CISA Weighs In on Alleged Oracle Cloud Breach

The agency is recommending that organizations and individuals implement its recommendations to prevent the misuse of stolen data, though Oracle has yet to publicly do the same for its customers.

darkreading – ​Read More

Chinese Smishing Kit Powers Widespread Toll Fraud Campaign Targeting U.S. Users in 8 States

Cybersecurity researchers are warning of a “widespread and ongoing” SMS phishing campaign that’s been targeting toll road users in the United States for financial theft since mid-October 2024.
“The toll road smishing attacks are being carried out by multiple financially motivated threat actors using the smishing kit developed by ‘Wang Duo Yu,'” Cisco Talos researchers Azim Khodjibaev, Chetan

The Hacker News – ​Read More

New payment-card scam involves a phone call, some malware and a personal tap

A new payment card scam uses malware disguised as a security tool or verification utility to capture card details and access funds.

The Record from Recorded Future News – ​Read More

Think GeoGuessr is fun? Try using ChatGPT to guess locations in your photos

ChatGPT can ‘read’ your photos for location clues – even without embedded GPS or EXIF data. Here’s why that could be a problem.

Latest stories for ZDNET in Security – ​Read More

If Boards Don’t Fix OT Security, Regulators Will

Around the world, governments are setting higher-bar regulations with clear corporate accountability for breaches on the belief organizations won’t drive up security maturity for operational technology unless they’re made to.

darkreading – ​Read More

Multi-Stage Malware Attack Uses .JSE and PowerShell to Deploy Agent Tesla and XLoader

A new multi-stage attack has been observed delivering malware families like Agent Tesla variants, Remcos RAT, and XLoader.
“Attackers increasingly rely on such complex delivery mechanisms to evade detection, bypass traditional sandboxes, and ensure successful payload delivery and execution,” Palo Alto Networks Unit 42 researcher Saqib Khanzada said in a technical write-up of the campaign.
The

The Hacker News – ​Read More

In Other News: 4chan Hacked, Android Auto-Reboot, Nemesis Admin Charged

Noteworthy stories that might have slipped under the radar: 4chan hacked, auto-reboot security feature coming to Android, Iranian administrator of Nemesis charged in US.

The post In Other News: 4chan Hacked, Android Auto-Reboot, Nemesis Admin Charged appeared first on SecurityWeek.

SecurityWeek – ​Read More

Live Events Giant Legends International Hacked

Legends International says the personal information of employees and customers was compromised as a result of a cyberattack.

The post Live Events Giant Legends International Hacked appeared first on SecurityWeek.

SecurityWeek – ​Read More

Ahold Delhaize Confirms Data Stolen in Ransomware Attack

Ahold Delhaize has confirmed that data was stolen from its systems in November 2024 after a ransomware group claimed the attack.

The post Ahold Delhaize Confirms Data Stolen in Ransomware Attack appeared first on SecurityWeek.

SecurityWeek – ​Read More

Cy4Data Labs Raises $10 Million to Secure Data in Use

Data protection firm Cy4Data Labs has raised $10 million in a Series A funding round led by Pelion Venture Partners.

The post Cy4Data Labs Raises $10 Million to Secure Data in Use appeared first on SecurityWeek.

SecurityWeek – ​Read More