Latest Security News Collection
01
Cybercriminals Shift Tactics: Germany Sees Drop in Ransomware but Surge in Stealthy Malware
#Ransomware #SimpleHelpExploit #CVE202457727 #CyberSecurityAlert #DoubleExtortion #UtilityCyberAttack#RemoteAccessRisks #PatchNow #CISAWarning #PlayRansomware
Ransomware gangs have exploited a critical vulnerability in unpatched versions of SimpleHelp’s remote monitoring and management (RMM) tool, causing service disruptions across utility billing providers, according to a recent CISA alert. The flaw, identified as CVE-2024-57727, is a high-severity path traversal vulnerability affecting SimpleHelp versions 5.5.7 and earlier. Despite a patch being issued in January 2025, attackers have continued to target unpatched systems, leading to double-extortion incidents where data is both encrypted and stolen. The Play ransomware group and DragonForce have been linked to these attacks, which highlight a broader trend of exploiting remote access tools. CISA urges organisations to check for signs of compromise and apply the necessary updates immediately to prevent further breaches.
→ Read more on security-insider.de
02
Google Account Phone Numbers Exposed in Now-Fixed Brute-Force Exploit
#CyberSecurity #GoogleExploit #PhoneNumberLeak #BruteForceAttack #SIMSwapping #PrivacyBreach #EthicalHacking #VulnerabilityDisclosure #DigitalSecurity #InfoSecNews
A cybersecurity researcher uncovered a serious privacy flaw that allowed attackers to reveal the phone number linked to any Google account using a brute-force method. The exploit, now patched by Google, required only the target’s display name and involved a clever manipulation of Google’s Looker Studio to avoid detection. The attacker then used custom code to rapidly guess phone numbers until a match was found—taking as little as eight minutes for UK numbers. Google acknowledged the issue and credited the researcher through its vulnerability rewards programme. This incident highlights the ongoing risks of SIM swapping, where exposed phone numbers can lead to identity theft, cryptocurrency theft, and even corporate breaches. While the vulnerability is resolved, it underscores the importance of robust privacy protections and the value of ethical hacking in securing digital platforms.
→ Read more on wired.com
03
Arsen Unveils AI-Powered Vishing Simulator to Strengthen Voice Phishing Defences
#VoicePhishing #CyberSecurityTraining #AIPoweredDefence #VishingSimulation #SocialEngineering #EmployeeAwareness #CyberThreats #SecurityInnovation #ArsenCyber #AIForGood
Cybersecurity startup Arsen has launched a groundbreaking AI-powered Vishing Simulation tool to help organisations combat the growing threat of voice phishing. The module uses AI-generated voices and adaptive dialogue to simulate realistic phone-based social engineering attacks, such as impersonations of IT support. Unlike traditional training methods, Arsen’s solution dynamically adjusts to employee responses, handles objections with lifelike dialogue, and mimics high-pressure attacker behaviour across languages and accents. This innovation enables scalable, real-time training for all employees—not just high-profile targets. As voice phishing becomes a preferred method for attackers seeking credentials and access, Arsen’s tool equips organisations to identify vulnerabilities and build resilience. CEO Thomas Le Coz emphasised the importance of using AI to empower defenders in the evolving cybersecurity landscape.
→ Read more on hackread.com
04
No Malware Needed: New Tool Exposes Smartphone Location via Simple Link Click
#MobileSecurity #PhishingAwareness #GeolocationLeak #CyberThreats #SocialEngineering #SeekerTool #DeviceFingerprinting #InfoSec#SmartphonePrivacy #CyberAwareness
A cybersecurity researcher known as “thewhiteh4t” has revealed a powerful proof-of-concept tool called Seeker, which can pinpoint a smartphone’s exact location without installing any malware. Instead, it uses social engineering to trick users into visiting a phishing site and granting location access. Once the user clicks “allow,” the attacker receives precise geolocation data—including latitude, longitude, altitude, and even movement speed—along with detailed device information such as OS, browser, and GPU vendor. The phishing templates mimic trusted services like Google Docs, WhatsApp, and Zoom, making them highly convincing. Thewhiteh4t warns that even without permissions, attackers can still gather unique device identifiers using canvas fingerprinting. This demonstration underscores the growing risks of seemingly harmless link clicks and the urgent need for user awareness in mobile security.
→ Read more on cybernews.com
05
Holiday Season Cyber Threats: Travel Industry Faces Surge in Attacks
#CyberSecurity #TravelIndustryThreats #HolidaySeasonRisks #Ransomware #PhishingAttacks #DDoS #DevSecOps #DigitalDefence #CheckPointReport #TourismCyberThreats
As global tourism rebounds, cybercriminals are increasingly targeting the travel sector, warns Check Point Software Technologies. Their 2025 report reveals a dramatic rise in cyberattacks on travel agencies and tour operators between 2023 and 2025. With the industry’s reliance on real-time data, global communications, and third-party services, attackers are exploiting vulnerabilities through DDoS attacks, ransomware, phishing, and supply chain compromises. Many travel companies still operate outdated systems and lack robust DevSecOps practices, making them prime targets. From airlines to booking platforms, the sector handles vast amounts of sensitive data, making cybersecurity a critical concern—especially during peak holiday periods. Check Point urges organisations to strengthen defences and adopt proactive security strategies to navigate this increasingly hostile digital landscape.
→ Read more on it-daily.net
06
DDoS Attacks Evolve into Strategic Threats for Global Financial Sector
#DDoSAttacks #FinancialCyberSecurity #FSISACReport #AkamaiTechnologies #CyberThreats2025 #APACCyberTrends #DDoSForHire #BankingSecurity #DigitalResilience #StrategicCyberRisks
A new report by FS-ISAC and Akamai Technologies warns that Distributed-Denial-of-Service (DDoS) attacks have escalated from minor disruptions to strategic threats targeting the financial industry. In 2024, attackers increasingly focused on financial institutions’ websites and APIs, using sophisticated methods that mimic legitimate user behaviour—making detection difficult. The report, titled From Nuisance to Strategic Threat, highlights how these attacks now jeopardise operational stability, customer trust, and profitability. Particularly alarming is the surge in attacks in the Asia-Pacific region, which accounted for 38% of volumetric DDoS incidents—up from 11% the previous year. Geopolitical tensions and the rise of “DDoS-for-hire” services have further fuelled this trend, enabling even low-skilled actors to launch large-scale assaults. The findings underscore the urgent need for financial institutions to strengthen their cyber resilience and adapt to an increasingly hostile digital landscape.
→ Read more on it-daily.net
07
NIST Releases Practical Zero Trust Guidance to Tackle Real-World Implementation Challenges
#ZeroTrust #NISTGuidance #CyberSecurity #ZTAStrategy #NetworkSecurity #DigitalTransformation #AccessControl #SecurityArchitecture #NCCoE #CyberResilience
The US National Institute of Standards and Technology (NIST) has published new hands-on guidance to support organisations in implementing Zero Trust Architecture (ZTA). Unlike its 2020 conceptual framework, the latest publication offers 19 real-world examples using commercial off-the-shelf technologies. Developed over four years in collaboration with 24 industry partners, the guidance addresses the growing need for robust security amid increasing regulatory pressure and complex network environments. Zero trust assumes no user or device is inherently trustworthy, enforcing continuous verification across systems. However, implementation remains challenging due to misconceptions, business disruption, and the need for tailored solutions. NIST’s Alper Kerman emphasises that each ZTA must be custom-built, requiring deep understanding of access patterns and resources. This new guidance aims to demystify the process and accelerate secure digital transformation.
→ Read more on infosecurity-magazine.com
08
Fog Ransomware Attack Raises Alarms Over Use of Employee Monitoring Software
#FogRansomware #CyberAttack #EmployeeMonitoring #FinancialSecurity #GC2Tool #APT41 #PersistentThreats #RansomwareTactics #CyberResilience #SymantecResearch
A recent ransomware attack on a financial institution in Asia has drawn significant attention due to its unconventional tactics. Researchers at Symantec discovered that the attackers deployed legitimate employee monitoring software, Syteca, alongside open-source penetration testing tools—an unusual move in ransomware operations. Notably, the attackers used GC2, a tool capable of executing commands and exfiltrating data via Google Sheets and Microsoft SharePoint, previously linked to Chinese state-backed group APT41. What sets this attack apart is the effort to maintain persistence even after deploying the ransomware, a rare tactic in such campaigns. While attribution remains unclear, the sophisticated methods suggest a more strategic intent. The incident underscores the evolving nature of ransomware threats and the need for heightened vigilance across financial systems.
→ Read more on therecord.media
09
Over 40,000 Security Cameras Exposed to Remote Hacking, Bitsight Warns
#CyberSecurity #SurveillanceRisks #BitsightReport #IoTSecurity #CameraHacking #RTSPVulnerabilities #PrivacyThreat #SmartDeviceSecurity #TelecomCyberRisk #GlobalCyberThreats
Cybersecurity firm Bitsight has uncovered over 40,000 internet-exposed security cameras worldwide, posing serious risks of spying, extortion, and cyberattacks. These devices, operating via HTTP or RTSP protocols, can be accessed remotely—often without authentication—if attackers know their IP addresses. Some even allow full administrative access or return live screenshots through simple API queries. While HTTP-based cameras are common in homes and small offices, RTSP models are typically used in professional surveillance systems. The United States leads in exposure with over 14,000 vulnerable cameras, followed by Japan, Austria, Czechia, and South Korea. The telecommunications sector is the most affected, accounting for 79% of the exposed devices. Bitsight’s findings highlight the urgent need for stronger security configurations and awareness around connected surveillance systems.
→ Read more on securityweek.com
10
Ransomware Attackers Exploit SimpleHelp Flaw to Disrupt Utility Service
#Ransomware #SimpleHelpExploit #CVE202457727 #CyberSecurityAlert #DoubleExtortion #UtilityCyberAttack #RemoteAccessRisks #PatchNow #CISAWarning #PlayRansomware
Ransomware gangs have exploited a critical vulnerability in unpatched versions of SimpleHelp’s remote monitoring and management (RMM) tool, causing service disruptions across utility billing providers, according to a recent CISA alert. The flaw, identified as CVE-2024-57727, is a high-severity path traversal vulnerability affecting SimpleHelp versions 5.5.7 and earlier. Despite a patch being issued in January 2025, attackers have continued to target unpatched systems, leading to double-extortion incidents where data is both encrypted and stolen. The Play ransomware group and DragonForce have been linked to these attacks, which highlight a broader trend of exploiting remote access tools. CISA urges organisations to check for signs of compromise and apply the necessary updates immediately to prevent further breaches.
→ Read more on theregister.com/
+49 89 360 5310 | security-awareness@metafinanz.de
The editors are not responsible for the content of each article.