ThreatsHub Cybersecurity News

PLUS: Pacific islands targeted by Chinese APT; China’s new rocket soars; DeepSeek puts Korea in a pickle; and more Asia In Brief The head of Fujitsu’s North American operations has warned that the Trump administration’s tariff plans will be bad for business.… READ MORE HERE…

The Register

February 15, 2025 TH Author

Nearly 10 years after Data and Goliath, Bruce Schneier says: Privacy’s still screwed

‘In 50 years, I think we’ll view these business practices like we view sweatshops today’ Interview It has been nearly a decade since famed cryptographer and privacy expert Bruce Schneier released the book Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World – an examination of how government agencies and tech giants exploit personal data. Today, his predictions feel eerily accurate.… READ MORE HERE…

The Register

February 15, 2025 TH Author

If you dread a Microsoft Teams invite, just wait until it turns out to be a Russian phish

Roses aren’t cheap, violets are dear, now all your access token are belong to Vladimir Digital thieves – quite possibly Kremlin-linked baddies – have been emailing out bogus Microsoft Teams meeting invites to trick victims in key government and business sectors into handing over their authentication tokens, granting access to emails, cloud data, and other sensitive information.… READ MORE HERE…

The Register

February 14, 2025 TH Author

SonicWall firewalls now under attack: Patch ASAP or risk intrusion via your SSL VPN

Roses are red, violets are blue, CVE-2024-53704 is sweet for a ransomware crew Miscreants are actively abusing a high-severity authentication bypass bug in unpatched internet-facing SonicWall firewalls following the public release of proof-of-concept exploit code.… READ MORE HERE…

The Register

February 14, 2025 TH Author

Critical PostgreSQL bug tied to zero-day attack on US Treasury

High-complexity bug unearthed by infoseccers, as Rapid7 probes exploit further A high-severity SQL injection bug in the PostgreSQL interactive tool was exploited alongside the zero-day used to break into the US Treasury in December, researchers say.… READ MORE HERE…

The Register

February 14, 2025 TH Author

2 charged over alleged New IRA terrorism activity linked to cops’ spilled data

Officer says mistakenly published police details were shared ‘a considerable amount of times’ Two suspected New IRA members were arrested on Tuesday and charged under the Terrorism Act 2000 after they were found in possession of spreadsheets containing details of staff that the Police Service of Northern Ireland (PSNI) mistakenly published online.… READ MORE HERE…

Microsoft Secure

February 14, 2025 TH Author

Storm-2372 conducts device code phishing campaign

Microsoft Threat Intelligence Center discovered an active and successful device code phishing campaign by a threat actor we track as Storm-2372. Our ongoing investigation indicates that this campaign has been active since August 2024 with the actor creating lures that resemble messaging app experiences including WhatsApp, Signal, and Microsoft Teams. Storm-2372’s targets during this time have included government, non-governmental organizations (NGOs), information technology (IT) services and technology, defense, telecommunications, health, higher education, and energy/oil and gas in Europe, North America, Africa, and the Middle East. Microsoft assesses with medium confidence that Storm-2372 aligns with Russian interests, victimology, and tradecraft.
The post Storm-2372 conducts device code phishing campaign appeared first on Microsoft Security Blog. READ MORE HERE…

The Register

February 13, 2025 TH Author

More victims of China’s Salt Typhoon crew emerge: Telcos just now hit via Cisco bugs

Networks in US and beyond compromised by Beijing’s super-snoops pulling off priv-esc attacks China’s Salt Typhoon spy crew exploited vulnerabilities in Cisco devices to compromise at least seven devices linked to global telecom providers and other orgs, in addition to its previous victim count.… READ MORE HERE…

ZDNet | Security

February 13, 2025 TH Author

How to find your BitLocker recovery key – and save a secure backup copy before it’s too late

BitLocker encryption is a great way to stop a thief from accessing your business and personal secrets. But don’t let the tool lock you out of your PC.READ MORE HERE…

Microsoft Secure

February 13, 2025 TH Author

Securing DeepSeek and other AI systems with Microsoft Security

Microsoft Security provides cyberthreat protection, posture management, data security, compliance and governance, and AI safety, to secure AI applications that you build and use. These capabilities can also be used to secure and govern AI apps built with the DeepSeek R1 model and the use of the DeepSeek app.
The post Securing DeepSeek and other AI systems with Microsoft Security appeared first on Microsoft Security Blog. READ MORE HERE…

Cyber Security Trending News

I recommend bringing these 6 wellness gadgets into 2026 – here’s why

Fujitsu worries US tariffs will see its clients slow digital spend

Nearly 10 years after Data and Goliath, Bruce Schneier says: Privacy’s still screwed

If you dread a Microsoft Teams invite, just wait until it turns out to be a Russian phish

SonicWall firewalls now under attack: Patch ASAP or risk intrusion via your SSL VPN

Critical PostgreSQL bug tied to zero-day attack on US Treasury

2 charged over alleged New IRA terrorism activity linked to cops’ spilled data

Storm-2372 conducts device code phishing campaign

More victims of China’s Salt Typhoon crew emerge: Telcos just now hit via Cisco bugs

How to find your BitLocker recovery key – and save a secure backup copy before it’s too late

Securing DeepSeek and other AI systems with Microsoft Security