IT Security Newsletter - 3/24/2025
Oracle denies breach after hacker claims theft of 6 million data records
Oracle denies it was breached after a threat actor claimed to be selling 6 million data records allegedly stolen from the company's Oracle Cloud federated SSO login servers. "There has been no breach of Oracle Cloud. The published credentials are not for the Oracle Cloud. No Oracle Cloud customers experienced a breach or lost any data," the company told BleepingComputer. This statement comes after a threat actor released multiple text files yesterday containing a sample database. READ MORE...
Coinbase was primary target of recent GitHub Actions breaches
Researchers have determined that Coinbase was the primary target in a recent GitHub Actions cascading supply chain attack that compromised secrets in hundreds of repositories. According to new reports from Palo Alto Unit 42 and Wiz, the attack was carefully planned and began when malicious code was injected into a GitHub Action. It is unclear how the breach occurred, but the threat actors modified the action to dump CI/CD secrets and authentication tokens into GitHub Actions logs. READ MORE...
Mobsters now overlap with cybercrime gangs and use AI for evil, Europol warns
Organized crime networks are now reliant on digital tech for most of their activities according to Europol, the European agency that fights international crime on the continent and beyond. "The very DNA of organised crime is changing," Europol executive director Catherine De Bolle said last week. "The same qualities that make AI revolutionary - accessibility, adaptability and sophistication - also make it a powerful tool for criminal networks," Europol said. READ MORE...
Albabat Ransomware Expands Targets, Abuses GitHub
Newly identified versions of the Albabat ransomware are configured to target all major desktop platforms and to retrieve components from GitHub, cybersecurity firm Trend Micro reports. Active since 2023 and also known as White Bat, Albabat is known for targeting Windows systems through fake activation tools and cheat software, but the first signs of potential expansion to other platforms were seen in early 2024. READ MORE...
Medusa Ransomware Uses Malicious Driver to Disable Security Tools
The Medusa ransomware deploys a malicious driver from a Chinese vendor and uses it to disable the security tools running on the infected systems, cybersecurity firm Elastic Security Labs reports. Named smuol.sys, the driver masquerades as a legitimate CrowdStrike Falcon driver, is signed with a revoked certificate from a Chinese company, and is protected using VMProtect. Elastic has identified dozens of samples dated August 2024 to February 2025, all signed, likely using stolen certificates. READ MORE...
What CISA's Red Team Disarray Means for US Cyber Defenses
The Cybersecurity and Infrastructure Security Agency (CISA) has clarified in a statement that it didn't lay off hundreds of red teamers, among other roles sliced, it just killed their contracts. The move, along with letting go all probationary employees from the federal government including CISA, which was reversed following a court ruling against the terminations, is part of the Elon Musk Department of Government Efficiency (DOGE) effort to slash government spending. READ MORE...
Cloudflare turns AI against itself with endless maze of irrelevant facts
On Wednesday, web infrastructure provider Cloudflare announced a new feature called "AI Labyrinth" that aims to combat unauthorized AI data scraping by serving fake AI-generated content to bots. The tool will attempt to thwart AI companies that crawl websites without permission to collect training data for large language models that power AI assistants like ChatGPT. Cloudflare, founded in 2009, is probably best known as a company that provides infrastructure and security services for websites. READ MORE...
- ...in 1874, legendary stage magician and escape artist Erik Weisz, AKA Harry Houdini, is born in Budapest, Hungary.
- ...in 1882, pioneering German microbiologist Robert Koch announces his discovery of the bacterium responsible for tuberculosis.
- ...in 1939, fashion designer and costumer Bob Mackie, responsible for dressing entertainment icons since the early 1960s, is born in Monterey Park, CA.
- ...in 1958, Elvis Presley is drafted into the U.S. Army, joining the 3rd Armored Division in Friedberg, Germany before being honorably discharged in March 1960.