BleepingComputer.com.
"Microsoft: Hackers steal emails in device code phishing attacks."
Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents. Accessed on 15 February 2025, 1529 UTC.
Content and Source: https://www.bleepingcomputer.com/
Please check link or scroll down to read your selections. Thanks for joining us today.
Russ Roberts (https://www.hawaiicybersecurityjournal.net).
Microsoft: Hackers steal emails in device code phishing attacks
An active campaign from a threat actor potentially linked to Russia is targeting Microsoft 365 accounts of individuals at organizations of interest using device code phishing.
- February 15, 2025
- 10:22 AM
0
Ditch subscription fees—this Microsoft Office standalone license is the real deal
If you're tired of the endless subscription payments, this Microsoft Office standalone license is your way out, which you can get for Mac or PC on StackSocial for $139.97 (reg. $149.99).
- February 15, 2025
- 08:09 AM
- 0
Sponsored Content
5 ways new AI agents can automate identity attacks | Register nowStruggling to filter AI hype from genuine threat? Check out the latest webinar from Push Security to learn how new AI Computer-Using Agents (no, not DeepSeek) can be used to automate identity attacks.
Hackers exploit authentication bypass in Palo Alto Networks PAN-OS
Hackers are launching attacks against Palo Alto Networks PAN-OS firewalls by exploiting a recently fixed vulnerability (CVE-2025-0108) that allows bypassing authentication.
- February 14, 2025
- 04:20 PM
- 0
Keep your gear charged with this 100W USB-C GaN charger deal
As the gear we need on the road expands, our need for fast, efficient, and safer charging becomes ever more pressing. This 100W GaN charger can help you keep your batteries topped up for $59.99, 49% off the $119 MSRP.
- February 14, 2025
- 02:09 PM
- 0
SonicWall firewall bug leveraged in attacks after PoC exploit release
Attackers are now targeting an authentication bypass vulnerability affecting SonicWall firewalls shortly after the release of proof-of-concept (PoC) exploit code.
- February 14, 2025
- 01:13 PM
- 0
Malicious PirateFi game infects Steam users with Vidar malware
A free-to-play game named PirateFi in the Steam store has been distributing the Vidar infostealing malware to unsuspecting users.
- February 14, 2025
- 12:32 PM
- 0
PostgreSQL flaw exploited as zero-day in BeyondTrust breach
Rapid7's vulnerability research team says attackers exploited a PostgreSQL security flaw as a zero-day to breach the network of privileged access management company BeyondTrust in December.
- February 14, 2025
- 09:15 AM
- 0
Chinese hackers breach more US telecoms via unpatched Cisco routers
China's Salt Typhoon hackers are still actively targeting telecoms worldwide and have breached more U.S. telecommunications providers via unpatched Cisco IOS XE network devices.
- February 14, 2025
- 07:56 AM
- 1
Get an exclusive StackSocial price on a lifetime of all Babbel languages
For a limited time, you can access all 14 languages Babbel offers for just $129.99 (reg. $169.99) when you use code LEARN40 through February 17. That's $40 off this best-selling language learning app trusted by millions worldwide.
- February 14, 2025
- 07:10 AM
- 0
Microsoft fixes bug causing Windows Server 2025 boot errors
Microsoft has fixed a known issue causing "boot device inaccessible" errors during startup on some Windows Server 2025 systems using iSCSI.
- February 14, 2025
- 06:18 AM
- 0
whoAMI attacks give hackers code execution on Amazon EC2 instances
Security researchers discovered a name confusion attack that allows access to an Amazon Web Services account to anyone that publishes an Amazon Machine Image (AMI) with a specific name.
- February 13, 2025
- 06:35 PM
- 0
Get started as a YouTube content creator with this course deal
Could you turn your YouTube watch sessions into your new job? Now priced at only $39.99 (reg. $109), this course could help you get started in video creation and editing before you ever hit "upload."
- February 13, 2025
- 02:09 PM
- 0
Dutch Police seizes 127 XHost servers, dismantles bulletproof hoster
The Dutch Police (Politie) dismantled the ZServers/XHost bulletproof hosting operation after taking offline 127 servers used by the illegal platform.
- February 13, 2025
- 01:26 PM
- 0
Hacker leaks account data of 12 million Zacks Investment users
Zacks Investment Research (Zacks) last year reportedly suffered another data breach that exposed sensitive information related to roughly 12 million accounts.
- February 13, 2025
- 12:39 PM
- 0
Chinese espionage tools deployed in RA World ransomware attack
A China-based threat actor, tracked as Emperor Dragonfly and commonly associated with cybercriminal endeavors, has been observed using in a ransomware attack a toolset previously attributed to espionage actors.
- February 13, 2025
- 09:31 AM
- 0
Train for your Microsoft Azure certification exam with this course deal
Cloud computing is one of the most useful tools IT departments can deploy, and Microsoft Azure is one of the most popular platforms. The 2025 Microsoft Azure exam certification prep bundle helps you get certified in Microsoft's cloud, and you can get it for $39.99 (reg. $117) while supplies last.
- February 13, 2025
- 07:09 AM
- 0
zkLend loses $9.5M in crypto heist, asks hacker to return 90%
Decentralized money lender zkLend suffered a breach where threat actors exploited a smart contract flaw to steal 3,600 Ethereum, worth $9.5 million at the time.
- February 12, 2025
- 06:08 PM
- 1
Surge in attacks exploiting old ThinkPHP and ownCloud flaws
Increased hacker activity has been observed in attempts to compromise poorly maintained devices that are vulnerable to older security issues from 2022 and 2023.
- February 12, 2025
- 06:04 PM
- 0
Sarcoma ransomware claims breach at giant PCB maker Unimicron
A relatively new ransomware operation named 'Sarcoma' has claimed responsibility for an attack against the Unimicron printed circuit boards (PCB) maker in Taiwan.
- February 12, 2025
- 02:24 PM
- 0
DPRK hackers dupe targets into typing PowerShell commands as admin
North Korean state actor 'Kimsuky' (aka 'Emerald Sleet' or 'Velvet Chollima') has been observed using a new tactic inspired from the now widespread ClickFix campaigns.
- February 12, 2025
- 01:56 PM
- 3
Comments
Post a Comment
Please leave a comment about our recent post.