Harnessing Agentic AI To Supercharge Security Awareness Training
Security awareness training has been steadily gaining traction and momentum as organizations have come to understand that cyberattacks mostly stem from their own employees (e.g.,…
Month: February 2025
ACRStealer Malware Abuses Google Docs as C2 to Steal Login Credentials
The ACRStealer malware, an infostealer disguised as illegal software such as cracks and keygens, has seen a significant increase in its distribution since the beginning…
SpyLend Android malware downloaded 100,000 times from Google Play
An Android malware app called SpyLend has been downloaded over 100,000 times from Google Play, where it masqueraded as a financial tool but became a…
NSA Allegedly Hacked Northwestern Polytechnical University, China Claims
Chinese cybersecurity entities have accused the U.S. National Security Agency (NSA) of orchestrating a cyberattack on Northwestern Polytechnical University, a prominent Chinese institution specializing in…
Sitevision Auto-Generated Password Vulnerability Lets Hackers Steal Signing Key
A significant vulnerability in Sitevision CMS, versions 10.3.1 and earlier, has been identified, allowing attackers to extract private keys used for signing SAML authentication requests.…
Apple withdraws encrypted iCloud storage from UK after government demands ‘back door’ access
Apple has withdrawn from providing its UK smartphone and computer users with encrypted cloud storage following a secret government order to require the company to…
SPAWNCHIMERA Malware Exploits Ivanti Buffer Overflow Vulnerability by Applying a Critical Fix
In a recent development, the SPAWNCHIMERA malware family has been identified exploiting the buffer overflow vulnerability CVE-2025-0282 in Ivanti Connect Secure, as confirmed by JPCERT/CC.…
Data Leak Exposes TopSec’s Role in China’s Censorship-as-a-Service Operations
Feb 21, 2025Ravie LakshmananSurveillance / Content Monitoring An analysis of a data leak from a Chinese cybersecurity company TopSec has revealed that it likely offers…
Apple pulls iCloud end-to-end encryption feature in the UK
Apple will no longer offer iCloud end-to-end encryption in the United Kingdom after the government requested a backdoor to access Apple customers’ encrypted cloud data.…
Healthcare security lapses keep piling up
Healthcare is one of the sectors that has the most sensitive information about us. At the same time it’s one of the worst at keeping…
Apple Drops iCloud’s Advanced Data Protection in the U.K. Amid Encryption Backdoor Demands
Feb 21, 2025Ravie LakshmananData Protection / Encryption Apple is removing its Advanced Data Protection (ADP) feature for iCloud from the United Kingdom with immediate effect…
Auditor: 2026 till Birmingham recovers from botched Oracle project
Grant Thornton has issued a forensic 66-page report relating to a failed Oracle Fusion enterprise resource planning (ERP) implementation at Birmingham City Council, which has…