Information Security News:
Federal Judge Tightens DOGE Leash Over Critical Treasury Payment System Access
The Register by Brandon Vigliarolo and Jessica Lyon
A federal judge has mandated stricter regulatory oversight on the integration of Dogecoin (DOGE) within the U.S. Treasury’s critical payment systems, following concerns about the cryptocurrency’s potential to disrupt financial stability. This decision introduces a rigorous review and continuous monitoring framework, reflecting a significant movement towards regulating the use of cryptocurrencies in sensitive government transactions. The measure aims to safeguard against the inherent volatility of digital currencies potentially jeopardising essential financial operations.
🔗 Read More
Russia Ramps Up Cybersecurity Systems
The Jamestown Foundation by Luke Rodeheffer
In response to escalating cyber threats, Russia has significantly bolstered its cybersecurity defences. This strategic upgrade targets key national infrastructure, including government communications, critical databases, and energy networks, to shield against foreign cyber espionage and attacks. Alongside enhancing state systems, Russia has imposed stringent cybersecurity protocols on the private sector, especially in critical industries. These measures reflect Russia’s push toward cyber sovereignty and highlight the role of cybersecurity in global geopolitical dynamics.
🔗 Read More
Coordinates of Millions of Smartphones Feared Stolen, Sparking Yet Another Lawsuit Against Data Broker
The Register by Thomas Claburn
After millions of smartphone users had their GPS coordinates allegedly stolen and sold by a data broker, a class-action lawsuit has been filed accusing the firm of major privacy violations. This lawsuit emphasises the dangers posed by the data brokerage industry’s practices of handling sensitive personal information. It calls for enhanced regulatory measures to protect individuals from unauthorised data harvesting and sale, highlighting the urgent need for legislative reforms to ensure privacy rights in the digital age are respected and enforced.
🔗 Read More
US Cybersecurity Efforts for Spacecraft Are Up in the Air
Dark Reading by Robert Lemos
The U.S. is grappling with establishing a robust cybersecurity framework for its spacecraft as cyber threats targeting space assets intensify. The absence of a unified strategy to safeguard these crucial systems exposes them to significant risks, underscoring the need for dedicated efforts to secure space infrastructure. This involves enhancing collaborations among government entities, aerospace experts, and cybersecurity professionals to develop resilient mechanisms capable of defending against and mitigating potential cyberattacks in the increasingly contested space domain.
🔗 Read More
Critical RCE Bug in Microsoft Outlook Now Exploited in Attacks
BleepingComputer by Sergiu Gatlan
A critical remote code execution vulnerability in Microsoft Outlook is currently being exploited, allowing hackers to execute malicious code on affected systems without user interaction. This vulnerability poses a severe security risk, prompting Microsoft to release an urgent patch. Users are strongly advised to update their software to protect against potential attacks that could lead to significant data breaches or further system compromise. The incident highlights the ongoing need for vigilance and prompt action in the face of evolving cyber threats.
🔗 Read More
Thailand Cuts Power and Internet to Areas of Myanmar to Disrupt Scam Gangs
Bitdefender by Graham Cluley
Thailand’s authorities have taken a drastic approach to combating cybercrime by cutting off power and internet services in certain areas of Myanmar known for harbouring scam operations. This measure aims to disrupt the activities of groups involved in extensive online frauds that affect thousands across Southeast Asia. While effective in curtailing these operations, the strategy has raised ethical concerns about the impact on innocent civilians living in the affected areas, prompting a debate on the appropriateness of such severe measures in law enforcement strategies against cybercrime.
🔗 Read More
Coercive Control to Be Treated Like Other Domestic Abuse Offences
The BBC by Imogen James
The UK is expanding its legal framework to criminalise coercive control in the same way as other forms of domestic abuse. The new measures will allow for harsher penalties and increased protections for victims. Lawmakers and advocates stress that digital surveillance, financial control, and online harassment are key components of modern coercion tactics. The reforms acknowledge the rising role of technology in abuse cases and emphasise the need for law enforcement and the judiciary to recognise and combat digital forms of domestic violence.
🔗 Read More
Cybercriminals Use Go Resty and Node Fetch in 13 Million Password Spraying Attempts
The Hacker News by Ravie Lakshmanan
Threat actors are leveraging Go Resty and Node Fetch to execute large-scale password spraying attacks, attempting to breach accounts across multiple platforms. Security researchers observed over 13 million login attempts, with attackers exploiting weak credentials and outdated authentication methods. The report highlights the need for stronger password policies, multi-factor authentication, and proactive threat monitoring. As password spraying remains a persistent attack vector, organisations are urged to implement stricter authentication controls to counter mass credential-stuffing attacks.
🔗 Read More
Attackers Target Education Sector, Hijack Microsoft Accounts
Dark Reading by Elizabeth Montalbano
The education sector is facing a surge in cyberattacks, with hackers hijacking Microsoft accounts to infiltrate networks. Threat actors are using compromised credentials to spread malware, exfiltrate sensitive student data, and disrupt school operations. Security analysts warn that educational institutions are particularly vulnerable due to lax cybersecurity controls and outdated infrastructure. Experts recommend bolstering account security with multi-factor authentication and stronger network segmentation to prevent attackers from moving laterally within compromised environments.
🔗 Read More
Lawmakers Fear Elon Musk, DOGE Not Adhering to Privacy Rules
CyberScoop by Tim Starks
U.S. lawmakers are raising alarms over Elon Musk’s Department of Government Efficiency (DOGE), questioning whether it is complying with federal privacy regulations. Concerns centre on DOGE’s alleged access to sensitive federal data without proper oversight. Critics warn that such a lack of transparency could pose national security risks and set a dangerous precedent for private entities managing government infrastructure. Lawmakers are calling for greater accountability and regulatory scrutiny to ensure compliance with data protection standards.
🔗 Read More
CISA Orders Agencies to Patch Linux Kernel Bug Exploited in Attacks
BleepingComputer by Sergiu Gatlan
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive requiring federal agencies to patch a newly discovered Linux kernel vulnerability that is being actively exploited. The flaw allows attackers to execute arbitrary code and escalate privileges on compromised systems. CISA warns that failing to apply the patch could leave critical infrastructure exposed to cyber threats. Organisations using affected Linux distributions are urged to update their systems immediately to mitigate the risk of exploitation.
🔗 Read More
Abandoned AWS Cloud Storage: A Major Cyberattack Vector
Dark Reading by Jai Vijayan
Researchers warn that misconfigured and abandoned AWS cloud storage remains a significant security risk, with cybercriminals exploiting unsecured buckets to exfiltrate sensitive data. Attackers are actively scanning for exposed storage containers containing corporate records, API keys, and confidential documents. The report underscores the importance of cloud security hygiene, including regular audits, proper access controls, and encryption to prevent unauthorised access. Businesses are advised to monitor cloud assets and promptly decommission unused storage to mitigate data exposure risks.
🔗 Read More
Crypto-Stealing Apps Found in Apple App Store for the First Time
BleepingComputer by Bill Toulas
Security analysts have uncovered cryptocurrency-stealing apps in the Apple App Store, marking the first known instance of such malware bypassing Apple’s stringent review process. The malicious apps disguise themselves as legitimate wallet utilities but siphon funds from users upon installation. The discovery raises concerns about Apple’s ability to detect sophisticated financial fraud apps. Users are advised to scrutinise app permissions, use verified wallets, and enable security features to prevent unauthorised transactions.
🔗 Read More
Netgear Fixes Critical Bugs as Five Eyes Warn About Break-Ins at the Edge
The Register by Connor Jones
Netgear has patched multiple critical vulnerabilities in its routers following a warning from the Five Eyes intelligence alliance about nation-state actors exploiting network edge devices. Attackers have been leveraging these flaws to gain remote access to corporate and home networks. The disclosure highlights the need for regular firmware updates and robust endpoint protection. Organisations are encouraged to apply patches immediately and monitor network activity for potential intrusions.
🔗 Read More
Cross-Platform JavaScript Stealer Targets Crypto Wallets in New Lazarus Group Campaign
The Hacker News by Ravie Lakshmanan
North Korea’s Lazarus Group is deploying a cross-platform JavaScript-based stealer to target cryptocurrency wallets. The malware is designed to harvest credentials and drain funds from compromised systems. The campaign underscores Lazarus Group’s continued focus on financial cybercrime, exploiting both Windows and macOS users. Security researchers advise crypto traders to remain vigilant, use hardware wallets, and monitor for suspicious activity.
🔗 Read More
Spain Arrests Suspected Hacker of US and Spanish Military Agencies
BleepingComputer by Bill Toulas
Spanish authorities have arrested an individual accused of hacking U.S. and Spanish military agencies. The suspect allegedly exfiltrated classified data and sold it on dark web marketplaces. Law enforcement officials are working with cybersecurity experts to assess the full extent of the breach. The case highlights ongoing threats to defense networks and the importance of securing sensitive military data against persistent cyber espionage operations.
🔗 Read More
How Are Modern Fraud Groups Using GenAI and Deepfakes?
Dark Reading by Jennifer Lawinski
Cybercriminals are weaponising generative AI and deepfake technology to launch more convincing fraud campaigns. From AI-generated phishing emails to synthetic voice scams impersonating executives, fraud groups are leveraging automation to scale deception at an unprecedented level. Security experts warn that as AI tools become more accessible, detecting manipulated content will become increasingly difficult. Financial institutions and enterprises must invest in AI-driven fraud detection systems and enhanced user verification measures to counteract this rapidly evolving threat landscape.
🔗 Read More
Global Ransomware Payments Plunge by a Third Amid Crackdown
The Guardian by Dan Milmo
Ransomware payments have dropped by a third in the past year, marking a significant shift in cybercriminal earnings. Law enforcement crackdowns, improved corporate cybersecurity strategies, and increased resistance to paying ransoms have contributed to this decline. However, experts caution that ransomware groups are adapting, with new extortion tactics such as data destruction and double extortion becoming more prevalent. While the financial impact of ransomware is decreasing, the volume of attacks remains high, signalling that the threat is evolving rather than disappearing.
🔗 Read More
Taiwan Bans DeepSeek AI Over National Security Concerns, Citing Data Leakage Risks
The Hacker News by Ravie Lakshmanan
Taiwan has banned the use of China-developed DeepSeek AI, citing concerns over national security and potential data leakage risks. Officials warn that AI models trained under Chinese jurisdiction could be exploited for intelligence gathering, reinforcing fears of foreign influence in critical sectors. The move follows similar bans from other governments wary of AI-driven espionage. As geopolitical tensions intersect with AI governance, the decision underscores the growing scrutiny over AI models with opaque data handling policies and their potential risks to sovereignty.
🔗 Read More
GrubHub Data Breach Impacts Customers, Drivers, and Merchants
BleepingComputer by Sergiu Gatlan
A data breach at GrubHub has compromised sensitive information belonging to customers, delivery drivers, and merchants, exposing personal details and payment data. Hackers exploited a security flaw to gain unauthorised access, raising concerns about the security measures in place for food delivery platforms. While GrubHub has yet to disclose the full extent of the breach, cybersecurity analysts stress the need for stronger data protection standards in the gig economy. Users are advised to update their credentials and monitor financial accounts for fraudulent activity.
🔗 Read More
Google Patches Odd Android Kernel Security Bug Amid Signs of Targeted Exploitation
The Register by Iain Thomson
Google has released an emergency patch for an unusual Android kernel security vulnerability that appears to have been actively exploited in targeted attacks. The bug allowed attackers to gain deep access to affected devices, potentially compromising sensitive data. Security researchers note that the vulnerability was likely used in highly targeted campaigns, possibly by nation-state actors. Android users are urged to apply updates immediately, as unpatched devices remain at risk. This incident highlights the growing sophistication of mobile threats and the importance of timely security updates.
🔗 Read More
ANALYSIS
Triskele Labs Annual State of Cyber 2024 Report (DFIR Report)
Triskele Labs
Triskele Labs’ latest Digital Forensics and Incident Response (DFIR) report provides a comprehensive analysis of cybersecurity trends, highlighting the growing sophistication of threat actors. The report examines the increasing use of AI-driven attacks, supply chain vulnerabilities, and ransomware tactics. Key takeaways include the necessity for robust incident response plans, real-time threat intelligence, and enhanced security automation. Businesses are encouraged to integrate proactive cybersecurity strategies to mitigate evolving risks.
🔗 Read More
Cyber Insights 2025: OT Security
SecurityWeek by Kevin Townsend
As operational technology (OT) systems become more interconnected, cybersecurity risks in industrial environments are growing. This article explores how threat actors are increasingly targeting OT infrastructure to disrupt manufacturing, energy, and transportation sectors. Security experts highlight the urgent need for stronger segmentation, access controls, and continuous monitoring to prevent catastrophic failures. Organisations must prioritise OT security to defend against sophisticated cyber threats.
🔗 Read More
How Agentic AI Will Be Weaponized for Social Engineering Attacks
SecurityWeek by Stu Sjouwerman
The rise of agentic AI—AI systems capable of autonomous decision-making—poses new social engineering risks. This article examines how attackers could exploit AI-driven chatbots and voice synthesis tools to manipulate victims at scale. From AI-powered phishing to deepfake scams, adversaries are refining their tactics to deceive even the most security-conscious users. Experts stress the need for AI threat detection frameworks and awareness training to counter the growing risk of AI-driven deception.
🔗 Read More
Why Cybersecurity Needs Probability — Not Predictions
Dark Reading by Vishaal “V8” Hariprasad
Traditional cybersecurity approaches often rely on deterministic risk models, but experts argue that probability-based methods are more effective for anticipating emerging threats. This analysis explores how probabilistic modeling can improve decision-making, helping security teams prioritise threats based on likelihood rather than theoretical worst-case scenarios. By integrating probability-driven risk assessments, organisations can better allocate resources and enhance resilience against evolving cyber threats.
🔗 Read More
What EU AI Act Means for Governance in Financial Sector
FinTech by Louis Thompsett
The EU AI Act is set to introduce strict governance requirements for financial institutions using artificial intelligence, placing an emphasis on transparency, accountability, and risk mitigation. Banks and fintech firms leveraging AI for decision-making—such as credit scoring and fraud detection—will need to implement comprehensive oversight frameworks to comply with the new regulations. Experts warn that non-compliance could result in severe penalties. The Act’s focus on explainability and fairness aims to prevent AI bias, ensuring financial AI models operate with ethical safeguards and consumer protections in mind.
🔗 Read More
STATISTICS & INSIGHTS
Highlights from Last Week’s Cybersecurity Research by evisec – CRD #16
CyAN Member and evisec CEO Henry Röigas
Highlights from the latest cybersecurity research sources by evisec:
- Data on CISO executive influence shows growth but remains inconsistent: A recent study claims 82% now report to CEOs, while others suggest as low as 5%. Nevertheless, influence is rising and the trend remains positive across most sources.
- Security tool sprawl: Large enterprises juggle 83 tools from 29 vendors, undoubtedly hindering efficiency of security operations.
- Basic security paying off: Foundational controls can cut cyber incident costs by 75% according to a study.
- GenAI in cybercrime – no revolution (yet!): Threat actors mainly use it for research, with no evidence of highly advanced offensive applications.
For more insights, explore the latest Cybersecurity Research Digest.
🔗 Read More
An Opportunity for the EU to Support Digital Freedom
CyAN Blog by John Salomon
CyAN Communication Chief John Salomon explores how the EU can champion digital freedom while balancing security and regulation. With increasing concerns over government overreach, censorship, and data sovereignty, he argues that policymakers must prioritise frameworks that protect privacy without stifling innovation. The article calls for greater transparency in surveillance laws, stronger commitments to encryption, and a unified approach to digital rights across member states. As the EU refines its digital policies, Salomon urges decision-makers to seize this moment to reinforce fundamental freedoms in the online world.
🔗 Read More
Australia’s Digital Destiny: Leading the Charge for Online Freedom
By Kim Chandler McDonald
In response to John Salomon’s blog post, CyAN Global VP Kim Chandler McDonald examines Australia’s role in shaping digital freedom, arguing that the country has a pivotal opportunity to set global standards for privacy, cybersecurity, and human rights online. She highlights the tension between national security interests and individual freedoms, emphasising the importance of legislative safeguards to prevent government overreach. The article calls for stronger encryption protections, ethical AI policies, and global collaboration to uphold digital rights. As Australia navigates its digital future, McDonald stresses that proactive leadership is essential to ensuring an open, secure, and equitable online ecosystem.
🔗 Read More
CyAN Members: News
- CyAN board member Gergely Dzsinich will discuss Cybersecurity, Privacy, and International Air Transport at the International Air Transport Association (IATA) World Legal Symposium in Shanghai (18-20 February).
- CyAN Growth Advisor to MEA & India, Bharat Raigangar is speaking at the Achievers X Awards 2025 in Riyadh-KSA on February 10th. Bharat will be discussing CyAN’s contributions in the arenas of Cyber Law, Forensics, Security, and Trust & Safety.
Upcoming CyAN Global Events:
- Breaking the Cycle: Combating Online IBSA for a Safer Digital Experience webinar, March 6th (EST 6AM, CET 12PM, AEST 10PM)
🔗 Register Here - CyAN APAC: The Geopolitical Impacts of Cyber Threats: From Espionage to Influence keynote by Dan Elliot, March 12, Peoplebank, Sydney (save the date, general release tickets available soon!)
- GITEX AFRICA, Marrakesh, Morocco: 14-16 April
🔗 Event Details - GITEX ASIA, Singapore (Marina Bay Sands): 23-25 April
🔗 Event Details - GISEC, Dubai World Trade Center, Dubai, UAE: 6-8 May
🔗 Event Details - The Cyber Outstanding Security Performance Awards (Cyber OSPAs), May 8, London, UK
🔗 Event Details - MaTeCC, Rabat, Morocco: 7-9 June 2025
(The third annual North Africa and beyond cybersecurity event, hosted by CyAN partner organisation École High-Tech.)
🔗 Event Details