Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history
image for Keyless Entry Vulner ...

 Firewall Daily

A security flaw has been identified in the keyless entry systems (KES) used extensively in KIA vehicles across Ecuador, exposing thousands of cars to a severe risk of theft. This vulnerability, officially catalogued as CVE-2025-6029, centers around outdated technology in aftermarket key fobs homologated and   show more ...

distributed by KIA Ecuador. The affected models include the Kia Soluto, Rio, and Picanto from 2022 through 2025. The Nature of the KIA Vulnerability (CVE-2025-6029) The Keyless Entry Vulnerability was discovered by Danilo Erazo, an independent hardware security researcher, ethical hacker, and founder of Reverse Everything. Erazo has been studying vehicle security extensively, particularly focusing on the hardware and radio frequency (RF) protocols behind key fobs used in Latin America. His research highlights a critical flaw in the KES installed on many KIA vehicles in Ecuador: the continued use of “learning code” technology, rather than more secure rolling codes.  Most modern vehicles globally employ rolling code technology, which changes the access code every time the key fob is used, drastically reducing the risk of replay attacks or key cloning. Rolling codes became widespread in vehicle security systems in the mid-1990s and have been standard in Latin America since the early 2000s. In contrast, the vulnerable KIA key fobs use fixed learning codes—static codes that remain the same every time the key fob transmits a signal.  What Are Learning Codes? Learning codes are programmable fixed codes stored both in the vehicle’s receiver and in the key fob transmitter. Unlike fixed codes that are permanently hardwired, learning codes can be reprogrammed. Each vehicle typically supports up to four learning codes, allowing multiple keys to be programmed to the same car. However, these codes do not change dynamically with each use, leaving them open to exploitation via replay or cloning attacks.  An attacker can capture the radio frequency signal transmitted by the key fob using specialized antennas or Software Defined Radio (SDR) devices, then replay this exact signal to unlock the vehicle—hence the vulnerability’s name, the Keyless Entry Vulnerability.  The HS2240 and EV1527 Chips KIA Ecuador key fobs from 2022 and early 2023 utilize the HS2240 chip, while models from 2024 and 2025 employ the EV1527 chip. Both chips rely on the same insecure learning code technology. These chips have approximately 1 million possible fixed code combinations, but with brute force methods, hackers can systematically attempt all codes to gain unauthorized access.  In addition to replay and brute force attacks, the system allows “backdoor” vulnerabilities. Since the vehicle receiver accepts up to four learning codes, malicious actors can potentially add their own fixed codes, granting permanent unauthorized access without the owner’s knowledge. This backdoor could be introduced anywhere along the production or supply chain before the vehicle reaches the customer.  The vulnerability affects thousands of KIA vehicles across Ecuador, with confirmed cases involving Kia Soluto, Rio, and Picanto models from 2022 to 2025. Theft incidents in public and private parking lots have been linked to this weakness. Although this issue has been publicly disclosed in Ecuador, it is believed that other Latin American countries also use similarly vulnerable KES in vehicles.  This security gap is exacerbated by the fact that KIA Ecuador not only installs these key fobs but also officially homologates and distributes them. Interestingly, these vulnerable key fobs are even available for purchase on the KIA Ecuador website, despite not being original equipment manufacturer (OEM) parts.  Conclusion Danilo Erazo’s research on CVE-2025-6029 revealed how KIA vehicles in Ecuador with learning code-based keyless entry systems (KES) are vulnerable to replay attacks, brute forcing, and backdoor access. Danilo Erazo and other experts stress the urgent need to replace these outdated learning code fobs with rolling code technology and call on manufacturers to phase out vulnerable KES. The vulnerability also poses a global risk due to overlapping fixed code ranges. 

image for The true cost of ope ...

 Business

According to the 2025 State of Open Source report, 96% of surveyed companies use open-source applications. Their wide selection, customization options, and zero licensing costs are highly appealing. However, more than half of the firms surveyed face significant challenges with ongoing maintenance of open-source apps.   show more ...

A staggering 63% struggle to keep solutions updated and apply patches. Close behind are issues with cybersecurity, regulatory compliance, and the presence of end-of-life (EoL) open-source applications — meaning theyre no longer supported. So, how can you minimize the likelihood of these problems, and what should you look for when selecting open-source software (OSS) for implementation? Updates and patches Since updating OSS in good time is the most widespread problem, examine potential OSS-contenders-for-adoption from this perspective very carefully. Its easy to check the frequency and scope of updates, as well as their content, right within the applications public repository. Pay attention to how well-documented the updates are; what kinds of issues they resolve; what new features they add; how often minor fixes are released a few days or weeks after a major version; and how quickly bug-related requests are closed. Standard tools like Git Insights, along with supplementary services such as Is it maintained?, Repology, and Libraries.io, can help answer these questions. Libraries.io immediately shows which outdated dependencies the current version uses. Pay special attention to security-related updates. Are they released separately, or are they bundled with functionality updates? Typically, developers choose the latter path. In that case, you need to understand how long security updates might have been waiting for release. In addition, assess how complex the process of installing updates is. Official documentation and support can be a starting point, but they arent enough. Thoroughly reviewing user community feedback will likely be more helpful here. All of this will help you understand how much effort will go into maintaining the product. Youll need to allocate internal resources for support. Its not enough to simply assign responsibility; dedicated work hours will be required for these and related tasks. Vulnerabilities To accurately predict how often youll face cybersecurity issues, its best to evaluate the products engineering culture and cybersecurity hygiene from the get-go. While this can be labor-intensive, you can use automated tools to perform an initial, high-level analysis. For popular products and packages, a good approach is to check already existing heuristic assessment results from tools like OpenSSF Scorecard. It provides a variety of cybersecurity hygiene data, ranging from the number of unpatched vulnerabilities and the presence of security policies to the use of fuzzing and dependency pinning. In addition, examine public vulnerability databases like NVD and GitHub advisories to understand how many flaws have been discovered in the project, their criticality, and how quickly they were fixed. A high number of vulnerabilities in and of itself may indicate the projects popularity rather than poor development practices. However, the types of defects and how developers have responded to them are whats truly important. Dependencies and supply chain Nearly every OSS project relies on third-party open-source components, which are often undocumented. These components are updated as per their own schedules, and they can contain bugs, vulnerabilities — even malicious code. The key question here is how quickly patched component updates make their way into the project youre considering. To assess this, youll need SBOM (software bill of materials) or SCA (software composition analysis) tools. Available open-source solutions like OWASP Dependency-Check or Syft can build a projects dependency tree, but these are usually designed for projects already in operation, deployed in your own repositories or container images. Therefore, a deep dive into dependency analysis is best performed on a product that has already passed the preliminary evaluation and is a serious contender for a place in your infrastructure. Examine the list of dependencies thoroughly to determine if theyre sourced from trusted and well-vetted repositories, if theyre popular, and if they have digital signatures. Essentially, youre assessing the risks of their being compromised. While you could theoretically check for vulnerabilities in dependencies manually, if an OSS project is already deployed in a test environment, its much more straightforward to use tools like Grype. A huge hidden challenge is monitoring updates. In theory, every dependency update for a project needs to be re-checked. In practice, this is only feasible with automated scanners; other approaches are simply too expensive. If a project uses outdated dependencies and generally isnt ideal from a cybersecurity standpoint, its obviously better to look for an alternative. But what if the business insists on a specific solution because of its core functionality? The answer is the same as always: conduct a deeper risk analysis, develop compensating controls and, most importantly, allocate significant resources for ongoing maintenance. Internal resources are often insufficient, so its wise to evaluate options for professional technical support for that specific product from the outset. Compliance with internal and regulatory requirements If regulatory policies that apply to your company cover your chosen software and the data within it, develop a plan for compliance audits right away. Very large enterprise-grade open-source applications sometimes come with supporting documentation that can simplify certain types of audits. If not, youll have to develop it all yourself, which again means allocating significant time and resources. Nearly every piece of software in every industry will require a license compliance audit. Some open-source components and applications are distributed under restrictive licenses, like AGPL, which limit how you can distribute and use the software. Thanks to SBOM/SCA analysis, you can inventory all licenses for your software and its dependencies, and then verify that your use case doesnt violate any of them. These processes can be largely automated with specialized tools such as the OSS Review Toolkit, but the automation will require clear policies and effort from your development team. Support costs After analyzing all these aspects, you should have a clear picture allowing you to compare different approaches to application support. For support by an in-house team, youll need to allocate hours of relevant specialists. If your team doesnt have the necessary expertise, youll have to hire someone. Those primarily responsible for OSS support and security will also need time and a budget for constant ongoing professional development. If your internal teams resources are insufficient for support (due to limited staff or expertise), there are at least two types of professional outsourced technical support: firms like Red Hat — which specialize in application operations, and managed hosting providers — for specific applications (Kube Clusters, MongoDB Atlas, and the like). Beyond time and expertise, the cost and complexity of technical support are also influenced by the organizations overall readiness for widespread open-source adoption: Does your cybersecurity team have vulnerability scanners and risk management tools that are well-adapted to OSS? Do your IT asset tracking and monitoring tools support OSS projects and components? For in-house development teams, are image, repository, and other code source scanning processes included in your CI/CD pipeline? Specialized security solutions, such as Kaspersky Hybrid Cloud Security, can automate this aspect. Has your company developed a policy regulating OSS usage, and is there a clear understanding of who makes decisions and who is responsible for operational matters? Furthermore, its crucial to consider the broad spectrum of open source risks, including abrupt project discontinuation, a proliferation of minor dependencies, and other supply-chain risks.

 Feed

Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that's capable of harvesting sensitive developer-related information, such as credentials, configuration data, and environment variables, among others. The package, named chimera-sandbox-extensions, attracted 143 downloads and likely targets users of a service called Chimera Sandbox,

 Feed

Some of the biggest security problems start quietly. No alerts. No warnings. Just small actions that seem normal but aren't. Attackers now know how to stay hidden by blending in, and that makes it hard to tell when something’s wrong. This week’s stories aren’t just about what was attacked—but how easily it happened. If we’re only looking for the obvious signs, what are we missing right in front

 Feed

Introduction The cybersecurity landscape is evolving rapidly, and so are the cyber needs of organizations worldwide. While businesses face mounting pressure from regulators, insurers, and rising threats, many still treat cybersecurity as an afterthought. As a result, providers may struggle to move beyond tactical services like one-off assessments or compliance checklists, and demonstrate

 Feed

The U.S. Department of Justice (DoJ) said it has filed a civil forfeiture complaint in federal court that targets over $7.74 million in cryptocurrency, non-fungible tokens (NFTs), and other digital assets allegedly linked to a global IT worker scheme orchestrated by North Korea. "For years, North Korea has exploited global remote IT contracting and cryptocurrency ecosystems to evade U.S.

 Feed

An emerging ransomware strain has been discovered incorporating capabilities to encrypt files as well as permanently erase them, a development that has been described as a "rare dual-threat." "The ransomware features a 'wipe mode,' which permanently erases files, rendering recovery impossible even if the ransom is paid," Trend Micro researchers Maristel Policarpio, Sarah Pearl Camiling, and

 1 - Cyber Security News Post

Source: hackread.com – Author: Deeba Ahmed. VirtualMacOSX has allegedly suffered a data breach in which the data of 10,000 customers was leaked on a clear web forum known for cybercrime and data breaches. This forum, known for its message boards dedicated to database downloads, leaks, and cracks, made the full   show more ...

dataset freely accessible to anyone […] La entrada Hackers Leak Data of 10,000 VirtualMacOSX Customers in Alleged Breach – Source:hackread.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: securityboulevard.com – Author: Alison Mack Why is Advanced NHI Management Crucial for Driving Innovation? Where data is the new gold, organizations must ensure the safety of this precious commodity. But how can this be achieved? Could enhancing Non-Human Identities (NHIs) management be a powerful tool   show more ...

to drive innovation and boost cybersecurity? One might argue […] La entrada Drive Innovation Through Advanced NHI Management – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cloud Security

Source: securityboulevard.com – Author: Alison Mack Why is NHI Management Crucial for Growing Businesses? Growing businesses face the continuous challenge of ensuring their cybersecurity measures scale with their expansion. With companies evolve, so do the number and complexity of Non-Human Identifiers (NHIs)   show more ...

used within their systems. What is the secret to managing this increasing complexity? […] La entrada Scalable Secrets Management for Growing Businesses – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: securityboulevard.com – Author: Alison Mack Why does Digital Identity Control Matter in Cybersecurity? Do you fully control your digital identities? Managing Non-Human Identities (NHIs) and their secrets has become a fundamental pillar in cybersecurity. NHIs, often referred to as machine identities,   show more ...

play an increasingly critical role in securing a robust digital infrastructure. Understanding Non-Human […] La entrada Gain Full Control Over Your Digital Identities – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: securityboulevard.com – Author: Matt Palmer Since 2021, I’ve been building Jersey Cyber Security Centre (JCSC). As a cyber defence capability for an island state and leading International Finance Centre, we’re a small team with a big task. We’re also just one of hundreds around the world: teams in   show more ...

countries from all around the world, […] La entrada Introducing Guernsey Cyber Security Centre – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: securityboulevard.com – Author: Marc Handelman Authors/Presenters: Steven Shiau (Clonezilla Project Leader); Yu-Chin Tsai (Clonezilla NCHC Partclone); Chen-Kai Sun (Clonezilla Project / Engineer In NCHC) Our sincere appreciation to LinuxFest Northwest (Now Celebrating Their Organizational 25th   show more ...

Anniversary Of Community Excellence), and the Presenters/Authors for publishing their superb LinuxFest Northwest 2025 video content. Originating from the […] La entrada LinuxFest Northwest: Clonezilla Live On RISC-V Crafting Open Source Live Systems For Open Hardware – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: securityboulevard.com – Author: Lohrmann on Cybersecurity Lohrmann on Cybersecurity From vibe hacking to malware development to deepfakes, bad actors are discovering more vulnerabilities to attack generative AI tools while also using AI to launch cyber attacks. June 15, 2025 •  Dan Lohrmann Adobe   show more ...

Stock/top images Just a few years ago, several cybersecurity reports proclaimed that […] La entrada Guardrails Breached: The New Reality of GenAI-Driven Attacks – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Compliance

Source: securityboulevard.com – Author: Deborah Erlanger What is the EU AI Act? The EU AI Act (European Union Artificial Intelligence Act) is the world’s first comprehensive legal framework regulating artificial intelligence. Introduced by the European Commission in April 2021 and formally adopted in 2024,   show more ...

the Act is designed to ensure AI systems developed or used […] La entrada EU AI ACT – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.cyberdefensemagazine.com – Author: News team Data breach costs are rising at breakneck speed. IBM reported that the global average security breach cost is $4.9 million, marking a 10% increase since 2024. And it won’t stop here — USAID predicts that the global cost of cybercrime will climb   show more ...

to $24 trillion by 2027. While various factors contribute to […] La entrada The Growing Threat of AI-powered Cyberattacks in 2025 – Source: www.cyberdefensemagazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.cyberdefensemagazine.com – Author: News team According to a recent report released by the Multi-State Information Sharing and Analysis Center, governmental agencies are facing an increase in ransomware attacks from nation-state actors and other increasingly clever hackers. In the past, when   show more ...

considering who might be the most vulnerable to a cyberattack, large corporations and federal agencies […] La entrada The Cost of Ignoring Patches: How State and Local Governments Can Mitigate Damaging Security Breaches – Source: www.cyberdefensemagazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: thehackernews.com – Author: . Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that’s capable of harvesting sensitive developer-related information, such as credentials, configuration data, and environment variables, among others. The   show more ...

package, named chimera-sandbox-extensions, attracted 143 downloads and likely targeted users of a service called Chimera Sandbox, Original Post […] La entrada Malicious PyPI Package Masquerades as Chimera Module to Steal AWS, CI/CD, and macOS Data – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: securityaffairs.com – Author: Pierluigi Paganini Insik Group analyzed the new Predator spyware infrastructure and discovered it’s still gaining users despite U.S. sanctions since July 2023. Despite earlier declines in activity due to U.S. sanctions and public exposure, Predator spyware has resurged.   show more ...

Insikt Group analyzed a renewed infrastructure linked to the commercial spyware company and […] La entrada New Predator spyware infrastructure revealed activity in Mozambique for the first time – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: securityaffairs.com – Author: Pierluigi Paganini Canada’s airline WestJet has suffered a cyberattack that impactd access to some internal systems and the company app. WestJet is a Canadian airline that operates both domestic and international flights. Founded in 1996, it started as a low-cost carrier   show more ...

and has grown to become Canada’s second-largest airline, after Air […] La entrada Canada’s second-largest airline WestJet is containing a cyberattack – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Breaking News

Source: securityaffairs.com – Author: Pierluigi Paganini Canada’s second-largest airline WestJet is containing a cyberattack  |  SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 49  |  Security Affairs newsletter Round 528 by Pierluigi Paganini – INTERNATIONAL EDITION  |  Palo Alto Networks   show more ...

fixed multiple privilege escalation flaws  |  Unusual toolset used in recent Fog Ransomware attack  |  A cyberattack on […] La entrada SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 49 – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Breaking News

Source: securityaffairs.com – Author: Pierluigi Paganini A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Palo   show more ...

Alto Networks fixed multiple privilege escalation flaws Unusual toolset […] La entrada Security Affairs newsletter Round 528 by Pierluigi Paganini – INTERNATIONAL EDITION – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.infosecurity-magazine.com – Author: Canada’s second largest airline says it has been responding to a cyber-attack impacting some online services since Friday. Calgary-headquartered WestJet Airlines said in a series of updates over the weekend that although its flight operations are unaffected,   show more ...

some customers may have trouble accessing its website and app. “WestJet is aware of […] La entrada WestJet Investigates Cyber-Attack Impacting Customers – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Blog

Source: socprime.com – Author: Veronika Telychko WRITTEN BY Veronika Telychko Technical Writer [post-views] June 16, 2025 · 5 min read June has been a turbulent month for cyber defenders, marked by a surge of high-profile vulnerabilities shaking the security landscape. Following the exploitation of SimpleRMM   show more ...

flaws by the DragonForce ransomware group and the active use […] La entrada CVE-2025-4123 Vulnerability: “The Grafana Ghost” Zero-Day Enables Malicious Account Hijacking – Source: socprime.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 AI

Source: socprime.com – Author: Veronika Telychko According to Gartner, by 2029, agentic Artificial Intelligence (AI) will autonomously handle 80% of routine customer service inquiries, cutting operational costs by 30%. Unlike earlier AI models that focused on generating responses or summarizing conversations,   show more ...

agentic AI marks a shift toward systems capable of independently executing tasks. This shift […] La entrada What Are the Predictions of AI in Cybersecurity? – Source: socprime.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 CSOonline

Source: www.csoonline.com – Author: Quantum breakthrough delivers verifiable randomness as researchers develop globally scalable ‘uncheatable’ system rooted in physics rather than algorithms. In our digital world, where secure communications, fair elections, and reliable audits all depend on truly random   show more ...

numbers, researchers may have solved a persistent vulnerability: how to generate randomness that can’t be secretly […] La entrada New quantum system offers publicly verifiable randomness for secure communications – Source: www.csoonline.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 CSOonline

Source: www.csoonline.com – Author: News 16. Juni 20255 Minuten Eine einzige E-Mail kann Copilot unbemerkt dazu bringen, sensible Unternehmensdaten zu exfiltrieren – ohne Klicks, ohne Warnungen, ohne Benutzeraktion. Eine Lücke in Microsoft 365 Copilot ermöglicht es, sensible Daten zu stehlen. Tada   show more ...

Images – shutterstock.com Stellen Sie sich einen Angriff vor, der so heimlich ist, dass […] La entrada Erster Zero-Click-Angriff auf Microsoft 365 Copilot – Source: www.csoonline.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 CSOonline

Source: www.csoonline.com – Author: The vulnerability enables attackers to load malicious plugins, hijack sessions, and create administrative accounts on unpatched systems. A newly discovered cross-site scripting (XSS) vulnerability in Grafana — a widely used open-source analytics and visualization platform   show more ...

for developers — has put thousands of servers at risk of complete account takeover. According to […] La entrada ‘Grafana Ghost’ XSS flaw exposes 47,000 servers to account takeover – Source: www.csoonline.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

2025-06
Aggregator history
Monday, June 16
SUN
MON
TUE
WED
THU
FRI
SAT
JuneJulyAugust