DJBSEC's CyberNews 3-7-25

Created in March 07, 2025

2025   ·   CyberNews   ·   News

Story 1. The Future of Cybersecurity Lies in Governance, Not More Tools

Experts argue that cybersecurity strategies must shift from an over-reliance on security tools to stronger governance and risk management. While new technologies can help detect threats, they cannot replace structured policies, user education, and clear accountability. Organizations need to prioritize proactive security governance, including regulatory compliance and incident response planning. A well-implemented governance framework can significantly reduce cybersecurity risks and improve long-term resilience.
Read more here

Story 2. Researchers Bypass CrowdStrike Falcon Sensor, Exposing Detection Weakness

Security researchers have demonstrated a method to bypass CrowdStrike’s Falcon Sensor, an advanced endpoint detection and response (EDR) tool. The exploit allows attackers to evade detection and execute malicious code undetected. While CrowdStrike is investigating the bypass technique, the findings raise concerns about the effectiveness of security solutions in stopping sophisticated attacks. Experts recommend using multiple layers of security rather than relying on a single detection tool.
Read more here

Story 3. Deepfake Videos on YouTube Used to Phish Content Creators

Cybercriminals are using deepfake videos on YouTube to target content creators with phishing scams. The attackers create fake videos featuring AI-generated influencers promoting fraudulent sponsorship deals, tricking victims into downloading malware. Once installed, the malware steals login credentials and financial information. Security professionals urge YouTube users to verify sponsorships and avoid downloading files from untrusted sources.
Read more here

Story 4. Invoke-ADCheck: A New PowerShell-Based Tool Used for Cyber Attacks

Hackers are leveraging a newly discovered PowerShell tool called Invoke-ADCheck to automate reconnaissance on Active Directory environments. This tool allows attackers to gather information about domain controllers, user privileges, and security policies before launching further attacks. While it was originally developed for security auditing, malicious actors have started weaponizing it. Organizations are encouraged to monitor PowerShell execution logs and restrict unnecessary administrative access.
Read more here

Story 5. Microsoft 365 Apps to Prompt Users to Back Up Files in OneDrive

Microsoft is introducing a new feature in Microsoft 365 apps that will prompt users to back up their files to OneDrive. The goal is to prevent data loss due to ransomware attacks, hardware failures, or accidental deletions. Users will receive proactive notifications encouraging them to enable automatic backups for critical files. This move aligns with Microsoft’s broader efforts to enhance cloud-based security and data protection.
Read more here

Story 6. Ethereum Private Key Stealer on PyPI Downloaded Over 1,000 Times

A malicious Python package on the PyPI repository was found stealing Ethereum private keys from unsuspecting developers. The package, which had over 1,000 downloads before removal, contained code designed to extract and transmit sensitive wallet data. This incident highlights the growing risk of supply chain attacks targeting open-source repositories. Developers are urged to verify package integrity before installation and avoid downloading unverified dependencies.
Read more here

Story 7. Ransomware Gang Used a Webcam to Bypass EDR and Encrypt a Network

A ransomware group found a creative way to bypass endpoint detection and response (EDR) tools by exploiting a vulnerable network-connected webcam. By using the device as an entry point, attackers were able to disable security defenses and encrypt the entire network. This attack underscores the importance of securing all connected devices, including IoT and peripheral hardware. Organizations should apply firmware updates and segment IoT devices to limit attack vectors.
Read more here

Story 8. Microsoft Reports Malvertising Campaign Impacted Over 1 Million PCs

A large-scale malvertising campaign has compromised over 1 million PCs worldwide, according to Microsoft. Attackers used fraudulent advertisements on search engines and social media to distribute malware, tricking users into downloading infected software. Victims unknowingly installed malicious payloads that enabled remote access, data theft, and ransomware infections. Experts recommend using ad blockers and verifying software sources before downloading applications.
Read more here

Story 9. International Law Enforcement Seizes Major Ransomware Gangs

A coordinated international law enforcement operation has led to the takedown of multiple ransomware gangs. Authorities seized infrastructure, arrested key members, and disrupted ransom payment channels used by cybercriminal organizations. The operation marks a significant victory in the global fight against ransomware, but experts warn that new groups may emerge to fill the void. Businesses are encouraged to strengthen cybersecurity measures to prevent future attacks.
Read more here

Story 10. EncryptHub’s OPSEC Failures Reveal Cybercriminal Tactics

EncryptHub, a notorious cybercriminal marketplace, has suffered major operational security (OPSEC) failures, exposing its hacking tools and customer data. The leaks have provided law enforcement agencies with valuable intelligence on cybercriminal tactics and infrastructure. As a result, several ongoing investigations into ransomware groups and dark web operations have accelerated. The incident highlights the growing risks for cybercriminals operating in underground markets.
Read more here



Enjoy Reading This Article?

Here are some more articles you might like to read next:

  • DJBSEC's CyberNews 2025-07-11
  • DJBSEC's CyberNews 2025-07-10
  • DJBSEC's CyberNews 2025-07-09
  • DJBSEC's CyberNews 2025-07-08
  • DJBSEC's CyberNews 2025-07-07