Cary, North Carolina, 14th May 2025, CyberNewsWire

**Cary, North Carolina, May 14th, 2025, CyberNewsWire**

INE Security, a global leader in hands-on cybersecurity training and certifications, today highlighted how ongoing real-world practice with the latest CVEs (Common Vulnerabilities and Exposures) is essential for transforming security teams from reactive to proactive defenders.

With over 26,000 new CVEs documented in the past year, security teams are drowning in vulnerability alerts while facing exploit windows that have compressed to hours in many cases.

> “Reading CVE bulletins is not the same as knowing how to stop the attack,” said Dara Warn, CEO at INE Security. “Our Skill Dive platform gives practitioners hands-on experience with real vulnerabilities in contained environments, cutting incident response times when these same issues hit production. This practical approach delivers far more value than traditional security certifications alone.”

Skill Dive is INE Security’s risk-free technical environment featuring exclusive labs not found in learning paths and courses. Skill Dive’s Vulnerabilities Lab Collection offers a continuously updated library of labs specifically designed to provide hands-on practice with actual CVEs, allowing security practitioners, including those preparing for pentester certifications, to experience both the exploitation and mitigation of current real-world threats in a safe environment.

**CVEs: From Bulletin to Defense**

CVEs are the standard identifiers for known vulnerabilities, but many security teams struggle to implement effective mitigations at scale, even those with Sec+ and other entry-level certifications.

Common challenges include:

*   Risk prioritization across hundreds of monthly CVEs
*   Testing mitigations without impacting production
*   Adapting defenses to diverse system configurations
*   Building response muscle memory that works under pressure
*   Getting ahead of the threat curve instead of constantly reacting

**Practice Today’s Threats. Prevent Tomorrow’s Breaches.**

INE Security’s Skill Dive Vulnerabilities Lab Collection delivers:

*   **Exclusive vulnerability labs** not available in standard security training
*   **Monthly CVE updates** focusing on high-impact vulnerabilities
*   **Isolated practice environment** for both offensive and defensive techniques
*   **Complete severity coverage** from critical zero-days to common misconfigurations
*   **Practical exploitation and defense experience** that transfers directly to production incidents

> “When a critical CVE drops, you don’t have time to theorize,” said Tracy Wallace, Director of Content at INE Security. “Teams with hands-on practice respond significantly faster because they’ve seen similar attack patterns before. Log4Shell (CVE-2021-44228) was a perfect example – practitioners who had experience with JNDI injection attacks were able to implement effective mitigations within hours, while others took days or even weeks to fully remediate.”

**Real Benefits for Security Teams**

Skill Dive delivers immediate advantages for practitioners:

*   Develop attack pattern recognition that speeds incident response
*   Understand attack chains beyond what bulletins describe
*   Practice team coordination for high-pressure security events
*   Identify defensive gaps before attackers find them
*   Build skills that directly translate to career advancement

SecOps teams, security analysts, and IT admins get exactly what certification courses miss: hands-on practice with real-world vulnerabilities.

> “Security professionals who regularly drill on current vulnerabilities become exponentially more valuable to their organizations,” said Wallace. “The best defenders understand both the attack and defense sides of the equation.”

**High-Impact CVEs in the Skill Dive Collection**

The platform features hands-on labs for the most actively exploited vulnerabilities in enterprise environments, including:

*   **OpenMetadata Authentication Bypass (CVE-2024-28255)**: Exploit the target machine running OpenMetadata by bypassing the authentication and gaining remote code execution (RCE)
*   **Calibre RCE (CVE-2024-6782)**: Exploit the remote code execution vulnerability in Calibre, leading to unauthorized system access
*   **Log4Shell (CVE-2021-44228)**: Practice identifying and remediating this critical remote code execution vulnerability that continues to plague Java applications across multiple sectors
*   **Spring4Shell (CVE-2022-22965)**: Gain hands-on experience with this widely exploited RCE vulnerability affecting Spring Framework applications

> “We continuously track which vulnerabilities are most actively exploited,” said Wallace. “Our collection prioritizes CVEs with the highest real-world impact, not just theoretical severity ratings.”

**Proactive Security Through Deliberate Practice**

The Skill Dive approach includes:

*   Monthly updates aligned with emerging threat patterns
*   Realistic environments mirroring production systems
*   Practical documentation focused on effective mitigations
*   Continuous evolution based on real-world attack trends

Recent lab additions include other top-exploited vulnerabilities such as Cacti Import Packages RCE (CVE-2024-25641), Gradio Path Traversal (CVE-2024-1561), Calibre Arbitrary File Read (CVE-2024-6781), Graylog Information Exposure (CVE-2024-24824), and Navidrome SQL Injection (CVE-2024-47062). 

> “Security teams that regularly practice with new vulnerabilities stop more breaches, period,” said Wallace. “Practice transforms defense from constant firefighting into strategic advantage.”

**Availability**

Individual subscriptions to Skill Dive are available now. Enterprise packages for team training are also available.

For more information, users can visit ine.com/cyber-ranges

**About INE Security**

INE Security is the premier provider of online networking and cybersecurity training and cybersecurity certifications. Harnessing a powerful hands-on lab platform, cutting-edge technology, a global video distribution network, and world-class instructors, INE Security is the top training choice for Fortune 500 companies worldwide for cybersecurity training in business and for IT professionals looking to advance their careers. INE Security’s suite of learning paths offers an incomparable depth of expertise across cybersecurity. The company is committed to delivering advanced technical training while also lowering the barriers worldwide for those looking to enter and excel in an IT career.

**Contact**

**Kathryn Brown**  
**INE Security**  
**\[email protected\]**

INE Security Alert: Continuous CVE Practice Closes Critical Gap Between Vulnerability Alerts and Effective Defense

Scammers impersonate government agencies on WhatsApp to target job seekers with fake offers, phishing sites, and identity theft…

Scammers impersonate government agencies on WhatsApp to target job seekers with fake offers, phishing sites, and identity theft schemes, Netcraft warns.

Cybersecurity firm Netcraft has issued a warning about a significant spike in sophisticated recruitment scams targeting job seekers. Their recent analysis, shared exclusively with Hackread.com, highlights three distinct threat actors employing varied methods to defraud individuals, emphasizing the growing danger in the online job market.

****Tech Employer Impersonation:****

This group uses advance fee fraud (AFF), posing as tech companies like Celadonsoft and SoftServ. Victims are lured via WhatsApp with high-paying jobs (often in USDT) and directed to fake websites, which credit them a small sum to build trust, and then prompt them to undertake tasks like app optimization.

To earn high remuneration, users must deposit their funds, ranging from small amounts to thousands of USDT. Victims continue to deposit money to complete more tasks, believing they are accumulating earnings. However, when they withdraw, the funds never materialize, leaving them with huge financial losses and having performed work that likely benefits the scammers. Netcraft found at least nine identical fake sites used in 2024.

Source: Netcraft

****Logistics Agency Impersonation****

Similar to the first group, this actor impersonates a logistics recruiter, Picked Well, employing AFF tactics. While the overall modus operandi mirrors the first threat actor – luring victims with job offers and then requiring upfront payments for tasks to supposedly unlock high earnings – the key differentiator is the geo-based targeting.

These scams are localized with Netcraft detecting a total of 36 fake websites specifically targeting victims in 18 different countries- the US being a major focus. The US experienced 95 times more traffic to these fake sites than the UK and 170 times more than Australia. This suggests a specific focus on US job seekers with 63,000 targeted already.

According to Netcraft’s blog post, in both scams, initial contact often occurs through messaging platforms like WhatsApp and Telegram, with recruiters using two different fake personas to build trust and execute financial extraction.

****Government Impersonation:****

This threat actor impersonates the Government of Singapore, aiming for **identity theft.** Fake Government of Singapore Telegram groups lure victims into joining them. Within these groups, messages are posted, often with slight errors in spelling like “Singapure”, claiming to be from official departments.

Source: Netcraft

Clicking on links leads to phishing websites offering fake job vacancies with attractive salaries. Users are required to sign up, provide their identity card and phone number, and enter a verification code. This gives the attacker full control over the victim’s account. Netcraft warns that compromised accounts are likely used to impersonate victims, spread scam messages, or engage in extortion.

These findings align with a concerning trend reported by the FTC, which saw over $500 million lost to job scams in the US in 2023, a significant increase from$200 million in 2022.

Therefore, job seekers should be vigilant when receiving correspondence from recruiters or searching for jobs online. Look for telltale characteristics, such as a lack of Facetime with recruiters, communication via social media, typos and low-quality content. Netcraft notes that promises that seem “too good to be true,” should serve as a red flag for such fraudulent schemes.

Job Seekers Targeted as Scammers Pose as Government Agencies on WhatsApp

CISA adds TeleMessage flaw to KEV list, urges agencies to act within 3 weeks after a breach exposed…

CISA adds TeleMessage flaw to KEV list, urges agencies to act within 3 weeks after a breach exposed unencrypted chats. The Israeli App was used by Trump officials!

A serious flaw in TM SGNL, a messaging app by US-Israeli firm TeleMessage used by former Trump administration officials, has now landed on CISA’s Known Exploited Vulnerabilities (KEV) list. The move follows reports of a breach that exposed sensitive communications and backend data.

The Cybersecurity and Infrastructure Security Agency (**CISA**) added CVE-2025-47729 to its KEV catalogue this week. The listing confirms that the vulnerability has been exploited in the wild and sets a three-week deadline for federal agencies to address the issue.

****Breach and Research Findings****

On May 5, Hackread.com **reported** that TeleMessage had halted operations of TM SGNL after attackers gained access to backend systems and user message data. The breach cast doubt on the platform’s core security claims.

Security researcher Micah Lee analyzed the app’s source code and found a serious gap in its encryption model. While TeleMessage stated that TM SGNL used **end-to-end encryption**, Lee’s findings suggest otherwise. Communication between the app and its final storage point lacked full encryption, which opened the door for attackers to intercept plaintext chat logs.

This finding raised some serious security and privacy concerns given the app’s past use by high-level figures, including former national security advisor Mike Waltz.

Follow us on TikTok

****Why CISA Acted****

CISA’s decision to add the flaw to its KEV list sends a clear message to government agencies: the software isn’t safe. It puts pressure on them to patch or drop it quickly.

**Thomas Richards**, Infrastructure Security Practice Director at Black Duck, said the decision likely stemmed from the software’s use in government:

“This vulnerability was probably added to the KEV list because of who was using it. With sensitive government conversations involved, the breach takes on another level of risk. CISA’s move is about making sure agencies know this software shouldn’t be trusted.”

**Casey Ellis**, founder of Bugcrowd, added that the inclusion confirms the severity:

“CISA is making sure federal agencies got the message. The fact that the logs weren’t properly encrypted changes the risk equation. And while the CVSS 1.9 score may seem low, it still reflects the danger of compromising the device storing those logs.”

****What’s Next****

Federal agencies are now required to act within three weeks. Organizations outside the government are also advised to review the KEV catalogue and consider prioritizing patches or alternative solutions.

The breach and following KEV listing have pushed TeleMessage into a larger discussion about transparency, encryption standards, and the security infrastructure of platforms used in political and governmental communication.

For more information, the CVE entry is available via **NVD**, and the KEV catalogue can be accessed on the **CISA website**.

CISA Adds TeleMessage Vulnerability to KEV List Following Breach

Zoom fixes multiple security bugs in Workplace Apps, including a high-risk flaw. Users are urged to update to…

Zoom fixes multiple security bugs in Workplace Apps, including a high-risk flaw. Users are urged to update to the latest version released on May 13, 2025.

Zoom pushed out a batch of security fixes today, addressing multiple vulnerabilities across its Workplace Apps. One of them has been marked high severity, while the others are rated medium. The updates affect both general app versions and Windows-specific builds.

For anyone using Zoom in business or education settings, especially on Windows systems, these updates are worth attention.

****What Was Fixed****

The most significant of the bunch is a time-of-check to time-of-use (TOCTOU) issue listed under CVE-2025-30663. This type of bug occurs when there’s a delay between a system checking if an action is safe and performing it. During that short window, attackers might interfere. This bug affects Zoom Workplace Apps broadly and was rated high severity.

The rest of the vulnerabilities carry medium severity ratings. Here’s a quick breakdown:

****Improper Neutralization of Special Elements****

*   Affects: All Workplace Apps
*   CVEs: CVE-2025-46786, CVE-2025-46787, CVE-2025-30664
*   Issue: These bugs involve the mishandling of user inputs, which could allow scripts or commands to be executed in unexpected ways.

****Buffer Over-read****

*   Affects: Windows versions
*   CVE: CVE-2025-46785
*   Issue: This bug could lead to the application reading more data than it should, risking exposure of sensitive information.

****NULL Pointer Dereference****

*   Affects: General and Windows-specific builds
*   CVEs: CVE-2025-30665, CVE-2025-30666, CVE-2025-30667, CVE-2025-30668
*   Issue: These can cause the app to crash by trying to access memory that hasn’t been set, which could be exploited in some edge cases.

All seven bulletins were published today on Zoom’s official security bulletin page, with updates issued at the same time.

In a comment to Hackread.com, Jim Routh, Chief Trust Officer at Saviynt stated, “Cyber professionals are considering the need for deepfake detection and prevention impacting virtual meetings today. It turns out that the software defects/vulnerabilities announced recently in Zoom Workplace are far more critical at this time.”

”DoS and remote code execution vulnerabilities have the potential for significant business disruption with the potential for ransomware exploits,” he added. ”Software resilience for enterprise software companies is achievable with more maturity in the development process to identify and remediate race conditions.”

****Patch NOW****

Zoom is widely used across industries, and bugs like these mixed with others, can be a massive security risk. While the technical details may not apply to everyday users, IT teams should treat this as a routine security maintenance window. Applying the patches quickly reduces the chance of these issues being exploited.

Therefore, if you use Zoom Workplace Apps, update now. The patches are live and available for download. Admins managing enterprise deployments should review their update pipelines to make sure these fixes are rolled out across all user endpoints.

Zoom Fixes High-Risk Flaw in Latest Update

A security lapse on PrepHero, a college recruiting platform, exposed millions of unencrypted records, including sensitive personal details…

A security lapse on PrepHero, a college recruiting platform, exposed millions of unencrypted records, including sensitive personal details and passport images of student-athletes.

A massive amount of personal information belonging to over three million individuals, including young athletes hoping for college scholarships and their coaches, was recently found unprotected online. vpnMentor’s cybersecurity researcher Jeremiah Fowler discovered this exposed database and reported it on May 12, 2025.

Based on the information in the database, it belonged to a Chicago-based company called PrepHero, operated by EXACT Sports. For your information, PrepHero helps high school athletes create recruiting profiles for college sports programs and facilitates direct communication between athletes and coaches at renowned universities, aiming to secure sports scholarships.

According to Fowler’s investigation, shared with Hackread.com, this database contained a staggering 3,154,239 records (totalling around 135 gigabytes) and was not secured with a password or any form of encryption.

Fowler’s initial checks revealed sensitive information about student-athletes, including names, phone numbers, email addresses, home addresses, and passport information. The database also contained contact details for parents and coaches, as well as unprotected computer files with student athletes’ passport image links.

Source: vpnMentor

Adding to the severity of the exposure, the database contained a folder labelled “mail cache” holding 10 gigabytes of email messages spanning from 2017 to 2025. The folder contained personalized web links to publicly accessible pages displaying names, birth dates, email addresses, home addresses, and compensation details.

Some emails also included temporary passwords, posing further privacy risks. Audio recordings of coaches stating their names, colleges, and evaluations of student athletes’ strengths and weaknesses were also found.

Fowler promptly disclosed this discovery to PrepHero, which quickly secured the database, preventing further public access. While the exposed records have been linked to PrepHero, it is yet unclear whether this database was directly managed or an external company was responsible for its management. Furthermore, it’s also unclear how long the sensitive information was accessible online before Fowler’s discovery or if anyone else might have accessed it.

****Education Sector is Already Vulnerable****

As noted in Check Point’s April 2025 malware report, cyber attacks on the education sector continue to rise. Just last week, edtech giant PowerSchool confirmed it paid ransom after a December 2024 ransomware attack that exposed the personal data of students and teachers.

Meanwhile, new reports reveal that the official website of iClicker, a widely used student engagement platform, was hacked in a ClickFix attack. Having a database exposed to cyber criminals is worse than leaving your front door wide open, it’s an open invitation with far more at stake.

Fowler highlighted the privacy risks associated with exposing student athletes’ personal information, as they are often young and lack credit histories, making them vulnerable to identity theft. Criminals could use this data to open fraudulent accounts without immediate detection. Students, parents, and coaches’ contact information could be exploited for targeted phishing attacks and scams, with coaches also at risk of spear-phishing attempts.

Considering these repercussions, individuals associated with PrepHero or EXACT Sports must remain cautious about phishing/social engineering attempts, use secure content management systems with access controls, use multi-factor authentication for all accounts and encrypt sensitive documents to minimize the impact of potential data breaches.

“Sending emails with unique web links to surveys or open webpages that contain PII should be restricted and only accessible with login credentials to prevent unauthorized or accidental access,” Fowler advised.

PrepHero-Linked Database Exposed Data of 3M Students and Coaches

Popular student engagement platform iClicker’s website was compromised with a ClickFix attack. A fake “I’m not a robot”…

Popular student engagement platform iClicker’s website was compromised with a ClickFix attack. A fake “I’m not a robot” check tricked users into installing malware. Learn who was affected and how to stay safe.

A popular digital classroom used in many universities, called iClicker, was recently targeted by hackers. This tool, owned by Macmillan, helps teachers track attendance and ask students questions in class. Millions of students and thousands of teachers across the US, including the University of Michigan and the University of Florida, use iClicker.

According to the University of Michigan’s Safe Computing Team’s advisory, between April 12th and 16th, 2025, the iClicker website was compromised, showing a fake CAPTCHA to the site’s visitors, and asking them to click “I’m not a robot.”

Source: University of Michigan

When a Windows user clicked on this fake check, a hidden PowerShell command was copied to their device. They were prompted to open a special window on their computer (by pressing the Windows key and the letter ‘R’ at the same time), paste this command (by pressing Ctrl and ‘V’), and then press Enter. Doing this would run the hidden command.

This trick, known as a ClickFix attack, is a way to fool people into downloading malware.  A Reddit user tested this command on Any.Run and found it would connect to a server on the internet to download another set of instructions, depending on who was visiting the website. If it was a real person using a regular computer, the instructions would download malware, which could give the attacker complete control over the device.

 This malware was likely designed to steal personal information, such as usernames, passwords, credit card details, and even cryptocurrency wallet information stored on the computer.

In case the visitor was a system used by security experts to analyze malware, the hidden command would instead download a harmless program from Microsoft so that the attackers could evade detection.

In its security bulletin, iClicker confirmed that its main system and user information were safe, explaining that a third party put a fake security check on their website before users logged in.

As previously reported by Hackread.com, ClickFix has become a growing concern in the cybersecurity world. In March 2024, we reported the increasing use of ClickFix attacks by cybercrime groups like TA571 and ClearFake. Later, in October 2024, security firm Sekoia observed more ClickFix attacks using fake Google Meet, Chrome, and Facebook pages to spread malware.

Recently, in April 2025, Hackread.com reported that government-backed hacking groups from countries like North Korea, Iran, and Russia used this method in their spying operations and even published a detailed blog post on how to protect yourself from ClickFix attacks.

iClicker advises anyone who visited their website between April 12th and 16th and clicked on the fake security check to immediately change all the passwords saved on their computer, including the iClicker password and use a password manager to maximize account security. People who only used the iClicker mobile app or did not see the fake security check were safe from this particular attack.

Debbie Gordon, CEO and Founder at Cloud Range commented on the development stating, “This incident shows how easily attackers can turn a simple user interaction, like clicking a CAPTCHA, into a full compromise.”

“The real question is: how quickly can your team detect and contain it? That’s the essence of incident response readiness. Simulation-based training gives defenders the muscle memory they need to spot behavioural red flags, investigate effectively, and coordinate containment actions in real-time before small lapses become major breaches.”

iClicker Website Hacked with Fake CAPTCHA in ClickFix Attack

Roblox hit with class action over alleged secret tracking of kids’ data; lawsuit claims privacy law violations and…

Roblox hit with class action over alleged secret tracking of kids’ data; lawsuit claims privacy law violations and unauthorized data sharing.

Roblox, a platform known for its popularity among children and teens, is now the focus of a class action lawsuit that accuses the company of covertly harvesting data from its youngest users.

Filed in a California federal court by plaintiffs Michael and Salena Garcia, the suit claims Roblox has been quietly monitoring players without proper consent. According to the 45-page complaint, Roblox uses hidden tracking tools to collect a wide range of data, from keystrokes and chat messages to mouse activity and search queries.

The lawsuit also alleges that the company links these interactions to individual devices using unique identifiers. This allows Roblox to build detailed behavioural profiles of players, which the plaintiffs say are used for targeted content and shared with third-party advertisers.

Roblox has been secretly collecting detailed personal data and intercepting user activity through hidden tracking code built into its site and apps, without users or their parents knowing.

> _“This data surveillance begins the moment a user visits or launches Roblox, even before account login or consent, and continues across platforms (web, iOS, Android, macOS, Windows) via persistent identifiers and fingerprinting techniques.”_
> 
> _Source: Class Action Complaint, Garcia v. Roblox Corporation, U.S. District Court, Northern District of California, 2024._

This legal move puts Roblox in the same spotlight as other tech companies facing criticism over data privacy practices affecting children. While the company promotes itself as a safe space for play and creativity, the complaint suggests a different story unfolding behind the scenes.

Kern Smith, Vice President of Global Solutions at mobile security firm Zimperium, warns that mobile security often takes a back seat in discussions about child safety online. “Parents focus heavily on what their kids are doing in the game, but the device and the app itself are also areas of concern,” he said.

“When a mobile app is widely used, it becomes a bigger target for phishing, malware, and data breaches. If a phone or tablet is compromised, it opens the door for attackers to access sensitive data or manipulate app behaviour.”

The lawsuit shows the public worry about how companies collect and use data from minors. Under federal law, including the Children’s Online Privacy Protection Act (COPPA), companies must obtain verifiable parental consent before collecting personal data from children under 13. The Garcias claim that Roblox sidesteps these requirements through silent tracking that parents never see.

For now, the case remains in the early stages, but it indicates legal pressure on platforms serving young audiences. If the court finds the claims valid, Roblox could face serious consequences, not only in the form of financial penalties but also tougher oversight of its data handling practices.

Parents concerned about their child’s digital safety are advised to monitor not only app content but also the security of the devices their kids use. Tools that offer real-time threat detection and malware protection can help reduce risks tied to invisible data collection.

Roblox Corporation has not issued a public statement in response to the lawsuit as of publication.

Roblox Lawsuit Claims Hidden Tracking Used to Monetize Kids Data

Optimizing your online productivity is more important than ever. Whether you’re a business owner, freelancer, or simply someone…

Optimizing your online productivity is more important than ever. Whether you’re a business owner, freelancer, or simply someone looking to streamline your personal digital workflow, improving your efficiency can save you time, reduce stress, and boost performance. Here are some practical strategies to enhance your digital efficiency.

****1\. Streamline Your Digital Workspace****

A cluttered digital environment can slow you down significantly. Organize your desktop, categorize your files, and declutter unnecessary applications. Use cloud storage services like Dropbox or Google Drive to keep essential documents accessible and secure, reducing the need for excessive local storage.

Use productivity tools like Trello, Asana, or Notion to effectively manage tasks and projects. These platforms help you visualize your workload, prioritize tasks, and collaborate seamlessly with others.

****2\. Automate Repetitive Tasks****

Automation is a game-changer when it comes to digital efficiency. Identify repetitive tasks that consume your time and automate them. For instance:

*   **Email filtering and sorting**: Use rules and filters to automatically categorize incoming messages.
*   **Social media scheduling**: Use platforms like Buffer or Hootsuite to schedule posts in advance, saving you from constant manual posting.
*   **Data entry and reporting**: Utilize tools such as Zapier or Integromat to automate workflows between different apps.

Automating routine processes frees up valuable time for more strategic and creative tasks.

****3\. Optimize Your Internet and Hosting Solutions****

Slow-loading websites and unreliable hosting services can hamper your efficiency, especially if you rely on web-based applications. Upgrading to a reliable DS hosting solution can significantly boost your website’s performance, ensuring faster loading times and improved reliability. Dedicated servers offer more control, security, and better resource allocation compared to shared hosting, making them ideal for businesses or resource-intensive applications.

****4\. Use Keyboard Shortcuts and Productivity Hacks****

Mastering keyboard shortcuts can drastically decrease the time spent navigating your computer or specific applications. For example:

*   **Ctrl + C** and **Ctrl + V** for copy-paste
*   **Ctrl + Z** to undo
*   **Alt + Tab** to switch between windows quickly.

In addition, explore browser extensions like LastPass for password management or Grammarly for real-time grammar checks, making your digital activities more streamlined and error-free.

****5\. Limit Digital Distractions****

Distractions are one of the main barriers to digital efficiency. Use website blockers like Freedom or StayFocusd to limit time-wasting sites during work hours. Turn off unnecessary notifications and schedule regular tech-free breaks to improve your focus. You can also investigate app blockers for your smartphone to limit distractions more generally. 

****6\. Leverage Cloud-Based Collaboration Tools****

For teams, cloud-based collaboration tools are essential for maintaining efficiency. Platforms like Slack, Microsoft Teams, and Google Workspace allow for real-time communication, file sharing, and collaboration, decreasing the need for lengthy email threads and streamlining project management.

****Final Thoughts****

Improving your digital efficiency doesn’t require a massive overhaul, it’s about making small, intentional changes to your workflow. From investing in reliable DS hosting to automating repetitive tasks, every improvement adds up to significant time and productivity gains. Embrace these strategies and watch your digital efficiency soar.

(Image by Moondance from Pixabay)

Practical Ways to Improve Your Digital Efficiency

A hacker group claiming affiliation with Anonymous says it breached GlobalX Airlines, leaking sensitive flight and passenger data…

A hacker group claiming affiliation with Anonymous says it breached GlobalX Airlines, leaking sensitive flight and passenger data tied to controversial deportation flights

GlobalX Airlines, a US government-contractual charter airline for conducting deportation flights, has been targeted by hacktivists claiming affiliation with Anonymous. The attackers allegedly accessed sensitive information, including flight records and passenger manifests, and defaced the airline’s official website with a politically charged message, expressing opposition to the company’s role in controversial deportation processes.

The defaced webpage, reportedly, featured the legendary Guy Fawkes mask, a symbol typically associated with Anonymous. The image was accompanied by a message aimed at the former US President, referencing a “Judge’s order” and accusing GlobalX of disregarding lawful directives and their perceived “fascist plans.”

This suggests the attack was ideologically motivated, originating from hacktivists’ disapproval of the airline’s involvement in deporting US citizens.

Deface page from the hacktivist group

Apart from the symbolic act of website defacement, the hacktivists contacted journalists, including those at 404 Media, to share a substantial amount of leaked data. This trove of information reportedly includes detailed flight logs, comprehensive passenger lists, and itinerary details spanning several months.

404 Media, after careful verification against official Immigration and Customs Enforcement (ICE) flight logs and court documents, confirmed the authenticity of data sorted into folders dated from January 19th to May 1st. This data, reportedly, contains specifics regarding flights used to deport hundreds of Venezuelan migrants, some of whom were actively contesting the legality of their deportation while already airborne.

According to the anonymous hacker, the breach was facilitated by the discovery of a GlobalX developer’s token, which allowed them to uncover access and secret keys for the airline’s Amazon Web Services (AWS) cloud storage buckets, effectively granting them unauthorized entry into the company’s digital infrastructure.

The extent of their access went beyond data exfiltration and website manipulation. The hacker claimed to have sent internal messages to pilots using NAVBLUE, a flight operations tool provided by Airbus, and accessing the company’s GitHub repository, a platform used by developers for managing and sharing code.

One particularly concerning case is of Ricardo Prada Vásquez, a Venezuelan man who, as per his family, was disappeared by US immigration authorities. His name was leaked in a GlobalX flight manifest, revealing his deportation to El Salvador.

This breach comes at a time when the Trump administration’s handling of sensitive data is under increased scrutiny after the Atlantic reports on top US officials, sharing military attack plans on Signal, US-Israeli firm TeleMessage’s data breach impacting TM SGNL app, used by Trump officials, and now the leaking of passenger lists raises further concerns about the government’s data security practices.

GlobalX’s leaked data and hacktivist messages suggest a politically motivated operation to expose and disrupt the deportations. Hackread.com will promptly update you when we receive an official response from the airline and the US immigration authorities, or further details emerge regarding the breach.

Anonymous Hackers Steal Flight Data from US Deportation Airline GlobalX

Check Point’s April 2025 malware report reveals increasingly sophisticated and hidden attacks using familiar malware like FakeUpdates, Remcos,…

Check Point’s April 2025 malware report reveals increasingly sophisticated and hidden attacks using familiar malware like FakeUpdates, Remcos, and AgentTesla. Education remains the top targeted sector. Learn about the latest cyber threats and how to stay protected.

Check Point Research (CPR) has revealed its findings for April 2025, which describe a concerning trend of attackers using more complex and sneaky methods to deliver harmful software. Although some well-known malware families remain prevalent, the methods used to infect systems are becoming more sophisticated, making them harder to detect.

According to CPR, most attacks discovered in April involved phishing emails disguised as order confirmations. These emails contained a hidden 7-Zip file that released scrambled instructions, leading to the installation of common malware like AgentTesla, Remcos, and XLoader.

The attacks were particularly concerning due to their well-hidden nature, using encoded scripts and injecting malicious software into legitimate Windows processes. Researchers also noticed a “dangerous convergence of commodity tools with advanced threat actor tactics” means even basic malware is now being used in highly sophisticated operations, CPR’s blog post read.

Despite these new sneaky methods, some familiar names still topped the list of most prevalent malware in April, including the following:

****FakeUpdates****

This malware remained the most widespread, affecting 6% of organizations globally. It tricks users into installing fake browser updates from compromised websites has been linked to the Russian hacking group Evil Corp and is used to deliver further malicious software.

****Remcos and AgentTesla:****

This remote access tool, often spread through malicious documents in phishing emails, can bypass Windows security features, giving attackers high-level control over infected systems.

AgentTesla, which is an advanced tool, can log keystrokes, steal passwords, take screenshots, and grab login details for various applications. It is openly sold online.

Malware families’ analysis revealed a rise in Androxgh0st usage, which targets web applications to steal sensitive information, while the use of remote access tool AsyncRat has declined. Other notable families included in the top ten include Formbook, Lumma Stealer, Phorpiex, Amadey, and Raspberry Robin.

In April, SatanLock emerged as a new ransomware group, listing numerous victims on their data leak site. However, most of these victims had already been claimed by other groups, indicating a potentially competitive environment within the cybercrime community. Moreover, Akira was the most prevalent ransomware group, followed by SatanLock and Qilin.

Mobile devices remain a significant target, with Anubis, AhMyth, and Hydra topping the list of mobile malware in April. Most concerning is that these malware are becoming increasingly sophisticated, offering remote access, ransomware capabilities, and multi-factor authentication interceptions.

Furthermore, for a third consecutive month, the education sector remained the most vulnerable globally, probably due to its large user base and weak cybersecurity infrastructure. Government and telecommunications sectors followed closely. Whereas, regional analysis showed varying malware trends, with Latin America and Eastern Europe experiencing more FakeUpdates and Phorpiex, and Asia witnessing increased activity of Remcos and AgentTesla.

Given this increasingly complex and persistent cyber threat environment, CPR recommends that organizations adopt a “prevention-first” strategy, including employee training on phishing, regular software updates, and the implementation of advanced threat prevention solutions to detect and block these sophisticated attacks before they can cause harm.

Source

HackRead