IT Security News Daily Summary 2025-01-13

179 posts were published in the last hour

• 22:32 : Stealer Logs, Jan 2025 – 71,039,833 breached accounts
• 22:11 : US Chip Export Rule Proposes Limits to Thwart Chinese GPUs
• 22:11 : Inexperienced actors developed the FunkSec ransomware using AI tools
• 21:33 : Gravy Analytics: Positionsdatensammler gibt Datenpanne zu
• 21:32 : Five Things to Know about the Supreme Court Case on Texas’ Age Verification Law, Free Speech Coalition v Paxton
• 21:32 : Cryptojacking, backdoors abound as fiends abuse Aviatrix Controller bug
• 21:11 : Hikvision Password Reset Brute Forcing, (Mon, Jan 13th)
• 21:11 : Cryptojacking, backdoors abound as attackers abuse Aviatrix Controller bug
• 21:11 : Pig butchering scam explained: Everything you need to know
• 20:35 : Network Configuration and Change Management Best Practices
• 20:34 : FunkSec: A New Ransomware Group Buoyed by AI
• 20:34 : HHS Proposes Major Overhaul of HIPAA Security Rule in the Wake of Change Healthcare Breach
• 20:34 : UK domain registry Nominet breached via Ivanti zero-day
• 20:12 : Windows-10-Support endet: 3 Alternativen, um Windows 11 zu umgehen
• 20:12 : KI unter Windows 98: Auf diesem 25 Jahre alten PC läuft ein großes Sprachmodell
• 20:12 : Mastodon möchte nicht wie Meta und X enden – und plant Umstrukturierung
• 20:12 : KI auf dünnem Eis: Warum schon 0,001 Prozent fehlerhafte Daten die Sicherheit gefährden
• 20:11 : Critical macOS Vulnerability Lets Hackers to Bypass Apple’s System Integrity Protection
• 20:11 : LlamaV-o1 is the AI model that explains its thought process—here’s why that matters
• 20:11 : Why MSPs must offer 24/7 cybersecurity protection and response — and how OpenText MDR can help
• 20:5 : IT Security News Hourly Summary 2025-01-13 21h : 5 posts
• 19:32 : Government Aims To Make UK AI ‘Superpower’
• 19:32 : Microsoft sues ‘foreign-based’ cyber-crooks, seizes sites used to abuse AI
• 19:11 : Proton Pass review: A highly secure password manager with easy to overlook flaws
• 19:11 : Microsoft sues ‘foreign-based’ criminals, seizes sites used to abuse AI
• 19:11 : AI Won’t Take This Job: Microsoft Says Human Ingenuity Crucial to Red-Teaming
• 18:33 : Cybersecurity at AI speed: How agentic AI is supercharging SOC teams in 2025
• 18:32 : Azure, Microsoft 365 MFA outage locks out users across regions
• 18:32 : AWS re:Invent 2024: Security, identity, and compliance recap
• 18:12 : Azure and M365 MFA outage locks out users across regions
• 18:11 : How to create realistic, safe, document-based test data for MongoDB
• 18:11 : How to create realistic test data for Databricks with Tonic
• 18:11 : How to generate safe, useful test data for Amazon Redshift
• 18:11 : Vulnerability Summary for the Week of January 6, 2025
• 17:36 : What is Breach Readiness?
• 17:36 : This Phishing Trend is Exploiting YouTube URLs Through O365 Expiry Themes
• 17:36 : How to monitor, optimize, and secure Amazon Cognito machine-to-machine authorization
• 17:12 : CISA Released A Free Guide to Enhance OT Product Security
• 17:12 : NATO’s newest member comes out swinging following latest Baltic Sea cable attack
• 17:12 : How Trust Can Drive Web3 Adoption and Growth
• 17:12 : PowerSchool Breach Compromises Student and Teacher Data From K–12 Districts
• 17:12 : ICAO Investigates Potential Data Breach Amid Cybersecurity Concerns
• 17:12 : $494 Million Stolen in Cryptocurrency Wallet Breaches This Year
• 17:12 : Attackers are encrypting AWS S3 data without using ransomware
• 17:5 : IT Security News Hourly Summary 2025-01-13 18h : 5 posts
• 16:36 : Russian Malware Campaign Hits Central Asian Diplomatic Files
• 16:11 : Ransomware attack on Amazon and Dutch University
• 16:11 : Building a Secure by Design Ecosystem
• 16:11 : Heimdal and Watsoft Team Up to Strengthen MSP Cybersecurity in France
• 16:11 : The new rules for AI and encrypted messaging, with Mallory Knodel (Lock and Code S06E01)
• 15:32 : CISA and US and International Partners Publish Guidance on Priority Considerations in Product Selection for OT Owners and Operators
• 15:32 : A breach of Gravy Analytics’ huge trove of location data threatens the privacy of millions
• 15:12 : Data Decay and Cybersecurity: Understanding The Risks And Mitigating The Impact On Your Business
• 15:12 : Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners
• 15:12 : iMessage text gets recipient to disable phishing protection so they can be phished
• 15:11 : Botnet Threat Update July to December 2024
• 15:11 : Privacy Roundup: Week 2 of Year 2025
• 15:11 : ⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [13 January]
• 14:32 : Deep Dive Into a Linux Rootkit Malware
• 14:32 : Infostealer Masquerades as PoC Code Targeting Recent LDAP Vulnerability
• 14:32 : EU law enforcement training agency data breach: Data of 97,000 individuals compromised
• 14:32 : ⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [13 January]
• 14:32 : Microsoft 365 MFA Outage Fixed
• 14:12 : Untertitel in Echtzeit erzeugen: Auch der beliebte Mediaplayer VLC setzt jetzt auf KI
• 14:12 : Facebook, Instagram und X: So löscht ihr eure Social-Media-Accounts
• 14:12 : Microsoft 365 stürzt ab: Welche Windows-Nutzer betroffen sind und wie sich der Fehler beheben lässt
• 14:11 : This new Philips smart lock combines palm recognition with a built-in camera for ultimate security
• 14:11 : Ransomware crew abuses AWS native encryption, sets data-destruct timer for 7 days
• 14:11 : US Charges 3 Russians for Operating Cryptocurrency Mixers Used by Cybercriminals
• 14:11 : ⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [13 January]
• 14:5 : IT Security News Hourly Summary 2025-01-13 15h : 13 posts
• 13:32 : 3 Russians Indicted for Operating Blender.io and Sinbad.io Crypto Mixers
• 13:32 : Bitwarden vs 1Password: Battle of the Best – Who Wins?
• 13:32 : ⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [13 January]
• 13:13 : Log Source Management App für IBM QRadar SIEM ist auf vielen Wegen angreifbar
• 13:13 : heise-Angebot: iX-Workshop: Fortgeschrittene Administration von Kubernetes
• 13:13 : [UPDATE] [hoch] VPN Clients / DHCP: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
• 13:12 : Security in the Age of AI: Challenges and Best Practices
• 13:12 : Buildpacks: An Open-Source Alternative to Chainguard
• 13:12 : 3 CloudGuard Differentiators for Container Security
• 13:12 : A breach of a data broker’s trove of location data threatens the privacy of millions
• 13:12 : The Cyber Defense Emergency Room
• 13:11 : ⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [13 January]
• 13:11 : New Ransomware Group Uses AI to Develop Nefarious Tools
• 12:38 : Sicherheitsupdate für Paessler PRTG Network Monitor ist da
• 12:38 : Anwendung blockiert: MacOS stuft Docker Desktop als Malware ein
• 12:37 : UK domain giant Nominet confirms cybersecurity incident linked to Ivanti VPN hacks
• 12:37 : Microsoft Takes Legal Action Against AI “Hacking as a Service” Scheme
• 12:37 : Emerging FunkSec Ransomware Developed Using AI
• 12:37 : Ransomware on ESXi: The mechanization of virtualized attacks
• 12:37 : ⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [13 January]
• 12:12 : Mozilla Firefox: Mehrere Schwachstellen ermöglichen das Darstellen falscher Informationen
• 12:12 : Double-Tap Campaign: Russia-nexus APT possibly related to APT28 conducts cyber espionage on Central Asia and Kazakhstan diplomatic relations
• 12:12 : The $55 Billion Wake-Up Call: Cybersecurity Challenges Facing UK Businesses
• 12:12 : What Is Vulnerability Management?
• 12:12 : WEF Warns of Growing Cyber Inequity Amid Escalating Complexities in Cyberspace
• 11:35 : “Völlig unvernünftig”: Notfallmediziner warnen vor Verzicht auf ePA
• 11:35 : [UPDATE] [mittel] QT: Schwachstelle ermöglicht Denial of Service
• 11:35 : [UPDATE] [mittel] vim: Schwachstelle ermöglicht nicht spezifizierten Angriff
• 11:35 : [UPDATE] [mittel] GnuTLS: Mehrere Schwachstellen
• 11:35 : [UPDATE] [mittel] GnuTLS: Schwachstelle ermöglicht Offenlegung von Informationen
• 11:34 : Google takes a step closer to quantum computing
• 11:34 : Brazil Demands Clarity After Meta Ends Fact-Checking
• 11:34 : Hackers Breach Telefonica Network, Leak 2.3 GB of Data Online
• 11:34 : Microsoft Warns of MFA Issue Affecting Microsoft 365 users
• 11:34 : Industry Moves for the week of January 13, 2025 – SecurityWeek
• 11:34 : China Targeted Foreign Investment, Sanctions Offices in Treasury Hack: Reports
• 11:34 : Alleged Blender, Sinbad cryptomixer operators arrested, indicted
• 11:13 : heise-Angebot: heise security Webinar: Wie sag ich’s meinem Chef? – Gesprachsführung für ITler
• 11:13 : [UPDATE] [mittel] OpenSSL: Schwachstelle ermöglicht Codeausführung, Datenmanipulation, Offenlegung von Informationen und Dos
• 11:13 : [UPDATE] [mittel] OpenSSL: Schwachstelle ermöglicht Denial of Service
• 11:13 : [UPDATE] [hoch] Golang Go: Mehrere Schwachstellen
• 11:13 : [UPDATE] [mittel] Ghostscript: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
• 11:13 : [UPDATE] [hoch] less: Schwachstelle ermöglicht Codeausführung
• 11:12 : TSMC Cuts Off Singapore Company Amidst Huawei Fallout
• 11:12 : Amazon, Meta End Diversity Initiatives
• 11:12 : US Executive Order Aims To Shore Up Cyber-Defences
• 11:12 : Credit Card Skimmer campaign targets WordPress via database injection
• 11:12 : NXLog undergoes strategic leadership change
• 11:12 : How to Capitalize on 5 Trends Shaping the Future of Pentesting
• 11:12 : Three Russians Charged with Crypto Mixer Money Laundering
• 11:5 : IT Security News Hourly Summary 2025-01-13 12h : 9 posts
• 10:35 : Hackers Using YouTube Links and Microsoft 365 Themes to Steal Logins
• 10:35 : RedCurl APT Deploys Malware via Windows Scheduled Tasks Exploitation
• 10:35 : Nominet probes network intrusion linked to Ivanti zero-day exploit
• 10:35 : Inside the Black Box of Predictive Travel Surveillance
• 10:35 : How Your Digital Footprint Fuels Cyberattacks — and What to Do About It
• 10:12 : [NEU] [mittel] Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service
• 10:12 : [NEU] [niedrig] FreeType: Schwachstelle ermöglicht Denial of Service
• 10:12 : AI Privacy Policies: Unveiling the Secrets Behind ChatGPT, Gemini, and Claude
• 10:12 : Telefonica Breach Hits 20,000 Employees and Exposes Jira Details
• 9:33 : Apple Creates Data-Processing Company In Shanghai
• 9:33 : Huawei Next-Gen OS Gets Boost With Tencent’s WeChat
• 9:13 : Aufbau einer echten Cyberresilienz
• 9:13 : Kirchgänger betrogen: Pastor träumt von Krypto-Scam und setzt ihn um
• 9:13 : [UPDATE] [mittel] libexpat: Schwachstelle ermöglicht Denial of Service
• 9:13 : [UPDATE] [hoch] expat: Schwachstelle ermöglicht Codeausführung
• 9:13 : [UPDATE] [mittel] expat: Schwachstelle ermöglicht Denial of Service
• 8:36 : Darktrace: Multi-Agenten-Systeme und Insider-Angriffe
• 8:35 : Double-Tap Campaign : Russia-nexus APT possibly related to APT28 conducts cyber espionage on Central Asia and Kazakhstan diplomatic relations
• 8:35 : Threads, Instagram To Promote More Political Content
• 8:35 : PoC Exploit Released for Critical macOS Sandbox Vulnerability (CVE-2024-54498)
• 8:35 : A week in security (January 6 – January 12)
• 8:35 : IRS PIN available, CISA infrastructure enrollments, Winston-Salem cyberattack
• 8:35 : Massive Data Breaches Hit Thousands Of Popular Mobile Apps: Cyber Security Today for Monday, January 13, 2025
• 8:15 : ChatGPT soll ein Drehbuch schreiben, aber erfindet stattdessen Ausreden und drückt sich davor
• 8:15 : Nach Zuckerbergs Entscheidung gegen Faktenchecks: Friedrich Merz fordert Regulierung sozialer Medien
• 8:15 : Sicherheitsbranche, Frauenbranche?
• 8:15 : Anti-Phishing-Maßnahmen im Unternehmen: “Haben Sie da etwa draufgeklickt?”
• 8:14 : Microsoft took legal action against crooks who developed a tool to abuse its AI-based services
• 8:14 : Best 10 Unified Endpoint Management Software
• 8:5 : IT Security News Hourly Summary 2025-01-13 09h : 7 posts
• 7:41 : heise-Angebot: iX-Workshop: Linux-Server absichern – Effektiv und umfassend
• 7:41 : Anti-Phishing-Maßnahmen im Unternehmen: “Sind Sie der mit dem Phishing?”
• 7:20 : heise-Angebot: iX-Workshop: Linux-Server härten
• 7:19 : IBM Robotic Process Automation Vulnerability Let Attackers Obtain Sensitive Data
• 7:19 : AI in Cybersecurity: Thinking Like Hackers to Build Stronger Defenses
• 7:19 : Expired Domains Allowed Control Over 4,000 Backdoors on Compromised Systems
• 7:19 : WordPress Skimmers Evade Detection by Injecting Themselves into Database Tables
• 6:37 : How Proactive Security Measures Can Cut Down Cyber Insurance Premiums
• 6:37 : Furry Hacker Breaches Scholastic – Exposes Data of 8 Million People
• 6:36 : Hackers Exploiting YouTube to Spread Malware That Steals Browser Data
• 6:36 : Credit Card Skimmer Hits WordPress Checkout Pages, Stealing Payment Data
• 6:36 : Rethinking Age Verification for Social Media: Privacy-Friendly Solutions for Safeguarding Kids
• 6:14 : Better be aware of this ongoing PayPal Phishing Scam that seems genuine
• 6:14 : Furry Hacker Breaches Scholastic Exposes Data of 8 Million People
• 6:13 : Three Russian Nationals Indicted for Operating Cryptocurrency Mixers in Money Laundering Scheme
• 5:39 : IBM Watsonx.ai Vulnerability Let Attackers Trigger XSS Attacks
• 5:39 : Medusind Data Breach Exposes Over 360,000 Individuals’ Healthcare Info
• 5:39 : Europe coughs up €400 to punter after breaking its own GDPR data protection rules
• 5:39 : GitHub CISO on security strategy and collaborating with the open-source community
• 5:11 : Chainsaw: Open-source tool for hunting through Windows forensic artefacts
• 5:5 : IT Security News Hourly Summary 2025-01-13 06h : 1 posts
• 4:40 : Time for a change: Elevating developers’ security skills
• 3:11 : Scholastic – 4,247,768 breached accounts
• 2:11 : ISC Stormcast For Monday, January 13th, 2025 https://isc.sans.edu/podcastdetail/9276, (Mon, Jan 13th)
• 23:35 : The Vanity Press in Academia
• 23:5 : IT Security News Hourly Summary 2025-01-13 00h : 3 posts
• 22:58 : IT Security News Weekly Summary 02