"Thailand targets cyber sweatshops to free 1,000s of captives."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.   Accessed on 24 February 2025, 0324 UTC.

Content and Source:  Email subscritption via https://feedly.com.

 https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Fwww.darkreading.com%2Frss%2Fall.xml

Please check link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Dark Reading

164K followers32 articles per week

#security#tech

44

Most popular

Thailand Targets Cyber Sweatshops to Free 1,000s of Captives

by Tara Seals, Managing Editor, News, Dark Reading / 2h

Thai police said it was expecting to soon welcome 7,000 human trafficking victims, forced to work on cybercrime scams in call centers in Mynmar, in a first wave of people being freed from captivity.

Google Adds Quantum-Resistant Digital Signatures to Cloud KMS

by Jeffrey Schwartz / 3d

The Cloud Key Management Service is part of Google's new road map for implementing the new NIST-based post-quantum cryptography (PQC) standards.

Cisco Confirms Salt Typhoon Exploitation in Telecom Hits

2 TTPs

•

by Kristina Beek, Associate Editor, Dark Reading / 2d

In addition to using CVE-2018-0171 and other Cisco bugs to break into telecom networks, the China-sponsored APT is also using stolen login credentials for initial access.

Feb 21, 2025

Black Basta Goes Dark Amid Infighting, Chat Leaks Show

2 TTPs

•

by Nate Nelson, Contributing Writer / 2d

•

Black Basta ransomware chat logs leaked

One of 2024's most active ransomware outfits has been asleep through early 2025, thanks to reality-show-style, behind-the-scenes drama.

Nations Open 'Data Embassies' to Protect Critical Info

by Robert Lemos, Contributing Writer / 2d

Estonia and Monaco back up their citizens' information to a data center in Luxembourg, while Singapore looks to India as its safe haven for data. But geopolitical challenges remain.

4 Low-Cost Ways to Defend Your Organization Against Deepfakes

by Eyal Benishti / 2d

Every organization should be exploring a layered approach in which artificial and human intelligences come together to form a rich, dynamic, and multifaceted deepfake defense strategy tailored to its needs.

Data Suggests It's Time to Rethink Cloud Permissions

by Liat Hayun / 2d

Excessive privileges and visibility gaps create a breeding ground for cyber threats.

Feb 20, 2025

Ghost Ransomware Targets Orgs in 70+ Countries

5 TTPs

•

by Elizabeth Montalbano, Contributing Writer / 3d

•

CISA warns about Ghost ransomware

The China-backed threat group often acts swiftly, going from initial access to compromise in just one day, a behavior atypical of cybercriminal groups.

ZEST Security's Cloud Risk Exposure Impact Report Reveals 62% of Incidents are Related to Risks Known to the Organization

3d

[no content]

When Brand Loyalty Trumps Data Security

by Paul Underwood / 3d

Brand loyalty can act as a shield protecting organizations from the immediate impact of a breach, but that protection has a shelf life.

Signs Your Organization's Culture Is Hurting Your Cybersecurity

by Joan Goodchild / 3d

High turnover, burnout, and blame-heavy environments do more than hurt morale. They also weaken security and put the organization at risk.

Content Credentials Show Promise, but Ecosystem Still Young

by Robert Lemos, Contributing Writer / 3d

While AI-generation services and major camera makers are adopting the specification for digitally signed metadata, creating a workflow around the nascent ecosystem is still a challenge.

Deepwatch Acquires Dassana to Boost Cyber-Resilience With AI

Deepwatch acquires Dassana for AI security

•

by Dark Reading Staff / 3d

Acquisition strengthens Deepwatch Platform capabilities with actionable insights and risk-based prioritization.

'Darcula' Phishing Kit Can Now Impersonate Any Brand

by Nate Nelson, Contributing Writer / 3d

With Version 3, would-be phishers can cut and paste a big brand's URL into a template and let automation do the rest.

Feb 19, 2025

Australian Critical Infrastructure Faces 'Acute' Foreign Threats

Foreign plots against Australians revealed

•

by Nate Nelson, Contributing Writer / 4d

The continent faces "relentless" military espionage, and increased cyber sabotage at the hands of authoritarian regimes, according to a high-ranking intelligence director.

Russian Groups Target Signal Messenger in Spy Campaign

5 TTPs

•

by Jai Vijayan, Contributing Writer / 4d

•

Russian hackers target Signal Messenger

These sorts of attacks reveal growing adversary interest in secure messaging apps used by high-value targets for communication, Google says.

Insight Partners, VC Giant, Falls to Social Engineering

3 TTPs

•

by Tara Seals, Managing Editor, News, Dark Reading / 4d

•

Insight Partners suffers cyberattack

The startup incubator and PR firm with holdings in more than 70 cybersecurity firms has announced a data breach with as-yet-unknown effects.

Patch Now: CISA Warns of Palo Alto Flaw Exploited in the Wild

3 TTPs

•

by Elizabeth Montalbano, Contributing Writer / 4d

•

CVE-2025-0108 & 2 others

The authentication bypass vulnerability in the OS for the company's firewall devices is under increasing attack and being chained with other bugs, making it imperative for organizations to mitigate the issue ASAP.

What Is the Board's Role in Cyber-Risk Management in OT Environments?

4d

By taking several proactive steps, boards can improve their organization's resilience against cyberattacks and protect their critical OT assets.

Feb 18, 2025

North Korea's Kimsuky Taps Trusted Platforms to Attack South Korea

13 TTPs

•

by Robert Lemos, Contributing Writer / 5d

•

North Korean hackers target South Korea

The campaign heavily uses Dropbox folders and PowerShell scripts to evade detection and quickly scrapped infrastructure components after researchers began poking around.

Xerox Printer Vulnerabilities Enable Credential Capture

6 TTPs

•

by Jai Vijayan, Contributing Writer / 5d

•

Xerox printers vulnerable to attacks

Attackers are using patched bugs to potentially gain unfettered access to an organization's Windows environment under certain conditions.

Thrive Acquires Secured Network Services

5d

[no content]

SANS Institute Launches AI Cybersecurity Hackathon

SANS Institute launches AI security hackathon

•

5d

[no content]

China-Linked Threat Group Targets Japanese Orgs' Servers

5 TTPs

•

by Kristina Beek, Associate Editor, Dark Reading / 5d

•

Winnti Group targets Japan with malware

Winnti once used a variety of malware but is now focused on SQL vulnerabilities and obfuscation, updated encryption, and new evasion methods to gain access.

Microsoft: New Variant of macOS Threat XCSSET Spotted in the Wild

12 TTPs

•

by Elizabeth Montalbano, Contributing Writer / 5d

•

XCSSET malware targets macOS developers

Microsoft is warning the modular and potentially wormable Apple-focused infostealer boasts new capabilities for obfuscation, persistence, and infection, and could lead to a supply chain attack.

Introducing enQase for Quantum-Safe Security

5G Americas addresses quantum security threats

•

5d

[no content]

Feb 14, 2025

This Security Firm's 'Bias' Is Also Its Superpower

by Mercedes Cardona / 9d

Credible Security's founders bring their varied experiences to help growing companies turn trust into a strategic advantage.

How Banks Can Adapt to the Rising Threat of Financial Crime

by Alena Robertson / 9d

Banking fraud and financial crimes are growing more sophisticated every day. By understanding the threats and building strong collaborations, banks can protect themselves and their clients.

Open Source AI Models: Perfect Storm for Malicious Code, Vulnerabilities

by Robert Lemos, Contributing Writer / 9d

Companies pursing internal AI development using models from Hugging Face and other open source repositories need to focus on supply chain security and checking for vulnerabilities.

Salt Typhoon Exploits Cisco Devices in Telco Infrastructure

6 TTPs

•

by Nate Nelson, Contributing Writer / 9d

The China-sponsored state espionage group has exploited known, older bugs in Cisco gear for successful cyber intrusions on six continents in the past two months.

Warning: Tunnel of Love Leads to Scams

Crypto scams reach record $9.9B

•

200+by Kristina Beek, Associate Editor, Dark Reading / 9d

Romance-baiting losses were up 40% last year, as more and more pig-butchering efforts crop up in the wild.

CyberArk Makes Identity Security Play With Zilla Acquisition

CyberArk acquires Zilla Security

•

by Jeffrey Schwartz / 9d

CyberArk announces the Zilla deal on the same day leading identity service provider SailPoint returns to the public markets.