Amit Yoran, Visionary Cybersecurity Leader and Entrepreneur, Dies at 54
Amit Yoran, CEO and Chairman of Tenable Holdings, passed away at 54 following a battle with cancer, the company announced Friday. Yoran, a transformational figure in cybersecurity, led Tenable through its successful IPO in 2018 and significantly shaped the industry’s response to emerging threats. His storied career included founding NetWitness, serving as RSA Security’s President, and directing the U.S. Homeland Security Department’s National Cyber Security Division in 2003. Yoran’s insights graced news outlets like CNN, where he tackled critical issues such as data security. His legacy endures in the innovations he inspired and the professionals he mentored. Learn more.
FireScam Malware Targets Android Users with Spyware and Infostealer Capabilities
A new Android malware named FireScam has been discovered, masquerading as the ‘Telegram Premium’ app, security firm Cyfirma reports. Distributed via phishing websites mimicking the RuStore app store, FireScam exploits permissions to harvest sensitive data, track user behavior, and establish persistence. Its advanced evasion techniques include leveraging Firebase services and deploying a backdoor for communication with command-and-control servers. Cyfirma warns that FireScam highlights a growing trend in mobile spyware sophistication. Stay informed on best practices for Android security. Full report.
Exploit Code Released for Critical Windows LDAP Vulnerability
SafeBreach has published a proof-of-concept (PoC) exploit targeting a denial-of-service (DoS) vulnerability in Windows Lightweight Directory Access Protocol (LDAP), tracked as CVE-2024-49113 (CVSS score: 7.5). This joins another critical RCE flaw in LDAP (CVE-2024-49112, CVSS score: 9.8), patched in December 2024. While unexploited so far, these vulnerabilities expose unpatched Windows servers to severe risks, including potential domain-wide compromise. Administrators are urged to patch immediately and monitor DNS queries and CLDAP responses for signs of intrusion. Read more.
U.S. Sanctions Russian, Iranian Groups for Disinformation Targeting Elections
The U.S. Treasury has sanctioned Russian and Iranian organizations for orchestrating disinformation campaigns aimed at dividing American voters ahead of the elections. These operations employed deepfakes, fake news sites, and AI-generated content to manipulate narratives. Officials emphasized the importance of protecting democratic processes from foreign interference. Learn how these sanctions aim to curb malicious influence. Details here.
New York Hospital Ransomware Attack Exposes 670,000 Patients’ Data
Richmond University Medical Center in Staten Island confirmed a ransomware attack affecting over 670,000 individuals. Sensitive information, including Social Security numbers, medical records, and payment data, was compromised. Although the hospital’s EHR systems were spared, the breach underscores the healthcare sector’s vulnerability to sophisticated attacks. Impacted individuals are being offered free credit monitoring. More information.
Apple to Pay $95 Million in Siri Eavesdropping Lawsuit Settlement
Apple has agreed to a $95 million settlement following allegations that Siri inadvertently recorded user conversations without consent. Although Apple denies wrongdoing, the funds will compensate affected users. This case underscores privacy concerns surrounding virtual assistants and highlights the growing scrutiny on tech giants. Details.
U.S. Army Soldier Arrested in Connection with AT&T, Verizon Hacks
Cameron John Wagenius, a U.S. Army soldier, has been arrested for allegedly leaking confidential call records from AT&T and Verizon. Known online as “Kiberphant0m,” Wagenius faces charges tied to the Snowflake hacking campaign, which targeted major corporations. The arrest signals a crackdown on insider threats and telecommunications vulnerabilities. Full story.
Myanmar Enacts Cybersecurity Law Curtailing Digital Freedoms
Myanmar’s military government has passed a cybersecurity law requiring service providers to store user data for three years and banning VPNs without approval. Critics argue the law erodes privacy and freedom of expression, further tightening the junta’s control over digital spaces. Human rights groups are urging international action to counter these measures. Analysis.
Krispy Kreme Recovers from Cyberattack, Restores Online Ordering
Krispy Kreme’s online ordering system is back after resolving disruptions caused by a November cyberattack. The attack underscores the increasing threat to the foodservice industry. The company is rolling out New Year’s deals to thank customers for their patience. Learn more.
Generative AI in 2025: Innovation, Risks, and Regulation
Industry experts predict generative AI will revolutionize content creation, cybersecurity, and productivity in 2025. However, the rising misuse of AI, including deepfakes and sophisticated phishing campaigns, calls for stringent ethical guidelines and robust security measures. Explore the implications for industries and individuals in the year ahead. Insights.
Nikki-Universal Faces Ransomware Attack, 761.8 GB of Data Compromised
Chemical manufacturer Nikki-Universal Co. Ltd. has confirmed a ransomware attack, with hackers claiming to have stolen over 760 GB of data. The group, Hunters International, has set a ransom deadline, threatening to release the files publicly. This incident highlights the growing prevalence of ransomware and the need for enhanced corporate cybersecurity. Details.
Industrial Cybersecurity: Coalitions Form to Counter OT/ICS Threats
As OT/ICS cyber threats rise, global coalitions like the ISA Global Cybersecurity Alliance are enhancing awareness, standardization, and knowledge sharing. Collaborative initiatives aim to protect critical infrastructure from disruptions, ensuring resilience against evolving attacks. Read more.
New AI Jailbreak Method Raises Alarm
Palo Alto Networks has identified a new AI jailbreak technique, “Bad Likert Judge,” which increases attack success rates by 60%. This method exploits large language models’ safety guardrails to generate harmful content. The findings stress the importance of robust content filtering for AI deployments. Full report.
Quasar RAT Deployed via Malicious NPM Package
Researchers discovered a malicious npm package deploying the Quasar RAT, targeting Ethereum developers. The obfuscated package compromises Windows systems, enabling remote access and data exfiltration. Developers are urged to scrutinize dependencies and prioritize secure coding practices. Learn more.