Lmst

ServiceNow's $7.75B acquisition of Armis marks its largest deal to date, signaling a strategic shift toward AI-native security. By integrating real-time asset intelligence into enterprise workflows, they are positioning security as a core governance layer for the agentic AI era.

#tech #bigTech #technology #technologyNews #servicenow #armis #cybersecurity

It's been a busy 24 hours in the cyber world with significant updates on AI-driven scams, a major phishing platform takedown, chatbot vulnerabilities, and big tech's strategic moves. Let's dive in:

AI-Driven Scams and Phishing Takedowns 🎣
- The SEC has charged multiple entities in a $14 million cryptocurrency scam where fraudsters used social media, fake financial professionals, and AI-generated investment tips to lure victims into fake trading platforms and steal their funds.
- The Nomani investment scam has surged by 62%, now leveraging highly realistic AI deepfake videos of public figures and bogus news articles across social media platforms like YouTube to promote non-existent investment products.
- US law enforcement successfully shut down web3adspanels.org, a platform facilitating SEO poisoning campaigns that stole bank account credentials, leading to $14.6 million in losses and highlighting the continued effectiveness of social engineering to bypass MFA.

📰 The Hacker News | https://thehackernews.com/2025/12/sec-files-charges-over-14-million-crypto-scam-using-fake-ai-themed-investment-tips.html
📰 The Hacker News | https://thehackernews.com/2025/12/nomani-investment-scam-surges-62-using-ai-deepfake-ads-on-social-media.html
🕵🏼 The Register | https://go.theregister.com/feed/www.theregister.com/2025/12/24/us_shutters_phishermens_146m_passwordhording/

Chatbot Vulnerabilities & Disclosure Woes 🤖
- Researchers at Pen Test Partners uncovered four critical flaws in Eurostar's public AI chatbot, including prompt injection and HTML injection, which could lead to system prompt leakage and potential stored/shared XSS.
- The vulnerabilities stemmed from the chatbot's API design, which only performed guardrail checks on the latest message, allowing attackers to tamper with earlier messages in the chat history.
- The responsible disclosure process was fraught with issues, including Eurostar outsourcing its VDP and its head of security allegedly accusing the pen testers of "blackmail" for following up on their report.

🕵🏼 The Register | https://go.theregister.com/feed/www.theregister.com/2025/12/24/pentesters_reported_eurostar_chatbot_flaws/

Apple Fined Over ATT Rules ⚖️
- Italy's antitrust authority has fined Apple €98.6 million, asserting that its App Tracking Transparency (ATT) framework unfairly restricts competition in the App Store.
- The AGCM found that ATT imposes "disproportionate" and excessively burdensome double-consent requirements on third-party developers for personalised ads, while Apple's own apps can gain consent in a single tap.
- This ruling highlights ongoing regulatory scrutiny of Apple's privacy policies and their impact on market competition, with similar probes in other European countries.

📰 The Hacker News | https://thehackernews.com/2025/12/24/italy-fines-apple-986-million-over-att-rules-limiting-app-store-competition.html

Strategic Tech Shifts & Acquisitions 🚀
- ServiceNow is set to acquire cybersecurity firm Armis for $7.75 billion, aiming to integrate Armis' real-time security intelligence with its CMDB to enhance cyber exposure management and vulnerability response with AI.
- This acquisition is part of ServiceNow's broader strategy to expand its security and data management capabilities, following other recent buys like identity security platform Veza and data governance platform Data.World.
- Microsoft has announced an ambitious goal to eliminate all C and C++ code from its codebase by 2030, migrating to memory-safe Rust to significantly improve software security and reduce common vulnerabilities.

🕵🏼 The Register | https://go.theregister.com/feed/www.theregister.com/2025/12/23/servicenow_to_buy_armis_in/
🗞️ The Record | https://therecord.media/servicenow-cyber-armis-acquisition
🕵🏼 The Register | https://go.theregister.com/feed/www.theregister.com/2025/12/24/microsoft_rust_codebase_migration/

#CyberSecurity #ThreatIntelligence #AIScams #Phishing #Deepfake #Vulnerability #PromptInjection #ResponsibleDisclosure #DataPrivacy #RegulatoryCompliance #Acquisition #ServiceNow #Armis #Microsoft #RustLang #InfoSec

ServiceNow to acquire cybersecurity startup Armis for $7.75B

https://fed.brid.gy/r/https://techcrunch.com/2025/12/23/servicenow-to-acquire-cybersecurity-startup-armis-for-7-75b/

ServiceNow acquiert Armis pour 7,75 Md$
https://www.lemondeinformatique.fr/actualites/lire-servicenow-acquiert-armis-pour-7-75-md$-98885.html

#Infosec #Security #Cybersecurity #CeptBiro #ServiceNow #Armis

Armis raises $435M pre-IPO round at $6.1B valuation after refusing M&A offers

Cybersecurity is a massive sector, but startups in the category are more likely to be acquired than go…
#NewsBeep #News #Headlines #Armis #GoldmanSachs #IL #IPO #Israel
https://www.newsbeep.com/230736/

Huge thanks to #Armis for sponsoring this month’s #BurbSecNorth—great conversations, great community, and a great time had by all!

Octavio - 愛して / Aishite Aishite Aishite (song cover MV)

Octavio - 愛して / Aishite Aishite Aishite (song cover... #hololive #hololiveenglish #hololiveen #holoen #holoarmis #armis #octavio #cover #holo #holostarsenglish #holostarsen #vtuber

https://youtu.be/OaPjoKpm7xk

Crunchyroll interview: Holostars' Jurard T. Rexford is Determined to be a Success

> Jurard T. Rexford is more than just a pretty face — he's determined to be a huge success in the Vtubing world. That's why he prepares for his streams by... screaming? Hey, whatever works. Check out the interview to learn all about the dino prince's first three months as a Vtuber, then stick around for his top 11 anime of all... #hololive #hololiveenglish #hololiveen #holoen #holostars #holostarsenglish #holostarsen #armis #crunchyroll #interview

https://www.crunchyroll.com/news/interviews/2024/2/19/holostars-jurard-t-rexford-interview-top-anime

#Armis researchers have uncovered 9 security #vulnerabilities in the #Honeywell #Experion DCS platforms. These vulnerabilities have a #CVSS 3 score of 9.8/10.

It's noted that if attackers successfully #exploit these vulnerabilities, they could cause a denial-of-service, allow privilege escalation or allow for remote code execution.

Organizations with these Honeywell products are advised to #patch immediately.

#infosec #cybersecurity #PatchManagement #VulnerabilityManagement #ICSSecurity #RCE

https://www.cisa.gov/news-events/ics-advisories/icsa-23-194-06

https://industrialcyber.co/vulnerabilities/armis-researchers-disclose-nine-vulnerabilities-in-honeywell-experion-platforms-for-distributed-control-systems/

Heute im #Porträt: Die #Digitalisierung und die #Vernetzung unterschiedlicher Geräte gehen voran – damit wächst auch die Angriffsfläche für #Cyberattacken. Yevgeny Dibrov, der Co-Gründer der Sicherheitsfirma #Armis, will dafür eine Lösung bieten und hat dabei auch besonders sensible Sektoren im Blick.

Jetzt lesen 👉 https://background.tagesspiegel.de/cybersecurity/yevgeny-dibrov?utm_source=mastodon.com&utm_medium=social&utm_campaign=mastodon&utm_content=cs+lesen

Spotlight: Your IoT Risk Is Bigger Than You Think. (And What To Do About It.) - In this Spotlight edition of the podcast, we’re joined by Curtis Simpson, the Chie... https://feeds.feedblitz.com/~/671351780/0/thesecurityledger~Spotlight-Your-IoT-Risk-Is-Bigger-Than-You-Think-And-What-To-Do-About-It/ #internetofthings #operatingsystem #cybersecurity #technologies #companies #spotlight #podcasts #software #vxworks #podcast #armis #cisco #rtos

Sicherheitslücken erlaubten Forschern die komplette Übernahme von "Translogic"-Rohrpostsystemen. Hersteller Swisslog Healthcare hat Updates veröffentlicht.
PwnedPiper: Rohrpostsysteme in US-Krankenhäusern über Firmware-Lücken angreifbar