RansomwareFunkSec ransomware chases notoriety with AI-assisted codeLaura FrenchJanuary 10, 2025The group claimed 85 victims in December but shows signs of inexperience.
Network SecurityEmergency patch issued for Ivanti Connect Secure VPN flaw under attackShaun NicholsJanuary 10, 2025One or more threat actors are currently exploiting CVE-2025-0282 for remote takeover attacks on targeted networks.
Governance, Risk and ComplianceChinese hackers breach office that reviews foreign investments in USSteve ZurierJanuary 10, 2025Attack on the Committee on Foreign Investment in the U.S. was part of the recent Treasury Department breach.
Governance, Risk and ComplianceBiden readies executive order on cybersecurity after hacks linked to ChinaShaun NicholsJanuary 9, 2025The Biden White House is getting set to issue a last-minute order regarding cybersecurity regulations.
MalwareNew Banshee Stealer variant continues attacks on macOS devicesSteve ZurierJanuary 9, 2025Any sense that macOS computers are immune from attacks is a farce, say security researchers.
PrivacyGoogle class action privacy lawsuit to go forward after judge’s rulingLaura FrenchJanuary 9, 2025The suit regarding Google’s “Web App & Activity” tracking options is scheduled for an August trial.
Endpoint/Device SecurityTikTok faces U.S. Supreme Court: Join SC Media for liveblog coverage FridayDustin SachsJanuary 9, 2025Join us Friday, Jan. 10 at 9:45 ET for liveblog coverage of this pivotal Supreme Court hearing. We will provide real-time updates, expert analysis, and key takeaways as the event unfolds.
PhishingEmails from legitimate PayPal address used in crafty phishing schemeLaura FrenchJanuary 8, 2025Attackers exploit PayPal’s email notifications to trick users into linking their accounts to attacker emails.
Network SecurityHackers take Pride in exploiting Four-Faith zero dayShaun NicholsJanuary 8, 2025Hackers have set up a botnet based on exploitation of zero day in Four-Faith industrial routers.
Vulnerability ManagementCISA adds Mitel and Oracle bugs to exploited vulnerabilities listSteve ZurierJanuary 8, 2025Two Mitel MiCollab bugs were added to the KEV catalog, while a patched Oracle WebLogic Server exploit is still under threat.