Latest CyberSec News by @thecyberpicker

Google announced including quantum-safe digital signatures in Cloud KMS and Cloud HSM following NIST's latest PQC standards.

This report provides statistics on vulnerabilities and exploits and discusses the most frequently exploited vulnerabilities in Q4 2024.

Europe is hit hard as geopolitics drives increase in state-backed APT and hacktivist activity

U.S. CISA adds Microsoft Partner Center and Synacor Zimbra Collaboration Suite flaws to its Known Exploited Vulnerabilities catalog.

The rise of AI co-pilots is exposing a critical security gap: sensitive data sprawl and excessive access permissions. Related: Weaponizing Microsoft's co-pilot Until now, lackluster enterprise search capabilities kept many security risks in check—employees simply couldn’t find much of the data they were authorized to access. But Microsoft Copilot changes the game, turbocharging enterprise search

Microsoft has released the February 2025 preview cumulative update for Windows 11 24H2, with 33 improvements and fixes for multiple issues, including SSH and File Explorer bugs and the volume jumping to 100% when waking the PC from sleep.

Microsoft has introduced a new Windows 11 24H2 upgrade block for systems with AutoCAD 2022, addressing compatibility issues that prevent the program from launching.

CISA adds Microsoft Partner Center and Zimbra ZCS flaws to its KEV catalog, citing active exploitation. Federal agencies must patch by March 18 to mit

​The Have I Been Pwned data breach notification service has added over 284 million accounts stolen by information stealer malware and found on a Telegram channel.

Mozilla has renewed its promise to continue supporting Manifest V2 extensions alongside Manifest V3, giving users the freedom to use the extensions they want in their browser.

Microsoft has fixed an issue that caused Entra ID DNS authentication failures when using the company's Seamless SSO and Microsoft Entra Connect Sync.

A malware campaign dubbed GitVenom uses hundreds of GitHub repositories to trick users into downloading info-stealers, remote access trojans (RATs), and clipboard hijackers to steal crypto and credentials.

Troy Edgar told lawmakers that the Cyber Safety Review Board, which was investigating the Salt Typhoon hack, was “going in the wrong direction.”

The amount stolen last week surpasses what the group was able to steal in all of 2024.

​​Microsoft has released the optional KB5052077 preview cumulative update for Windows 10 22H2 with nine bug fixes and changes, including a fix for a longstanding known issue that breaks SSH connections.

In an unusual public disclosure, the Russian government said that subsidiaries of LANIT, a major tech services provider, had potentially been breached.

A letter from a trio of lawmakers says the group has “left multiple government agencies vulnerable to cyberattacks” from foreign entities.

Cary, NC, Feb. 25, 2025, CyberNewswire -- INE, the leading provider of networking and cybersecurity training and certifications, today announced its recognition as an enterprise and small business leader in online course providers and cybersecurity professional development, along with its designation as the recipient of G2’s 2025 Best Software Awards for Education Products. This category

DISA Global Solutions, a leading US background screening and drug and alcohol testing firm, has suffered a data breach impacting 3.3 million people.

A previously undocumented Linux backdoor dubbed 'Auto-Color' was observed in attacks between November and December 2024, targeting universities and government organizations in North America and Asia.

It looks like a very sophisticated attack against the Dubai-based exchange Bybit: Bybit officials disclosed the theft of more than 400,000 ethereum and staked ethereum coins just hours after it occurred. The notification said the digital loot had been stored in a “Multisig Cold Wallet” when, somehow, it was transferred to one of the exchange’s hot wallets. From there, the cryptocurrency was transferred out of Bybit altogether and into wallets controlled by the unknown attackers. […] …a subsequent investigation by Safe found no signs of unauthorized access to its infrastructure, no compromises of other Safe wallets, and no obvious vulnerabilities in the Safe codebase. As investigators continued to dig in, they finally settled on the true cause. Bybit ultimately said that the fraudulent transaction was “manipulated by a sophisticated attack that altered the smart contract logic and masked the signing interface, enabling the attacker to gain control of the ETH Cold Wallet.”...

Ghostwriter deploys malware-laced Excel files, steganography, and obfuscated macros to target Ukraine and Belarus.

LightSpy malware now supports 100+ commands across platforms, targeting Facebook and Instagram data while expanding operational control.

C'est pour l'instant une hypothèse qui a tout d'un coup de pression. Mais c'est une éventualité désormais sur la table. Les services VPN pourraient décider de quitter la France, en raison d'un contexte qui, selon eux, devient trop défavorable. Entre les lignes, ils critiquent surtout Canal+ et sa politique de lutte

Researchers previously warned of exploitation attempts after the release of a proof of concept.

DISA Global Solutions, a leading US background screening and drug and alcohol testing firm, has suffered a data breach impacting 3.3 million people.

61% of hackers use new exploit code within 48 hours, ransomware remains top threat in 2024

Reports said the dairy company Sayanmoloko's plant in Semyonishna was attacked with LockBit ransomware, possibly because of its support for Russian troops in Ukraine. Company printers reportedly churned out leaflets.

Ghostwriter cyber-attack targets Ukrainian, Belarusian opposition using weaponized Excel documents

The European Union sanctioned the leader of North Korea-linked APT groups for aiding Russia in its war against Ukraine.