Cyber Insights 2025: Cyber Threat Intelligence
SecurityWeek’s Cyber Insights 2025 examines expert opinions on the expected evolution of more than a dozen areas of cybersecurity interest over the next 12 months. We spoke to hundreds of individual experts to gain their expert opinions. Here we discuss what to expect with Cyber Threat Intelligence (CTI). CTI is valuable and beneficial to cybersecurity, […]
Read More
SAP Patches Critical Vulnerabilities in NetWeaver
Enterprise software maker SAP on Tuesday announced the release of 14 new security notes as part of its January 2025 Patch Day. The most important of the notes are marked ‘hot news’ (the highest SAP severity rating) and address two critical vulnerabilities in NetWeaver AS for ABAP and ABAP Platform, both with a CVSS score […]
Read More
Western Security Agencies Share Advice on Selecting OT Products
CISA and several other Western security agencies have published guidance to help operational technology (OT) owners and operators select secure products. The authoring agencies warn that threat actors are targeting particular OT products rather than specific organizations, pointing out that vulnerable OT products can grant attackers access to the systems of multiple victims across various […]
Read More
Compromised AWS Keys Abused in Codefinger Ransomware Attacks
A threat actor has been observed abusing compromised AWS keys to encrypt data in S3 buckets and demand a ransom payment in exchange for the encryption keys, cybersecurity firm Halcyon reports. As part of the identified attacks, the threat actor, tracked as Codefinger, relies on stolen credentials and on AWS’s Server-Side Encryption with Customer Provided […]
Read More
CISA Warns of Second BeyondTrust Vulnerability Exploited in Attacks
The US cybersecurity agency CISA is urging federal agencies to patch a second vulnerability in BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) enterprise solutions, based on evidence of active exploitation. Tracked as CVE-2024-12686, the flaw is a medium-severity command injection issue that was discovered during BeyondTrust’s investigation into the compromise of a limited […]
Read More
Many Ivanti VPNs Still Unpatched as UK Domain Registry Emerges as Victim of Exploitation
A significant number of Ivanti VPNs are still exposed to attacks exploiting a recent vulnerability, and the UK domain registry Nominet has emerged as a victim of exploitation. Ivanti recently released patches for its Connect Secure VPN appliances to address CVE-2025-0282, a critical zero-day that allows remote, unauthenticated attackers to execute arbitrary code. When it […]
Read More
Infostealer Infections Lead to Telefonica Ticketing System Breach
Information stealer malware allowed threat actors to compromise the credentials of multiple Telefonica employees and access the telecommunication giant’s internal ticketing system. The data breach came to light last week, after members of the Hellcat ransomware group (which previously claimed the attack on Schneider Electric) boasted on the BreachForums cybercrime forum about stealing customer data, […]
Read More
AI Won’t Take This Job: Microsoft Says Human Ingenuity Crucial to Red-Teaming
As security pros worry about AI taking their jobs, researchers at Microsoft insist that effective red-teaming still relies on human expertise, cultural awareness, and emotional intelligence — qualities that can’t be replicated by machines. The software giant says its AI red team rigorously tested more than 100 generative AI products and determined that human ingenuity […]
Read More
Infostealer Masquerades as PoC Code Targeting Recent LDAP Vulnerability
Threat actors are distributing information stealer malware masquerading as proof-of-concept (PoC) exploit code targeting a recent Windows Lightweight Directory Access Protocol (LDAP) vulnerability. Tracked as CVE-2024-49113 (CVSS score of 7.5) and leading to denial-of-service (DoS), the security defect was addressed on December 10 along with over 70 flaws, including a critical LDAP bug (CVE-2024-49112) that […]
Read More
US Charges 3 Russians for Operating Cryptocurrency Mixers Used by Cybercriminals
The US Justice Department announced on Friday charges against three Russian nationals accused of operating two cryptocurrency mixers that were used for money laundering, including by ransomware groups. Charges of conspiracy to commit money laundering and operating an unlicensed money transmitting business were announced against Roman Vitalyevich Ostapenko, Alexander Evgenievich Oleynik, and Anton Vyachlavovich Tarasov. […]
Read More