January 2025 – Page 30

CISA Calls For Action to Close the Software Understanding Gap

Cyber Insights 2025: Identities

Both human and machine identities occupy a unique position: they are simultaneously the foundation of cybersecurity and its weakest link.

The post Cyber Insights 2025: Identities appeared first on SecurityWeek.

Biden Executive Order Aims to Shore Up US Cyber Defenses

President Joe Biden issued an executive order aimed at strengthening the nation’s cybersecurity and making it easier to go after foreign adversaries or hacking groups.

The post Biden Executive Order Aims to Shore Up US Cyber Defenses appeared first on SecurityWeek.

The $10 Cyber Threat Responsible for the Biggest Breaches of 2024

You can tell the story of the current state of stolen credential-based attacks in three numbers:

Stolen credentials were the #1 attacker action in 2023/24, and the breach vector for 80% of web app attacks. (Source: Verizon).
Cybersecurity budgets grew again in 2024, with organizations now spending almost $1,100 per user (Source: Forrester).
Stolen credentials on criminal forums cost as

New UEFI Secure Boot Vulnerability Could Allow Attackers to Load Malicious Bootkits

Details have emerged about a now-patched security vulnerability that could allow a bypass of the Secure Boot mechanism in Unified Extensible Firmware Interface (UEFI) systems.
The vulnerability, assigned the CVE identifier CVE-2024-7344 (CVSS score: 6.7), resides in a UEFI application signed by Microsoft’s “Microsoft Corporation UEFI CA 2011” third-party UEFI certificate, according to a new

Researchers Find Exploit Allowing NTLMv1 Despite Active Directory Restrictions

Cybersecurity researchers have found that the Microsoft Active Directory Group Policy that’s designed to disable NT LAN Manager (NTLM) v1 can be trivially bypassed by a misconfiguration.
“A simple misconfiguration in on-premise applications can override the Group Policy, effectively negating the Group Policy designed to stop NTLMv1 authentications,” Silverfort researcher Dor Segal said in a

Data From 15,000 Fortinet Firewalls Leaked by Hackers

Hackers have leaked 15,000 Fortinet firewall configurations, which were apparently obtained as a result of exploitation of CVE-2022–40684.

The post Data From 15,000 Fortinet Firewalls Leaked by Hackers appeared first on SecurityWeek.

Hackers Hide Malware in Images to Deploy VIP Keylogger and 0bj3ctivity Stealer

Threat actors have been observed concealing malicious code in images to deliver malware such as VIP Keylogger and 0bj3ctivity Stealer as part of separate campaigns.
“In both campaigns, attackers hid malicious code in images they uploaded to archive[.]org, a file-hosting website, and used the same .NET loader to install their final payloads,” HP Wolf Security said in its Threat Insights Report

2024 US Healthcare Data Breaches: 585 Incidents, 180 Million Compromised User Records

In 2024 organizations informed the US government about 585 healthcare data breaches affecting a total of nearly 180 million user records.

The post 2024 US Healthcare Data Breaches: 585 Incidents, 180 Million Compromised User Records appeared first on SecurityWeek.

Python-Based Malware Powers RansomHub Ransomware to Exploit Network Flaws

Cybersecurity researchers have detailed an attack that involved a threat actor utilizing a Python-based backdoor to maintain persistent access to compromised endpoints and then leveraged this access to deploy the RansomHub ransomware throughout the target network.
According to GuidePoint Security, initial access is said to have been facilitated by means of a JavaScript malware downloaded named

Month: January 2025