Cyber News

ZDNet RSS Feed:

• OpenAI's Sora generates 10 videos per second and here are the top 5 cities
  January 29, 2025
  Just over a month since its launch, Sora is booming.
• A popular airline just became the first to accept Venmo for payment – and it's brilliant
  January 29, 2025
  Paying for a group trip? Just Venmo the airline.
• Comcast's new low-latency internet is literally game-changing, and these cities will get it first
  January 29, 2025
  The company's new tech could make slow internet a thing of the past.
• The best MP3 players of 2025
  January 29, 2025
  Step away from streaming subscriptions and enjoy your music collection offline with the best MP3 players.
• One of the best Ring cameras I've tested is 50% off for a limited time
  January 29, 2025
  You can save $90 at Amazon on what is arguably one of the best Ring cameras available — the Ring Stick Up Cam Pro.

Dark Reading RSS Feed:

• Researchers Uncover Lazarus Group Admin Layer for C2 Servers
  January 29, 2025 by Jai Vijayan, Contributing Writer
  The threat actor is using a sophisticated network of VPNs and proxies to centrally manage command-and-control servers from Pyongyang.
• Unpatched Zyxel CPE Zero-Day Pummeled by Cyberattackers
  January 29, 2025 by Kristina Beek, Associate Editor, Dark Reading
  VulnCheck initially disclosed the critical command-injection vulnerability (CVE-2024-40891) six months ago, but Zyxel has yet to mention its existence or offer users a patch to mitigate threats.
• Mirai Variant 'Aquabot' Exploits Mitel Device Flaws
  January 29, 2025 by Elizabeth Montalbano, Contributing Writer
  Yet another spinoff of the infamous DDoS botnet is exploiting a known vulnerability in active attacks, while its threat actors are promoting it on Telegram for other attackers to use as well, in a DDoS-as-a-service model.
• The Old Ways of Vendor Risk Management Are No Longer Good Enough
  January 29, 2025 by Jatin Mannepalli
  Managing third-party risk in the SaaS era demands a proactive, data-driven approach beyond checkbox compliance.
• 7 Tips for Strategically Saying 'No' in Cybersecurity
  January 28, 2025 by Joan Goodchild
  Cybersecurity can't always be "Department of No," but saying yes all the time is not the answer. Here is how to enable innovation gracefully without adding risk to the organization.

Packetstorm RSS Feed:

Threatpost RSS Feed:

• Student Loan Breach Exposes 2.5M Records
  August 31, 2022 by Nate Nelson
  2.5 million people were affected, in a breach that could spell more trouble down the line.
• Watering Hole Attacks Push ScanBox Keylogger
  August 30, 2022 by Nate Nelson
  Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.
• Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
  August 29, 2022 by Nate Nelson
  Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.
• Ransomware Attacks are on the Rise
  August 26, 2022 by Nate Nelson
  Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.
• Cybercriminals Are Selling Access to Chinese Surveillance Cameras
  August 25, 2022 by Nate Nelson
  Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed.