Author: DarkReading

US Sanctions Chinese Hacker & Firm for Treasury, Critical Infrastructure Breaches
Summary: The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned Yin Kecheng, a cyber actor from Shanghai, and Sichuan Juxinhe Network Technology for their involvement in cyber breaches affecting U.S. networks. These actions are part of ongoing efforts to combat cyber threats from the People’s Republic of China and its state-backed groups.…
Read More
Employees Enter Sensitive Data Into GenAI Prompts Far Too Often
Summary: Research by Harmonic highlights the significant risks associated with employees sharing sensitive data through generative AI (GenAI) tools. With 8.5% of analyzed prompts containing sensitive information, the study reveals that customer data is the most frequently exposed category. Organizations face a dilemma between leveraging GenAI for efficiency and protecting sensitive information from potential breaches.…
Read More
Leveraging Behavioral Insights to Counter LLM-Enabled Hacking
Summary: The commentary explores how the evolution of hacking has shifted from technical implementation to creative ideation, particularly with the rise of automated tools and large language models (LLMs). It discusses the implications of this shift for both attackers and defenders in cybersecurity, emphasizing the need for a deeper understanding of creative processes in devising new cyberattacks.…
Read More
Russian APT Phishes Kazakh Gov’t for Strategic Intel
Summary: A suspected Russia-nexus threat actor, UAC-0063, has been conducting spear phishing attacks targeting diplomatic entities in Kazakhstan, linked to the notorious APT28 group. These operations aim to collect intelligence from various organizations in Eastern Europe and Central Asia, particularly in the context of Kazakhstan’s evolving diplomatic relations.…
Read More
Karl Triebes Joins Ivanti as Chief Product Officer
Summary: Fortified Health Security has released its 2025 Horizon Report, highlighting significant cybersecurity challenges and trends in the healthcare sector. The report emphasizes the increase in cyberattacks, the impact of AI, and the importance of collaboration among healthcare organizations to mitigate risks. Key statistics reveal a rise in exposed patient records and the evolving tactics of threat actors.…
Read More
FTC Orders GoDaddy to Fix Inadequate Security Practices
Summary: The Federal Trade Commission (FTC) has mandated GoDaddy to enhance its security practices due to inadequate measures that led to multiple security breaches from 2019 to 2022. The FTC’s complaint highlights GoDaddy’s failure to protect customer data and misrepresentation of its security capabilities. As a result, GoDaddy must implement a comprehensive security program and undergo regular independent reviews.…
Read More
Biden’s Cybersecurity EO Leaves Trump a Comprehensive Blueprint for Defense
Summary: President Biden’s new cybersecurity executive order outlines a robust cyber-defense strategy to address national threats, particularly from China and vulnerabilities in the software supply chain. The order aims to ensure a smooth transition to the incoming Trump administration while emphasizing the importance of bipartisan cooperation in cybersecurity.…
Read More
Risk, Reputational Scores Enjoy Mixed Success as Security Tools
Summary: Companies are increasingly relying on various metrics and scoring systems to evaluate their cybersecurity efforts, but these systems often fall short of providing a complete picture of security risk. While tools like CVSS and security posture ratings are gaining traction, they face criticism for their subjective nature and potential to misrepresent security status.…
Read More
Strategic Approaches to Threat Detection, Investigation & Response
Summary: The digital era presents both opportunities and challenges, with sophisticated cyber threats like ransomware and phishing campaigns posing significant risks to organizations. Threat Detection, Investigation, and Response (TDIR) has emerged as a vital strategy in modern cybersecurity, integrating advanced technologies and skilled professionals to enhance threat management.…
Read More
Trusted Apps Sneak a Bug Into the UEFI Boot Process
Summary: A vulnerability in several trusted system recovery programs allows privileged attackers to inject malware into the UEFI startup process. The issue, identified as CVE-2024-7344, arises from the use of a custom loader in the “reloader.efi” file, enabling the loading of unsigned binaries. This flaw poses significant risks, as it can bypass UEFI Secure Boot protections, allowing persistent malware installation.…
Read More
Attackers Hijack Google Advertiser Accounts to Spread Malware
Summary: Multiple threat actors are impersonating Google Ads login pages to deceive advertisers into revealing their credentials. This sophisticated malvertising campaign has led to the hijacking of accounts, which are then used to distribute malicious advertisements and malware. Researchers have labeled this operation as one of the most egregious malvertising campaigns ever tracked, affecting thousands of customers globally.…
Read More
North Korea’s Lazarus APT Evolves Developer-Recruitment Attacks
Summary: North Korea’s Lazarus group has initiated a new campaign, dubbed Operation 99, targeting software developers through deceptive job postings on LinkedIn. The attackers lure victims into downloading malicious Git repositories that steal sensitive data, including source code and cryptocurrency. This sophisticated operation showcases the group’s evolving tactics, including the use of AI-generated profiles to enhance credibility and deception.…
Read More
CISA: Second BeyondTrust Vulnerability Added to KEV Catalog
Summary: The Cybersecurity and Infrastructure Security Agency (CISA) has urged federal agencies to address a command injection vulnerability, CVE-2024-12686, linked to BeyondTrust’s Remote Support services. This medium-severity flaw was identified following a significant data breach at the US Treasury Department, attributed to the Chinese hacking group Silk Typhoon.…
Read More
As Tensions Mount With China, Taiwan Sees Surge in Cyberattacks
Summary: In 2024, China’s cyber-operations groups significantly escalated their attacks on Taiwanese organizations, particularly targeting government and telecommunications sectors, resulting in over 2.4 million daily attack attempts. The Taiwanese National Security Bureau reported a 20% increase in successful attacks compared to the previous year, highlighting the aggressive tactics employed by China in cyberspace.…
Read More
Microsoft Rings in 2025 With Record Security Update
Summary: Microsoft’s January update addresses a record 159 vulnerabilities, including eight zero-day bugs, with three actively exploited privilege escalation vulnerabilities requiring immediate attention. This update marks Microsoft’s largest ever and highlights the role of AI in identifying vulnerabilities.

Threat Actor: Unknown | unknown Victim: Microsoft Technologies | Microsoft Technologies

Key Point :

January update includes patches for 159 vulnerabilities, with 10 rated as critical.…
Read More