Cybercriminals Use Atlantis AIO to Target 140+ Platforms – Source: www.infosecurity-magazine.com https://ciso2ciso.com/cybercriminals-use-atlantis-aio-to-target-140-platforms-source-www-infosecurity-magazine-com/ #rssfeedpostgeneratorecho #InfoSecurityMagazine #InfosecurityMagazine #CyberSecurityNews #cybercriminals

Cybercriminals Exploit CheckPoint Antivirus Driver in Malicious Campaign – Source: www.infosecurity-magazine.com https://ciso2ciso.com/cybercriminals-exploit-checkpoint-antivirus-driver-in-malicious-campaign-source-www-infosecurity-magazine-com/ #rssfeedpostgeneratorecho #InfoSecurityMagazine #InfosecurityMagazine #CyberSecurityNews #cybercriminals

Cybercriminals Taking Advantage of ‘Shadow’ Alliances, AI – Source: www.darkreading.com https://ciso2ciso.com/cybercriminals-taking-advantage-of-shadow-alliances-ai-source-www-darkreading-com/ #rssfeedpostgeneratorecho #DarkReadingSecurity #CyberSecurityNews #cybercriminals #DARKReading

Many industrial facilities now rely on interconnected systems to improve operations. However, when previously isolated Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) are connected to public internet-facing applications it creates new #cybersecurity risk. To protect ICS and SCADA systems from cyber threats, it's important to understand how these technologies fit into your environment and why #cybercriminals target them.

Read this article to learn more about:
ICS
SCADA
The differences between OT, ICS, and SCADA
How a SCADA system works
The types of data SCADA systems collect
How cybercriminals attack ICS and SCADA systems
Best practices for securing ICS and SCADA systems
Enabling Security Monitoring for ICS and SCADA

https://graylog.org/post/understanding-cybersecurity-for-scada/ #cyberthreats

Threat actors are increasingly using cloud services to identify the data they intend to exfiltrate or ransom. Cloud native development, containers, and microservices allow dev teams to quickly deploy new builds. But, they also lead to a higher potential for misconfiguration. And where there are misconfigurations there are vulnerabilities that leave openings for threat actors.

So, what can #security teams do about this? They can shine a spotlight on what’s in their #API traffic! Once you know how #cybercriminals are accessing sensitive data, you can stop them from gaining access to it.

Critical security steps need to happen before data exfiltration does. Learn more about predicting risk and closing your vulnerability gap, in this article by #Graylog's Seth Goldhammer.

https://securityboulevard.com/2025/03/reading-the-data-breach-tea-leaves-preventing-data-exfiltration-before-it-happens/ #cybersecurity #APIsecurity #infosec

Cybercriminals Exploit CSS to Evade Spam Filters and Track Email Users’ Actions – Source:thehackernews.com https://ciso2ciso.com/cybercriminals-exploit-css-to-evade-spam-filters-and-track-email-users-actions-sourcethehackernews-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #cybercriminals #TheHackerNews

DATE: March 17, 2025 at 08:57AM
SOURCE: HEALTHCARE INFO SECURITY

Direct article link at end of text block below.

What makes #healthplans attractive targets for #cybercriminals? https://t.co/jgYPLXmaOU

Here are any URLs found in the article text:

https://t.co/jgYPLXmaOU

Articles can be found by scrolling down the page at https://www.healthcareinfosecurity.com/ under the title "Latest"

-------------------------------------------------

Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org

Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.

-------------------------------------------------

#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

The AI race: Dark AI is in the lead, but good AI is catching up https://www.bleepingcomputer.com/news/security/the-ai-race-dark-ai-is-in-the-lead-but-good-ai-is-catching-up/

Loll!!!!

#X (Twitter) was hit by a massive #cyberattack today. The IP addresses of the #cybercriminals are located in #Ukraine, - Elon #Musk

“Dark Storm” took credit for the attack. They aren’t in Ukraine.

When users visit a website that requests permission to send notifications, they may unknowingly grant scammers a powerful tool. #Cybercriminals take advantage of this by tricking users into accepting notifications. Once accepted, users are bombarded with misleading messages that redirect them to fraudulent content. #cybersecurity
https://ciso2ciso.com/what-happens-when-push-notifications-go-malicious-sourcehackread-com/

Scammers take over social media https://www.helpnetsecurity.com/2025/03/05/social-media-scams-video/ #Artificialintelligence #cybercriminals #cybersecurity #socialmedia #GenDigital #Don'tmiss #Hotstuff #Video #scams #video

When we started recording podcasts, Sean Martin and I put writing on pause for a bit—but now it’s back, not just in our individual newsletters but also in our event coverage. I enjoy writing, and I plan to do even more with my Musings on Society & #Technology newsletter here on LinkedIn.

That said…

Here’s my final article (#4) from the ITSPmagazine Podcasts coverage of ThreatLocker’s Zero Trust World 2025 (#ZTW25). In this piece, I reflect on the intersection of society, cybersecurity, innovation, and disruption, inspired by the final keynote from Reggie Fils-Aime, former President and COO of #Nintendo.

"The Disruptive Edge: Innovation, #Cybersecurity, and the Future of a #ZeroTrust Society."

Throughout our coverage, we tackled the evolution of cyber threats, the dark web, supply chain security, #cybercriminals tactics, and now, in this final piece, we turn our focus to the bigger picture.

From Reggie Fils-Aime’s insights on disciplined, disruptive innovation to Danny Jenkins’ closing words on embedding security into everything we build, the event left us with one key question: Is innovation moving too fast for security to keep up, or are we finally embedding security at the core of progress?

For centuries, innovation was slow. Then came the Industrial Revolution, and today, we live in an era of hyper-acceleration, where disruption isn’t a choice—it’s a given. #AI, #automation, and cybersecurity threats evolve faster than we can regulate or adapt. But is this pace making us stronger, or is security still an afterthought?

Are we innovating responsibly?
Are we embedding security into progress?
Are we disrupting for the right reasons?

Huge thanks to #ThreatLocker for bringing us together in Orlando for these critical discussions and to the incredible speakers who shaped our coverage.

As Danny Jenkins put it best:
"Security isn’t a feature you add later—it’s the foundation of everything we build."

Check out the full article and join the conversation: https://www.itspmagazine.com/event-coverage-posts/the-disruptive-edge-innovation-cybersecurity-and-the-future-of-a-zero-trust-society

Here is all (A LOT) our content from the event:
https://www.itspmagazine.com/zero-trust-world-2025-cybersecurity-and-zero-trust-event-coverage-orlando-florida

Enjoy, comment, and share!

David Coovert

Cybercriminals Use Eclipse Jarsigner to Deploy XLoader Malware via ZIP Archives – Source:thehackernews.com https://ciso2ciso.com/cybercriminals-use-eclipse-jarsigner-to-deploy-xloader-malware-via-zip-archives-sourcethehackernews-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #cybercriminals #TheHackerNews

Cybercriminals Exploit Onerror Event in Image Tags to Deploy Payment Skimmers – Source:thehackernews.com https://ciso2ciso.com/cybercriminals-exploit-onerror-event-in-image-tags-to-deploy-payment-skimmers-sourcethehackernews-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #cybercriminals #TheHackerNews

Cybercriminals Use Go Resty and Node Fetch in 13 Million Password Spraying Attempts – Source: www.proofpoint.com https://ciso2ciso.com/cybercriminals-use-go-resty-and-node-fetch-in-13-million-password-spraying-attempts-source-www-proofpoint-com/ #ProofpointThreatInsights #rssfeedpostgeneratorecho #CyberSecurityNews #cybercriminals #Proofpoint

@dianasusanti : w.r.t. Indonesian speaking people, the image below that I just made shows another fake site - which will look familiar to Android users.

Note that it has a website certificate submitted by "Google Trust Services" while the site hides behind a Cloudflare IP-address.

It is not surprising that people fall for this, as (for example), to log in to Microsoft you have to go to:

https:⧸⧸login.microsoftonline.com

Instead of, any of, for example:

https:⧸⧸login.microsoft.com
https:⧸⧸login.365.microsoft.com
https:⧸⧸login.office.microsoft.com

Another scamwebsite:

https:⧸⧸lîdl·be/login

Note the î instead of the i.

P.S. I'm using
· instead of . and
⧸ instead of /
to prevent accidental opening.

8Base ransomware group leaders arrested, leak site seized https://www.helpnetsecurity.com/2025/02/11/8base-ransomware-group-leaders-arrested-leak-site-seized-phobos/ #cybercriminals #lawenforcement #ransomware #Don'tmiss #Hotstuff #Europol #arrest #News

Cybercriminals Weaponize Graphics Files in Phishing Attacks – Source: www.infosecurity-magazine.com https://ciso2ciso.com/cybercriminals-weaponize-graphics-files-in-phishing-attacks-source-www-infosecurity-magazine-com/ #rssfeedpostgeneratorecho #InfoSecurityMagazine #InfosecurityMagazine #CyberSecurityNews #cybercriminals