- The Honeymoon for Cloud Services Is Over
January 27, 2025
The cloud services you rely on are no longer as secure as they used to be. Once seemingly a safe haven for data and applications, attackers are increasingly leveraging cloud services for command and control—and the Symantec Threat Hunter Team predicts an unnerving upshoot in 2025. The Microsoft breach by Russian nation-state actors is one instance ...
- TalkTalk investigating data breach after hacker claims theft of customer data
January 27, 2025
U.K. telecoms giant TalkTalk has confirmed that it is investigating a data breach after a hacker claimed to have stolen the personal information of millions of customers. In a post on a popular cybercrime forum seen by TechCrunch, an individual using the alias “b0nd” claimed to have stolen the personal data of more than 18.8 ...
- Chinese tech startup DeepSeek says it was hit with ‘large-scale malicious attacks’
January 27, 2025
Chinese tech startup DeepSeek said it was hit by a cyber attack on Monday that disrupted users’ ability to register on the site. The company, whose artificial intelligence chatbot has sent the tech world into a frenzy, said that it had suffered “large-scale malicious attacks” on its services. Registered users could log in normally, DeepSeek said. Read ...
- The British Museum says it is partly closed after a fired employee shut down IT systems
January 25, 2025
The British Museum, the country’s most popular tourist attraction, was partially closed to the public on Saturday after an employee who had been fired broke in and shut down computer systems, museum management said. The museum in central London, which attracts almost 6 million visitors a year, closed its temporary exhibitions and part of its permanent ...
- Exploitation of Critical Vulnerability CVE-2025-23006 in SonicWall SMA1000 Series Appliances
January 23, 2025
SonicWall has released a security update for a critical vulnerability in Secure Mobile Access (SMA) 1000 Series appliances. This vulnerability impacts the Appliance Management Console (AMC) and Central Management Console (CMC). SonicWall Secure Mobile Access is described as a unified secure access gateway that provides a Secure Sockets Layer (SSL) virtual private network (VPN), context-aware device ...
- FBI Agents’ Call And Text Logs Potentially Stolen In Data Breach
January 23, 2025
The FBI has raised alarm that hackers who breached AT&T’s system last year may have stolen months of agents’ call and text logs, which could potentially lead to the identities of anonymous informants connected to investigations. While the hackers did not access the content of conversations, the stolen call log metadata—records of who called whom, when ...
- N.B. Liquor stopped attempted cyber attack, CEO says
January 23, 2025
N.B. Liquor CEO Lori Stickles says the company’s security systems worked as intended during an attempted cyber attack this month. “We got the alert, we were able to basically put a choke hold on it by shutting our system down proactively,” Stickles said in an interview Thursday. Stickles was unable to provide details on how the ...
- Dangerous new botnet targets webcams, routers across the world
January 22, 2025
Cybersecurity researchers from the Qualys Threat Research Unit have observed a new large-scale operation exploiting vulnerabilities in IP cameras and routers to build out a botnet. In a technical analysis, Qualys said the attackers were mostly exploiting CVE-2017-17215 and CVE-2024-7029, seeking to compromise AVTECH IP cameras, and Huawei HG532 routers. The botnet is essentially Mirai, although ...
- 7-Zip bug could allow a bypass of a Windows security feature – update now
January 22, 2025
A patch is available for a vulnerability in 7-Zip that could have allowed attackers to bypass the Mark-of-the-Web (MotW) security feature in Windows. The MotW is an attribute added to files by Windows when they have been sourced from an untrusted location, like the internet or a restricted zone. The MotW is what triggers warnings that ...
- Trump administration fires members of cybersecurity review board in ‘horribly shortsighted’ decision
January 22, 2025
On Tuesday, a day after Donald Trump’s inauguration as the new U.S. president, the Department of Homeland Security told members of several advisory committees that they were effectively fired. Among the committees impacted is the Cyber Safety Review Board, or CSRB, according to sources familiar with the board who spoke to TechCrunch, as well as reporting ...