Xi knows if you’ve been bad or good: iPhone app sends unencrypted data to China—and Android app appears even worse.
The post Chinese DeepSeek AI App: FULL of Security Holes Say Researchers appeared first on Security Boulevard.
via the comic humor & dry wit of Randall Munroe, creator of XKCD
The post Randall Munroe’s XKCD ‘Suspension Bridge’ appeared first on Security Boulevard.
Every year, cybercriminals sharpen their tools and refine their tactics to exploit network and security vulnerabilities. Gone are the days of clumsy emails with glaring typos and suspicious attachments. Instead, we face an era of new sophistication. No longer just stealing credentials, attackers are creating intricate digital narratives that make it difficult to distinguish friend from foe in our inboxes and DMs.
But these revelations are more than a glimpse in the cybercriminal underworld; they are a call to action. As phishing attacks continue to evolve, so should our defenses.
Phishing predictions for 2025In our ThreatLabz 2024 Phishing Report, we shared the following key predictions for the year to come:
Prediction 1: AI vs. AI will be an enduring challengeEnhanced AI capabilities increase the speed, scale, and automation of cyberattacks. Threat actors will widely adopt AI to craft more sophisticated phishing schemes and advanced techniques in 2025. As cybercriminals leverage publicly available and custom-made AI tools to orchestrate highly targeted campaigns, exploiting the trust of individuals and organizations alike, security vendors will integrate generative AI into their toolkits to enhance threat detection and response capabilities.
Prediction 2: Phishing as a service will intensify its focus on MFA exploitation and AiTMPhishing as a service removes technical barriers, allowing threat actors to launch successful phishing campaigns with limited expertise. They can take advantage of developer knowledge to launch a phishing attack and use advanced techniques to avoid detection. In the coming year, we can expect threat actors to conduct high-volume phishing campaigns aimed at bypassing enterprise multifactor authentication (MFA) through phishing kits that include AI-powered adversary-in-the-middle (AiTM) techniques, localized phishing content, and target fingerprinting.
Prediction 3: Vishing attacks spearheaded by malware groups will surge significantlyAs cybercriminals’ efforts become more sophisticated, they will increasingly turn to targeted voice and video phishing campaigns. For example, AI-driven voice cloning technology enables cybercriminals to mimic the voices of trusted individuals, creating highly realistic impersonations that can trick even the most vigilant people. Combined with the growing amount of VoIP accessibility and caller ID spoofing, attackers can mask their identities and origins, making it more difficult to trace the source of vishing calls.
Prediction 4: Attackers will home in on vulnerabilities inherent in mobile devices and platformsRemote work and bring-your-own-device (BYOD) culture have made mobile devices a permanent part of our work lives. As more and more of our lives involve mobile devices, cyberattackers are now targeting those devices with increasingly creative schemes. For example, they are shifting toward AI-driven social engineering attacks aimed at mobile users that exploit passkey and biometric authentication methods. Expect attackers to increasingly use fake push notifications that mimic legitimate apps and drive to phishing websites, exploiting mobile users’ trust in a common communication channel.
Prediction 5: Phishing will continue to erode trust in electoral outcomesIn heightened political climates and emotionally charged atmospheres, voters tend to let their guard down as they try to find new avenues to get their voices heard. Threat actors are poised to escalate phishing campaigns aimed at exploiting the political landscape. For example, an anonymous phishing attempt recently duped users by mimicking official election communications, successfully harvesting sensitive data. Looking forward, we expect similar politically motivated phishing attacks to target voter information platforms, campaign infrastructures, and public discourse channels. Organizations and electoral stakeholders should proactively bolster cybersecurity measures to detect and counter these emerging threats.
Prediction 6: Encrypted messaging platforms will become breeding grounds for phishing attacksPhishing attacks will capitalize on the trust users associate with encrypted messaging platforms. Using bots, for example, attackers will be able to automate illegal activities, from generating phishing pages to collecting sensitive user data. In these scenarios, cybercriminals will be able to impersonate users or authority figures, such as government officials, and urge others to share login credentials or download apps.
Prediction 7: Browser-in-the-browser phishing attacks will escalateBy exploiting users’ trust in open browsers and legitimate websites, browser-in-the-browser phishing attacks simulate a login window on a spoofed domain to steal user credentials. Attackers will increasingly utilize AI-driven customization in browser attacks to, for example, adapt phishing web pages to mimic browser environments more convincingly or analyze user interactions and adjust phishing content based on observed behaviors.
A quick Google search will show that all these predictions are already coming true. In February 2024, a major European retailer suffered a sophisticated phishing attack in which cybercriminals spoofed employee emails to deceive the financial team into transferring funds. As a result, the company lost approximately €15.5 million in cash.
Also in 2024, a global pharmaceutical company was hit with a vishing scheme in which employees received urgent calls from “executives” to immediately wire transfers for a fake acquisition deal, leading to a total loss of US$35 million. Using AI capabilities, the cybercriminals created a cloned voice with a believable accent and tone that made it indistinguishable from a real person.
Mitigate phishing attacks with the Zscaler Zero Trust ExchangeProtecting organizations from user compromise has become an increasingly formidable challenge, particularly as AI-driven phishing attacks gain traction. In this shifting landscape, organizations must evolve their security strategies and incorporate advanced phishing prevention controls into their broader network security defenses.
The cornerstone of an effective defense strategy is the Zscaler Zero Trust Exchange™, which takes a comprehensive approach to cybersecurity and stops conventional and AI-driven phishing attacks by:
Preventing compromise with full TLS/SSL inspection, browser isolation, and policy-driven access control to prevent access to suspicious websites.
Eliminating lateral movement by connecting users directly to apps, not the network.
Shutting down compromised users and insider threats by preventing private app exploit attempts with inline inspection and detecting the most sophisticated attackers with integrated deception.
Stopping data loss by inspecting data-in-motion and at-rest to prevent potential theft.
To learn more about how Zscaler can help you prevent the cyberattacks of tomorrow, check out our other Cybersecurity Predictions for 2025:
8 Cyber Predictions for 2025: A CSO’s Perspective
7 Ransomware Predictions for 2025: From AI Threats to New Strategies
5 Encrypted Attack Predictions for 2025
Request a custom demo on how Zscaler can help address your organization’s ransomware protection needs. Follow Zscaler ThreatLabz on X (Twitter) and our Security Research Blog to stay on top of the latest cyberthreats and security research. The Zscaler ThreatLabz threat research team continuously monitors threat intelligence from the world’s largest inline security cloud and shares its findings with the wider security community.
Forward-Looking StatementsThis blog contains forward-looking statements that are based on our management's beliefs and assumptions and on information currently available to our management. These forward-looking statements include, but are not limited to, statements concerning predictions about the state of phishing threats and attacks in calendar year 2025 and our ability to capitalize on such market opportunities; the use of Zero Trust architecture to combat phishing attacks and beliefs about the ability of AI and machine learning to reduce detection and remediation response times as well as proactively identify and stop cyberthreats. These forward-looking statements are subject to the safe harbor provisions created by the Private Securities Litigation Reform Act of 1995. These forward-looking statements are subject to a number of risks, uncertainties and assumptions, and a significant number of factors could cause actual results to differ materially from statements made in this blog, including security risks and developments unknown to Zscaler at the time of this blog and the assumptions underlying our predictions phishing in calendar year 2025. Additional risks and uncertainties are set forth in our most recent Quarterly Report on Form 10-Q filed with the Securities and Exchange Commission (“SEC”) on December 5, 2024, which is available on our website at ir.zscaler.com and on the SEC's website at www.sec.gov. Any forward-looking statements in this release are based on the limited information currently available to Zscaler as of the date hereof, which is subject to change, and Zscaler does not undertake to update any forward-looking statements made in this blog, even if new information becomes available in the future.
The post Phishing Season 2025: The Latest Predictions Unveiled appeared first on Security Boulevard.
The SHA256 algorithm, a cryptographic hash function, is widely used for securing data integrity and authenticity. It processes input data in fixed-size chunks of 512 bits (64 bytes) and produces a unique 256-bit (32-byte) hash. This property allows for incremental hashing, where data is processed in smaller chunks without requiring the entire dataset to be […]
The post SHA256 Hash Calculation from Data Chunks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
A recent analysis of over one million malware samples by Picus Security has revealed a growing trend in the exploitation of application layer protocols for stealthy command-and-control (C2) operations. These findings, detailed in the Red Report 2025, underscore the increasing sophistication of cyber adversaries who leverage widely used protocols to evade detection and maintain persistence […]
The post New Report of of 1M+ Malware Samples Show Application Layer Abused for Stealthy C2 appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
In a significant breakthrough against global cybercrime, Thai authorities announced today the arrest of four European nationals linked to the notorious 8Base ransomware group. The operation, codenamed “Phobos Aetor,” culminated in the seizure of the group’s dark web infrastructure and the apprehension of two men and two women accused of orchestrating ransomware attacks that affected […]
The post 8Base Ransomware Dark Web Site Seized, Four Operators Arrested appeared first on Cyber Security News.
Threat actors are using as many as 2.8 million edge and IoT devices from around the world in a massive brute force attack that is targeting edge security systems from Palo Alto Networks, Ivanti, SonicWall, and other vendors, according to the Shadowserver Foundation.
The post Attackers Use 2.8 Million Devices in Major Brute Force Attack appeared first on Security Boulevard.
Researchers have uncovered a critical vulnerability in the Linux kernel, dating back seven years, that could allow attackers to execute remote code. The flaw, identified in the core TCP subsystem, was introduced through a race condition in the inet_twsk_hashdance function. This issue, now tracked as CVE-2024-36904, was patched last year after being reported by security […]
The post Seven-Year-Old Linux Kernel Bug Opens Door to Remote Code Execution appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
A critical security vulnerability, CVE-2024-52875, has been identified in GFI KerioControl firewalls, affecting versions 9.2.5 through 9.4.5. This flaw, which can be exploited for remote code execution (RCE), has already drawn significant attention from cybercriminals, with thousands of unpatched systems worldwide now at risk. The vulnerability resides in several unauthenticated URI paths of the KerioControl […]
The post 12,000+ KerioControl Firewall Instances Vulnerable to 1-Click RCE Exploit appeared first on Cyber Security News.