Cybersecurity jobs available right now: January 14, 2025
Some of the jobs listed here are no longer accepting applications. For a fresh list of open cybersecurity jobs, go here. Application Security DevOps engineer Twixor | India | …
What 2024 taught us about security vulnerabilties
From zero-day exploits to weaknesses in widely used software and hardware, the vulnerabilities uncovered last year underscore threat actors’ tactics and the critical …
UK domain registry Nominet breached via Ivanti zero-day
The number of internet-facing Ivanti Connect Secure instances vulnerable to attack via CVE-2025-0282 has fallen from 2,048 to 800 in the last four days, the Shadowserver …
Attackers are encrypting AWS S3 data without using ransomware
A ransomware gang dubbed Codefinger is encrypting data stored in target organizations’ AWS S3 buckets with AWS’s server-side encryption option with customer-provided …
EU law enforcement training agency data breach: Data of 97,000 individuals compromised
Personal data of nearly 100,000 individuals that have participated in trainings organized by CEPOL, the European Union (EU) Agency for Law Enforcement Training, has …
Alleged Blender, Sinbad cryptomixer operators arrested, indicted
Three Russian nationals have been indicted in the Northern District of Georgia for their alleged role as operators of cryptocurrency mixing (cryptomixer) services Blender.io …
GitHub CISO on security strategy and collaborating with the open-source community
In this Help Net Security, Alexis Wales, CISO at GitHub, discusses how GitHub embeds security into every aspect of its platform to protect millions of developers and …
Chainsaw: Open-source tool for hunting through Windows forensic artefacts
Chainsaw is an open-source first-response tool for quickly detecting threats in Windows forensic artefacts, including Event Logs and the MFT file. It enables fast keyword …
Time for a change: Elevating developers’ security skills
Organizations don’t know their software engineers’ security skills because they don’t assess them in the interview process. Trying to do that in an interview is challenging, …
Week in review: Exploited Ivanti Connect Secure zero-day, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Ivanti Connect Secure zero-day exploited by attackers (CVE-2025-0282) Ivanti …
Job-seeking devs targeted with fake CrowdStrike offer via email
Cryptojackers are impersonating Crowdstrike via email to get developers to unwittingly install the XMRig cryptocurrency miner on their Windows PC, the company has warned. The …
January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance
January 2025 Patch Tuesday is now live: Microsoft fixes actively exploited Windows Hyper-V zero-day flaws Welcome to 2025 and a new year of patch excitement! In my December …