Security Boulevard

Transform your network monitoring capabilities with the powerful combination of Arista Networks' advanced telemetry and Splunk's powerful analytics platform. This comprehensive guide will walk you through establishing a robust integration between these industry-leading solutions, enabling sophisticated network visibility and analytics. Prerequisites Ensure you have the following components ready:  Arista switch administrative credentials  CLI access to the Arista [...]

The post The Field Engineer’s Handbook: Configuring an Arista Networks Switch with Splunk appeared first on Hurricane Labs.

The post The Field Engineer’s Handbook: Configuring an Arista Networks Switch with Splunk appeared first on Security Boulevard.

In the technology sector, innovation and agility are key drivers of success. Organizations in this field lead the charge in adopting cutting-edge architectures like hybrid clouds, microservices, and DevSecOps practices....

The post Navigating Firewall Security Policy Challenges in Technology Organizations: How FireMon Simplifies Complexity appeared first on Security Boulevard.

With every Botnet Threat Update we publish, the same networks consistently appear in the Top 20 for hosting botnet command and control (C&C) servers. But why does this keep happening? In this Botnet Spotlight, we look into the root causes behind this persistent issue and what networks must do to break the cycle.

The post Networks hosting botnet C&Cs: Same players, same problems appeared first on Security Boulevard.

Luxembourg, Luxembourg, Feb. 11, 2025, CyberNewswire — Gcore, the global edge AI, cloud, network, and security solutions provider, today announced the findings of its Q3-Q4 2024 Radar report into DDoS attack trends.

DDoS attacks have reached unprecedented scale and … (more…)

The post News alert: Gcore Radar reveals 56% rise in DDoS attacks – gaming industry targeted the most first appeared on The Last Watchdog.

The post News alert: Gcore Radar reveals 56% rise in DDoS attacks – gaming industry targeted the most appeared first on Security Boulevard.

In-depth model testing reveals a wide range of flaws with high failure rates

The post Testing the DeepSeek-R1 Model: A Pandora’s Box of Security Risks appeared first on Security Boulevard.

A proven framework for merging human intuition with AI precision to enhance innovation, reduce bias, and scale operations. Explores real-world case studies, ethical considerations, and hybrid workflows that outperform pure automation models. Essential reading for forward-thinking business leaders.

The post The Art of Human-AI Synergy: A Framework for Smart Collaboration appeared first on Security Boulevard.

Authors/Presenters: Mixæl Swan Laufer

Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel.

Permalink

The post DEF CON 32 – Eradicating Hepatitis C with BioTerrorism appeared first on Security Boulevard.

We’re just getting started down the road to the Internet of Everything (IoE.)

Related: IoT growing at a 24% clip

To get there – to fully tap the potential of a hyper-interconnected ecosystem where devices, data, AI and humans converge … (more…)

The post MY TAKE: Securing the Internet of Everything: why self-healing devices are the next frontier first appeared on The Last Watchdog.

The post MY TAKE: Securing the Internet of Everything: why self-healing devices are the next frontier appeared first on Security Boulevard.

Xi knows if you’ve been bad or good: iPhone app sends unencrypted data to China—and Android app appears even worse.

The post Chinese DeepSeek AI App: FULL of Security Holes Say Researchers appeared first on Security Boulevard.

via the comic humor & dry wit of Randall Munroe, creator of XKCD

Permalink

The post Randall Munroe’s XKCD ‘Suspension Bridge’ appeared first on Security Boulevard.

Every year, cybercriminals sharpen their tools and refine their tactics to exploit network and security vulnerabilities. Gone are the days of clumsy emails with glaring typos and suspicious attachments. Instead, we face an era of new sophistication. No longer just stealing credentials, attackers are creating intricate digital narratives that make it difficult to distinguish friend from foe in our inboxes and DMs.

But these revelations are more than a glimpse in the cybercriminal underworld; they are a call to action. As phishing attacks continue to evolve, so should our defenses.

Phishing predictions for 2025In our ThreatLabz 2024 Phishing Report, we shared the following key predictions for the year to come:

Prediction 1: AI vs. AI will be an enduring challengeEnhanced AI capabilities increase the speed, scale, and automation of cyberattacks. Threat actors will widely adopt AI to craft more sophisticated phishing schemes and advanced techniques in 2025. As cybercriminals leverage publicly available and custom-made AI tools to orchestrate highly targeted campaigns, exploiting the trust of individuals and organizations alike, security vendors will integrate generative AI into their toolkits to enhance threat detection and response capabilities.

Prediction 2: Phishing as a service will intensify its focus on MFA exploitation and AiTMPhishing as a service removes technical barriers, allowing threat actors to launch successful phishing campaigns with limited expertise. They can take advantage of developer knowledge to launch a phishing attack and use advanced techniques to avoid detection. In the coming year, we can expect threat actors to conduct high-volume phishing campaigns aimed at bypassing enterprise multifactor authentication (MFA) through phishing kits that include AI-powered adversary-in-the-middle (AiTM) techniques, localized phishing content, and target fingerprinting.

Prediction 3: Vishing attacks spearheaded by malware groups will surge significantlyAs cybercriminals’ efforts become more sophisticated, they will increasingly turn to targeted voice and video phishing campaigns. For example, AI-driven voice cloning technology enables cybercriminals to mimic the voices of trusted individuals, creating highly realistic impersonations that can trick even the most vigilant people. Combined with the growing amount of VoIP accessibility and caller ID spoofing, attackers can mask their identities and origins, making it more difficult to trace the source of vishing calls.

Prediction 4: Attackers will home in on vulnerabilities inherent in mobile devices and platformsRemote work and bring-your-own-device (BYOD) culture have made mobile devices a permanent part of our work lives. As more and more of our lives involve mobile devices, cyberattackers are now targeting those devices with increasingly creative schemes. For example, they are shifting toward AI-driven social engineering attacks aimed at mobile users that exploit passkey and biometric authentication methods. Expect attackers to increasingly use fake push notifications that mimic legitimate apps and drive to phishing websites, exploiting mobile users’ trust in a common communication channel.

Prediction 5: Phishing will continue to erode trust in electoral outcomesIn heightened political climates and emotionally charged atmospheres, voters tend to let their guard down as they try to find new avenues to get their voices heard. Threat actors are poised to escalate phishing campaigns aimed at exploiting the political landscape. For example, an anonymous phishing attempt recently duped users by mimicking official election communications, successfully harvesting sensitive data. Looking forward, we expect similar politically motivated phishing attacks to target voter information platforms, campaign infrastructures, and public discourse channels. Organizations and electoral stakeholders should proactively bolster cybersecurity measures to detect and counter these emerging threats.

Prediction 6: Encrypted messaging platforms will become breeding grounds for phishing attacksPhishing attacks will capitalize on the trust users associate with encrypted messaging platforms. Using bots, for example, attackers will be able to automate illegal activities, from generating phishing pages to collecting sensitive user data. In these scenarios, cybercriminals will be able to impersonate users or authority figures, such as government officials, and urge others to share login credentials or download apps.

Prediction 7: Browser-in-the-browser phishing attacks will escalateBy exploiting users’ trust in open browsers and legitimate websites, browser-in-the-browser phishing attacks simulate a login window on a spoofed domain to steal user credentials. Attackers will increasingly utilize AI-driven customization in browser attacks to, for example, adapt phishing web pages to mimic browser environments more convincingly or analyze user interactions and adjust phishing content based on observed behaviors.

A quick Google search will show that all these predictions are already coming true. In February 2024, a major European retailer suffered a sophisticated phishing attack in which cybercriminals spoofed employee emails to deceive the financial team into transferring funds. As a result, the company lost approximately €15.5 million in cash.

Also in 2024, a global pharmaceutical company was hit with a vishing scheme in which employees received urgent calls from “executives” to immediately wire transfers for a fake acquisition deal, leading to a total loss of US$35 million. Using AI capabilities, the cybercriminals created a cloned voice with a believable accent and tone that made it indistinguishable from a real person.

Mitigate phishing attacks with the Zscaler Zero Trust ExchangeProtecting organizations from user compromise has become an increasingly formidable challenge, particularly as AI-driven phishing attacks gain traction. In this shifting landscape, organizations must evolve their security strategies and incorporate advanced phishing prevention controls into their broader network security defenses.

The cornerstone of an effective defense strategy is the Zscaler Zero Trust Exchange™, which takes a comprehensive approach to cybersecurity and stops conventional and AI-driven phishing attacks by:

Preventing compromise with full TLS/SSL inspection, browser isolation, and policy-driven access control to prevent access to suspicious websites.
Eliminating lateral movement by connecting users directly to apps, not the network.
Shutting down compromised users and insider threats by preventing private app exploit attempts with inline inspection and detecting the most sophisticated attackers with integrated deception.
Stopping data loss by inspecting data-in-motion and at-rest to prevent potential theft.

To learn more about how Zscaler can help you prevent the cyberattacks of tomorrow, check out our other Cybersecurity Predictions for 2025:

8 Cyber Predictions for 2025: A CSO’s Perspective
7 Ransomware Predictions for 2025: From AI Threats to New Strategies
5 Encrypted Attack Predictions for 2025

Request a custom demo on how Zscaler can help address your organization’s ransomware protection needs. Follow Zscaler ThreatLabz on X (Twitter) and our Security Research Blog to stay on top of the latest cyberthreats and security research. The Zscaler ThreatLabz threat research team continuously monitors threat intelligence from the world’s largest inline security cloud and shares its findings with the wider security community.

Forward-Looking StatementsThis blog contains forward-looking statements that are based on our management's beliefs and assumptions and on information currently available to our management. These forward-looking statements include, but are not limited to, statements concerning predictions about the state of phishing threats and attacks in calendar year 2025 and our ability to capitalize on such market opportunities; the use of Zero Trust architecture to combat phishing attacks and beliefs about the ability of AI and machine learning to reduce detection and remediation response times as well as proactively identify and stop cyberthreats. These forward-looking statements are subject to the safe harbor provisions created by the Private Securities Litigation Reform Act of 1995. These forward-looking statements are subject to a number of risks, uncertainties and assumptions, and a significant number of factors could cause actual results to differ materially from statements made in this blog, including security risks and developments unknown to Zscaler at the time of this blog and the assumptions underlying our predictions phishing in calendar year 2025. Additional risks and uncertainties are set forth in our most recent Quarterly Report on Form 10-Q filed with the Securities and Exchange Commission (“SEC”) on December 5, 2024, which is available on our website at ir.zscaler.com and on the SEC's website at www.sec.gov. Any forward-looking statements in this release are based on the limited information currently available to Zscaler as of the date hereof, which is subject to change, and Zscaler does not undertake to update any forward-looking statements made in this blog, even if new information becomes available in the future.

The post Phishing Season 2025: The Latest Predictions Unveiled appeared first on Security Boulevard.

Threat actors are using as many as 2.8 million edge and IoT devices from around the world in a massive brute force attack that is targeting edge security systems from Palo Alto Networks, Ivanti, SonicWall, and other vendors, according to the Shadowserver Foundation.

The post Attackers Use 2.8 Million Devices in Major Brute Force Attack appeared first on Security Boulevard.

The Praetorian Labs team was tasked with identifying novel and previously undocumented persistence mechanisms for use in red team engagements. Our primary focus was on persistence techniques achievable through modifications in HKCU, allowing for stealthy, user-level persistence without requiring administrative privileges. Unfortunately, while we identified an interesting persistence technique, the method we discuss in this […]

The post Leveraging Microsoft Text Services Framework (TSF) for Red Team Operations appeared first on Praetorian.

The post Leveraging Microsoft Text Services Framework (TSF) for Red Team Operations appeared first on Security Boulevard.

Authors/Presenters: Panel

Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel.

Permalink

The post DEF CON 32 – Hunters And Gatherers A Deep Dive Into The World Of Bug Bounties appeared first on Security Boulevard.

NHIs outnumber human users in enterprises, yet many IAM strategies ignore them. Learn why CISOs must own NHI governance to prevent security breaches.

The post The Critical Role of CISOs in Managing IAM – Including Non-Human Identities appeared first on Security Boulevard.

This is a news item roundup of privacy or privacy-related news items for 2 FEB 2025 - 8 FEB 2025. Information and summaries provided here are as-is for warranty purposes.

Note: You may see some traditional "security" content mixed-in here due to the close relationship between online privacy and cybersecurity - many things may overlap; for example, major vulnerabilities in popular software, which may compromise the security of user's devices (and therefore pose a threat to their privacy) and large data breaches where significant personal information is exposed.

Items presented here are typically curated with the end user and small groups (such as families and small/micro businesses) in mind. Due to this focus, items primarily affecting enterprises or large organizations may not be included, even if they are widespread or "popular" stories.

TABLE OF CONTENTS

• Privacy Tip of the Week
• Surveillance Tech in the News
• Privacy Tools and Services
• • Privacy Tools
  • Privacy Services
• Vulnerabilities and Malware
• • Vulnerabilities
  • Malware
• Phishing and Scams
• • Phishing
  • Scams
• Service Providers' Privacy Practices
• Legislation/Regulations/Lawsuits
• • Lawsuits
  • Legislation and Regulation
• Data Breaches and Leaks
• • Data breaches
  • Data leaks

Privacy Tip of the Week

Make sure to clear your clipboard after copying sensitive information such as passwords.

Surveillance Tech in the News

This section covers surveillance technology and methods in the news. Specifically, stories and news items where public and/or private organizations have leveraged their capabilities to encroach on user privacy; for example, data brokers using underhanded means to harvest user location data without user knowledge or public organizations using technology without regard for user privacy.

The biggest breach of US government data is under way

TechCrunch

This is included for the privacy and cybersecurity ramifications of departing from basic information security principles. DOGE's near unfettered access to sensitive PII of tens of millions of Americans raises immense questions about whether the security minimal privacy rules put in place are in fact being followed.

U.K. orders Apple to let it spy on users’ encrypted accounts

ArsTechnica

The UK government issued a secret order demanding Apple implement a backdoor to let it retrieve anything any Apple user has uploaded to the cloud. The demand seeks and implies it would circumvent even the protections introduced with Advanced Data Protection or ADP (if enabled by a user), which introduces "true" end-to-end encryption (where Apple doesn't have the keys) for most data stored in iCloud.

Note: Not explicitly US-related, but given the UK's membership in the 5-eyes and Apple being a US company, and the EU's attempt to pass Chat Control over the last few years... this is certainly a news item worth paying attention to.

Spyware maker Paragon terminates contract with Italian government: media reports

TechCrunch

This campaign was included in Week 5 of the Privacy Roundup, where Meta disrupted a campaign on WhatsApp targeting approximately 100 users with Paragon Spyware. Some of these users were journalists critical of the Italian government. Paragon terminated the contract with the Italian government on 5 FEB 2025, alleging it had "broken the terms and service and ethical framework it had agreed to..."

Additionally, among the targets there were users in Austria, Belgium, Cyprus, Czech Republic, Denmark, Germany, Greece, Latvia, Lithuania, the Netherlands, Portugal, Spain, and Sweden.

Note: While this doesn't have a US-nexus, this is something probably worth paying attention to...

Spyware maker Paragon confirms US government is a customer

TechCrunch

This came before some of the revelations in the news item immediately preceding this one, "Spyware maker Paragon terminates contract with Italian government: media reports." The key takeaway here is that Paragon Solutions has a subsidiary in the US and confirmed it licenses its technology to "the United States and its allies."

TSA’s airport facial-recog tech faces audit probe

The Register

Senators inquired whether these facial recognition systems were having any meaningful impact - reduce expenses, reducing wait times, stopping "terrorists," beyond just being hi-tech "security theater." Consequently, the DHS Inspector General launched an audit of the TSA's use of facial recognition.

Privacy Tools and Services

Primarily covers tools and services with a focus on maintaining/improving/respecting user privacy. Generally includes recommended services/tools found on avoidthehack, but also may feature upcoming/other privacy services not necessarily recommended or promoted by avoidthehack.com

Privacy Tools

Firefox desktop 135.0 release notes

Mozilla

A bigger Firefox release (135) featuring progressive rollouts of optional AI chatbot access, credit card autofill, CRlite cert revocation checking, and incorporating safeguards for the history API to prevent abuse by websites.

This release also includes 11 security fixes: 7 classified as high, 4 as moderate, and 2 as low.

Open source YouTube client NewPipe releases v0.27.6 with some enhancements and bug fixes

AlternativeTo

This version fixes bugs such as HTTP 403 errors while playing videos and others which may prevent videos from loading.

Tails 6.12

Tails

Tails 6.12 has important security fixes, including preventing an attacker monitoring Tor circuits when another application in Tails is hijacked and preventing an attacker from changing Persistent Storage settings.

Using custom scriptlets to make the Web work the way you want

Brave

Brave introduces the ability for users to write and inject their own scriptlets into a web page for the Brave Browser (version 1.75).

Privacy Services

Mullvad VPN for Windows on ARM is here!

Mullvad

Mullvad VPN client is now available for Windows ARM desktops.

Vulnerabilities and Malware

Primarily includes severe and exploited vulnerabilities in devices or software used by end users (ex: a major router firmware flaw). Malware campaigns covered generally target/affect the end user.

This section will not contain every vulnerability/CVE or malware campaign reported, but will focus on those with the largest potential impact on a wide range of end users.

Vulnerabilities

Experts Flag Security, Privacy Risks in DeepSeek AI App

Krebs on Security

NowSecure conducted a privacy and security review of the DeepSeek iOS app, finding numerous concerns:

• The app collects significant information about the user's device, including the actual device name. They even comment that this is on "the edge of advanced device fingerprinting."
• The app disables App Transport Security (ATS), an iOS platform level protection preventing sensitive data from being sent over unencrypted channels... so it sends device information in the clear, available for anyone listening to read and modify.
• It could be sharing/exposing information of users... just in Week 5 of the Privacy Roundup, DeepSeek had an internal database exposed to the internet.

Stable Channel Update for Desktop

Google Chrome Releases

Chrome version 133 includes 12 security fixes, including a high severity use-after-free vulnerability in the V8 JavaScript engine (CVE-2025-0445).

Chromium forks should incorporate these security fixes as soon as possible. Users should check with the maintainer...

The post Privacy Roundup: Week 6 of Year 2025 appeared first on Security Boulevard.

Cloud-native certificate lifecycle management (CLM) revolutionizes digital certificate handling by automating issuance, renewal, and revocation. Unlike traditional on-premise methods, cloud-native platforms enhance security, scalability, and efficiency while reducing costs. They leverage automation, containerization, and APIs for seamless integration and real-time monitoring. With advanced cryptographic readiness and reduced downtime, cloud-native CLM ensures future-proof PKI management. Sectigo Certificate Manager (SCM) exemplifies these benefits, delivering flexible, CA-agnostic solutions for enterprises.

The post Cloud-native certificate lifecycle management: exploring the benefits & capabilities appeared first on Security Boulevard.

The world is worried about deepfakes. Research conducted in the U.S. and Australia finds that nearly three-quarters of respondents feel negatively about them, associating the AI-generated phenomenon with fraud and misinformation. But in the workplace, we’re more likely to let our guard down. That’s bad news for businesses as the prospect of LLM-trained malicious digital..

The post Could you Spot a Digital Twin at Work? Get Ready for Hyper-Personalized Attacks appeared first on Security Boulevard.

Let's discuss the major things anyone should look into before choosing an API gateway in today's sprawling, AI-driven threat landscape.

The post API Gateway Security Needs a Stronger Zero-Trust Strategy appeared first on Security Boulevard.

The United Kingdom has made a bold demand to Apple, purporting to require the company to create a backdoor to access encrypted cloud backups of all users worldwide.

The post Hey, UK, Get Off of My Cloud appeared first on Security Boulevard.