NCSA Webboard
    • ล่าสุด
    • แท็ก
    • ฮิต
      • ติดต่อสำนักงาน
    • ลงทะเบียน
    • เข้าสู่ระบบ

    Cyber Threat Intelligence 12 February 2025

    Cyber Security News
    1
    1
    394
    โหลดโพสเพิ่มเติม
    • เก่าสุดไปยังใหม่สุด
    • ใหม่สุดไปยังเก่าสุด
    • Most Votes
    ตอบ
    • ตอบโดยตั้งกระทู้ใหม่
    เข้าสู่ระบบเพื่อตอบกลับ
    Topic นี้ถูกลบไปแล้ว เฉพาะผู้ใช้งานที่มีสิทธิ์ในการจัดการ Topic เท่านั้นที่จะมีสิทธิ์ในการเข้าชม
    • NCSA_THAICERTN
      NCSA_THAICERT
      แก้ไขล่าสุดโดย

      Financial Sector

      • Arvest Bank CISO On Building a Strong Cybersecurity Culture In Banking
        "In this Help Net Security interview, Mike Calvi, CISO at Arvest Bank, discusses building a strong cybersecurity culture within the banking sector. He explains how leadership, effective reporting, and proactive engagement with associates are key in strengthening security. Calvi also touches on how banks can measure success and balance accountability while fostering a collaborative environment."
        https://www.helpnetsecurity.com/2025/02/11/mike-calvi-arvest-bank-banking-cybersecurity/

      Vulnerabilities

      • Fortinet Discloses Second Firewall Auth Bypass Patched In January
        "Fortinet warned today that attackers are exploiting another now-patched zero-day bug in FortiOS and FortiProxy to hijack Fortinet firewalls and breach enterprise networks. Successful exploitation of this authentication bypass vulnerability (CVE-2025-24472) allows remote attackers to gain super-admin privileges by making maliciously crafted CSF proxy requests. The security flaw impacts FortiOS 7.0.0 through 7.0.16, FortiProxy 7.0.0 through 7.0.19, and FortiProxy 7.2.0 through 7.2.12. Fortinet fixed it in FortiOS 7.0.17 or above and FortiProxy 7.0.20/7.2.13 or above."
        https://www.bleepingcomputer.com/news/security/fortinet-discloses-second-firewall-auth-bypass-patched-in-january/
        https://securityaffairs.com/174117/hacking/fortinet-fortios-zero-day-exploited.html
      • Microsoft February 2025 Patch Tuesday Fixes 4 Zero-Days, 55 Flaws
        "Today is Microsoft's February 2025 Patch Tuesday, which includes security updates for 55 flaws, including four zero-day vulnerabilities, with two actively exploited in attacks. This Patch Tuesday also fixes three "Critical" vulnerabilities, all remote code execution vulnerabilities."
        https://www.bleepingcomputer.com/news/microsoft/microsoft-february-2025-patch-tuesday-fixes-4-zero-days-55-flaws/
        https://www.darkreading.com/application-security/microsofts-february-patch-lighter-lift-januarys
        https://blog.talosintelligence.com/february-patch-tuesday-release/
        https://www.tripwire.com/state-of-security/vert-threat-alert-february-2025-patch-tuesday-analysis
        https://cyberscoop.com/microsoft-patch-tuesday-february-2025/
        https://www.securityweek.com/microsoft-patches-wormable-windows-flaw-and-file-deleting-zero-day/
        https://www.helpnetsecurity.com/2025/02/11/microsoft-fixes-exploited-zero-days-cve-2025-21418-cve-2025-21391-patch-tuesday/
      • SonicWall Firewall Exploit Lets Hackers Hijack VPN Sessions, Patch Now
        "Security researchers at Bishop Fox have published complete exploitation details for the CVE-2024-53704 vulnerability that allows bypassing the authentication mechanism in certain versions of the SonicOS SSLVPN application. The vendor warned about the high exploitation possibility of the flaw in a bulletin on January 7, urging administrators to upgrade their SonicOS firewalls' firmware to address the problem. "We have identified a firewall vulnerability that is susceptible to actual exploitation for customers with SSL VPN or SSH management enabled, and that should be mitigated immediately by upgrading to the latest firmware," warned SonicWall in an email sent to customers at the time."
        https://www.bleepingcomputer.com/news/security/sonicwall-firewall-exploit-lets-hackers-hijack-vpn-sessions-patch-now/
        https://bishopfox.com/blog/sonicwall-cve-2024-53704-ssl-vpn-session-hijacking
      • Adobe Plugs 45 Software Security Holes, Warn Of Code Execution Risks
        "Adobe on Tuesday rolled out patches for at least 45 documented vulnerabilities across multiple products and warned that these software defects expose users to remote code execution exploitation. Among the most serious issues are a large batch of critical bugs in Adobe Commerce that could lead to arbitrary code execution, security feature bypass and privilege escalation. The San Jose, Calif. software vendor slapped a “critical” rating on the Adobe Commerce advisory and urged business customers to apply available patches with urgency."
        https://www.securityweek.com/adobe-plugs-45-software-security-holes-warn-of-code-execution-risks/
      • High-Severity OpenSSL Vulnerability Found By Apple Allows MitM Attacks
        "The OpenSSL Project on Tuesday announced patches for the first high-severity vulnerability seen in the secure communications library in two years. The vulnerability, tracked as CVE-2024-12797, was reported to OpenSSL developers by Apple in mid-December 2024. The issue is related to clients using RFC7250 raw public keys (RPKs) to authenticate a server. CVE-2024-12797 was introduced in OpenSSL 3.2 with the implementation of RPK support. Because handshakes don’t abort as expected when the ‘SSL_VERIFY_PEER’ verification mode is set, impacted clients could fail to notice that the server has not been authenticated."
        https://www.securityweek.com/high-severity-openssl-vulnerability-found-by-apple-allows-mitm-attacks/
        https://openssl-library.org/news/secadv/20250211.txt
        https://securityaffairs.com/174111/security/openssl-patched-the-vulnerability-cve-2024-12797.html
      • SAP Releases 21 Security Patches
        "Enterprise software maker SAP on Tuesday announced the release of 19 new and two updated security notes as part of its February 2025 Patch Day. Six of the notes, five new and one update, are marked high priority, resolving high-severity vulnerabilities in NetWeaver, BusinessObjects, Supplier Relationship Management, Approuter, Enterprise Project Connection, and HANA. The first note released on SAP’s February 2025 Security Patch Day is an update to a note published in February 2024 to address a cross-site scripting (XSS) flaw in NetWeaver AS Java. The update references a second update for the security note, which completely patches the bug and lowers the CVSS score to 6.1."
        https://www.securityweek.com/sap-releases-21-security-patches/
      • Progress Software Patches High-Severity LoadMaster Flaws Affecting Multiple Versions
        "Progress Software has addressed multiple high-severity security flaws in its LoadMaster software that could be exploited by malicious actors to execute arbitrary system commands or download any file from the system. Kemp LoadMaster is a high-performance application delivery controller (ADC) and load balancer that provides availability, scalability, performance, and security for business-critical applications and websites."
        https://thehackernews.com/2025/02/progress-software-patches-high-severity.html
        https://securityaffairs.com/174103/security/progress-software-loadmaster-software-flaws.html
      • CISA Adds Four Known Exploited Vulnerabilities To Catalog
        "CISA has added four vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
        CVE-2024-40891 Zyxel DSL CPE OS Command Injection Vulnerability
        CVE-2024-40890 Zyxel DSL CPE OS Command Injection Vulnerability
        CVE-2025-21418 Microsoft Windows Ancillary Function Driver for WinSock Heap-Based Buffer Overflow Vulnerability
        CVE-2025-21391 Microsoft Windows Storage Link Following Vulnerability"
        https://www.cisa.gov/news-events/alerts/2025/02/11/cisa-adds-four-known-exploited-vulnerabilities-catalog
      • Testing The DeepSeek-R1 Model: A Pandora’s Box Of Security Risks
        "In just a couple weeks, DeepSeek has shaken the AI world, stirring both excitement and controversy. In previous blogs we covered its rapid rise, highlighting issues like dramatic savings claims, IP theft allegations, and questioned whether DeepSeek was too good to be true. Now the AppSOC Research Team has taken the next step, doing in-depth security scanning of the DeepSeek-R1 model using our AI Security Platform. The findings reveal significant risks that enterprises cannot afford to ignore. This blog outlines the security flaws uncovered during testing and demonstrates how our AppSOC platform calculates and addresses AI risk."
        https://www.appsoc.com/blog/testing-the-deepseek-r1-model-a-pandoras-box-of-security-risks
        https://www.darkreading.com/cyber-risk/deepseek-fails-multiple-security-tests-business-use

      Malware

      • Sandworm APT Targets Ukrainian Users With Trojanized Microsoft KMS Activation Tools In Cyber Espionage Campaigns
        "EclecticIQ analysts assess with high confidence that Sandworm (APT44) [1], a threat actor supporting Russia's Main Intelligence Directorate (GRU), is actively conducting a cyber espionage campaign against Ukrainian Windows users. Likely ongoing since late 2023, following Russia's invasion of Ukraine, Sandworm leverages pirated Microsoft Key Management Service (KMS) activators and fake Windows updates to deliver a new version of BACKORDER [2], a loader previously associated with the group. BACKORDER ultimately deploys Dark Crystal RAT (DcRAT) [3], enabling attackers to exfiltrate sensitive data and conduct cyber espionage."
        https://blog.eclecticiq.com/sandworm-apt-targets-ukrainian-users-with-trojanized-microsoft-kms-activation-tools-in-cyber-espionage-campaigns
        https://www.bleepingcomputer.com/news/security/russian-military-hackers-deploy-malicious-windows-activators-in-ukraine/
      • CoinMiner Malware Distributed Via USB
        "AhnLab SEcurity intelligence Center (ASEC) has recently identified a case in which cryptocurrency-mining malware was being distributed via USB in South Korea. Lately, malware that mines cryptocurrencies by utilizing PC resources without user consent has been actively distributed as cryptocurrency prices surge. While cryptocurrency mining itself is not illegal, the act of installing cryptocurrency mining programs that degrade system performance without user permission can be considered illegal. In the identified attack case, Monero-mining malware distributed via USB was found."
        https://asec.ahnlab.com/en/86221/
      • SystemBC RAT Now Targets Linux, Spreading Ransomware And Infostealers
        "Threat analysts have identified a new and emerging threat: a variant of the SystemBC RAT (Remote Access Trojan) that is now actively targeting Linux-based platforms. This development puts corporate networks, cloud infrastructures, and IoT devices at risk. The latest version of SystemBC RAT is more stealthy and harder to detect, using encrypted communication to stay hidden while letting attackers move freely through compromised systems."
        https://hackread.com/systembc-rat-targets-linux-ransomware-infostealers/
      • Akira: Modern Ransomware With a Retro Vibe
        "The Akira ransomware group emerged in March 2023 and quickly established itself as a formidable threat actor. Akira is a ransomware-as-a-service (RaaS) operation that targets multiple industries, primarily in the United States and allied countries. By January 1, 2024, Akira had “impacted over 250 organizations and claimed approximately $42 million (USD) in ransomware proceeds.” Akira threat actors have stolen a lot of money, but their attacks are not always successful. Our security operations center recently detailed a failed Akira attack here. We'll use their report later when we explore the Akira attack chain."
        https://blog.barracuda.com/2025/02/11/akira--modern-ransomware-with-a-retro-vibe
      • NetSupport RAT Clickfix Distribution
        "Beginning in early January 2025, eSentire Threat Response Unit (TRU) observed an increase in the number of incidents involving the NetSupport Remote Access Trojan (RAT). This activity remains common leading into early February. NetSupport RAT grants the attackers full control over the victim's host, allowing them to monitor the user's screen, control the keyboard and mouse, upload and download files, and launch and execute malicious commands. If left undetected, NetSupport RAT can lead to advanced threats, including ransomware attacks, compromising sensitive data, and disrupting business operations."
        https://www.esentire.com/security-advisories/netsupport-rat-clickfix-distribution
        https://thehackernews.com/2025/02/threat-actors-exploit-clickfix-to.html
      • Triplestrength Hits Victims With Triple Trouble: Ransomware, Cloud Hijacks, Crypto-Mining
        "A previously unknown gang dubbed Triplestrength poses a triple threat to organizations: It infects victims' computers with ransomware, then hijacks their cloud accounts to illegally mine for cryptocurrency. Google's threat intelligence group has been tracking Triplestrength since 2023, and only recently started talking about this financially motivated criminal crew. It's a small-ish group, "probably focused around a handful of individuals," Kristen Dennesen, a Google threat intel analyst told The Register."
        https://www.theregister.com/2025/02/11/triplestrength_google/
      • I'm a Security Expert, And I Almost Fell For a North Korea-Style Deepfake Job Applicant …Twice
        "Twice, over the past two months, Dawid Moczadło has interviewed purported job seekers only to discover that these "software developers" were scammers using AI-based tools — likely to get hired at a security company also using artificial intelligence, and then steal source code or other sensitive IP. Moczadło is a security engineer who co-founded Vidoc Security Lab, a San Francisco-based vulnerability management company, in 2021. "If they almost fooled me, a cybersecurity expert, they definitely fooled some people," Moczadło told The Register."
        https://www.theregister.com/2025/02/11/it_worker_scam/
      • Open Graph Spoofing Toolkit: Old Exploitation Techniques Still In Use To Lure Social Media Users Into Phishing Attacks
        "The current digital landscape necessitates an approach to sharing content on social media for significant user engagement and click-through rates. This is where the Open Graph Protocol (OGP) comes into play. Developed by Facebook, Open Graph allows web developers to control how their web pages appear when shared across various platforms. Developers use specific meta tags in a webpage’s HTML to define essential elements such as the title, description, and image that accompany shared links."
        https://cyble.com/blog/open-graph-spoofing-toolkit/

      Breaches/Hacks/Leaks

      • OmniGPT AI Chatbot Alleged Breach: Hacker Leaks User Data, 34M Messages
        "A hacker claims to have breached OmniGPT, a popular AI-powered chatbot and productivity platform, exposing 30,000 user emails, phone numbers, and more than 34 million (34,270,455) lines of user conversations. The data was published on Breach Forums on Sunday at 10:04 AM by a hacker using the alias “Gloomer.” The leak, as analysed by the Hackread.com research team, includes messages exchanged between users and the chatbot, as well as links to uploaded files, some of which contain credentials, billing information, and API keys. In a post accompanying the download link,"
        https://hackread.com/omnigpt-ai-chatbot-breach-hacker-leak-user-data-messages/
      • Cisco Dispels Kraken Data Breach Claims, Insists Stolen Data Came From Old Attack
        "Cisco has pushed back on claims it has been breached in a new ransomware attack after a threat actor exposed sensitive information allegedly stolen from the firm’s internal network. The Kraken ransomware group posted the information, which according to reporting by Cyber Press contained credentials linked to Cisco’s Windows Active Directory environment, to its dark web leak site. This data was said to include privileged administrator accounts, NTLM hashed passwords, as well as the domain’s Kerberos Ticket Granting account that could have been leveraged to forge authentication tickets."
        https://www.itpro.com/security/ransomware/cisco-kraken-breach-claims
        https://hackread.com/cisco-rejects-kraken-ransomware-data-breach-claim/
      • No, OpenAI Wasn’t Breached—The Real Threat Comes From Infostealers
        "On February 6, 2025, the threat actor “emirking” posted on BreachForums they allegedly have access to “over 20 million account access codes in OpenAI.” The actor offered to BreachForums’ users to reach out to him if they are “interested”, possibly intending to sell these accounts. It is worth noting that the post is written in Russian; however, its wording suggests it is an automatic translation into Russian rather than being written by a native speaker."
        https://www.kelacyber.com/blog/openai-breach/
        https://www.securityweek.com/openai-finds-no-evidence-of-breach-after-hacker-offers-to-sell-20m-credentials/
        https://www.infosecurity-magazine.com/news/openai-was-not-breached-say/
      • PowerSchool Breach Exposed Special Education Status, Mental Health Data And Parent Restraining Orders
        "Sensitive student information including special education status, mental health details, disciplinary notes and parent restraining orders were exposed in the recent hack targeting PowerSchool, highlighting how easily troves of unique personal data can be obtained by hackers. PowerSchool, an education software company, told Recorded Future News that about 6,500 of its more than 18,000 clients were impacted in the hack announced last month. Although PowerSchool has not said how many individuals are affected, the hacker allegedly behind the incident reportedly claimed they obtained data belonging to 62.4 million students and 9.5 million teachers."
        https://therecord.media/powerschool-breach-exposed-special-ed-status-mental-health-data

      General News

      • US Indicts 8Base Ransomware Operators For Phobos Encryption Attacks
        "The U.S. Justice Department announced the names of two Phobos ransomware affiliates arrested yesterday in Thailand, charging them on 11 counts due to their involvement in more than a thousand cyberattacks. The two men, Roman Berezhnoy (33) and Egor Nikolaevich Glebov (39) are both Russian citizens, active in the ransomware space between May 2019 and at least October 2024. The DoJ says Berezhnoy and Glebov were the operators of the “8Base” and “Affiliate 2803” platforms, both deploying the Phobos ransomware strain in attacks."
        https://www.bleepingcomputer.com/news/security/us-indicts-8base-ransomware-operators-for-phobos-encryption-attacks/
        https://therecord.media/phobos-ransomware-takedown-arrests-russian-nationals
      • United States, Australia, And The United Kingdom Jointly Sanction Key Infrastructure That Enables Ransomware Attacks
        "Today, the Department of the Treasury’s Office of Foreign Assets Control (OFAC), Australia’s Department of Foreign Affairs and Trade, and the United Kingdom’s Foreign Commonwealth and Development Office are jointly designating Zservers, a Russia-based bulletproof hosting (BPH) services provider, for its role in supporting LockBit ransomware attacks. LockBit, a Russia-based ransomware group best known for its ransomware variant of the same name, is one of the most deployed ransomware variants and was responsible for the November 2023 attack against the Industrial Commercial Bank of China U.S. broker-dealer. BPH service providers sell access to specialized servers and other computer infrastructure designed to evade detection and defy law enforcement attempts to disrupt these malicious activities."
        https://home.treasury.gov/news/press-releases/sb0018
        https://www.bleepingcomputer.com/news/security/us-sanctions-lockbit-ransomwares-bulletproof-hosting-provider/
        https://therecord.media/zservers-russia-bulletproof-hosting-us-uk-sanctions
        https://cyberscoop.com/zservers-bulletproof-hosting-sanctions-lockbit-ransomware/
        https://www.securityweek.com/russian-cybercrime-network-targeted-for-sanctions-across-us-uk-and-australia/
        https://www.theregister.com/2025/02/11/aukus_zservers_lockbit_sanctions/
      • January 2025 Threat Trend Report On APT Attacks (South Korea)
        "AhnLab is monitoring Advanced Persistent Threat (APT) attacks in South Korea using its own infrastructure. This report covers the classification and statistics of APT attacks in South Korea that have been identified over the course of a month in January 2025, as well as the features of each attack type."
        https://asec.ahnlab.com/en/86223/
      • Love Gone Phishy: Check Point Research Exposes Valentine’s Day Cyber Threats
        "In January 2025, we observed over 18,000 new Valentine’s/love-related websites, marking a 5% increase compared to the previous month. Of these, 1 in 72 newly registered websites were identified as malicious or risky. Specifically focusing on Valentine’s-related websites, there was a 123% increase in newly registered websites in the past month, which aligns with trends seen in previous years (see visual below)."
        https://blog.checkpoint.com/artificial-intelligence/love-gone-phishy-check-point-research-exposes-valentines-day-cyber-threats/
      • Salt Typhoon's Impact On The US & Beyond
        "The Chinese-linked hacking group Salt Typhoon recently was detected lurking in major US telecommunication systems, exposing nearly every American's communications to Chinese intelligence and security services. In response, on Dec. 4, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI issued a joint statement recommending that American citizens and companies adopt end-to-end encrypted communication tools to avoid exposing sensitive information to China. While this advice is prudent to secure communications, hasty adoption of these technologies could result in regulatory noncompliance for organizations in highly regulated industries."
        https://www.darkreading.com/cyberattacks-data-breaches/salt-typhoons-impact-us-beyond
      • Data Leaks Happen Most Often In These States — Here's Why
        "States are increasingly embracing data privacy regulation, and Kentucky, Rhode Island, and Tennessee are leading the charge. That has earned them high marks from security experts and landed them at the top of the list of states with the lowest rates of data breaches. These three states are effectively protecting data because of a dual approach of drafting smart data privacy legislation, and then enforcing those laws when appropriate, according to Anonta Khan, who is with DesignRush, the firm that conducted the state data privacy study. Conversely, South Dakota (which got the lowest safety score in the survey, 65.14 out of 100) and Alaska (66.50) rank at the bottom."
        https://www.darkreading.com/cyber-risk/business-cybersecurity-weakest-states
        https://acrobat.adobe.com/id/urn:aaid:sc:AP:b9b8b052-22c4-4e40-9c42-2047070f41f6
      • Gcore Radar Report Reveals 56% Year-On-Year Increase In DDoS Attacks
        "Gcore, the global edge AI, cloud, network, and security solutions provider, today announced the findings of its Q3-Q4 2024 Radar report into DDoS attack trends. DDoS attacks have reached unprecedented scale and disruption in 2024, and businesses need to act fast to protect themselves from this evolving threat. The report reveals a significant escalation in the total number of DDoS attacks and their magnitude, measured in terabits per second (Tbps)."
        https://hackread.com/gcore-radar-report-reveals-56-year-on-year-increase-in-ddos-attacks/
        http://gcorelabs-4202168.hs-sites.com/gcore-radar-ddos-attack-trends-q3-q4-2024
        https://thehackernews.com/2025/02/gcore-ddos-radar-reveals-56-yoy.html
        https://www.infosecurity-magazine.com/news/ddos-attack-volume-magnitude/
      • Cybercrime: A Multifaceted National Security Threat
        "Cybercrime makes up a majority of the malicious activity online and occupies the majority of defenders' resources. In 2024, Mandiant Consulting responded to almost four times more intrusions conducted by financially motivated actors than state-backed intrusions. Despite this overwhelming volume, cybercrime receives much less attention from national security practitioners than the threat from state-backed groups. While the threat from state-backed hacking is rightly understood to be severe, it should not be evaluated in isolation from financially motivated intrusions."
        https://cloud.google.com/blog/topics/threat-intelligence/cybercrime-multifaceted-national-security-threat
        https://www.securityweek.com/cybercrime-threatens-national-security-google-threat-intel-team-says/
        https://cyberscoop.com/u-s-adversaries-increasingly-turning-to-cybercriminals-and-their-malware-for-help/
      • Huntress 2025 Cyber Threat Report: Proliferating RATs, Evolving Ransomware, And Other Findings
        "At Huntress, we like to wreck hackers. But to take them down, we first have to understand how they operate. That’s why we created the 2025 Cyber Threat Report—an in-depth exploration of the nasty tactics, trends, and techniques reshaping cybersecurity today. Here, we highlight key findings from the past year, offering a snapshot of the malicious strategies our analysts uncovered. Whether you’re an IT professional, cybersecurity practitioner, or business owner, these insights can provide actionable guidance to help you stay one step ahead of ever-evolving cyber threats."
        https://www.huntress.com/blog/huntress-2025-cyber-threat-report-proliferating-rats-evolving-ransomware-and-other-findings
        https://www.huntress.com/resources/2025-cyber-threat-report
        https://www.infosecurity-magazine.com/news/ransomware-gangs-prioritize-speed/
      • Phishing Evolves Beyond Email To Become Latest Android App Threat
        "There are plenty of phish in the sea, and the latest ones have little interest in your email inbox. In 2024, Malwarebytes detected more than 22,800 phishing apps on Android, according to the recent 2025 State of Malware report. Of those malicious apps, 5,200 could subvert one of the strongest security practices available today, called “multifactor authentication,” by prying into basic text messages sent to a device. Another 4,800 could even read information from an Android device’s “Notifications” bar to obtain the same info. These “Android phishing apps” may sound high-tech, but they are not. They don’t crack into password managers or spy on passwords entered for separate apps. Instead, they present a modern wrapper on a classic form of theft: Phishing."
        https://www.malwarebytes.com/blog/news/2025/02/phishing-evolves-beyond-email-to-become-latest-android-app-threat
      • Artificial Intelligence (AI) As An Enabler For Enhanced Data Security
        "Artificial intelligence (AI) is transforming industries and redefining how organizations protect their data in today’s fast-paced digital world. With over 90% of enterprises storing at least some of their data in the cloud, AI’s ability to enhance security across complex, distributed environments is more vital than ever. While AI introduces certain risks, its power to proactively identify and close data security gaps offers unparalleled protection when applied effectively. By leveraging AI across key data layers, organizations can discover, classify, and safeguard sensitive information to stay ahead of evolving threats."
        https://securityaffairs.com/174095/security/artificial-intelligence-enhanced-data-security.html
      • Intel Patched 374 Vulnerabilities In 2024
        "In the calendar year 2024, Intel patched a total of 374 vulnerabilities in software, firmware, and hardware products, and paid bug bounty rewards for roughly half of them. The largest number of bugs resolved last year (272) were found in software such as utilities (146), drivers (68), applications (35), SDKs (9), toolkits (8), and NUC appliances (5), Intel notes in its latest product security report. The company also resolved 81 flaws in firmware in 2024, with UEFI (30), NUC BIOS (19), networking products (10) and chipsets (8) being impacted the most. Last year, Intel patched 21 hardware vulnerabilities, including processors, Intel SGX, and side-channel issues, all discovered internally."
        https://www.securityweek.com/intel-patched-374-vulnerabilities-in-2024/
      • Phishing Season 2025: The Latest Predictions Unveiled
        "Every year, cybercriminals sharpen their tools and refine their tactics to exploit network and security vulnerabilities. Gone are the days of clumsy emails with glaring typos and suspicious attachments. Instead, we face an era of new sophistication. No longer just stealing credentials, attackers are creating intricate digital narratives that make it difficult to distinguish friend from foe in our inboxes and DMs. But these revelations are more than a glimpse in the cybercriminal underworld; they are a call to action. As phishing attacks continue to evolve, so should our defenses."
        https://threatlabz.zscaler.com/blogs/security-research/phishing-season-2025-latest-predictions-unveiled
      • How AI-Driven Identify Fraud Is Causing Havoc
        "Artificial intelligence (AI) is transforming our world in ways both expected and unforeseen. For consumers, the technology means more accurately personalized digital content, better healthcare diagnostics, real-time language translation to help on holiday, and generative AI assistants to enhance productivity at work. But AI is also used to help cybercriminals be more productive, especially when it comes to identity fraud – the most common fraud type today. Over a third of banking risk and innovation leaders in the UK, Spain and US cite their biggest challenge today as the rise of AI-generated fraud and deepfakes, making it the number one answer. So how does AI-powered fraud work and what can you do to stay safe?"
        https://www.welivesecurity.com/en/cybersecurity/ai-driven-identify-fraud-havoc/

      อ้างอิง
      Electronic Transactions Development Agency(ETDA) 772c699e-810b-413a-9225-229a21e67a06-image.png

      1 การตอบกลับ คำตอบล่าสุด ตอบ คำอ้างอิง 0
      • First post
        Last post