Cyber (In)Securities – Issue 138

Posted on by Fel Gayanilo

Information Security News

  1. Disclosure Drama Clouds CrushFTP Vulnerability Exploitation
    Dark Reading – Rob Wright
  2. CISA warns of Fast Flux DNS evasion used by cybercrime gangs
    BleepingComputer – Bill Toulas
  3. Google Quick Share Bug Bypasses Allow Zero-Click File Transfer
    Dark Reading – Tara Seals
  4. China-Linked Threat Group Exploits Ivanti Bug
    Dark Reading – Jai Vijayan
  5. International intelligence agencies raise the alarm on fast flux
    Cyberscoop – Greg Otto
  6. Oracle privately confirms Cloud breach to customers
    BleepingComputer – Sergiu Gatlan
  7. T-Mobile Bug Reveals Names, Images, and Locations of Random Children
    Gizmodo – Lucas Ropek
  8. Cybersecurity professor targeted by FBI has not been detained, lawyer says
    Reuters – A.J. Vicens
  9. X (Twitter) data leak exposes 2.8 billion users in supposed “inside job”
    Proactive – Phoebe Shields
  10. New Advanced FIN7’s Anubis Backdoor Allows To Gain Full System Control On Windows
    Security Affairs – Pierluigi Paganini
  11. Genetic data site openSNP to close and delete data over privacy concerns
    BleepingComputer – Bill Toulas
  12. Crimelords at Hunters International tell lackeys ransomware too ‘risky’
    The Register – Connor Jones
  13. Royal Mail investigates data leak claims, no impact on operations
    BleepingComputer – Sergiu Gatlan
  14. Police shuts down KidFlix child sexual exploitation platform
    BleepingComputer – Sergiu Gatlan
  15. Google DeepMind Unveils Framework to Exploit AI’s Cyber Weaknesses
    SecurityWeek – Kevin Townsend
  16. Cisco warns of CSLU backdoor admin account used in attacks
    BleepingComputer – Sergiu Gatlan
  17. Hackers Could Unleash Chaos Through Backdoor in China-Made Robot Dogs
    SecurityWeek – Ryan Naraine
  18. Cybercom discovered Chinese malware in South American nations
    Defensescoop – Mark Pomerleau
  19. Data protection bill leaves room for governmental abuse, campaigners warn
    The Guardian – Rachel Hall
  20. Japan Bolsters Cybersecurity Safeguards With Cyber Defense Bill
    Dark Reading – Kristina Beek
  21. North Korean IT worker army expands operations in Europe
    BleepingComputer – Sergiu Gatlan
  22. We Smell a (DC)Rat: Revealing a Sophisticated Malware Delivery Chain
    BleepingComputer / Acronis
  23. Apple fined €150 million over App Tracking Transparency issues
    BleepingComputer – Sergiu Gatlan
  24. 81% of Australian IT leaders want more government intervention to help them manage cybersecurity
    itWire – Gordon Peters
  25. Signal downloads skyrocket in Yemen, US after leak
    Semafor – Rachyl Jones
  26. CISA spots spawn of Spawn malware targeting Ivanti flaw
    The Register – Iain Thomson

Analysis

  1. End-to-End Encryption Under Fire: The Trojan Horse of “Public Safety”
    PrivID (Substack)
  2. Oracle’s masterclass in breach comms: Deny, deflect, repeat
    The Register – Connor Jones
  3. AI Giving Rise of the ‘Zero-Knowledge’ Threat Actor
    SecurityWeek – Etay Maor
  4. How an Interdiction Mindset Can Help Win War on Cyberattack
    Dark Reading – Mike McNerney
  5. Independent tests show why orgs should use third-party cloud security services
    Cyberscoop – Matt Kapko
  6. FDA’s Critical Role in Keeping Medical Devices Secure
    Dark Reading – Morey J. Haber
  7. Lock Your Digital Doors: Why SMEs Must Get Better At Cybersecurity
    Forbes – Peter Boolkah
  8. ENISA NIS360 2024 Cybersecurity Maturity & Criticality Assessment
    ENISA
  9. Game-Changing Predictions for Cybersecurity in 2025
    Via Satellite – Annamarie Nyirady

CyAN Members: Op-Eds & Articles

  1. Backdoors, Robot Dogs, and Why Trust Must Be Built In—Not Bolted On
    Kim Chandler McDonald
  2. “What happens to Heroes?” EPISODE #3 – The Psychological Impacts of Cyberattacks
    Didier Annet (CyAN Member)
  3. CyAN Signs 3 Open Letters Against Surveillance Laws
    CyAN Blog – CyAN Staff
  4. Strengthening Global Security: Data Protection as National Imperative
    Kim Chandler McDonald

Online Safety for Kids and Teens

  1. Highlights from the latest Vys ‘Online Safety for Kids and Teens’ Biweekly Brief
    Vaishnavi J – Vyanams Strategies (CyAN Member)

Women in Tech Feature Articles

  1. How might reduced DEI measures impact women in tech?
    Silicon Republic – Laura Varley
  2. Survey Says Women Are Finding New Paths to Cybersecurity
    GovTech Today
  3. Women in tech an untapped $6.5bn opportunity
    InnovationAus – Joseph Brookes
  4. The Case for More Women in Cybersecurity: Strengthening the Industry With Diverse Talent
    Security Brief – Zoya Schaller
  5. Full Women in Tech Feature – Interviews
    CyAN

🗓️ Upcoming CyAN (and CyAN Partner) Global Events:

📍 Lisbon, Portugal

Supply Chain Cyber Security Summit (SCCS)
April 9–11

Read more

📍 Marrakesh, Morocco

GITEX AFRICA
April 14–16

Read more

📍 Singapore

GITEX ASIA
April 23–25

Read more

📍 Dubai, UAE

GISEC
May 6–8

Read more

📍 London, UK

Cyber OSPAs
May 8

Read more

📍 Dubai, UAE

CSG Awards 2025
May 7

Read more

📍 Dubai, UAE

World AI Technology Expo
May 14–15

Read more

🎉 Celebration

CyAN 10th Anniversary
(Details TBA)

📍 Berlin, Germany

GITEX Europe Messe
May 21–23

Read more

📍 Rabat, Morocco

MaTeCC
June 7–9

Read more

🌐 Online

CyAN Q2 Call (APAC + Gulf)
June 11 – 12:00 GST / 16:00 SGT / 18:00 AEST

🌐 Online

CyAN Q2 Call (EMEA + Americas)
June 11 – 20:00 GST / 18:00 CET / 17:00 UTC / 12:00 EDT

Advisors AI CyAN cyber conflict cyber measures cyber news Cybercrime cybersecurity Cybersecurity Advisors Network Cybersecurity experts Information governance information security news regulation security Strategy