https://www.theregister.com/2025/04/16/homeland_security_funding_for_cve/
Uncle Sam abruptly turns off funding for CVE program. Yes, that CVE program
Because vulnerability management has nothing to do with national security, right?
#cve #mitre #security #CVEProgram #infosecnews #infosec #natsec #geopol
Not sure if this git repo owner is on Fedi, but I'm really happy with this RSS infosec news feed. So, thank you!
https://raw.githubusercontent.com/EndlessFractal/Threat-Intel-Feed/main/feed.xml
Staying ahead means staying informed, right? Here's our latest wrap of the day's Cyber News:
ποΈ https://opalsec.io/daily-news-update-thursday-april-3-2025-australia-melbourne/
If you're short on time, hereβs a quick whip-around of the top 3 stories of note:
π΅οΈββοΈ Hunters Ransomware Rethink: Is the heat getting too much? Hunters International leadership reportedly told affiliates ransomware is now too "risky," planning a shift to pure data theft/extortion under a "World Leaks" banner. While their current status is murky, this potential pivot away from encryption echoes moves by other groups and highlights how defensive pressures are forcing attacker evolution β something we all need to track.
π§ White House OpSec Woes: Remember that recent White House Signal mishap? Well, now the same National Security Adviser is reportedly facing heat for using personal Gmail for sensitive (if unclassified) government discussions, raising serious OpSec and compliance alarms. It's a potent reminder for us all: even seemingly benign comms on personal platforms can create significant risks, and basic security hygiene is non-negotiable, especially when sensitive info is involved.
π Verizon API Call Log Leak: Hereβs a worrying find: a simple API flaw in Verizon's Call Filter app exposed the incoming call history of potentially all their wireless customers to each other. Technically, it was a textbook case of broken object-level authorization β the API didn't check if the user's token matched the phone number whose logs were requested in a header. This highlights the critical need for robust API authorization checks and the significant privacy impact even call metadata can have.
Have a read of the full newsletter, and sign up to get all the details straight to your inbox each day:
π¨ https://opalsec.io/daily-news-update-thursday-april-3-2025-australia-melbourne/#/portal/signup
#CyberSecurity #InfoSec #ThreatIntel #Ransomware #DataBreach #DataLeak #Vulnerability #APIsecurity #CloudSecurity #SupplyChainSecurity #Malware #Privacy #CyberAttack #InfoSecNews #ThreatHunting #CISCO #Verizon #GitHub #NationalSecurity #AndroidSecurity #EDR #CyberAwareness
Hey folks, ready for your daily dose of cyber intel? βοΈ
Tuesday's update is out and it's packed with need-to-know updates:
π¨ Critical Next.js Flaw: Authorization bypass vulnerability (CVE-2025-29927) impacting versions before 15.2.3. Upgrade ASAP or block those 'x-middleware-subrequest' headers!
π Weaver Ant's Long Game: Chinese hackers spied on a telco network for four years using compromised Zyxel routers and custom web shells. Talk about persistence!
π VanHelsing RaaS Emerges: A new ransomware player targeting Windows, ARM, ESXi systems. Keep an eye on this one!
βοΈ Oracle Cloud Breach Claims: Did they or didn't they? Oracle denies a breach, but a threat actor is claiming otherwise.
π Ukrainian Railway Hit: Cyberattack disrupts online ticket sales amidst crucial transport operations. Resilience is key.
π DrayTek Router Chaos: ISPs are scrambling as DrayTek routers enter reboot loops. Potential vulnerability or buggy update at play.
π€ AI-Enhanced Cybercrime: Europol warns that organized crime is leveling up with AI, partnering with state-aligned entities.
π°οΈ Starlink Intercepted: Thai authorities seize Starlink transmitters headed for Myanmar scam centers. Criminals are finding ways around cut-offs.
π Cybercrime Crackdown: 300+ suspects arrested in Africa for cyber scams. A win for international law enforcement!
𧬠23andMe's Bankruptcy Woes: Privacy advocates raise concerns about DNA data as 23andMe files for bankruptcy. What happens to all that genetic info?
π Pennsylvania County Ransomware: Sensitive data stolen during a ransomware attack. Another reminder to shore up those defenses.
ποΈβπ¨οΈ China Bans Facial Recognition: Consent is now required for facial recognition in China. But are there exceptions for government and AI training?
π Dive into the full details here: https://opalsec.io/daily-news-update-tuesday-march-25-2025-australia-melbourne/
Stay vigilant, stay informed, and let's keep the digital world a little safer, one update at a time. π‘οΈ
#Cyber #CyberSec #Cybersecurity #InfoSec #ThreatIntelligence #ThreatIntel #Ransomware #NextJS #China #AI #Cybercrime #DataBreach #Privacy #Starlink #Europol #Vulnerability #WeaverAnt #VanHelsing #OracleCloud #Ukraine #DrayTek #23andMe #CyberAttack #infosecurity #Privacy #DataPrivacy #AI #InfoSecNews #News
FYI: From THE Doctor: π΄ Dec 19's Top Cyber News NOW! - Ep 775 https://www.youtube.com/watch?v=T4TONhs5o-o&utm_source=dlvr.it&utm_medium=mastodon ( :-{Δ±β #SimplyCyber #GeraldAuger #infosecnews
ICYMI: From THE Doctor: π΄ Dec 24's Top Cyber News NOW! - Ep 778 https://www.youtube.com/watch?v=lCF4UwPPtJQ&utm_source=dlvr.it&utm_medium=mastodon ( :-{Δ±β #SimplyCyber #GeraldAuger #infosecnews
From THE Doctor: π΄ Dec 30's Top Cyber News NOW! - Ep 781 https://www.youtube.com/watch?v=Wh95nCuHB0k&utm_source=dlvr.it&utm_medium=mastodon ( :-{Δ±β #SimplyCyber #GeraldAuger #infosecnews
FYI: From THE Doctor: π΄ Dec 13's Top Cyber News NOW! - Ep 771 https://www.youtube.com/watch?v=9gYbdv-YLWg&utm_source=dlvr.it&utm_medium=mastodon ( :-{Δ±β #SimplyCyber #GeraldAuger #infosecnews
ICYMI: From THE Doctor: π΄ Dec 19's Top Cyber News NOW! - Ep 775 https://www.youtube.com/watch?v=T4TONhs5o-o&utm_source=dlvr.it&utm_medium=mastodon ( :-{Δ±β #SimplyCyber #GeraldAuger #infosecnews
From THE Doctor: π΄ Dec 24's Top Cyber News NOW! - Ep 778 https://www.youtube.com/watch?v=lCF4UwPPtJQ&utm_source=dlvr.it&utm_medium=mastodon ( :-{Δ±β #SimplyCyber #GeraldAuger #infosecnews
FYI: From THE Doctor: Why Cybersecurity Certs Are BROKEN in 2024 | Industry Expert Jason Dion Reveals The Spicy Truth https://www.youtube.com/watch?v=BXA7OMWTue4&utm_source=dlvr.it&utm_medium=mastodon ( :-{Δ±β #SimplyCyber #GeraldAuger #infosecnews
ICYMI: From THE Doctor: π΄ Dec 13's Top Cyber News NOW! - Ep 771 https://www.youtube.com/watch?v=9gYbdv-YLWg&utm_source=dlvr.it&utm_medium=mastodon ( :-{Δ±β #SimplyCyber #GeraldAuger #infosecnews
From THE Doctor: π΄ Dec 19's Top Cyber News NOW! - Ep 775 https://www.youtube.com/watch?v=T4TONhs5o-o&utm_source=dlvr.it&utm_medium=mastodon ( :-{Δ±β #SimplyCyber #GeraldAuger #infosecnews
FYI: From BHIS: BHIS - Talkin' Bout [infosec] News 2025-01-06 #livestream #infosec #infosecnews https://www.youtube.com/watch?v=neGFvzff5rU&utm_source=dlvr.it&utm_medium=mastodon ( :-{Δ±β #BlackHillsInfoSec #cybersecurity #infosec
FYI: From THE Doctor: π΄ Dec 20's Top Cyber News NOW! - Ep 776 https://www.youtube.com/watch?v=5jKhwVpSllc&utm_source=dlvr.it&utm_medium=mastodon ( :-{Δ±β #SimplyCyber #GeraldAuger #infosecnews
ICYMI: From THE Doctor: Why Cybersecurity Certs Are BROKEN in 2024 | Industry Expert Jason Dion Reveals The Spicy Truth https://www.youtube.com/watch?v=BXA7OMWTue4&utm_source=dlvr.it&utm_medium=mastodon ( :-{Δ±β #SimplyCyber #GeraldAuger #infosecnews
From THE Doctor: π΄ Dec 13's Top Cyber News NOW! - Ep 771 https://www.youtube.com/watch?v=9gYbdv-YLWg&utm_source=dlvr.it&utm_medium=mastodon ( :-{Δ±β #SimplyCyber #GeraldAuger #infosecnews
FYI: From BHIS: REKAST - Talkin' Bout [infosec] News 2024-12-16 #infosecnews #cybersecurity #podcast #podcastclips https://www.youtube.com/watch?v=KTfk1bRtLco&utm_source=dlvr.it&utm_medium=mastodon ( :-{Δ±β #BlackHillsInfoSec #cybersecurity #infosec
ICYMI: From BHIS: BHIS - Talkin' Bout [infosec] News 2025-01-06 #livestream #infosec #infosecnews https://www.youtube.com/watch?v=neGFvzff5rU&utm_source=dlvr.it&utm_medium=mastodon ( :-{Δ±β #BlackHillsInfoSec #cybersecurity #infosec
FYI: From THE Doctor: π΄ Dec 27's Top Cyber News NOW! - Ep 780 https://www.youtube.com/watch?v=xI7lobDrffo&utm_source=dlvr.it&utm_medium=mastodon ( :-{Δ±β #SimplyCyber #GeraldAuger #infosecnews
