulnerabilities across various platforms, including critical issues that are already being actively exploited. Notably, the Cybersecurity and Infrastructure Security Agency CISA added two vulnerabilities to their Known Exploited Vulnerability KEV catalog this week. Among these, the zeroday vulnerability CVE202523006 stands out as a critical threat affecting SonicWalls SMA1000 appliances. In this weeks analysis, Cyble delves into multiple vulnerabilities across widely used software tools and plugins, with particular attention to SimpleHelp remote support software, Ivantis Cloud Services Appliance, and issues wit...📖 Read more.
🔗 Via "CYBLE"
----------
👁️ Seen on @cibsecurity
Cyble
Cyble's Weekly Vulnerability Update: Critical SonicWall Zero-Day
Cyble’s weekly report highlights key vulnerabilities discovered from Jan 22-28, 2025, including critical SonicWall zero-day and active exploits targeting major platforms.
📢 Two of the world's largest cyber crime forums knocked offline 📢
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
Two cyber crime forums, Cracked and Nulled, have been taken down as part of a police operation involving international partners.📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
ITPro
Two of the world's largest cyber crime forums knocked offline
Europol, the US Justice Department, and other agencies have seized Cracked and Nulled
📢 Data sovereignty a growing priority for UK enterprises 📢
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
Many firms view data sovereignty as simply a compliance issue.📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
IT Pro
Data sovereignty a growing priority for UK enterprises
Many firms view data sovereignty as simply a compliance issue
🧠 AI decision-making: Where do businesses draw the line? 🧠
📖 Read more.
🔗 Via "Security Intelligence"
----------
👁️ Seen on @cibsecurity
A computer can never be held accountable, therefore a computer must never make a management decision. IBM Training Manual, 1979 Artificial intelligence AI adoption is on the rise. According to the IBM Global AI Adoption Index 2023, 42 of enterprises have actively deployed AI, and 40 are experimenting with the technology. Of those using The post AI decisionmaking Where do businesses draw the line? appeared first on Security Intelligence.📖 Read more.
🔗 Via "Security Intelligence"
----------
👁️ Seen on @cibsecurity
Security Intelligence
AI decision-making: Where do businesses draw the line?
As AI takes a greater role in our lives, it begs an important question: If AI makes a mistake with serious consequences, who takes the blame?
🖋️ CISA and FDA Warn of Critical Backdoor in Contec CMS8000 Patient Monitors 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
The U.S. Cybersecurity and Infrastructure Security Agency CISA and the Food and Drug Administration FDA have issued alerts about the presence of hidden functionality in Contec CMS8000 patient monitors and Epsimed MN120 patient monitors. The vulnerability, tracked as CVE20250626, carries a CVSS v4 score of 7.7 on a scale of 10.0. The flaw, alongside two other issues, was reported to CISA.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Top 5 AI-Powered Social Engineering Attacks 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Social engineering has long been an effective tactic because of how it focuses on human vulnerabilities. Theres no bruteforce spray and pray password guessing. No scouring systems for unpatched software. Instead, it simply relies on manipulating emotions such as trust, fear, and respect for authority, usually with the goal of gaining access to sensitive information or protected systems.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Italy Bans Chinese DeepSeek AI Over Data Privacy and Ethical Concerns 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Italy's data protection watchdog has blocked Chinese artificial intelligence AI firm DeepSeek's service within the country, citing a lack of information on its use of users' personal data. The development comes days after the authority, the Garante, sent a series of questions to DeepSeek, asking about its data handling practices and where it obtained its training data. In particular, it wanted.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Google Bans 158,000 Malicious Android App Developer Accounts in 2024 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Google said it blocked over 2.36 million policyviolating Android apps from being published to the Google Play app marketplace in 2024 and banned more than 158,000 bad developer accounts that attempted to publish such harmful apps. The tech giant also noted it prevented 1.3 million apps from getting excessive or unnecessary access to sensitive user data during the time period by working with.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
📔 Threat Actors Target Public-Facing Apps for Initial Access 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Cisco Talos found that exploitation of publicfacing applications made up 40 of incidents it observed in Q4 2024, marking a notable shift in initial access techniques.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Threat Actors Target Public-Facing Apps for Initial Access
Cisco Talos found that exploitation of public-facing applications made up 40% of incidents it observed in Q4 2024, marking a notable shift in initial access techniques
📔 Tata Technologies Hit by Ransomware Attack 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
The Indian tech giant temporarily suspended some of its IT services, which have now been restored.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Tata Technologies Hit by Ransomware Attack
The Indian tech giant temporarily suspended some of its IT services, which have now been restored
🕵️♂️ Can AI & the Cyber Trust Mark Rebuild Endpoint Confidence? 🕵️♂️
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
The Cyber Trust Mark has the potential to change how we define and measure security at the endpoint level. But potential isn't enough.📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Darkreading
Can AI & the Cyber Trust Mark Rebuild Endpoint Confidence?
The Cyber Trust Mark has the potential to change how we define and measure security at the endpoint level. But potential isn't enough.
🕵️♂️ State Data Privacy Regulators Are Coming. What Story Will You Tell Them? 🕵️♂️
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Regulators are ready to enforce new state data privacy laws. Here's how experts say organizations can stay compliant and avoid penalties.📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Darkreading
State Data Privacy Regulators Are Coming. What Story Will You Tell Them?
Regulators are ready to enforce new state data privacy laws. Here's how experts say organizations can stay compliant and avoid penalties.
🤔1
🕵️♂️ Tenable to Acquire Vulcan Cyber to Boost Exposure Management Focus 🕵️♂️
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
The deal, expected to close this quarter, will give Tenable One Exposure Management muchneeded integration with over 100 thirdparty security tools and platforms.📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Darkreading
Tenable to Acquire Vulcan Cyber to Boost Exposure Management Focus
The deal, expected to close this quarter, will give Tenable One Exposure Management much-needed integration with over 100 third-party security tools and platforms.
🕵️♂️ Code-Scanning Tool's License at Heart of Security Breakup 🕵️♂️
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Nine application security toolmakers band together to fork the popular Semgrep codescanning project, touching off a controversy over access to features and fairness.📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Darkreading
Code-Scanning Tool's License at Heart of Security Breakup
Nine application security toolmakers band together to fork the popular Semgrep code-scanning project, touching off a controversy over access to features and fairness.
♟️ FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang ♟️
📖 Read more.
🔗 Via "Krebs on Security"
----------
👁️ Seen on @cibsecurity
The FBI and authorities in The Netherlands this week seized a number of servers and domains for a hugely popular spam and malware dissemination service operating out of Pakistan. The proprietors of the service, who use the collective nickname "The Manipulaters," have been the subject of three stories published here since 2015. The FBI said the main clientele are organized crime groups that try to trick victim companies into making payments to a third party.📖 Read more.
🔗 Via "Krebs on Security"
----------
👁️ Seen on @cibsecurity
Krebs on Security
FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang
The FBI and authorities in The Netherlands this week seized a number of servers and domains for a hugely popular spam and malware dissemination service operating out of Pakistan. The proprietors of the service, who use the collective nickname "The…