While President Trump supported federal space efforts during his first administration, the addition of SpaceX chief Elon Musk to his circle likely means challenges for regulating spacecraft cybersecurity, experts say.
darkreading – Read More
OpenAI’s latest tech can reason better than its previous models could, but not well enough to ferret out careful social engineering.
darkreading – Read More
Riding the wave of notoriety from the Chinese company’s R1 AT chatbot, attackers are spinning up lookalike sites for different malicious use cases.
darkreading – Read More
A bipartisan duo in the the U.S. House is proposing legislation to ban the Chinese artificial intelligence app DeepSeek from federal devices.
The post House Lawmakers Push to Ban AI App DeepSeek From US Government Devices appeared first on SecurityWeek.
SecurityWeek – Read More
Zimperium warns that threat actors have stolen the information of tens of thousands of Android users in India using over 1,000 malicious applications.
The post 1,000 Apps Used in Malicious Campaign Targeting Android Users in India appeared first on SecurityWeek.
SecurityWeek – Read More
“Enough Ripples, And You Change The Tide. For The Future Is Never Truly Set.” X-Men: Days of Future Past
In January, I dedicated some time to examine threat data from 2024, comparing it with the previous years to identify anomalies, spikes, and changes.
As anticipated, the number of Common Vulnerabilities and Exposures (CVEs) rose significantly, from 29,166 in 2023 to 40,289 in 2024, marking a substantial 38% increase. Interestingly, the severity levels of the CVEs remained centered around 7-8 for both years.
When taking a closer look at the known exploited vulnerabilities reported by the Cybersecurity and Infrastructure Security Agency (CISA), I observed that the numbers remained relatively stable, with 186 in 2024 compared to 187 in 2023. However, there was a noteworthy 36% increase for the critical vulnerabilities scored (9-10).
There is more to uncover from this data, and the analysis is still ongoing.
It was also time to “stack” the data of our Quarterly Incident Response Reports. The standout aspects are the initial access vectors to me. “Exploiting Public Facing Applications” and “Valid Accounts” were dominant, outperforming other methods. This serves as a timely reminder to implement (proper) MFA and other identity and access control solutions as well as patch regularly and replace end-of-life assets.
Reflecting on CVEs, patching, initial access vectors and also lateral movement, it’s important to remember that the “free” support for Windows 10 will end on October 14, 2025.
Mark.your.calendars. Please. And plan accordingly to ensure your systems remain secure.
We want your feedback! Tell us your thoughts and five lucky readers will receive Talos Swag boxes.
Cisco Talos’ Vulnerability Research team recently disclosed three vulnerabilities in Observium, three vulnerabilities in Offis, and four vulnerabilities in Whatsup Gold.
Observium and WhatsUp Gold can be categorized as Network Monitoring Systems (NMS). A NMS as such holds a lot of valuable information such as Network Topology, Device Inventory, Log Files, Configuration Data and more, making them an attractive for the bad guys.
The vulnerabilities mentioned in this blog post have been patched by their respective vendors, make sure your installation is up to date.
The Cybersecurity and Infrastructure Security Agency analyzed a patient monitor used by the Healthcare and Public Health sector and discovered an embedded backdoor. (CISA)
Apple has released software updates to address several security flaws across its portfolio, including a zero-day vulnerability that it said has been exploited in the wild. (Hacker News)
Nearly 100 journalists and other members of civil society using WhatsApp were targeted by a “zero-click” attack (Guardian)
DeepSeek AI tools impersonated by infostealer malware on PyPI (Bleeping Computer)
Talos team members: Martin LEE, Thorsten ROSENDAHL, Yuri KRAMARZ, Giannis TZIAKOURIS, and Vanja SVAJCER will be speaking at Cisco Live EMEA. Amsterdam, Netherlands, 9-14 February.
S4x25 (February 10-12, 2025)
Tampa, FL
RSA (April 28-May 1, 2025)
San Francisco, CA
TIPS 2025 (May 14-15, 2025)
Arlington, VA
SHA 256: 9f1f11a708d393e0a4109ae189bc64f1f3e312653dcf317a2bd406f18ffcc507
MD5: 2915b3f8b703eb744fc54c81f4a9c67f
VirusTotal: https://www.virustotal.com/gui/file/9f1f11a708d393e0a4109ae189bc64f1f3e312653dcf317a2bd406f18ffcc507
Typical Filename: VID001.exe
Claimed Product: N/A
Detection Name: Win.Worm.Coinminer::1201
SHA256: 47ecaab5cd6b26fe18d9759a9392bce81ba379817c53a3a468fe9060a076f8ca
MD5: 71fea034b422e4a17ebb06022532fdde
VirusTotal: https://www.virustotal.com/gui/file/47ecaab5cd6b26fe18d9759a9392bce81ba379817c53a3a468fe9060a076f8ca
Typical Filename: VID001.exe
Claimed Product: n/a
Detection Name: Coinminer:MBT.26mw.in14.Talos
SHA256:873ee789a177e59e7f82d3030896b1efdebe468c2dfa02e41ef94978aadf006f
MD5: d86808f6e519b5ce79b83b99dfb9294d
VirusTotal:
https://www.virustotal.com/gui/file/873ee789a177e59e7f82d3030896b1efdebe468c2dfa02e41ef94978aadf006f
Typical Filename: n/a
Claimed Product: n/a
Detection Name: Win32.Trojan-Stealer.Petef.FPSKK8
SHA 256:7b3ec2365a64d9a9b2452c22e82e6d6ce2bb6dbc06c6720951c9570a5cd46fe5
MD5: ff1b6bb151cf9f671c929a4cbdb64d86
VirusTotal: https://www.virustotal.com/gui/file/7b3ec2365a64d9a9b2452c22e82e6d6ce2bb6dbc06c6720951c9570a5cd46fe5
Typical Filename: endpoint.query
Claimed Product: Endpoint-Collector
Detection Name: W32.File.MalParent
SHA 256: 744c5a6489370567fd8290f5ece7f2bff018f10d04ccf5b37b070e8ab99b3241
MD5: a5e26a50bf48f2426b15b38e5894b189
VirusTotal: https://www.virustotal.com/gui/file/744c5a6489370567fd8290f5ece7f2bff018f10d04ccf5b37b070e8ab99b3241
Typical Filename: a5e26a50bf48f2426b15b38e5894b189.vir
Claimed Product: N/A
Detection Name: Win.Dropper.Generic::1201
Cisco Talos Blog – Read More
Following allegations of potential abuse, Paragon Solutions has cut off Italy from its spyware systems.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
DeepSeek-R1 LLM fails 58% of jailbreak attacks in Qualys security analysis. Learn about the vulnerabilities, compliance concerns, and risks for enterprise adoption.
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Russian intelligence services are using messaging apps and online forums to recruit Ukrainian citizens for terrorist attacks, promising quick payoffs, according to Ukraine’s law enforcement.
The Record from Recorded Future News – Read More
Ransomware payments dropped 35% in 2024 due to law enforcement crackdowns and stronger cyber defenses, forcing attackers to adapt with new tactics.
Security | TechRepublic – Read More