FreshRSS

πŸ”’
❌ Secure Planet Training Courses Updated For 2019 - Click Here
☷
β–³ πŸ”ƒ
There are new available articles, click to refresh the page.
Today β€” November 4th 2025Your RSS feeds

Operation SkyCloak Deploys Tor-Enabled OpenSSH Backdoor Targeting Defense Sectors

By: Ravie Lakshmanan
Threat actors are leveraging weaponized attachments distributed via phishing emails to deliver malware likely targeting the defense sector in Russia and Belarus. According to multiple reports from Cyble and Seqrite Labs, the campaign is designed to deploy a persistent backdoor on compromised hosts that uses OpenSSH in conjunction with a customized Tor hidden service that employs obfs4 for

The best cheap portable power stations of 2025: Expert tested and reviewed

I tried out the best budget-friendly portable power stations for camping, workshops, and power outages. Here are my recommendations.

'Sales heroics' won't save you: How to build scalable, repeatable systems instead

The traditional sales playbook is failing because of fragmented tools and information systems. Here's how sales teams can get back on the same page.

SUSE Linux Enterprise Server 16 lands - with AI and EU support baked in

Available today, the new SLES 16 is ushering in an AI-ready, top-notch Linux server, while emphasizing its benefits for digital sovereignty.

New Research: RondoDox v2, a 650% Expansion in Exploits

By: /u/mario_candela

Through our honeypot (https://github.com/mariocandela/beelzebub), I’ve identified a major evolution of the RondoDox botnet, first reported by FortiGuard Labs in 2024.

The newly discovered RondoDox v2 shows a dramatic leap in sophistication and scale:
πŸ”Ί +650% increase in exploit vectors (75+ CVEs observed)
πŸ”Ί New C&C infrastructure on compromised residential IPs
πŸ”Ί 16 architecture variants
πŸ”Ί Open attacker signature: bang2013@atomicmail[.]io
πŸ”Ί Targets expanded from DVRs and routers to enterprise systems

The full report includes:
- In-depth technical analysis (dropper, ELF binaries, XOR decoding)
- Full IOC list
- YARA and Snort/Suricata detection rules
- Discovery timeline and attribution insights

submitted by /u/mario_candela
[link] [comments]

Why I strongly recommend these earbuds, even though their audio is subpar

If you need a pair of earbuds that sound great on phone calls, the OpenRock Link 20 open-air earbuds are some of the best I've tested.

Google’s AI β€˜Big Sleep’ Finds 5 New Vulnerabilities in Apple’s Safari WebKit

By: Ravie Lakshmanan
Google's artificial intelligence (AI)-powered cybersecurity agent called Big Sleep has been credited by Apple for discovering as many as five different security flaws in the WebKit component used in its Safari web browser that, if successfully exploited, could result in a browser crash or memory corruption. The list of vulnerabilities is as follows - CVE-2025-43429 - A buffer overflow

U.S. Prosecutors Indict Cybersecurity Insiders Accused of BlackCat Ransomware Attacks

By: Ravie Lakshmanan
Federal prosecutors in the U.S. have accused a trio of allegedly hacking the networks of five U.S. companies with BlackCat (aka ALPHV) ransomware between May and November 2023 and extorting them. Ryan Clifford Goldberg, Kevin Tyler Martin, and an unnamed co–conspirator (aka "Co-Conspirator 1") based in Florida, all U.S. nationals, are said to have used the ransomware strain against a medical

China's president Xi Jinping jokes about backdoors in Xiaomi smartphones

South Korea's president laughed, so perhaps it was funny? Unlike China's censorship and snooping

Chinese president Xi Jinping has joked that smartphones from Xiaomi might include backdoors.…

Microsoft Detects "SesameOp" Backdoor Using OpenAI's API as a Stealth Command Channel

By: Ravie Lakshmanan
Microsoft has disclosed details of a novel backdoor dubbed SesameOp that uses OpenAI Assistants Application Programming Interface (API) for command-and-control (C2) communications. "Instead of relying on more traditional methods, the threat actor behind this backdoor abuses OpenAI as a C2 channel as a way to stealthily communicate and orchestrate malicious activities within the compromised

AN0M, the backdoored β€˜secure’ messaging app for criminals, is still producing arrests after four years

55 cuffed last week after court ruled sting operation was legal

Australian police last week made 55 arrests using evidence gathered with a backdoored messaging app that authorities distributed in the criminal community.…

[Research] Unvalidated Trust: Cross-Stage Failure Modes in LLM/agent pipelines arXiv

By: /u/Solid-Tomorrow6548

The paper analyzes trust between stages in LLM and agent toolchains. If intermediate representations are accepted without verification, models may treat structure and format as implicit instructions, even when no explicit imperative appears. I document 41 mechanism level failure modes.

Scope

  • Text-only prompts, provider-default settings, fresh sessions.
  • No tools, code execution, or external actions.
  • Focus is architectural risk, not operational attack recipes.

Selected findings

  • Β§8.4 Form-Induced Safety Deviation: Aesthetics/format (e.g., poetic layout) can dominate semantics -> the model emits code with harmful side-effects despite safety filters, because form is misinterpreted as intent.
  • Β§8.21 Implicit Command via Structural Affordance: Structured input (tables/DSL-like blocks) can be interpreted as a command without explicit verbs (β€œrun/execute”), leading to code generation consistent with the structure.
  • Β§8.27 Session-Scoped Rule Persistence: Benign-looking phrasing can seed a latent session rule that re-activates several turns later via a harmless trigger, altering later decisions.
  • Β§8.18 Data-as-Command: Fields in data blobs (e.g., config-style keys) are sometimes treated as actionable directives -> the model synthesizes code that implements them.

Mitigations (paper Β§10)

  • Stage-wise validation of model outputs (semantic + policy checks) before hand-off.
  • Representation hygiene: normalize/label formats to avoid β€œformat -> intent” leakage.
  • Session scoping: explicit lifetimes for rules and for the memory
  • Data/command separation: schema aware guards

Limitations

  • Text-only setup; no tools or code execution.
  • Model behavior is time dependent. Results generalize by mechanism, not by vendor.
submitted by /u/Solid-Tomorrow6548
[link] [comments]
Yesterday β€” November 3rd 2025Your RSS feeds

MIT Sloan quietly shelves AI ransomware study after researcher calls BS

Even AI has doubts about the claim that '80% of ransomware attacks are AI-driven'

Do 80 percent of ransomware attacks really come from AI? MIT Sloan has now withdrawn a working paper that made that eyebrow-raising claim after criticism from security researcher Kevin Beaumont.…

Ransomware negotiator, pay thyself!

Rogues committed extortion while working for infosec firms

A ransomware negotiator and an incident response manager at two separate cybersecurity firms have been indicted for allegedly carrying out ransomware attacks of their own against multiple US companies.…

Ground zero: 5 things to do after discovering a cyberattack

When every minute counts, preparation and precision can mean the difference between disruption and disaster

This month in security with Tony Anscombe – October 2025 edition

From the end of Windows 10 support to scams on TikTok and state-aligned hackers wielding AI, October's headlines offer a glimpse of what's shaping cybersecurity right now

Fraud prevention: How to help older family members avoid scams

Families that combine open communication with effective behavioral and technical safeguards can cut the risk dramatically

Cybersecurity Awareness Month 2025: When seeing isn't believing

Deepfakes are blurring the line between real and fake and fraudsters are cashing in, using synthetic media for all manner of scams

Recruitment red flags: Can you spot a spy posing as a job seeker?

Here’s what to know about a recent spin on an insider threat – fake North Korean IT workers infiltrating western firms

How MDR can give MSPs the edge in a competitive market

With cybersecurity talent in short supply and threats evolving fast, managed detection and response is emerging as a strategic necessity for MSPs

Cybersecurity Awareness Month 2025: Cyber-risk thrives in the shadows

Shadow IT leaves organizations exposed to cyberattacks and raises the risk of data loss and compliance failures

Gotta fly: Lazarus targets the UAV sector

ESET research analyzes a recent instance of the Operation DreamJob cyberespionage campaign conducted by Lazarus, a North Korea-aligned APT group

SnakeStealer: How it preys on personal data – and how you can protect yourself

Here’s what to know about the malware with an insatiable appetite for valuable data, so much so that it tops this year's infostealer detection charts

Cybersecurity Awareness Month 2025: Building resilience against ransomware

Ransomware rages on and no organization is too small to be targeted by cyber-extortionists. How can your business protect itself against the threat?

Minecraft mods: Should you 'hack' your game?

Some Minecraft mods don’t help build worlds – they break them. Here’s how malware can masquerade as a Minecraft mod.

IT service desks: The security blind spot that may put your business at risk

Could a simple call to the helpdesk enable threat actors to bypass your security controls? Here’s how your team can close a growing security gap.

Cybersecurity Awareness Month 2025: Why software patching matters more than ever

As the number of software vulnerabilities continues to increase, delaying or skipping security updates could cost your business dearly.

AI-aided malvertising: Exploiting a chatbot to spread scams

Cybercriminals have tricked X’s AI chatbot into promoting phishing scams in a technique that has been nicknamed β€œGrokking”. Here’s what to know about it.

How Uber seems to know where you are – even with restricted location permissions

Is the ride-hailing app secretly tracking you? Not really, but this iOS feature may make it feel that way.

Cybersecurity Awareness Month 2025: Passwords alone are not enough

Never rely on just a password, however strong it may be. Multi-factor authentication is essential for anyone who wants to protect their online accounts from intruders.

The case for cybersecurity: Why successful businesses are built on protection

Company leaders need to recognize the gravity of cyber risk, turn awareness into action, and put security front and center

Beware of threats lurking in booby-trapped PDF files

Looks can be deceiving, so much so that the familiar icon could mask malware designed to steal your data and money.

Manufacturing under fire: Strengthening cyber-defenses amid surging threats

Manufacturers operate in one of the most unforgiving threat environments and face a unique set of pressures that make attacks particularly damaging

New spyware campaigns target privacy-conscious Android users in the UAE

ESET researchers have discovered campaigns distributing spyware disguised as Android Signal and ToTok apps, targeting users in the United Arab Emirates

Cybersecurity Awareness Month 2025: Knowledge is power

We're kicking off the month with a focus on the human element: the first line of defense, but also the path of least resistance for many cybercriminals

This month in security with Tony Anscombe – September 2025 edition

The past 30 days have seen no shortage of new threats and incidents that brought into sharp relief the need for well-thought-out cyber-resilience plans

Roblox executors: It’s all fun and games until someone gets hacked

You could be getting more than you bargained for when you download that cheat tool promising quick wins

DeceptiveDevelopment: From primitive crypto theft to sophisticated AI-based deception

Malware operators collaborate with covert North Korean IT workers, posing a threat to both headhunters and job seekers

Watch out for SVG files booby-trapped with malware

What you see is not always what you get as cybercriminals increasingly weaponize SVG files as delivery vectors for stealthy malware

Own a Samsung smartwatch? These 8 features and settings are very useful (but often overlooked)

Samsung's Galaxy Watch series features the latest and greatest Android software, resulting in key features that you should be taking advantage of.

5 steps to fixing your business's top security risk

Weak or compromised passwords pose the greatest security risk to companies, according to a new report from password manager 1Password.

What the colors of your USB ports tell you (and why some are more capable than others)

Look closely, the colors on your USB devices tell you a lot about what they can do.

AWS, Nvidia, CrowdStrike seek security startups to enter the arena

Last year's winner scored a $65M funding round on a $300M valuation

Cloud and AI security startups have two weeks to apply for a program that fast-tracks access to investors and mentors from Amazon Web Services, CrowdStrike, and Nvidia.…

Transfer photos from your Android phone to your Windows PC - here are 5 easy ways to do it

You can transfer photos from your Android phone to your Windows computer using a variety of methods. Here are step-by-step instructions for the five easiest ways.

This minimalist Linux distro is built for small business - and runs like a dream

If you're looking for a minimalist Linux distribution that doesn't force specific apps on you and runs well, Synex might be the one.

Last chance to get a free year of Disney+, Hulu, and ESPN+ with Verizon home internet

When you sign up for the new Verizon home internet Gigabit plan, you'll be eligible to get a free Nintendo Switch or a free year of Disney+, Hulu, and ESPN+ (with ads) - but this deal ends this week.

Malicious VSX Extension "SleepyDuck" Uses Ethereum to Keep Its Command Server Alive

By: Ravie Lakshmanan
Cybersecurity researchers have flagged a new malicious extension in the Open VSX registry that harbors a remote access trojan called SleepyDuck. According to Secure Annex's John Tuckner, the extension in question, juan-bianco.solidity-vlang (version 0.0.7), was first published on October 31, 2025, as a completely benign library that was subsequently updated to version 0.0.8 on November 1 to

AI struggles to cite results properly. Can Perplexity and Getty's new partnership fix that?

The two companies aim to better credit images in query results. Here's how it could impact information quality.

Cybercrooks team up with organized crime to steal pricey cargo

Old-school cargo heists reborn in the cyber age

Cybercriminals are increasingly orchestrating lucrative cargo thefts alongside organized crime groups (OCGs) in a modern-day resurgence of attacks on freight companies.…

Sniffing established BLE connections with HackRF One

By: /u/uBaze 
Bluetooth Low Energy (BLE) powers hundreds of millions of IoT devices β€” trackers, medical sensors, smart home systems, and more. Understanding these communications is essential for security research and reverse engineering. In our latest article, we explore the specific challenges of sniffing a frequency-hopping BLE connection with a Software Defined Radio (SDR), the new possibilities this approach unlocks, and its practical limitations. πŸ› οΈ What you’ll learn: Why SDRs (like the HackRF One) are valuable for BLE analysis The main hurdles of frequency hopping β€” and how to approach them What this means for security audits and proprietary protocol discovery ➑️ Read the full post on the blog
submitted by /u/uBaze
[link] [comments]

Should you ditch your TP-Link router? Here's how to secure your Wi-Fi today

As a ban on the country's favorite router brand looms, here's how to keep your network and data safe.

5 must-have cloud tools for small businesses in 2025 (and my top 10 money-saving secrets)

Are you overpaying for cloud tools? Here's what you actually need and how small changes can save you thousands a year.

Best early Black Friday Sam's Club deals 2025: Discounts out now

Black Friday is just a few weeks away, but some deals are now live at Sam's Club to help you save on laptops, TVs, and household appliances.

5 obscure Linux distros you've probably never heard of - but should definitely try

Tired of the same old Linux distros? Try these deep cuts instead.

Want better ChatGPT responses? Try this surprising trick, researchers say

A study by researchers from Penn State University found that the tone of your prompt may be just as important as the content of your prompt.

This is the accessory I trust when I take my smartphone out into wild weather

Most modern smartphones are water-resistant, but there are times when I need additional protection.

Best early Black Friday Target deals 2025: 15+ early sales available now

The holiday season is upon us, which means that Black Friday deals are on the horizon. Here are the best Cyber Week discounts at Target right now.

How to actually use AI in a small business: 10 lessons from the trenches

It's not about proving you can use AI - it's about using it wisely. Let's cut through the hype with practical tips on how small companies can get real results.

How to use AI tools to create 'Small Business Saturday' posters, flyers, and ads - for free

If you're a small business looking to promote your sales the day after Black Friday, here's how you can easily use AI tools to design all your marketing assets for little to no money.
❌