Information Security News
House Passes Bill Requiring Federal Contractors to Implement Vulnerability Disclosure Policies
SecurityWeek by Eduard Kovacs
The U.S. House of Representatives has recently passed a bill that mandates federal contractors to establish vulnerability disclosure policies. This legislative move aims to strengthen the security of federal digital assets by ensuring that vulnerabilities are systematically reported and addressed. The bill stipulates clear guidelines for contractors on how to manage and respond to reported vulnerabilities effectively.
This initiative underscores the government’s commitment to bolstering national cybersecurity infrastructure and fostering a more secure cyber environment for public and private sector collaborations.
Read more
Ethereum Private Key Stealer on PyPI Downloaded Over 1,000 Times
BleepingComputer by Bill Toulas
A malicious package designed to steal Ethereum private keys was recently discovered on the Python Package Index (PyPI), downloaded over 1,000 times before its removal. This deceptive package, masquerading as a legitimate tool, underscores the growing threat in software supply chains where attackers exploit trust to distribute malware.
The incident highlights the critical need for developers and users to exercise heightened vigilance when integrating third-party code, emphasizing the importance of verifying sources and maintaining rigorous security protocols to safeguard sensitive cryptocurrency assets.
Read more
Women Faced the Brunt of Cybersecurity Cutbacks in 2024
Dark Reading by Kristina Beek
In 2024, the cybersecurity industry witnessed significant cutbacks that disproportionately impacted women, exacerbating existing gender disparities in tech roles. These reductions not only led to fewer women in cybersecurity positions but also stalled efforts toward achieving diversity and inclusivity within the sector.
The situation calls for urgent implementation of supportive measures and policies aimed at recruiting, retaining, and advancing women in technology, particularly in cybersecurity fields. Enhancing gender diversity is not just a matter of equity; it enriches problem-solving and strengthens the overall resilience of cybersecurity defenses, making it imperative for the industry to address these challenges proactively.
Read more
Malicious Chrome Extensions Can Spoof Password Managers in New Attack
BleepingComputer by Bill Toulas
Recent reports have identified a new type of cyber attack involving malicious Chrome extensions that can impersonate legitimate password managers. These deceptive extensions are capable of stealing login credentials by tricking users into inputting their information, believing they are using their trusted password management tools.
This emerging threat highlights the necessity for users to scrutinize browser extensions carefully before installation and emphasizes the importance of sourcing extensions from reputable developers only. It also calls for enhanced security measures by browser and extension marketplaces to prevent such malicious activities.
Read more
BadBox Botnet Powered by 1 Million Android Devices Disrupted
SecurityWeek by Ionut Arghire
The BadBox botnet, which harnessed the power of over 1 million compromised Android devices, has recently been disrupted. This vast network was used for large-scale DDoS attacks and other malicious activities, posing significant threats to online security.
The disruption marks a significant victory for cybersecurity teams, highlighting the effectiveness of coordinated efforts in combating such extensive cyber threats. It also underscores the ongoing need for robust mobile device security measures and public awareness about the risks of downloading unverified applications, which often serve as entry points for malware.
Read more
Over 1,000 WordPress Sites Infected with JavaScript Backdoors Enabling Persistent Attacker Access
The Hacker News by Ravie Lakshmanan
More than 1,000 WordPress sites have been compromised with JavaScript backdoors, allowing attackers persistent and covert access. This widespread issue highlights a significant vulnerability in website security, particularly affecting sites with outdated plugins or weak admin credentials.
The malicious JavaScript enables cybercriminals to manipulate site content, steal data directly from users, and potentially leverage the sites for further attacks. This situation calls for immediate action from site administrators to update and secure their systems, implement stringent security measures such as regular audits, and educate users on the importance of strong password policies and regular updates to prevent future breaches.
Read more
Ransomware Attacks Build Against Saudi Construction Firm
Dark Reading Global by Robert Lemos
A Saudi construction firm is currently under siege from a series of escalating ransomware attacks, highlighting a significant vulnerability within the infrastructure sector. These attacks not only threaten the operational continuity and data integrity of the firm but also expose potential security lapses in industry-wide cybersecurity practices.
The situation underscores the critical need for robust cybersecurity measures, including regular system updates, comprehensive employee training, and advanced threat detection mechanisms. It also calls for a collaborative approach to cybersecurity, with increased sharing of threat intelligence and best practices within the sector to mitigate future risks.
Read more
Espionage Actor ‘Lotus Blossom’ Targets Southeast Asia
Dark Reading by Alexander Culafi
The espionage group known as ‘Lotus Blossom’ continues to intensify its cyber espionage efforts across Southeast Asia. Leveraging sophisticated tactics, the group targets government and military sectors to gather sensitive information that could influence regional security dynamics.
This persistent threat underscores the critical need for heightened cybersecurity measures within these sectors. Enhanced vigilance, advanced threat detection systems, and continuous cybersecurity training are imperative to defend against such state-sponsored activities and to safeguard national security interests in the region.
Read more
SandboxAQ Joins UN AI Hub to Bolster Cybersecurity and Drive AI Innovation
IT Security Guru
SandboxAQ has partnered with the UN AI Hub to enhance global cybersecurity measures and foster innovation in artificial intelligence. This collaboration aims to leverage SandboxAQ’s expertise in quantum computing and AI to develop solutions that address critical security challenges faced by nations worldwide.
By integrating advanced AI technologies, the partnership seeks to create more resilient cybersecurity infrastructures and drive technological advancements that benefit global security and governance. This initiative not only highlights the potential of AI in enhancing cybersecurity but also emphasizes the importance of international cooperation in tackling complex digital threats.
Read more
US Indicts 12 Chinese Nationals for Vast Espionage Attack Spree
Cyberscoop by Matt Kapko
The United States has indicted 12 Chinese nationals in connection with a comprehensive espionage operation targeting sensitive U.S. industrial and technological sectors. This sweeping indictment underscores the ongoing geopolitical tensions and the extensive nature of state-sponsored cyber espionage activities.
The accused are alleged to have conducted sophisticated cyber operations to steal trade secrets and critical data, compromising national security and the competitive edge of U.S. businesses. The case highlights the critical need for robust cyber defences and international collaboration to combat these high-stakes threats.
Read more
Open-Source Tool ‘Rayhunter’ Helps Users Detect Stingray Attacks
BleepingComputer by Bill Toulas
Rayhunter, an innovative open-source tool, has been developed to empower individuals and organizations to detect Stingray attacks—covert surveillance methods that intercept mobile phone communications. This tool is particularly crucial in protecting privacy rights as it enables users to identify and mitigate unauthorized cell tower simulators used for eavesdropping.
Rayhunter’s availability underscores the importance of community-driven solutions in enhancing digital privacy and security. It represents a significant step forward in the fight against intrusive surveillance technologies, offering a proactive approach to safeguard personal communications.
Read more
Major Ransomware Attack Sees Tata Technologies Hit – 1.4TB Dataset with Over 730,000 Files Allegedly Stolen
TechRadar by Ellen Jennings-Trace
Tata Technologies has been severely impacted by a major ransomware attack, resulting in the theft of approximately 1.4 terabytes of data, encompassing over 730,000 files. This significant security breach underscores the escalating threat landscape that corporations worldwide are facing.
The attack not only highlights the need for stringent cybersecurity measures but also puts a spotlight on the vulnerabilities that can be exploited in critical business infrastructures. The incident calls for an urgent review and reinforcement of digital defenses to prevent future occurrences and protect sensitive corporate information.
Read more
VMware Security Flaws Exploited in the Wild—Broadcom Releases Urgent Patches
The Hacker News by Ravie Lakshmanan
Recent discoveries have revealed significant security vulnerabilities in VMware products, which have been actively exploited in the wild. These flaws could allow attackers to execute code remotely and escape from secured environments, posing severe risks to enterprises relying on VMware for their virtual infrastructure.
In response, Broadcom has swiftly released urgent patches to address these vulnerabilities. Organizations are urged to apply these security updates immediately to protect their systems from potential breaches and maintain the integrity of their operational environments. This incident highlights the ongoing need for vigilance and prompt action in the face of emerging cybersecurity threats.
Read more
Threat Actor ‘JavaGhost’ Targets AWS Environments in Phishing Scheme
Dark Reading by Alexander Culafi
The ‘JavaGhost’ threat actor is currently targeting AWS environments through a sophisticated phishing scheme designed to compromise enterprise cloud infrastructures. By exploiting vulnerabilities in AWS configurations, JavaGhost has been able to execute phishing attacks that deceive users into revealing their credentials.
This campaign underscores the importance of stringent cloud security practices, including regular audits and employee training to recognize phishing attempts. Organizations using AWS must enhance their vigilance and deploy multi-layered security measures to prevent such breaches and protect their critical cloud assets.
Read more
Congress Eyes Bigger Cyber Role for NTIA Amid Telecom Attacks
Cyberscoop by Matt Bracken
In response to increasing cyber attacks targeting the telecommunications sector, Congress is considering legislation to expand the cyber responsibilities of the National Telecommunications and Information Administration (NTIA). This move aims to bolster the United States’ defenses against sophisticated cyber threats that disrupt essential communication services.
By enhancing the NTIA’s capabilities, lawmakers hope to improve coordination across federal agencies and strengthen the resilience of critical infrastructure. The proposed changes underscore the urgency of adapting governmental cyber strategies to meet the evolving landscape of digital threats.
Read more
Cisco Warns of Webex for BroadWorks Flaw Exposing Credentials
BleepingComputer by Sergiu Gatlan
Cisco has issued a warning about a critical flaw in Webex for BroadWorks that could expose user credentials, posing a significant security risk. This vulnerability allows unauthorized access to sensitive information, potentially enabling attackers to intercept and manipulate communications.
Cisco has recommended immediate updates and has provided patches to mitigate this vulnerability. This incident highlights the continuous need for vigilance and prompt software updates in safeguarding communication tools from emerging cyber threats. Organizations are urged to apply these patches without delay to protect their data and maintain the integrity of their communication channels.
Read more
Microsoft Teams Tactics, Malware Connect Black Basta, Cactus Ransomware
BleepingComputer by Lawrence Abrams
Recent analysis has revealed that cybercriminals employing Black Basta and Cactus ransomware are leveraging Microsoft Teams as a vector for their attacks. These groups use malicious tactics, such as embedding malware within seemingly legitimate communications, to exploit the popular collaboration platform.
The use of Microsoft Teams enables these attackers to bypass traditional security measures and gain unauthorized access to corporate networks. This development calls for organizations to enhance their security protocols concerning communication tools and educate employees about the risks of malware in everyday applications, ensuring robust defenses against these sophisticated cyber threats.
Read more
New Polyglot Malware Hits Aviation, Satellite Communication Firms
BleepingComputer by Bill Toulas
A sophisticated new form of polyglot malware has been identified targeting aviation and satellite communication firms, posing significant security challenges. This malware uniquely blends multiple functionalities, allowing it to act both as a data stealer and a disruptor of communication systems.
The attacks highlight vulnerabilities within critical infrastructure sectors and underscore the urgent need for enhanced cybersecurity measures. Firms in these industries are advised to conduct thorough security audits, update their systems regularly, and train staff to recognize signs of malicious activities to safeguard against such advanced threats.
Read more
3 VMware Zero-Day Bugs Allow Sandbox Escape
Dark Reading by Jai Vijayan
Three critical zero-day vulnerabilities have been discovered in VMware software, allowing attackers to escape from virtualized environments and execute code on the host machine. These vulnerabilities pose severe risks to enterprises relying on VMware for virtualization, as they could lead to full system compromise if exploited.
VMware has responded by releasing urgent patches to address these security flaws. Organizations are strongly advised to apply these updates immediately to protect their systems from potential attacks. This incident highlights the ongoing need for proactive security practices and rapid response to emerging threats in virtualization technology.
Read more
Hunters International Ransomware Claims Attack on Tata Technologies
BleepingComputer by Bill Toulas
Tata Technologies recently fell victim to a significant ransomware attack by Hunters International, resulting in the theft of over 1.4 terabytes of sensitive data, including more than 730,000 files. This breach underscores the growing threat of ransomware attacks targeting major corporations, highlighting the potential for substantial operational disruption and financial loss.
In response to the attack, Tata Technologies is taking robust measures to bolster their cybersecurity defences and mitigate the impact of the breach. This incident serves as a critical reminder for all companies to enhance their data protection strategies and prepare for the possibility of similar cyber threats.
Read more
More than 86K IoT Devices Compromised by Fast-Growing Eleven11 Botnet
Cybersecurity Dive by David Jones
The Eleven11 botnet, a rapidly expanding network, has compromised over 86,000 IoT devices worldwide, demonstrating the increasing vulnerabilities in connected technology. This botnet exploits weak default passwords and unpatched security flaws to control devices, using them for large-scale DDoS attacks and other malicious activities.
The widespread impact underscores the critical importance of securing IoT devices with strong, unique passwords and regular firmware updates. It highlights the necessity for manufacturers and users to implement more rigorous security measures to prevent such infiltrations and protect the integrity of IoT ecosystems.
Read more
Polish Space Agency Hit by Cyberattack
SecurityWeek by Ionut Arghire
The Polish Space Agency recently experienced a significant cyberattack, highlighting vulnerabilities in national security and space exploration sectors. This breach compromised sensitive data, potentially affecting critical operations and international collaborations.
The incident emphasizes the urgent need for enhanced cybersecurity protocols and systems within agencies involved in space technology and research. It also calls for increased cooperation among international partners to bolster defenses against such sophisticated threats, ensuring the protection of vital infrastructure and information in the expanding arena of space exploration.
Read more
Big Tech Opposes YouTube Exemption from Australia’s Social Media Ban
itNews by Renju Jose
Major technology companies are challenging an exemption that would allow YouTube to operate under Australia’s proposed social media ban, citing concerns over fairness and regulatory consistency. The ban, aimed at protecting users from harmful online content, has sparked debate among tech giants, who argue that all platforms should be held to the same standards.
This opposition highlights the complexities of regulating digital platforms while ensuring competitive equity. It underscores the need for clear, equitable regulations that balance user safety with fair market practices, crucial for maintaining a healthy digital ecosystem.
Read more
ANALYSIS
Cybersecurity’s Future Is All About Governance, Not More Tools
Dark Reading by Shirley Salzman
Shirley Salzman, writing for Dark Reading, argues that the future of cybersecurity isn’t about hoarding tools but about mastering governance. While technology plays a role, true resilience comes from strong policies, risk management, and compliance frameworks that align security strategies with business objectives.
Salzman emphasizes that prioritizing governance over endless tool acquisition strengthens operational resilience, mitigates risks proactively, and ensures organizations can adapt to evolving threats. By embedding governance into cybersecurity, businesses create a security posture that’s not just reactive but strategic, scalable, and built for long-term digital defense.
Read more
Identity: The New Cybersecurity Battleground
The Hacker News
The Hacker News staff highlights identity as the new battleground in cybersecurity, with attackers shifting from exploiting system vulnerabilities to targeting user credentials. Protecting digital identities now requires more than just passwords—it demands multi-factor authentication, continuous monitoring, and behavioural analytics to detect and block unauthorized access.
As identity theft and credential-based attacks grow more sophisticated, organizations must prioritize advanced identity protection measures to safeguard individuals and digital infrastructure from evolving cyber threats.
Read more
Enterprise AI Through a Data Security Lens: Balancing Productivity With Safety
Dark Reading by Adam Strange
Writing for Dark Reading, Adam Strange emphasizes that as AI continues reshaping business operations, balancing productivity with stringent data security is critical. Organizations must embed security-first principles into AI deployments, ensuring sensitive information is protected from misuse or breaches.
Strong data governance, encryption, and access controls are essential to maintaining trust in AI-driven environments. Strange argues that without prioritizing security alongside innovation, businesses risk compromising both regulatory compliance and long-term growth in an AI-powered corporate landscape.
Read more
Tech Companies’ Proposed New Safety Codes Won’t Protect All Kids Online
InnovationAus by Toby Murray
Toby Murray of InnovationAus critiques tech companies’ proposed safety codes, arguing they fail to offer comprehensive protection for all children online. While these measures represent progress, they still leave critical gaps, particularly for vulnerable users who need the most protection.
Murray calls for stronger regulatory enforcement, ensuring platforms take real accountability rather than relying on voluntary commitments. Without broader, legally binding safeguards, children remain at risk, highlighting the urgent need for policies that prioritize child safety over corporate interests.
Read more
Cyberwarfare, Elections, and the Role of Encryption in Protecting Democracy
PrivID (Substack)
PrivID (Substack) highlights encryption as a crucial safeguard for democracy, especially as cyberwarfare threats escalate. Strong encryption protects voter data and election integrity from manipulation, ensuring that democratic outcomes remain free from interference.
Weakening these protections risks exposing electoral systems to hostile actors, eroding public trust. The analysis calls on governments to uphold robust encryption standards, reinforcing digital voting security, transparency, and resilience against cyber threats that seek to undermine democratic processes.
Read more
Why Cybersecurity Jobs Are Hard to Find Amid a Worker Shortage
Dark Reading by Andrey Leskin
Andrey Leskin of Dark Reading examines the paradox of a cybersecurity job market plagued by both a talent shortage and hiring difficulties. Despite high demand, many skilled candidates struggle to secure roles due to rigid job descriptions, unrealistic experience requirements, and a preference for niche expertise over adaptable skills.
Instead of fostering talent, companies are narrowing the pool by demanding certifications over potential. The analysis calls for a shift in hiring strategies—investing in internal development, easing entry barriers, and creating pathways for emerging professionals to bridge the cybersecurity skills gap before it widens further.
Read more
Exploiting DeepSeek-R1: Breaking Down Chain of Thought Security
Trend Micro by Trent Holmes & Willem Gooderham
Trent Holmes and Willem Gooderham of Trend Micro uncover critical security flaws in DeepSeek-R1, exposing weaknesses in its chain-of-thought reasoning that attackers can exploit. These vulnerabilities enable adversaries to manipulate AI outputs, leading to misinformation, biased responses, or data leaks.
The findings highlight the urgent need for security-first AI development, where transparency, rigorous testing, and adversarial resilience are prioritized. Without stronger safeguards, large language models remain susceptible to manipulation, posing risks to trust, decision-making, and the ethical use of AI-driven systems.
Read more
Statistics & Insights
Highlights from This Week’s Cybersecurity Research by evisec – CRD #18
CyAN Member and evisec CEO Henry Röigas
Highlights from the latest cybersecurity research sources by evisec:
- Ransomware payments prioritize speed over restoration: 96% of cases involve data exfiltration, but only 30% result in payments—mainly to prevent leaks or accelerate recovery, not restore systems.
- Security careers: high pay, low retention: Over 60% of professionals consider leaving due to stagnation. Security architects earn up to $206K, but return-to-office mandates risk talent loss.
- Hybrid work & BYOD risks: 98% of organizations report BYOD violations, with 90% allowing personal device access to corporate data, exposing security gaps.
- Global threats surge: China-linked activity is up 150%, vishing skyrockets 442%, malware-free attacks hit 79%, and breakout times drop to 48 minutes, demanding faster response.
- Software security paradox: OWASP pass rates double, but security debt worsens—fix times have increased fivefold in 15 years despite improved critical risk mitigation.
For a deeper dive on these topics and other data-led insights, explore the latest Cybersecurity Research Digest here:
Read more
CyAN Members: Op Eds, Articles, etc:
CyAN’s Position on Encryption Backdoor Legislation
CyAN Staff
CyAN firmly opposes encryption backdoors, warning that such policies undermine global cybersecurity. While governments argue they are necessary for law enforcement, the reality is they create systemic vulnerabilities that can be exploited by cybercriminals and hostile nation-states.
Weakening encryption doesn’t just affect criminals—it puts businesses, critical infrastructure, and everyday users at risk. Instead of compromising security, CyAN advocates for stronger encryption policies that protect privacy, safeguard data integrity, and ensure a more resilient digital landscape without handing malicious actors an easy entry point.
Read more
Phishing, Smishing, and Quishing—How Many Ways Can We Get Scammed?
CyAN Blog by Fel Gayanilo
CyAN Gen Sec Fel Gayanilo dives into the ever-expanding world of digital scams, where cybercriminals exploit email (phishing), SMS (smishing), and QR codes (quishing) to trick users into handing over sensitive data.
As fraud tactics evolve, so must our defenses. Many scams rely on urgency and deception, preying on human instincts rather than technical vulnerabilities. Fel emphasizes the importance of skepticism, user awareness, and layered security to mitigate these threats.
The best defense? Think before you click—because in today’s cyber landscape, convenience often comes with a hidden cost.
Read more
Dynamic Resilience: A Framework for Synergizing Operational Agility and Economic Security in the Era of Digital Transformation
CyAN Blog by Rupesh Shirke
CyAN explores Dynamic Resilience, a strategy that merges cybersecurity, business agility, and economic security to help organizations navigate digital transformation without increasing risk.
As cyber threats evolve, businesses must move beyond static defenses and embrace flexible security frameworks that adapt in real time. The key lies in balancing innovation with proactive risk management, ensuring security measures scale with technological advancements.
By integrating security into operational agility, organizations can sustain growth, safeguard assets, and maintain resilience in an unpredictable digital landscape.
Read more
Opinion: Encryption Back Doors Are Dumb.
CyAN Blog by John Salomon
CyAN Communications and Mentorship Director John Salomon, writing for the CyAN blog, dismantles the argument for encryption backdoors, bluntly stating that they are a fundamentally flawed and dangerous idea.
While governments argue for access in the name of law enforcement, Salomon warns that weakening encryption creates systemic vulnerabilities that cybercriminals and hostile actors will inevitably exploit. He emphasizes that encryption is not just about privacy—it underpins national security, financial stability, and critical infrastructure.
The article makes a clear case: breaking encryption to catch criminals ultimately puts everyone at risk.
Read more
CyAN Member’s News
We’re immensely proud to share that Dan Elliott, a highly valued member of our CyAN community and an internationally acclaimed cybersecurity advisor, is a finalist in the 2025 Australian Cyber Awards! 🏆
Dan has been recognized in the Cybersecurity Professional of the Year – Professional and Financial Services category. His nomination is a testament to his dedication to the field, his commitment to collaboration with clients and peers, and his passion for sharing his extensive experience across the sector. Join us in celebrating this well-deserved recognition!
🔗 Read more: Dan Elliott’s LinkedIn Post
Dan Elliott at AISA CyberCon Canberra
On March 18th, Dan will also be speaking at the Australian Information Security Association (AISA) CyberCon Canberra on the topic:
“The Human Element in Cyber Resilience: Lessons from the Intelligence Community”
If you’re in Canberra, you won’t want to miss this insightful session!
🔗 Watch the highlights: Dan Elliott’s LinkedIn Post
At CyAN, we are ALWAYS overjoyed to celebrate our members’ successes and contributions to the cybersecurity community. Congratulations, Dan!
Upcoming CyAN (and CyAN Partner) Global Events:
• CyAN APAC: The Geopolitical Impacts of Cyber Threats: From Espionage to Influence keynote by Dan Elliot, March 12, Peoplebank, Sydney
More info
• Trust & Safety Forum at Forum INCYBER Europe (FIC), Lille, France: April 1-2
More info
• GITEX AFRICA, Marrakesh, Morocco: April 14-16
More info
• GITEX ASIA, Singapore (Marina Bay Sands): April 23-25
More info
• GISEC, Dubai World Trade Center, Dubai, UAE: May 6-8
More info
• The Cyber Outstanding Security Performance Awards (Cyber OSPAs), May 8, London, UK
More info
• World AI Technology Expo UAE, Dubai, UAE: May 14-15, 2025
More info
• MaTeCC, Rabat, Morocco: June 7-9, 2025
(The third annual North Africa and beyond cybersecurity event, hosted by CyAN partner organisation École High-Tech.)
More info