Spacelab
TECH CREATORS FESTIVALS  MUSIC
GEAR AI SOCIAL MEDIA GUIDES  

CYBER SECURITY

  CRYPTO
 
     
     
 
     
 

Cybersecurity Latest News & Guides

 
     
 

Stay updated with the latest developments in Cybersecurity!

 

News, updates tips and tutorials that help you maximize your security.

 

For a list of cybersecurity guides and how-tos, click here or scroll farther below.

 

Check back for updates.

 

 

Microsoft Uncovers Sandworm Subgroup's Global Cyber Attacks Spanning 15+ Countries

They conducted globally diverse compromises of Internet-facing infrastructure to enable Seashell Blizzard on high-value targets and ...

 

Researchers Find New Exploit Bypassing Patched NVIDIA Container Toolkit Vulnerability

It's a bypass for a now-patched security vulnerability in the NVIDIA Container Toolkit that could be exploited to break out of a ...

 

How to Steer AI Adoption: A CISO Guide

CISOs are finding themselves more involved in AI teams, often leading the cross-functional effort and AI strategy. But there aren't many resources to guide them on ...

 

 

North Korean Hackers Exploit PowerShell Trick to Hijack Devices in New Cyberattack

The North Korea-linked threat actor known as Kimsuky has been observed using a new tactic that involves deceiving targets into running

 

Microsoft's Patch Tuesday Fixes 63 Flaws, Including Two Under Active Exploitation

Microsoft on Tuesday released fixes for 63 security flaws impacting its software products, including two vulnerabilities that it said ...

 

Ivanti Patches Critical Flaws in Connect Secure and Policy Secure – Update Now

Ivanti appliances have been repeatedly weaponized by malicious actors, so it's imperative that users take steps to ...

 

Enhancing Threat Detection With Improved Metadata & MITRE ATT&CK tags

The cybersecurity landscape continues to evolve rapidly, demanding more sophisticated tools and methodologies to combat emerging threats.In response, Proofpoint's Emerging Threats (ET) team...

 

Hackers Exploit Ivanti Connect Secure Vulnerability to Inject SPAWNCHIMERA malware

In a concerning development, cybersecurity experts have identified active exploitation of a critical vulnerability in Ivanti Connect Secure (ICS) appliances, tracked as CVE-2025-0282.This...

 

ZeroLogon Ransomware Exploits Windows AD to Hijack Domain Controller Access

A newly intensified wave of ransomware attacks has surfaced, leveraging the infamous ZeroLogon vulnerability (CVE-2020-1472) to compromise Windows Active Directory (AD) domain controllers.This...

 

Cl0p Ransomware Hide Itself on Compromised Networks After Exfiltrate the Data

The Cl0p ransomware group, a prominent player in the cybercrime landscape since 2019, has intensified its operations by employing advanced techniques to remain undetected...

 

SonicWall Firewalls Exploit Hijack SSL VPN Sessions to Gain Networks Access
SonicWall firewalls running specific versions of SonicOS are vulnerable to a critical authentication bypass flaw, tracked as CVE-2024-53704, which allows attackers to hijack active...

 

Researchers Breach Software Supply Chain and Secure $50K Bug Bounty

A duo of cybersecurity researchers uncovered a critical vulnerability in a software supply chain, landing them an extraordinary $50,500 bug bounty.The exploit, described as...

 

Hackers Manipulate Users Into Running PowerShell as Admin to Exploit Windows

Microsoft Threat Intelligence has exposed a novel cyberattack method employed by the North Korean state-sponsored hacking group, Emerald Sleet (also known as Kimsuky or...


QuSecure Banks $28M Series A for Post-Quantum Cryptography Tech

QuSecure is pitching a software-based security architecture that overlays onto current networks to help businesses with ...

 

Russian Seashell Blizzard Hackers Gain, Maintain Access to High-Value Targets: Microsoft

A subgroup of the Russia-linked Seashell Blizzard is tasked with broad initial access operations to ...

 

Drata to Acquire SafeBase in $250 Million Deal

Security and compliance automation firm Drata has acquired trust center platform SafeBase in a ...

 

Ivanti, Fortinet Patch Remote Code Execution Vulnerabilities

Ivanti and Fortinet on Tuesday released patches for multiple critical- and high-severity vulnerabilities in ...

 

Chipmaker Patch Tuesday: Intel, AMD, Nvidia Fix High-Severity Vulnerabilities

Chipmakers Intel, AMD and Nvidia on Tuesday published new security advisories to inform customers about ...

 

Cisco Says Ransomware Group’s Leak Related to Old Hack

A fresh post on the Kraken ransomware group’s leak website refers to data stolen in a ...

 

ICS Patch Tuesday: Vulnerabilities Addressed by Schneider Electric, Siemens

Industrial giants Schneider Electric and Siemens have released February 2025 Patch ...


 

Hackers Exploit Google Tag Manager to Deploy Credit Card Skimmers on Magento Stores

Hackers are using Google Tag Manager to sneak credit card skimmers onto Magento stores, making online shopping a bit more ...

 

⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [10 February]
This week, cybercriminals turned overlooked weaknesses into major security threats, reminding us that no system is too small to be ...

 

Don't Overlook These 6 Critical Okta Security Configurations
Okta's security settings are like a digital bouncer—without them, your data's just waiting to be picked up by ...

 

DragonRank Exploits IIS Servers with BadIIS Malware for SEO Fraud and Gambling Redirects

DragonRank's latest SEO stunt: hijacking IIS servers to reroute users to ..

 

Zimbra Releases Security Updates for SQL Injection, Stored XSS, and SSRF Vulnerabilities
Zimbra's latest security updates patch critical flaws, ensuring your email system isn't the next hacker's ...

 

XE Hacker Group Exploits VeraCore Zero-Day to Deploy Persistent Web Shells

The XE hacker group is exploiting VeraCore's zero-day flaws to plant web shells, making your system their new ...

 

SHA256 Hash Calculation from Data Chunks

The SHA256 algorithm, a cryptographic hash function, is widely used for ...

 

New Report of of 1M+ Malware Samples Show Application Layer Abused for Stealthy C2

A recent analysis of over one million malware samples by Picus Security has revealed ...

 

Seven-Year-Old Linux Kernel Bug Opens Door to Remote Code Execution

Researchers have uncovered a critical vulnerability in the Linux kernel, dating back seven years, that could allow attackers to ...

 

Ransomware Payments Plunge 35% as More Victims Refuse to Pay

In a significant shift within the ransomware landscape, global ransom payments plummeted by 35% in 2024, falling from ...

 

NetSupport RAT Grant Attackers Full Access to Victims Systems

The eSentire Threat Response Unit (TRU) has reported a significant rise in incidents involving the NetSupport Remote Access Trojan ...

 

Quishing via QR Codes Emerging as a Top Attack Vector Used by Hackers

QR codes, once a symbol of convenience and security in digital interactions, have become ...

 

New ‘BYOTB’ Attack Exploits Trusted Binaries to Evade Detection, Researchers Reveal

A recent cybersecurity presentation at BSides London 2024 has unveiled a sophisticated attack technique known as ...

 

Apple Confirms USB Restricted Mode Exploited in ‘Extremely Sophisticated’ Attack 

Cupertino’s security response team said the flaw was used in “an extremely sophisticated attack against specific ...

 

Trump’s AI Ambition and China’s DeepSeek Overshadow an AI Summit in Paris

French organizers said “the summit aims at promoting an ambitious French and European AI strategy” as advances in the sector have been ...

 

Orthanc Server Vulnerability Poses Risk to Medical Data, Healthcare Operations

A critical vulnerability found in Orthanc servers can pose a serious risk to medical data and ...

 

Microsoft Expands Copilot Bug Bounty Program, Increases Payouts

Microsoft has added more Copilot consumer products to its bug bounty program and is offering ...

 

HPE Says Personal Information Stolen in Russian Hack

HPE is notifying an unknown number of individuals that Russian hackers accessed ...

 

Indiana Man Sentenced to 20 Years in Prison for Hacking, $37 Million Crypto Theft

Evan Light was sentenced to 20 years in federal prison for hacking an ...

 

Information of 120,000 Stolen in Ransomware Attack on Georgia Hospital

Memorial Hospital and Manor says 120,000 people had their personal information stolen in ...

 

Can AI Early Warning Systems Reboot the Threat Intel Industry?

News analysis: The big AI platforms are emerging as frontline early warning systems, detecting nation-state hackers at ...

 

SolarWinds Taken Private in $4.4 Billion Turn/River Capital Acquisition

SolarWinds will become a privately held company following its acquisition by Turn/River Capital for $4.4 billion in cash. 

 

 

Behavioral Analytics in Cybersecurity: Who Benefits Most?

As the cost of data breaches continues to climb, the role of user and entity behavioral analytics (UEBA) has never been more important to your ...

 

Google's DMARC Push Pays Off, but Email Security Challenges Remain

A year after Google and Yahoo started requiring DMARC, the adoption rate of the email authentication specification has doubled; and yet, 87% of domains remain unprotected for ...

 

DeepSeek App Transmits Sensitive User and Device Data Without Encryption
DeepSeek's iOS app sends sensitive data unencrypted, exposing it to cyber threats via weak encryption, ATS bypass, and ...

 

Practical, Tactical Guide to Securing AI in the Enterprise

Securing AI in the enterprise requires a strategic approach, including setting up an effective AI council, prioritizing AI use cases, and scaling successful ...

 

CISA Warns of Active Exploits Targeting Trimble Cityworks Vulnerability

CISA warns that hackers are exploiting a flaw in Trimble Cityworks software to remotely execute code, making your asset management system the latest target for ...

AI-Powered Social Engineering: Reinvented Threats

AI is supercharging social engineering attacks, making scams more convincing and harder to spot—it's like phishing on ...

Microsoft Identifies 3,000 Leaked ASP.NET Keys Enabling Code Injection Attacks

Microsoft warns that over 3,000 publicly disclosed ASP.NET machine keys are out there, ready to let hackers waltz into your system and execute code—talk about ...

 

India's RBI Introduces Exclusive "bank.in" Domain to Combat Digital Banking Fraud

India's RBI is rolling out exclusive ".bank.in" domains for banks to combat digital fraud, aiming to make cybercrime as outdated as ...

 

Hackers Exploiting SimpleHelp RMM Flaws for Persistent Access and Ransomware

Hackers are exploiting SimpleHelp RMM flaws to infiltrate networks, set up shop, and prepare for ransomware attacks—talk about moving ...

 

Autonomous LLMs Reshaping Pen Testing: Real-World AD Breaches and the Future of
Large Language Models (LLMs) are transforming penetration testing (pen testing), leveraging their advanced reasoning and automation capabilities to simulate sophisticated cyberattacks. Recent research demonstrates ...


Securing GAI-Driven Semantic Communications: A Novel Defense Against Backdoor Attacks Semantic communication systems, powered by Generative AI (GAI), are transforming the way information is transmitted by focusing on the meaning of data rather than ...

 

Cybercriminals Target IIS Servers to Spread BadIIS Malware
A recent wave of cyberattacks has revealed the exploitation of Microsoft Internet Information Services (IIS) servers by threat actors deploying ...

 

Hackers Leveraging Image & Video Attachments to Deliver Malware
Cybercriminals are increasingly exploiting image and video files to deliver malware, leveraging advanced techniques like steganography and social engineering. These methods allow attackers to ...

 

New Scareware Attack Targeting Mobile Users to Deploy Malicious Antivirus Apps
A new wave of scareware attacks has emerged, targeting unsuspecting mobile users with fake antivirus applications designed to exploit fear and trick victims into...


Ghidra 11.3 Released – A Major Update to NSA’s Open-Source Tool
The National Security Agency (NSA) has officially released Ghidra 11.3, the latest iteration of its open-source software reverse engineering (SRE) framework. Known for its...

 

Microsoft Sysinternals 0-Day Vulnerability Enables DLL Injection Attacks on Windows
A critical zero-day vulnerability has been discovered in Microsoft Sysinternals tools, posing a serious security threat to IT administrators and developers worldwide.The vulnerability enables attackers to ...

 

In Other News: Cybersecurity Salaries, NanoLock Collapse, NSO Transparency Report

Noteworthy stories that might have slipped under the radar: NanoLock Security ceases operations, NSO publishes transparency report and ...

 

Information of 883,000 Stolen in Crippling Attack on Hospital Sisters Health System

Hospital Sisters Health System says the personal information of 883,000 individuals was compromised in a crippling ...

 

UK Engineering Giant IMI Hit by Cyberattack

Engineering firm IMI says it suffered a cyberattack that resulted in unauthorized access to some of its ...

 

430,000 Impacted by Data Breaches at New York, Pennsylvania Healthcare Organizations

University Diagnostic Medical Imaging and Allegheny Health Network have disclosed data breaches impacting approximately ...

 

Ransomware Payments Dropped to $813 Million in 2024

An analysis by Chainalysis shows that ransomware payments dropped to $813 million in 2024, from $1.25 billion in ...

 

Trimble Cityworks Customers Warned of Zero-Day Exploitation
Trimble Cityworks is affected by a zero-day vulnerability that has been exploited in attacks involving the delivery of ...

 

 

Cybersecurity Guides & How-Tos

 

Top 5 Strategies for Cybersecurity Red Teaming

Red teaming offers a proactive approach to cybersecurity that is most effective when implemented through a strategy that includes collaboration and AI.

 

Cultivating a Hacker Mindset in Cybersecurity Defense

Security isn't just about tools — it's about understanding how the enemy thinks and why they make certain choices.

 

Cybersecurity Best Practices

CISA provides information on cybersecurity best practices to help individuals and organizations implement preventative measures and manage cyber risks.

 

Online Safety + Privacy Basics

Learn how to protect yourself, your family and your home with these tips and resources

 

Cybersecurity for Business

Organizations of all sizes need to keep their data, employees and customers safe and secure. Learn how to protect your business with these resources.


Theft, Fraud + Cybercrime

Explore our collection of resources on current and emerging forms of cybercrime and illegal online activities.

 

The ROI of Security Investments: How Cybersecurity Leaders Prove It
Cyber threats are intensifying, and cybersecurity has become critical to business operations.

 

Top Cybersecurity Threats, Tools, and Practices

We're talking password-stealing bots, sneaky extensions that spy on you, and even cloud-hacking ninjas.

 

Google Cybersecurity Certificate

Learn job-ready skills that are in-demand, like how to identify and mitigate common risks, threats, and vulnerabilities — and discover how to effectively utilize AI in cybersecurity.

 
 
 
     
     
 

 

 
 
Spacelab
A community for music festivals, creators & influencers! A music festival platform, online store and digital magazine.
 
Creative Commons Copyright, 2024. Some Rights Reserved.
Spacelab is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License. MORE >
         
FESTIVALS NEWS STORE CONNECT SPACELAB
USA TECH AMAZON FACEBOOK ABOUT
CANADA CREATORS ETSY INSTAGRAM CONTACT
UK     TWITTER ADVERTISE
AUSTRALIA     RSS PRIVACY
EUROPE       ETHICS
ASIA       FTC DISCLOSURE
2024       SEARCH
2025        
COACHELLA