CSO US First Look
The day's top cybersecurity news and in-depth coverage
January 11, 2025
Malware targets Mac users by using Appleâs security tool
Using Appleâs proprietary string encryption, the malware evaded detection for months.
Read more
Legitimate PoC exploited to spread information stealer
Itâs another example of how openly-posted proofs of concepts are being abused to sucker security researchers.
Ivanti zero-day exploited by APT group that previously targeted Connect Secure appliances
Vulnerability revealed by Ivanti has been exploited by the same group that targeted Connect Secure from January 2024.
SEC rule confusion continues to put CISOs in a bind a year after a major revision
Despite a spate of recent actions exemplifying how the US Securities and Exchange Commission is enforcing disclosure and compliance, companies are still unsure how and what to report.
New Mirai botnet targets industrial routers
Security researchers warn of a new variant of the Mirai botnet. Attackers used it for zero-day exploits on industrial routers.
SonicWall firewall hit with critical authentication bypass vulnerability
The company urged admins to immediately patch their firewalls to fend off threats of easy exploitation.
China-linked hackers target Japanâs national security and high-tech industries
Authorities reveal advanced cyber tactics exploiting tools such as Windows Sandbox and Visual Studio Code, urging immediate defensive measures.
