NASCAR Under Attack Along with the NBA as Online Infiltrators Lead Dubious Scams

Article Link: https://www.essentiallysports.com/nascar-news-nascar-under-attack-along-with-the-nba-as-online-infiltrators-lead-dubious-scams/

• Hackers breached the NBA and NASCAR’s official X (formerly Twitter) accounts, posting fraudulent announcements about launching new cryptocurrencies, $NBA Coin and $NASCAR Token, purportedly on the Solana blockchain.
• These unauthorized posts aimed to deceive followers into believing in these fake digital assets, potentially leading them to invest in non-existent cryptocurrencies. Both organizations acted swiftly, deleting the fraudulent posts within minutes and confirming the hacks.
• The NBA’s account boasts over 48 million followers, while NASCAR’s has more than 3.6 million. Such a vast reach means numerous fans were exposed to these scams, exposing weak points in the digital security of major sports organizations.
• Blockchain fraud investigators and social media risk consultants advise followers to remain vigilant, avoid engaging with suspicious links, and verify announcements through official channels before taking any action.

California Shuts Down Data Broker for Failing to Register

Article Link: https://therecord.media/california-shuts-down-data-broker-for-failing-to-register

• The California Privacy Protection Agency (CPPA) has ordered Background Alert, a data broker, to cease operations for three years due to its failure to register as mandated by the state’s Delete Act. ​
• Background Alert utilized billions of public records to create and sell individual profiles on its website. The company drew inferences about individuals to identify those who “may somehow be associated with” the person being searched, as per CPPA’s findings. ​
• This unprecedented enforcement action shows California’s firm stance on regulating the data brokerage industry and protecting consumer privacy. It exposes the risks for data brokers who fail to comply with state registration requirements. ​
• Regulatory compliance consultants counsel data brokers to follow state laws by registering annually and paying the required fees to avoid paying fines of $200 per day if not submitted by the deadline.

VMware Flaws Exploited in the Wild, Broadcom Releases Patches

Article Link: https://www.scworld.com/news/vmware-flaws-exploited-in-the-wild-broadcom-releases-patches

• Three actively exploited zero-day flaws (CVE-2025-22224, CVE-2025-22225, CVE-2025-22226) hit VMware ESXi, Workstation, and Fusion, letting attackers execute code on the host system or leak sensitive data.
• The most severe flaw (CVSS 9.3) is a TOCTOU vulnerability that enables out-of-bounds writes, leading to host-level code execution. Other flaws allow arbitrary kernel writes and data leaks.
• Over 37,000 VMware ESXi instances remain unpatched, prompting the Cybersecurity Infrastructure Security Agency (CISA) to add these flaws to its Known Exploited Vulnerabilities list as attacks escalate.
• Broadcom has released fixes with no workarounds available. Admins must update now to prevent potential hypervisor escapes, unauthorized access, and full system compromise.

CISA Warns of Microsoft Partner Center Access Control Vulnerability Exploited in the Wild

Article Link: https://cybersecuritynews.com/cisa-microsoft-partner-center-access/

• A privilege escalation bug (CVE-2024-49035) in Microsoft’s Partner Center is under active attack, letting hackers gain unauthorized access to cloud services and sensitive customer data.
• The flaw allows attackers to bypass access controls, escalate privileges, and potentially deploy malware, all without authentication. Originally rated 8.7 CVSS, its severity has jumped to 9.8 due to the ease of exploitation.
• Organizations using Microsoft’s cloud services face serious data exposure risks, while U.S. federal agencies have been ordered by CISA to patch immediately.
• Microsoft has automatically rolled out patches, and CISA is requiring updates by March 18. Private companies should act fast before attackers exploit this flaw further.

‘Crafty Camel’ APT Targets Aviation, OT With Polyglot Files

Article Link: https://www.darkreading.com/ics-ot-security/crafty-camel-apt-aviation-ot-polygot-files

• A threat group dubbed “Crafty Camel”, suspected to have ties to Iran, has carried out a covert cyber-espionage operation against key OT companies in the UAE.
• The attackers used business email compromise (BEC) tactics, sending emails embedded with polyglot files, documents that appear as one type but function as another, to deploy a concealed backdoor, enabling unauthorized access and data theft.
• This operation demonstrates the growing complexity of nation-state attacks against vital infrastructure, exposing weaknesses in OT environments and raising concerns over potential operational disruptions.
• Threat intelligence groups recommend organizations strengthen email security, conduct frequent security audits, and educate employees on spotting and reporting phishing attempts to reduce exposure to these threats.

Research finds 12,000 ‘Live’ API Keys and Passwords in DeepSeek’s Training Data

Article Link: https://www.bleepingcomputer.com/news/security/nearly-12-000-api-keys-and-passwords-found-in-ai-training-dataset/

• Researchers at Truffle Security analyzed 400 terabytes of data from 2.67 billion web pages in the Common Crawl dataset, uncovering nearly 12,000 active API keys and passwords tied to AWS, MailChimp, and WalkScore.
• Developers hardcoded secrets into front-end HTML and JavaScript, making them publicly accessible. One WalkScore API key appeared 57,000+ times across 1,871 subdomains, and 63% of exposed keys were duplicated across multiple web pages.
• These leaks let attackers hijack cloud services, steal data, and exploit paid APIs, while also training AI models to suggest insecure coding practices, worsening security across the industry.
• Information security researchers say ditch hardcoded credentials, move secrets to server-side environment variables, and conduct routine code audits to prevent future leaks.
• Report: https://trufflesecurity.com/blog/research-finds-12-000-live-api-keys-and-passwords-in-deepseek-s-training-data
  

SolarWinds CISO Says Security Execs Are ‘Nervous’ About Individual Liability for Data Breaches

Article Link: https://cyberscoop.com/tim-brown-solarwinds-liability-cyberlawcon/

• At CyberLawCon, SolarWinds CISO Tim Brown warned that the individual responsibility security executives now face for breaches could shift their focus from cyber defense to legal liability.
• Brown was a vice president and the highest-ranking security official during the company’s 2020 supply chain compromise and was accused in a Securities and Exchange Commission (SEC) lawsuit of misleading investors about SolarWinds’ security posture before the attack.
• With lawsuits looming, CISOs are prioritizing legal risk over cybersecurity, creating a leadership crisis that could leave companies more vulnerable to attacks. A December 2024 survey from cybersecurity vendor BlackFog survey revealed that 7 of 10 CISOs said reports of executive legal liability negatively affected their opinion of the job.
• Brown advocates for stronger cybersecurity regulations to define CISO responsibilities, allowing security leaders to focus on defense instead of fighting lawsuits.

Women Faced the Brunt of Cybersecurity Cutbacks in 2024

Article Link: https://www.darkreading.com/remote-workforce/women-cyber-cutbacks-2024

• The (ISC)² 2024 Women in Cybersecurity Report surveyed 15,852 cybersecurity professionals, revealing that women make up just 18.3% of the U.S. cybersecurity workforce and 20-25% globally, demonstrating a persistent gender gap.
• In 2024, cybersecurity cutbacks disproportionately affected women, worsening industry imbalance. Along with that, the gender pay-gap remains, with women earning an average of $109,609, while men make $115,003, a $5,400 difference.
• Despite 73% of women reporting job satisfaction (compared to 70% of men), 36% feel they can’t be authentic at work, with numbers rising for South Asian (48%), Black (43%), and Hispanic (42%) women.
• HR and talent acquisition leaders continue to appeal for stronger pay equity, inclusive hiring, better mentorship programs, sponsorship in leadership development, and flexible work policies as key solutions to retaining and advancing women in cybersecurity.
• Report: https://www.isc2.org/insights/2025/03/women-comprise-22-percent-of-the-cybersecurity-workforce