"The foundations of a resilient cyber workforce."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 23 April 2025, 1457 UTC.

Content and Source:  Email subscription via https://feedly.com.

 https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Fwww.darkreading.com%2Frss%2Fall.xml

Please check link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Dark Reading

167K followers39 articles per week

#security#tech

86

Today

The Foundations of a Resilient Cyber Workforce

by Mohan Koo / 53min

In a world where insider threats, nation-state adversaries, and technological evolution create new challenges, companies must prioritize transparency, ethical leadership, and a culture rooted in trust.

How Emerging AI Frameworks Drive Business Value and Mitigate Risk

by Gadi Evron / 2h

Understanding how multiple AI models speak to each other and deciding which framework to use requires careful evaluation of both the business benefits of advanced AI orchestration and the cybersecurity implications of connecting automated services.

Terra Security Automates Penetration Testing With Agentic AI

Terra Security raises 7.5M$ for AI

•

by Arielle Waldman / 2h

Agentic AI's appeal is growing as organizations seek more autonomous and hands-off approaches to their security protocols.

Yesterday

Zambia's Updated Cyber Laws Prompt Surveillance Warnings

LAZ challenges new cyber laws

•

by Robert Lemos, Contributing Writer / 10h

Critics — which include the US embassy in Zambia — contend the just-signed Cyber Security Act and the Cyber Crime Act allow suppression of dissent and too much concentration of power.

Verizon: Edge Bugs Soar, Ransoms Lag, SMBs Bedeviled

Verizon 2025 DBIR highlights vulnerabilities

•

by Nate Nelson, Contributing Writer / 10h

The cybersecurity landscape confounded expectations in 2024, as anticipated threats and risk didn't materialize and less widely touted attack scenarios shot up.

Microsoft Purges Millions of Cloud Tenants in Wake of Storm-0558

Microsoft enhances cybersecurity initiatives

•

by Jai Vijayan, Contributing Writer / 17h

The tech giant is boosting Entra ID and MSA security as part of the wide-ranging Secure Future Initiative (SFI) that the company launched following a Chinese APT's breach of its Exchange Online environment in 2023.

City of Abilene Goes Offline in Wake of Cyberattack

Impact (Enterprise TA0040)

•

by Kristina Beek, Associate Editor, Dark Reading / 18h

•

Abilene city hit by cyberattack

The Texas municipality is following its incident response playbook as it works with a third-party to investigate the scope and scale of the attack.

3 More Healthcare Orgs Hit by Ransomware Attacks

Healthcare data breaches affect 245000

•

by Alexander Culafi, Senior News Writer, Dark Reading / 18h

Dialysis firm DaVita, Wisconsin-based Bell Ambulance, and Alabama Ophthalmology Associates all suffered apparent or confirmed ransomware attacks this month.

'Cookie Bite' Entra ID Attack Exposes Microsoft 365

Cookie-Bite attack exploits browser extensions

•

by Elizabeth Montalbano, Contributing Writer / 22h

A proof-of-concept (PoC) attack vector exploits two Azure authentication tokens from within a browser, giving threat actors persistent access to key cloud services, including Microsoft 365 applications.

DeepSeek Breach Opens Floodgates to Dark Web

4 TTPs

•

100+by Emma Zaballos / 1d

The incident should serve as a critical wake-up call. The stakes are simply too high to treat AI security as an afterthought — especially when the Dark Web stands ready to capitalize on every vulnerability.

Apr 21, 2025

'Fog' Hackers Troll Victims With DOGE Ransom Notes

10 TTPs

•

by Jai Vijayan, Contributing Writer / 1d

•

FOG ransomware exploits DOGE branding

Since January, threat actors distributing the malware have notched up more than 100 victims.

'Elusive Comet' Attackers Use Zoom to Swindle Victims

3 TTPs

•

by Kristina Beek, Associate Editor, Dark Reading / 1d

•

Zoom attacks exploit social engineering

The threat actor uses sophisticated social engineering techniques to infect a victim's device, either with an infostealer or remote access Trojan (RAT).

Nation-State Threats Put SMBs in Their Sights

by Robert Lemos, Contributing Writer / 1d

Cyberthreat groups increasingly see small and medium-sized businesses, especially those with links to larger businesses, as the weak link in the supply chain for software and IT services.

Can Cybersecurity Weather the Current Economic Chaos?

by Robert Lemos, Contributing Writer / 1d

Cybersecurity firms tend to be more software- and service-oriented than their peers, and threats tend to increase during a downturn, leaving analysts hopeful that the industry will buck a recession.

ASUS Urges Users to Patch AiCloud Router Vuln Immediately

CVE-2025-2492

•

by Kristina Beek, Associate Editor, Dark Reading / 1d

The vulnerability is only found in the vendor's router series and can be triggered by an attacker using a crafted request — all of which helps make it a highly critical vulnerability with a 9.2 CVSS score.

The Global AI Race: Balancing Innovation and Security

by Chuck Herrin / 1d

The AI security race is on — and it will be won where defenders come together with developers and researchers to do things right.

Apr 18, 2025

Could Ransomware Survive Without Cryptocurrency?

by Arielle Waldman / 4d

Threat actors would be at least temporarily derailed, experts say. But the real issue ladders back to organizations’ weak cyber hygiene.

AWWA Supports Introduction of Collaborative Cybersecurity Legislation

4d

[no content]

Organizations Fix Less Than Half of All Exploitable Vulnerabilities, With Just 21% of GenAI App Flaws Resolved

Organizations neglect vulnerability patching

•

4d

[no content]

Attackers and Defenders Lean on AI in Identity Fraud Battle

by Robert Lemos, Contributing Writer / 4d

Identity verification, insurance claims, and financial services are all seeing surges in AI-enabled fraud, but organizations are taking advantage of AI systems to fight fire with fire.

Chinese APT Mustang Panda Debuts 4 New Attack Tools

14 TTPs

•

by Nate Nelson, Contributing Writer / 4d

The notorious nation-state-backed threat actor has added two new keyloggers, a lateral movement tool, and an endpoint detection and response (EDR) evasion driver to its arsenal.

CISA Weighs In on Alleged Oracle Cloud Breach

2 TTPs

•

by Kristina Beek, Associate Editor, Dark Reading / 4d

The agency is recommending that organizations and individuals implement its recommendations to prevent the misuse of stolen data, though Oracle has yet to publicly do the same for its customers.

Apple Zero-Days Under 'Sophisticated Attack,' but Details Lacking

2 TTPs

•

by Rob Wright / 4d

The technology giant said two zero-day vulnerabilities were used in attacks on iOS devices against "specific targeted individuals," which suggests spyware or nation-state threat activity.

If Boards Don't Fix OT Security, Regulators Will

by Warren O’Driscoll / 5d

Around the world, governments are setting higher-bar regulations with clear corporate accountability for breaches on the belief organizations won't drive up security maturity for operational technology unless they're made to.

PromptArmor Launches to Help Assess, Monitor Third-Party AI Risks

by Arielle Waldman / 5d

The AI security startup has already made waves with critical vulnerability discoveries and seeks to address emerging AI concerns with its PromptArmor platform.

Apr 17, 2025

Dogged by Trump, Chris Krebs Resigns From SentinelOne

26by Nate Nelson, Contributing Writer / 5d

The president revoked the former CISA director's security clearance, half a decade after Krebs challenged right-wing election disinformation, prompting his eventual resignation.

Android Phones Pre-Downloaded With Malware Target User Crypto Wallets

Malware on cheap Android steals crypto

•

by Kristina Beek, Associate Editor, Dark Reading / 5d

The threat actors lace pre-downloaded applications with malware to steal cryptocurrency by covertly swapping users' wallet addresses with their own.

CVE Program Cuts Send the Cyber Sector Into Panic Mode

by Becky Bracken, Senior Editor, Dark Reading / 5d

After threatening to slash support for the CVE program, CISA threw MITRE a lifeline at the last minute — extending its government contract for another 11 months. After that, it looks like it's up to the private sector to find the cash to keep it going.

Cybersecurity by Design: When Humans Meet Technology

by Matthew Warner / 6d

If security tools are challenging to use, people will look for workarounds to get around the restrictions.

NIST Updates Privacy Framework With AI and Governance Revisions

NIST updates Privacy Framework guidelines

•

by Arielle Waldman / 6d

Changes aim to tighten integration with the National Institute of Standards and Technology's Cybersecurity Framework and help organizations develop a stronger posture to handle privacy risks.

Apr 16, 2025

Middle East, North Africa Security Spending to Top $3B

by Nate Nelson, Contributing Writer / 6d

Gartner projects IT security spending in the MENA region will continue to increase in 2025, with security services accounting for the most growth.

GPS Spoofing Attacks Spike in Middle East, Southeast Asia

IAF aircraft face GPS spoofing

•

by Robert Lemos, Contributing Writer / 6d

An Indian disaster-relief flight delivering aid is the latest air-traffic incident, as attacks increase in the Middle East and Myanmar and along the India-Pakistan border.

Multiple Groups Exploit NTLM Flaw in Microsoft Windows

8 TTPs

•

by Jai Vijayan, Contributing Writer / 6d

The attacks have been going on since shortly after Microsoft patched the vulnerability in March.

China-Linked Hackers Lay Brickstorm Backdoors on Euro Networks

14 TTPs

•

by Rob Wright, Senior News Director, Dark Reading / 6d

•

BRICKSTORM malware targets European industries

Researchers discovered new variants of the malware, which is tied to a China-nexus threat group, targeting Windows environments of critical infrastructure networks in Europe.

Ransomware gang 'CrazyHunter' Targets Critical Taiwanese Orgs

5 TTPs

•

by Alexander Culafi, Senior News Writer, Dark Reading / 6d

•

CrazyHunter targets Taiwan's critical sectors

Trend Micro researchers detailed an emerging ransomware campaign by a new group known as "CrazyHunter" that is targeting critical sectors in Taiwan.

Patch Now: NVIDIA Flaws Expose AI Models, Critical Infrastructure

4 TTPs

•

by Elizabeth Montalbano, Contributing Writer / 6d

A fix for a critical flaw in a tool allowing organizations to run GPU-accelerated containers released last year did not fully mitigate the issue, spurring the need to patch a secondary flaw to protect organizations that rely on NVIDIA processors for AI workloads.

Cloud, Cryptography Flaws in Mobile Apps Leak Enterprise Data

Mobile apps expose sensitive data

•

by Elizabeth Montalbano, Contributing Writer / 6d

Cloud misconfigurations and cryptography flaws plague some of the top apps used in work environments, exposing organizations to risk and intrusion.

Active Directory Recovery Can't Be an Afterthought

by Dan Conrad / 7d

Active Directory is one of the most vulnerable access points in an organization's IT environment. Companies cannot wait for a real attack to pressure-test their AD recovery strategy.

Accounting Firms Can't Skimp on Cybersecurity

7d

Cybercriminals capitalize on tax preparation stress, technology sprawl, and lax communications. Accounting teams can't afford to treat cybersecurity as an afterthought.