Aggregator

New Horizons Baking Company Has Fallen Victim to Cactus Ransomware

Dark Storm Team Targeted the Website of Bank of Central African States (BEAC)

EIT Oxford's Dr. Laura Gilbert on AI Accountability and Responsible AI Adoption
AI adoption demands a balance between ethics, regulation and compliance. Dr. Laura Gilbert, head of AI for government at EIT Oxford and Tony Blair Institute for Global Change, and AI expert advisor for the British government, discusses how AI can enhance decision-making in public and private sectors.

Both Ransomware Operations Remain Active and Pose a Threat, Experts Warn
Ransomware business moves: Attacks tied to BlackLock have been surging, likely bolstered by the group's custom-built malware, while the long-running Black Basta operation remains a threat, even as it looks set to disband due to core members facing "fatigue," report cybercrime experts.

EIT Oxford's Dr. Laura Gilbert on AI Accountability and Responsible AI Adoption
AI adoption demands a balance between ethics, regulation and compliance. Dr. Laura Gilbert, head of AI for government at EIT Oxford and Tony Blair Institute for Global Change, and AI expert advisor for the British government, discusses how AI can enhance decision-making in public and private sectors.

Both Ransomware Operations Remain Active and Pose a Threat, Experts Warn
Ransomware business moves: Attacks tied to BlackLock have been surging, likely bolstered by the group's custom-built malware, while the long-running Black Basta operation remains a threat, even as it looks set to disband due to core members facing "fatigue," report cybercrime experts.

The new Cloud Key Management Service is part of Google’s new roadmap for implementing the new NIST-based post-quantum cryptography (PQC) standards.

Name: PascalCTF Beginners 2025 (an PascalCTF event.)
Date: Feb. 17, 2025, 3 p.m. — 17 Feb. 2025, 20:00 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://ctf.pascalctf.it/
Rating weight: 0
Event organizers: Paolo

Name: ThunderCipher (an ThunderCipher CTF event.)
Date: Feb. 20, 2025, 7:30 a.m. — 20 Feb. 2025, 13:30 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://thundercipher.tech/
Rating weight: 0
Event organizers: ThunderCipher

Check Point Software Technologies Ltd. has announced plans to establish its inaugural Asia-Pacific Research and Development (R&D) Centre in Bengaluru, India. This initiative, unveiled during the CPX Bangkok 2025 conference, aims to drive innovation in cybersecurity solutions while strengthening global product development and talent acquisition. The Bengaluru centre underscores Check Point’s commitment to leveraging India’s […]

The post Check Point Software to Open First Asia-Pacific R&D Centre in Bengaluru, India appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A recent investigation into Ivanti Endpoint Manager (EPM) has uncovered four critical vulnerabilities that could allow unauthenticated attackers to exploit machine account credentials for relay attacks, potentially leading to server compromise. These vulnerabilities, identified in the C:\Program Files\LANDesk\ManagementSuite\WSVulnerabilityCore.dll, were patched in January 2025 following their discovery in October 2024. The vulnerabilities are categorized as follows: […]

The post PoC Exploit Released for Ivanti EPM Vulnerabilities appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

As of February 2025, ransomware remains a formidable cyber threat, evolving in complexity and scale. The ransomware ecosystem has adapted to previous law enforcement disruptions, showcasing a resilient business model that continues to attract financially motivated cybercriminals. The proliferation of Ransomware-as-a-Service (RaaS) has significantly contributed to the volume of attacks, allowing less experienced affiliates to […]

The post Ransomware Trends 2025 – What’s new appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

ESET researchers have uncovered a series of malicious activities orchestrated by a North Korea-aligned group known as DeceptiveDevelopment, active since early 20241. The cybercriminals pose as company recruiters, enticing freelance software developers with fake employment offers. As part of the elaborate ruse, targets are asked to complete coding tests, such as adding features to existing […]

The post Hackers Delivering Malware Bundled with Fake Job Interview Challenges appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cybersecurity researchers from Palo Alto Networks’ Unit 42 disclosed the resurgence of the Bookworm malware, which has been linked to the Stately Taurus threat actor group. This malware employs a sophisticated DLL sideloading technique that enables it to infiltrate Windows systems effectively. The research highlights overlaps between the infrastructure used by Stately Taurus and the […]

The post New Bookworm Malware Using SLL Sideloading Technique To Windows appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A recent investigation has uncovered a malicious application, DriverEasy, masquerading as a legitimate Google Chrome update to steal user credentials. The malware leverages Dropbox’s API to exfiltrate sensitive information, including passwords, and is linked to North Korea’s cyber-espionage campaign known as “Contagious Interview.” Password Theft via Fake Prompts DriverEasy, written in Swift and Objective-C, deploys […]

The post Fake Chrome Update Delivers DriverEasy Malware by Abusing Dropbox appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Fake job ads target freelance developers, spreading malware via GitHub

Currently trending CVE - hypeScore: 4 - Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information.

Currently trending CVE - hypeScore: 6 - Missing Authentication for Critical Function in Microsoft Bing allows an unauthorized attacker to execute code over a network

Currently trending CVE - hypeScore: 10 - Authenticated privilege escalation in NetScaler Console and NetScaler Agent allows.