Welcome to V067: THIS. IS. MARCH CYBER MADNESS
April 3, 2025
AI: Italy Bans Chinese DeepSeek AI Over Data Privacy and Ethical Concerns
| Italy’s data protection watchdog has blocked Chinese artificial intelligence (AI) firm DeepSeek’s service within the country, citing a lack of information on its use of users’ personal data. |  |
AI: Google: Over 57 Nation-State Threat Groups Using AI for Cyber Operations
 |
Over 57 distinct threat actors with ties to China, Iran, North Korea, and Russia have been observed using artificial intelligence (AI) technology powered by Google to further enable their malicious cyber and information operations. |
| Since Russia’s latest escalation in 2022 with its invasion of Ukraine, hacktivism has surged, impacting both private and public sectors through DDoS attacks, defacements, and disinformation campaigns. These cyberattacks align with geopolitical events. As 2024 saw over 50 countries holding elections, this creates particularly ripe conditions for influence operations such as misinformation and propaganda campaigns. |  |
Cyber Savvy AI Antics |
 |
|
‘Twas firewalled, and the stealthy bots “Beware the Ransomware, my user! He took his hardened key in hand; And as in forensic trace he stood, |
News: Amazon Redshift gets new default settings to prevent data breaches
| Amazon has announced key security enhancements for Redshift, a popular data warehousing solution, to help prevent data exposures due to misconfigurations and insecure default settings. |  |
News: Microsoft kills off Defender ‘Privacy Protection’ VPN feature
 |
Microsoft announced it is killing off its Privacy Protection VPN feature in the Microsoft Defender app at the end of the month to focus on other features. |
Macs: 22 New Mac Malware Families Seen in 2024
| Nearly two dozen new macOS malware families were observed in 2024, including stealers, backdoors, downloaders and ransomware. |  |
News: Top 3 Ransomware Threats Active in 2025
 |
You arrive at the office, power up your system, and panic sets in. Every file is locked, and every system is frozen. A ransom demand flashes on your screen: “Pay $2 million in Bitcoin within 48 hours or lose everything.” |
News: Using Roles and Attributes to Protect Identities
| In every industry, Active Directory (AD) and Entra ID are the de facto standard identity directories. While cloud environments are becoming more prevalent, many industries’ governing bodies require sensitive and private data and the applications utilized by them to remain on the premises. The hybrid combination of AD and Entra ID creates a complex web of identities in domains and forests that are often managed from separate consoles, creating a costly and risky administrative challenge. |  |
News: Hackers spoof Microsoft ADFS login pages to steal credentials
 |
A help desk phishing campaign targets an organization’s Microsoft Active Directory Federation Services (ADFS) using spoofed login pages to steal credentials and bypass multi-factor authentication (MFA) protections. |
NCloud: Abandoned AWS Cloud Storage: A Major Cyberattack Vector
| New research highlights how bad actors could abuse deleted AWS S3 buckets to create all sorts of mayhem, including a SolarWinds-style supply chain attack. |  |
Crime: Ransomware payments fell by 35% in 2024, totalling $813,550,000
 |
Payments to ransomware actors decreased 35% year-over-year in 2024, totaling $813.55 million, down from $1.25 billion recorded in 2023. |
AI: AI-Powered Social Engineering: Reinvented Threats
| The foundations for social engineering attacks – manipulating humans – might not have changed much over the years. It’s the vectors – how these techniques are deployed – that are evolving. And like most industries these days, AI is accelerating its evolution. |  |
News: Fake Google Chrome Sites Distribute ValleyRAT Malware via DLL Hijacking
 |
Bogus websites advertising Google Chrome have been used to distribute malicious installers for a remote access trojan called ValleyRAT. |
Crime: Ransomware Extortion Drops to $813.5M in 2024, Down from $1.25B in 2023
| Ransomware attacks netted cybercrime groups a total of $813.5 million in 2024, a decline from $1.25 billion in 2023. |  |
News: Don’t Overlook These 6 Critical Okta Security Configurations
 |
With over 18,000 customers, Okta serves as the cornerstone of identity governance and security for organizations worldwide. However, this prominence has made it a prime target for cybercriminals who seek access to valuable corporate identities, applications, and sensitive data. Recently, Okta warned its customers of an increase in phishing social engineering attempts to impersonate Okta support personnel. |
Vulnerability Vortex
VMware Security Flaws Exploited in the Wild—Broadcom Releases Urgent Patches
| Broadcom has released security updates to address three actively exploited security flaws in VMware ESXi, Workstation, and Fusion products that could lead to code execution and information disclosure. |  |
Chrome 134 Released, Fixes 14 Vulnerabilities That Could Crash the Browser
 |
Google has rolled out Chrome 134 to the stable channel, delivering critical security updates that resolve 14 vulnerabilities, including high-severity flaws that could enable browser crashes, data leaks, or arbitrary code execution. |
Over 1,000 WordPress Sites Infected with JavaScript Backdoors Enabling Persistent Attacker Access
| Over 1,000 websites powered by WordPress have been infected with a third-party JavaScript code that injects four separate backdoors. |  |
URGENT: Microsoft Patches 57 Security Flaws, Including 6 Actively Exploited Zero-Days
 |
Microsoft on Tuesday released security updates to address 57 security vulnerabilities in its software, including a whopping six zero-days that it said have been actively exploited in the wild. |
Apple Fixed the Third Actively Exploited Zero-Day of 2025
| Apple addressed a zero-day vulnerability, tracked as CVE-2025-24201, that has been exploited in “extremely sophisticated” cyber attacks. |  |
Patch Tuesday: Critical Code Execution Bugs in Adobe Acrobat and Reader
 |
Adobe documents 35 security flaws in a wide range of products, including code-execution issues in the Acrobat and Reader applications. |
Zoom Patches 4 High-Severity Vulnerabilities
| Zoom has patched five vulnerabilities in its applications, including four high-severity flaws. |  |
Read also
Welcome to v062 : Roses are red, violets are blue, cyber-hackers are waiting for you
Welcome to v061 : New Year’s Resolution: Strengthen Cybersecurity, Protect Missions.
About Us
Developing cybersecurity plans, evaluating and implementing technology, building effective software, and executing strategic initiatives.
Let’s Socialize
Popular Post