News for January 19, 2025

By I_g_o_r | Some news | 18 Jan 2025


Ransomware crew abuses AWS native encryption

https://www.theregister.com/2025/01/13/ransomware_crew_abuses_compromised_aws/

 

MFA Failures - The Worst is Yet to Come

https://www.bleepingcomputer.com/news/security/mfa-failures-the-worst-is-yet-to-come/

 

Crimeware-as-a-service: A new threat to crypto users

https://cointelegraph.com/explained/crimeware-as-a-service-a-new-threat-to-crypto-users

 

Hackers Using Fake YouTube Links to Steal Login Credentials

https://hackread.com/hackers-fake-youtube-links-steal-login-credentials/

 

OneBlood confirms personal data stolen in July ransomware attack

https://www.bleepingcomputer.com/news/security/oneblood-confirms-personal-data-stolen-in-july-ransomware-attack/

 

Russia's Largest Platform For State Procurement Hit By Cyberattack

https://it.slashdot.org/story/25/01/16/0019201/russias-largest-platform-for-state-procurement-hit-by-cyberattack

 

Duo MainTenanT - Le Plus Grand Cabaret du Monde

https://www.youtube.com/watch?v=b97S7U7yJp8

https://www.youtube.com/watch?v=u5biNnxbKRE

https://www.youtube.com/watch?v=bQcb_HuCFdc

 

Former Disney Employee Admits to Hacking Menu System to Change Allergy Information

https://gizmodo.com/former-disney-employee-admits-to-hacking-menu-system-to-change-allergy-information-2000548974

 

Fortinet warns of auth bypass zero-day exploited to hijack firewalls

https://www.bleepingcomputer.com/news/security/fortinet-warns-of-auth-bypass-zero-day-exploited-to-hijack-firewalls/

 

MP Art Duo - Acrobatic Adagio

https://www.youtube.com/watch?v=WCuvdc96uro

 

Snyk Researcher Caught Deploying Malicious Code Targeting AI Startup

https://it.slashdot.org/story/25/01/14/0920245/snyk-researcher-caught-deploying-malicious-code-targeting-ai-startup

 

CISA orders agencies to patch BeyondTrust bug exploited in attacks

https://www.bleepingcomputer.com/news/security/cisa-orders-agencies-to-patch-beyondtrust-bug-exploited-in-attacks/

 

Foreign Cybercriminals Bypassed Microsoft's AI Guardrails, Lawsuit Alleges

https://yro.slashdot.org/story/25/01/11/073210/foreign-cybercriminals-bypassed-microsofts-ai-guardrails-lawsuit-alleges

 

Perfect Star Performance | Vasilisa Kaganovskaia and Valiriy Angelopol

https://www.youtube.com/watch?v=0yeT7CVXUco

 

Stolen Path of Exile 2 admin account used to hack player accounts

https://www.bleepingcomputer.com/news/security/stolen-path-of-exile-2-admin-account-used-to-hack-player-accounts/

 

The Terrifying Quantum Discovery Scientists Don’t Want To Talk About

https://www.youtube.com/watch?v=otCsvBAn25c

 

Evelyn WALSH & Trennt MICHAUD perform to 'Beggin' by Måneskin at An Evening with Champions

https://www.youtube.com/watch?v=Q0DmvUxKKM4

 

Microsoft MFA outage blocking access to Microsoft 365 apps

https://www.bleepingcomputer.com/news/microsoft/microsoft-mfa-outage-blocking-access-to-microsoft-365-apps/

 

The Quantum Apocalypse: All Your Secrets Revealed

https://www.youtube.com/watch?v=7eZXBVgBDio

 

Phishing Attacks Use This Simple Trick to Defeat iPhone Message Security

https://www.macrumors.com/2025/01/13/imessage-users-targeted-phishing-scam/

 

Hackers Breach Telefonica Network, Leak 2.3 GB of Data Online

https://hackread.com/hackers-breach-telefonica-network-leak-data-online/

 

How Widespread Is Distrust Of Mainstream Media?

https://www.zerohedge.com/political/how-widespread-distrust-mainstream-media

 

How Passwords Work and How to Hack Them: From DES to ZIP

https://www.youtube.com/watch?v=91VaTyTGYfw

 

macOS bug lets hackers install malicious kernel drivers

https://www.bleepingcomputer.com/news/security/microsoft-macos-bug-lets-hackers-install-malicious-kernel-drivers/

 

How America’s Debt Addiction Is Triggering Collapse

https://www.youtube.com/watch?v=Y_G74U4fVu4

 

Phishing texts trick Apple iMessage users into disabling protection

https://www.bleepingcomputer.com/news/security/phishing-texts-trick-apple-imessage-users-into-disabling-protection/

 

Microsoft eggheads say AI can never be made secure – after testing Redmond's own products

https://www.theregister.com/2025/01/17/microsoft_ai_redteam_infosec_warning/

 

Chinese hackers breached US Treasury Secretary Janet Yellen's computer and accessed fewer than 50 unclassified files; two deputies were also hacked

https://www.bloomberg.com/news/articles/2025-01-16/chinese-hacked-us-treasury-secretary-yellen-s-computer-in-breach

 

Time Is an Illusion: Scientists Say Time Doesn’t Exist in the Way We Think

https://www.youtube.com/watch?v=tc7LpJswIZU

 

Cyber attack on a university in the Netherlands

https://www.tue.nl/en/news-and-events/news-overview/13-01-2025-update-on-cyberattack-no-education-on-tuesday

 

Thousands of PHP-based Web Applications Exploited to Deploy Malware

https://gbhackers.com/php-based-web-applications-exploited/

 

MikroTik botnet uses misconfigured SPF DNS records to spread malware

https://www.bleepingcomputer.com/news/security/mikrotik-botnet-uses-misconfigured-spf-dns-records-to-spread-malware/

 

Rebecca Ghilardi & Filippo Ambrosini, "Moulin Rogue"

https://www.youtube.com/watch?v=xsBNG7Cuq8k

 

PowerSchool data breach victims say hackers stole ‘all’ historical student and teacher data

https://techcrunch.com/2025/01/15/powerschool-data-breach-victims-say-hackers-stole-all-historical-student-and-teacher-data/

 

Hackers Likely Stole FBI Call Logs From AT&T That Could Compromise Informants

https://www.wired.com/story/hackers-likely-stole-fbi-call-logs-from-att-that-could-compromise-informants/

 

The Casino Scam That Broke Europe’s Roulette Tables

https://www.youtube.com/watch?v=u13v1uCzgpo

 

What is a teardrop attack in cryptocurrency?

https://cointelegraph.com/explained/teardrop-attacks-in-crypto-what-they-are-and-how-to-stop-them

 

Hackers exploit critical Aviatrix Controller RCE flaw in attacks

https://www.bleepingcomputer.com/news/security/hackers-exploit-critical-aviatrix-controller-rce-flaw-in-attacks/

 

Unbelievable GIANT Pyramid UFO Appears Over New Jersey!

https://www.youtube.com/watch?v=ZOfubaWyF3Q

 

Publishing giant Scholastic hit by hackers, data on 8 million people stolen

https://www.techradar.com/pro/security/publishing-giant-scholastic-hit-by-hackers-data-on-8-million-people-stolen

 

Infoseccer: Private security biz let guard down, exposed 120K+ files

https://www.theregister.com/2025/01/16/private_security_biz_lets_guard/

 

Lily Hackney - Gun

https://www.youtube.com/watch?v=qwXtqB-n-CU

 

WP3.XYZ malware attacks add rogue admins to 5,000+ WordPress sites

https://www.bleepingcomputer.com/news/security/wp3xyz-malware-attacks-add-rogue-admins-to-5-000-plus-wordpress-sites/

 

Fire, Bugo Group

https://www.youtube.com/watch?v=mhHGAbvwKlg

 

Chinese APT Group Is Ransacking Japan's Secrets

https://www.darkreading.com/cyberattacks-data-breaches/chinese-apt-group-ransacking-japans-secrets

 

25 Outrageous Conspiracy Theories That Might Be True

https://www.youtube.com/watch?v=X9F0MR73I68

 

Threat actors deploy backdoors and cryptocurrency miners

https://securityaffairs.com/173037/cyber-crime/aviatrix-controller-flaw-active-exploitation.html

 

FBI Warned Agents It Believes Phone Logs Hacked Last Year

https://news.slashdot.org/story/25/01/17/1950210/fbi-warned-agents-it-believes-phone-logs-hacked-last-year

 

Malicious PyPi package steals Discord auth tokens from devs

https://www.bleepingcomputer.com/news/security/malicious-pypi-package-steals-discord-auth-tokens-from-devs/

 

W3 Total Cache Plugin Vulnerability Let Attackers Gain Unauthorized Access to Sensitive Data

https://gbhackers.com/w3-total-cache-plugin-vulnerability-let-attackers-gain-unauthorized-access-to-sensitive-data/

 

Crypto's Biggest Lies Debunked

https://www.youtube.com/watch?v=uxlARyGKaWo

 

Label giant Avery says website hacked to steal credit cards

https://www.bleepingcomputer.com/news/security/label-giant-avery-says-website-hacked-to-steal-credit-cards/

 

UnitedHealth hid its Change Healthcare data breach notice for months

https://techcrunch.com/2025/01/15/unitedhealth-hid-its-change-healthcare-data-breach-notice-for-months/

 

The Impossible Virtuosity of Yuja Wang

https://www.youtube.com/watch?v=Qri_DvU_9aM

https://www.youtube.com/watch?v=ZbPYn6u4EYE

https://www.youtube.com/watch?v=Ce3OERuCY0E

 

UK domain giant Nominet confirms cybersecurity incident linked to Ivanti VPN hacks

https://techcrunch.com/2025/01/13/uk-domain-giant-nominet-confirms-cybersecurity-incident-linked-to-ivanti-vpn-hacks/

 

Hackers use Google Search ads to steal Google Ads accounts

https://www.bleepingcomputer.com/news/security/hackers-use-google-search-ads-to-steal-google-ads-accounts/

 

Revealing the Hidden Spyware on Your Phone

https://www.youtube.com/watch?v=wEdvMNyi2GE

 

In the Future, Your Data Is More Valuable Than Gold

https://hackernoon.com/in-the-future-your-data-is-more-valuable-than-gold

 

MORE ABOUT THOSE CALIFORNIA FIRES…

https://gizadeathstar.com/2025/01/more-about-those-california-fires/

 

Vanessa Mai - Ich sterb für Dich

https://www.youtube.com/watch?v=oxWhC25W8Z4

 

Veeam Azure Backup Vulnerability Allows Attackers to Utilize SSRF & Send Unauthorized Requests

https://gbhackers.com/veeam-azure-backup-vulnerability-allows-attackers-to-utilize-ssrf-send-unauthorized-requests/

 

Tennessee-based mortgage lender confirms December cyberattack

https://therecord.media/tennessee-mortgage-lender-confirms-cyberattack

 

Wolf Haldenstein law firm says 3.5 million impacted by data breach

https://www.bleepingcomputer.com/news/security/wolf-haldenstein-law-firm-says-35-million-impacted-by-data-breach/

 

Bello Sisters Full Performance Grand Final | America's Got Talent All Stars

https://www.youtube.com/watch?v=-oZNbos7le8

 

ESET detailed a flaw that could allow a bypass of the Secure Boot in UEFI systems

https://securityaffairs.com/173175/security/flaw-bypass-secure-boot-in-uefi-systems.html

 

Google’s “Sign in with Google” Flaw Exposes Millions of Users’ Details

https://gbhackers.com/googles-sign-in-with-google-flaw/

 

Illicit HuiOne Telegram Market Surpasses Hydra, Hits $24 Billion in Crypto Transactions

https://thehackernews.com/2025/01/illicit-huione-telegram-market.html

 

Over 660,000 Rsync servers exposed to code execution attacks

https://www.bleepingcomputer.com/news/security/over-660-000-rsync-servers-exposed-to-code-execution-attacks/

 

WORLD'S 10 GREATEST MAGIC TRICKS

https://www.youtube.com/watch?v=aGOvjutqFpU

 

US, Japan, South Korea warn of rising North Korean crypto hacking threats

https://cointelegraph.com/news/north-korea-hackers-crypto-theft-joint-warning

 

FTC sues GoDaddy for years of poor hosting security practices

https://www.bleepingcomputer.com/news/security/ftc-sues-godaddy-for-years-of-poor-hosting-security-practices/

 

The Most Horrifying Details About the Apollo Missions That NASA Tried to Hide

https://www.youtube.com/watch?v=6SO_Azvqyl0

 

Compromised AWS Keys Abused in Codefinger Ransomware Attacks

https://www.securityweek.com/compromised-aws-keys-abused-in-codefinger-ransomware-attacks/

 

Black Basta-Style Cyberattack Hits Inboxes with 1,165 Emails in 90 Minutes

https://hackread.com/black-basta-cyberattack-hits-inboxes-with-1165-emails/

 

Label giant Avery says website hacked to steal credit cards

https://www.bleepingcomputer.com/news/security/label-giant-avery-says-website-hacked-to-steal-credit-cards/

 

"Capolavoro" - Rebecca Ghilardi and Filippo Ambrosini perform

https://www.youtube.com/watch?v=jN2vLDOp4t8

 

THE FUNGUS THAT EATS IONIZING RADIATION FOR BREAKFAST

https://gizadeathstar.com/2025/01/the-fungus-that-eats-ionizing-radiation-for-breakfast/

 

Hackers leak configs and VPN credentials for 15,000 FortiGate devices

https://www.bleepingcomputer.com/news/security/hackers-leak-configs-and-vpn-credentials-for-15-000-fortigate-devices/

 

Manipulation Playbook: The 20 Indicators of Reality Control

https://www.youtube.com/watch?v=b3AN2wY4qAM

 

Researchers Warn of NTLMv1 Bypass in Active Directory Policy

https://hackread.com/researchers-ntlmv1-bypass-active-directory-policy/

 

Indian crypto platform WazirX freezes $3M to aid recovery from $230M hack

https://cryptoslate.com/indian-crypto-platform-wazirx-freezes-3m-to-aid-recovery-from-230m-hack/

 

‘The Interview’: Curtis Yarvin Says Democracy is Done

https://www.nytimes.com/2025/01/18/magazine/curtis-yarvin-interview.html

 

Egypt's Greatest Mystery - Massive Granite Boxes Humans Could Never Build

https://www.youtube.com/watch?v=uxuVDj_u5ho

 

Biden signs sweeping cybersecurity order, just in time for Trump to gut it

https://www.theregister.com/2025/01/17/biden_cybersecurity_eo/

 

2024 US Healthcare Data Breaches: 585 Incidents, 180 Million Compromised User Records

https://www.securityweek.com/2024-us-healthcare-data-breaches-585-incidents-180-million-compromised-user-records/

 

How Illegally Smuggled Gold Is Fueling The U.S. Gold Boom

https://www.youtube.com/watch?v=3YWEy0ijeuo

 

Crypto scammers hard shift to Telegram, and ‘it’s working’ — Scam Sniffer

https://cointelegraph.com/news/malicious-telegram-group-scams-have-increased-2000-since-november-scam-sniffer

 

Capital One two-day outage leaves customers in free-fall

https://www.theregister.com/2025/01/17/capital_one_outage/

 

Avery has confirmed its website was compromised by a credit card skimmer that potentially affected over 60,000 customers.

https://www.malwarebytes.com/blog/news/2025/01/avery-had-credit-card-skimmer-stuck-on-its-site-for-months

 

David Garrett & HAUSER - Shake It Off

https://www.youtube.com/watch?v=dYAhNqto4eM

 

FlowerStorm PaaS Platform Attacking Microsoft Users With Fake Login Pages

https://gbhackers.com/flowerstorm-microsoft-phishing/#google_vignette

 

Otelier data breach exposes info, hotel reservations of millions

https://www.bleepingcomputer.com/news/security/otelier-data-breach-exposes-info-hotel-reservations-of-millions/

 

Why Oligarchy Falls (And How to Speed It Up)

https://www.youtube.com/watch?v=UlbJtgYEM1U

https://www.youtube.com/watch?v=HMguSl8PHS4

 

Medusa ransomware group claims attack on UK's Gateshead Council

https://www.theregister.com/2025/01/17/gateshead_council_cybersecurity_incident/

 

GDPR complaints filed against TikTok, Temu for sending user data to China

https://www.bleepingcomputer.com/news/security/gdpr-complaints-filed-against-tiktok-temu-for-sending-user-data-to-china/

 

Physicists Say They Know How Cold Fusion Works

https://www.youtube.com/watch?v=PGgovWTBoWY

 

Millions of OpenSea user emails leaked in 2022 now fully public: SlowMist

https://cointelegraph.com/news/opensea-user-emails-fully-publicized-2022-leak-slowmist

 

Pastor who saw crypto project in his "dream" indicted for fraud

https://www.bleepingcomputer.com/news/legal/pastor-who-saw-crypto-project-in-his-dream-indicted-for-fraud/

 

A simple way to estimate when QCs reach ‘MegaQuOp’ (one million error free quantum operations)

https://www.publish0x.com/simple-solutions-to-complex-problems/a-simple-way-to-estimate-when-qcs-reach-megaquop-one-million-xnkoxnq

 

Duo Destiny - Hand to hand Bench Act

https://www.youtube.com/watch?v=zn1BTAhgouk

 

 

P.S. For those who want to have a list of annotations, here is the link to the article on how to do it with ChatGPT and Zapier

https://zapier.com/blog/how-to-use-chatgpt-to-summarize-an-article/

 

 

Some links:

Get highly discounted domains

Get public DPG for mobile devices

Get free XNO

Get an offline public DPG

Get working memory stimulator

Get post-quantum crypto wallet

Get your passwords and private keys to be prepared for the Q day

How to estimate time for the Q-day, in a simple way?

How do you rate this article?

31


I_g_o_r
I_g_o_r

I am curious about science, technologies and their applications to solving real problems.


Some news
Some news

News on cyber security, data breaches, crypto security, trends, etc. Image of Suzy Hazelwood from pexels.com

Send a $0.01 microtip in crypto to the author, and earn yourself as you read!

20% to author / 80% to me.
We pay the tips from our rewards pool.