Under Trump, US Cyberdefense Loses Its Head

/in

Chinese hacks, rampant ransomware, and Donald Trump’s budget cuts all threaten US security. In an exit interview with WIRED, former CISA head Jen Easterly argues for her agency’s survival.

Security Latest – ​Read More

Record Number of Ransomware Attacks in December 2024

/in

NCC Group saw over 570 ransomware attacks in December 2024, the highest number since it started monitoring them in 2021. 

The post Record Number of Ransomware Attacks in December 2024 appeared first on SecurityWeek.

SecurityWeek – ​Read More

Cisco Fixes Critical Privilege Escalation Flaw in Meeting Management (CVSS 9.9)

/in

Cisco has released software updates to address a critical security flaw impacting Meeting Management that could permit a remote, authenticated attacker to gain administrator privileges on susceptible instances.
The vulnerability, tracked as CVE-2025-20156, carries a CVSS score of 9.9 out 10.0. It has been described as a privilege escalation flaw in the REST API of Cisco Meeting Management.
“This

The Hacker News – ​Read More

TRIPLESTRENGTH Hits Cloud for Cryptojacking, On-Premises Systems for Ransomware

/in

Google on Wednesday shed light on a financially motivated threat actor named TRIPLESTRENGTH for its opportunistic targeting of cloud environments for cryptojacking and on-premise ransomware attacks.
“This actor engaged in a variety of threat activity, including cryptocurrency mining operations on hijacked cloud resources and ransomware activity,” the tech giant’s cloud division said in its 11th

The Hacker News – ​Read More

FBI/CISA Share Details on Ivanti Exploits Chains: What Network Defenders Need to Know

/in

The US government shared exploit chains, IOCs and post-incident forensics data to help network defenders hunt for signs of Chinese hacking gangs.

The post FBI/CISA Share Details on Ivanti Exploits Chains: What Network Defenders Need to Know appeared first on SecurityWeek.

SecurityWeek – ​Read More

Trump Overturns Biden Rules on AI Development, Security

/in

The new administration moved quickly to remove any constraints on AI development and collected $500 billion in investment pledges for an American-owned AI joint venture.

darkreading – ​Read More

Chinese Cyberspies Target South Korean VPN in Supply Chain Attack

/in

Advanced persistent threat group PlushDaemon, active since 2019, is using a sophisticated modular backdoor to collect data from infected systems in South Korea.

darkreading – ​Read More

BreachForums admin to be resentenced after appeals court slams supervised release

/in

A three-judge panel vacated a controversial district court decision that set free Conor Fitzpatrick, the administrator of the massive illicit marketplace, after just 17 days in prison.

The Record from Recorded Future News – ​Read More

Google releases free Gemini 2.0 Flash Thinking model, pressuring OpenAI’s premium strategy

/in

Credit: VentureBeat made with Midjourney

Google challenges OpenAI with free Gemini 2.0 Flash Thinking model, offering million-token processing, native code execution, and breakthrough performance in math and science benchmarks.Read More

Security News | VentureBeat – ​Read More

Trump Pardons ‘Silk Road’ Dark Web Drug Market Creator

/in

The pardon comes after 11 years in prison for Ross Ulbricht, who was sentenced to life without parole on several charges, including computer hacking, distribution of narcotics, and money laundering.

darkreading – ​Read More