Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:
MUT-1244 targeting security researchers, red teamers, and threat actors
A threat actor tracked as MUT-1244 by DataDog researchers has been targeting academics, pentesters, red teamers, security researchers, as well as other threat actors, in order to steal AWS access keys, WordPress account credentials and other sensitive data.
Kali Linux 2024.4 released! 14 new shiny tools added
Kali Linux 2024.4 includes a broad set of updates and changes.
Cryptocurrency hackers stole $2.2 billion from platforms in 2024
$2.2 billion worth of cryptocurrency was stolen from various platforms in 2024, Chainalysis’ 2025 Crypto Crime Report has revealed.
Why cybersecurity is critical to energy modernization
In this Help Net Security interview, Anjos Nijk, Managing Director of the European Network for Cyber security (ENCS), discusses cybersecurity in the energy sector as it modernizes with renewable sources and smart grid technologies.
CISA orders federal agencies to secure their Microsoft cloud environments
The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a binding operational directive (BOD 25-01) requiring federal civilian agencies to secure their (Microsoft) cloud environments.
Leadership skills for managing cybersecurity during digital transformation
In this Help Net Security interview, Dan Lohrmann, CISO at Presidio, discusses the need for organizations to rethink their leadership and operational strategies and the cybersecurity risks they have to deal with during digital transformation.
CISA: Use Signal or other secure communications app
In the wake of the widespread compromise of US telecom giants’ networks by Chinese hackers and the FBI advising Americans to use end-to-end encrypted communications, CISA is advising “highly targeted individuals” – senior government officials and politicians – to lock down and protect their smartphones as much as possible and to use “Signal or a similar app” for secure communications.
European companies hit with effective DocuSign-themed phishing emails
A threat actor looking to take over the Microsoft Azure cloud infrastructure of European companies has successfully compromised accounts of multiple victims in different firms, according to Palo Alto Networks’ Unit 42 researchers.
Key steps to scaling automated compliance while maintaining security
In this Help Net Security interview, Vivek Agarwal, Privacy Program Manager at Meta Platforms, shares insights on strategies for reducing time to market, improving vendor onboarding, and updating privacy requirements to ensure compliance across third-party contracts.
BeyondTrust fixes critical vulnerability in remote access, support solutions (CVE-2024-12356)
BeyondTrust has fixed an unauthenticated command injection vulnerability (CVE-2024-12356) in its Privileged Remote Access (PRA) and Remote Support (RS) products that may allow remote code execution, and is urging organizations with on-premise installations to test the patch and implement it quickly.
Balancing security and user experience to improve fraud prevention strategies
In this Help Net Security interview, Jennifer White, Senior Director for Banking and Payments Intelligence at J.D. Power, discusses how financial institutions can improve customer satisfaction during fraud resolution, covering proactive fraud prevention, clear communication, and empathetic issue resolution.
Another NetWalker affiliate sentenced to 20 years in prison
A 30-year old Romanian man was sentenced to 20 years in prison for leveraging the Netwalker ransomware to extort money from victims, the US Department of Justice announced on Thursday.
Researchers reveal OT-specific malware in use and in development
Malware that’s made specifically to target industrial control systems (ICS), Internet of Things (IoT) and operational technology (OT) control devices is still rare, but in the last few weeks security researchers have identified two salient threats based on samples uploaded to VirusTotal.
How companies can address bias and privacy challenges in AI models
In this Help Net Security interview, Emre Kazim, Co-CEO of Holistic AI, discusses the need for companies to integrate responsible AI practices into their business strategies from the start
Malvertising on steroids serves Lumma infostealer
A large-scale malvertising campaign distributing the Lumma infostealer malware via intrusive “ads” leading to fake CAPTCHA pages has been tied by researchers to a threat actor abusing the Monetag ad network.
Trapster Community: Open-source, low-interaction honeypot
Trapster Community is an open-source, lightweight, low-interaction honeypot designed for deployment within internal networks.
Serbian government used Cellebrite to unlock phones, install spyware
Serbian police and intelligence officers used Cellebrite forensic extraction software to unlock journalists’ and activists’ phones and install previously unknown Android spyware called NoviSpy, a new Amnesty International report claims.
Evasive Node.js loader masquerading as game hack
Malware peddlers are using NodeLoader, a loader written in Node.js, to foil security solutions and deliver infostealers and cryptominers to gamers.
Are threat feeds masking your biggest security blind spot?
Security teams that subscribe to threat feeds get lists of known malicious domains, IPs, and file signatures that they can leverage to blacklist and prevent attacks from those sources.
Overlooking platform security weakens long-term cybersecurity posture
Platform security – securing the hardware and firmware of PCs, laptops and printers – is often overlooked, weakening cybersecurity posture for years to come, according to HP.
CISO accountability: Navigating a landscape of responsibility
What was once primarily a technical role, CISOs now find themselves accountable for organizational risk, regulatory compliance, and even legal liabilities across the entire organization.
Consumers wrongly attribute all data breaches to cybercriminals
Breaches in 2024 had less impact on consumers’ trust in brands compared to the previous year (a 6.5% decrease from 62% in 2023 to 58% in 2024), according to a recent Vercara report.
The shifting security landscape: 2025 predictions and challenges
As the borderless threat ecosystem poses new challenges for companies and governments worldwide, CISA’s 2025-2026 International Plan aims to address this problem.
Cybersecurity jobs available right now: December 17, 2024
We’ve scoured the market to bring you a selection of roles that span various skill levels within the cybersecurity field. Check out this weekly selection of cybersecurity jobs available right now.
Ransomware in 2024: New players, bigger payouts, and smarter tactics
In this article, you will find excerpts from ransomware surveys we covered in 2024 that will help your organization improve cybersecurity strategies.
AI is becoming the weapon of choice for cybercriminals
This article highlights key findings from 2024 reports on AI and GenAI technologies, focusing on their potential and major challenges.
New infosec products of the week: December 20, 2024
Here’s a look at the most interesting products from the past week, featuring releases from Appdome, GitGuardian, RunSafe Security, Stairwell, and Netwrix.