Welcome to Cyberlobi News Hub
Top News Sources
Hacker News
- Over 1,500 PostgreSQL Servers Compromised in Fileless Cryptocurrency Mining Campaignby [email protected] (The Hacker News) on April 1, 2025 at 5:08 pm
Exposed PostgreSQL instances are the target of an ongoing campaign designed to gain unauthorized access and deploy cryptocurrency miners. Cloud security firm Wiz said the activity is a variant of an intrusion set that was first flagged by Aqua Security in August 2024 that involved the use of a malware strain dubbed PG_MEM. The campaign has been attributed to a threat actor Wiz tracks as
- Enterprise Gmail Users Can Now Send End-to-End Encrypted Emails to Any Platformby [email protected] (The Hacker News) on April 1, 2025 at 3:34 pm
On the 21st birthday of Gmail, Google has announced a major update that allows enterprise users to send end-to-end encrypted (E2EE) to any user in any email inbox in a few clicks. The feature is rolling out starting today in beta, allowing users to send E2EE emails to Gmail users within an organization, with plans to send E2EE emails to any Gmail inbox in the coming weeks and to any email inbox
- Lucid PhaaS Hits 169 Targets in 88 Countries Using iMessage and RCS Smishingby [email protected] (The Hacker News) on April 1, 2025 at 2:18 pm
A new sophisticated phishing-as-a-service (PhaaS) platform called Lucid has targeted 169 entities in 88 countries using smishing messages propagated via Apple iMessage and Rich Communication Services (RCS) for Android. Lucid’s unique selling point lies in its weaponizing of legitimate communication platforms to sidestep traditional SMS-based detection mechanisms. “Its scalable,
- Apple Backports Critical Fixes for 3 Recent 0-Days Impacting Older iOS and macOS Devicesby [email protected] (The Hacker News) on April 1, 2025 at 11:28 am
Apple on Monday backported fixes for three vulnerabilities that have come under active exploitation in the wild to older models and previous versions of the operating systems. The vulnerabilities in question are listed below – CVE-2025-24085 (CVSS score: 7.3) – A use-after-free bug in the Core Media component that could permit a malicious application already installed on a device to elevate
- Nearly 24,000 IPs Target PAN-OS GlobalProtect in Coordinated Login Scan Campaignby [email protected] (The Hacker News) on April 1, 2025 at 11:17 am
Cybersecurity researchers are warning of a spike in suspicious login scanning activity targeting Palo Alto Networks PAN-OS GlobalProtect gateways, with nearly 24,000 unique IP addresses attempting to access these portals. “This pattern suggests a coordinated effort to probe network defenses and identify exposed or vulnerable systems, potentially as a precursor to targeted exploitation,” threat
Krebs on Security
- How Each Pillar of the 1st Amendment is Under Attackby BrianKrebs on March 31, 2025 at 1:22 am
In an address to Congress this month, President Trump claimed he had “brought free speech back to America.” But barely two months into his second term, the president has waged an unprecedented attack on the First Amendment rights of journalists, students, universities, government workers, lawyers and judges. This story explores a slew of recent actions by the Trump administration that threaten to undermine all five pillars of the First Amendment to the U.S. Constitution, which guarantees freedoms concerning speech, religion, the media, the right to assembly, and the right to petition the government and seek redress for wrongs.
- When Getting Phished Puts You in Mortal Dangerby BrianKrebs on March 27, 2025 at 4:39 pm
Many successful phishing attacks result in a financial loss or malware infection. But falling for some phishing scams, like those currently targeting Russians searching online for organizations that are fighting the Kremlin war machine, can cost you your freedom or your life.
- Arrests in Tap-to-Pay Scheme Powered by Phishingby BrianKrebs on March 21, 2025 at 7:12 pm
Authorities in at least two U.S. states last week independently announced arrests of Chinese nationals accused of perpetrating a novel form of tap-to-pay fraud using mobile devices. Details released by authorities so far indicate the mobile wallets being used by the scammers were created through online phishing scams, and that the accused were relying on a custom Android app to relay tap-to-pay transactions from mobile devices located in China.
- DOGE to Fired CISA Staff: Email Us Your Personal Databy BrianKrebs on March 20, 2025 at 1:26 am
A message posted on Monday to the homepage of the U.S. Cybersecurity & Infrastructure Security Agency (CISA) is the latest exhibit in the Trump administration’s continued disregard for basic cybersecurity protections. The message instructed recently-fired CISA employees to get in touch so they can be rehired and then immediately placed on leave, asking employees to send their Social Security number or date of birth in a password-protected email attachment — presumably with the password needed to view the file included in the body of the email.
- ClickFix: How to Infect Your PC in Three Easy Stepsby BrianKrebs on March 14, 2025 at 10:15 pm
A clever malware deployment scheme first spotted in targeted attacks last year has now gone mainstream. In this scam, dubbed “ClickFix,” the visitor to a hacked or malicious website is asked to distinguish themselves from bots by pressing a combination of keyboard keys that causes Microsoft Windows to download password-stealing malware.
Security Week
- Hackers Could Unleash Chaos Through Backdoor in China-Made Robot Dogsby Ryan Naraine on April 1, 2025 at 7:15 pm
An undocumented remote access backdoor in the Unitree Go1 Robot Dog allows remote control over the tunnel network and use of the vision cameras to see through their eyes. The post Hackers Could Unleash Chaos Through Backdoor in China-Made Robot Dogs appeared first on SecurityWeek.
- Hackers Looking for Vulnerable Palo Alto Networks GlobalProtect Portalsby Ionut Arghire on April 1, 2025 at 3:33 pm
GreyNoise warns of a coordinated effort probing the internet for potentially vulnerable Palo Alto Networks GlobalProtect instances. The post Hackers Looking for Vulnerable Palo Alto Networks GlobalProtect Portals appeared first on SecurityWeek.
- Security Operations Firm ReliaQuest Raises $500M at $3.4B Valuationby Eduard Kovacs on April 1, 2025 at 12:44 pm
ReliaQuest has announced a new growth funding round that brings the total raised by the firm to over $830 million. The post Security Operations Firm ReliaQuest Raises $500M at $3.4B Valuation appeared first on SecurityWeek.
- Ransomware Group Takes Credit for National Presto Industries Attackby Ionut Arghire on April 1, 2025 at 12:10 pm
A ransomware group has claimed responsibility for a March cyberattack on National Presto Industries subsidiary National Defense Corporation. The post Ransomware Group Takes Credit for National Presto Industries Attack appeared first on SecurityWeek.
- Critical Vulnerability Found in Canon Printer Driversby Eduard Kovacs on April 1, 2025 at 11:50 am
Microsoft’s offensive security team warned Canon about a critical code execution vulnerability in printer drivers. The post Critical Vulnerability Found in Canon Printer Drivers appeared first on SecurityWeek.
Help Net Security
- Attackers are targeting CrushFTP vulnerability with public PoC (CVE-2025-2825)by Zeljka Zorz on April 1, 2025 at 3:35 pm
Exploitation attempts targeting the CVE-2025-2825 vulnerability on internet-facing CrushFTP instances are happening, the Shadowserver Foundation has shared on Monday, and the attackers have been leveraging publicly available PoC exploit code. What can be done? CVE-2025-2825, affecting CrushFTP versions 10.0.0 through 10.8.3 and 11.0.0 through 11.3.0, is an authentication bypass vulnerability that may allow unauthenticated attackers to access CrushFTP servers through an exposed HTTP(S) port. The vulnerability was privately disclosed to CrushFTP customers via email on … More → The post Attackers are targeting CrushFTP vulnerability with public PoC (CVE-2025-2825) appeared first on Help Net Security.
- Building a reasonable cyber defense programby Help Net Security on April 1, 2025 at 1:00 pm
If you do business in the United States, especially across state lines, you probably know how difficult it is to comply with U.S. state data privacy laws. The federal government and many U.S. state governments require you to implement “reasonable” cybersecurity controls around how you handle data breach notification and the data privacy of your customers. But these mandates don’t discuss how you can meet the standard of reasonableness in your cybersecurity efforts. More specifically, … More → The post Building a reasonable cyber defense program appeared first on Help Net Security.
- ExaGrid announces three models and additional security features in software version updateby Industry News on April 1, 2025 at 1:00 pm
ExaGrid announced three new models: the EX20, EX81, and EX135 to its line of Tiered Backup Storage appliances, as well as the release of ExaGrid software version 7.2.0. ExaGrid tiered backup storage appliance models ExaGrid’s line of 2U appliances now include eight models: EX189, EX135, EX84, EX81, EX54, EX36, EX20, and EX10 models. Each appliance has processor, memory, networking, and storage so that the backup window stays fixed-length as data grows, eliminating expensive and disruptive … More → The post ExaGrid announces three models and additional security features in software version update appeared first on Help Net Security.
- Stellar Cyber Open Cybersecurity Alliance enhances threat detection and responseby Industry News on April 1, 2025 at 12:41 pm
Stellar Cyber launched its Open Cybersecurity Alliance based on its award-winning Open XDR platform. This initiative streamlines security operations, improves interoperability, and enhances threat detection and response for enterprises and MSSPs. The new alliance challenges the idea that in order to be effective, ecosystems must be built on proprietary data or a closed model, with a “members-only” approach advocating for a specific data format. The Open Cybersecurity Alliance takes a completely different approach by enabling … More → The post Stellar Cyber Open Cybersecurity Alliance enhances threat detection and response appeared first on Help Net Security.
- Attackers are probing Palo Alto Networks GlobalProtect portalsby Zeljka Zorz on April 1, 2025 at 11:19 am
Cybersecurity company GreyNoise is warning about a significant increase of scanning activity targeting internet-facing Palo Alto Networks GlobalProtect portals in the last 30 days, and has urged organizations with exposed systems to secure them and look for signs of compromise. “The consistency of this activity suggests a planned approach to testing network defenses, potentially paving the way for exploitation,” the company said. “Recent patterns observed by GreyNoise suggest that this activity may signal the emergence … More → The post Attackers are probing Palo Alto Networks GlobalProtect portals appeared first on Help Net Security.