IT Security News Daily Summary 2025-01-22

203 posts were published in the last hour

• 22:9 : Invisible Prompt Injection: A Threat to AI Security
• 22:9 : Google releases free Gemini 2.0 Flash Thinking model, pressuring OpenAI’s premium strategy
• 22:9 : Two ransomware groups abuse Microsoft’s Office 365 platform to gain access to target organizations
• 22:9 : Trump ‘waved a white flag to Chinese hackers’ as DHS axed cyber advisory boards
• 21:34 : Streamline npm Packages: Optimize and Boost Performance
• 21:34 : The FTC’s Ban on GM and OnStar Selling Driver Data Is a Good First Step
• 21:9 : Zendesk’s Subdomain Registration Exposed to Phishing, Pig Butchering Scams
• 20:38 : Office-Support endet: Was Windows-10-Nutzer jetzt tun können
• 20:37 : Karriere im Silicon Valley: Ein Netzwerk weißer Männer prägte die Geschichte
• 20:36 : Google Wins UK Injunction To Halt Russian Enforcement Of Judgements
• 20:36 : Amazon To Shutter Sites In Unionised Province In Canada
• 20:36 : Zendesk’s Subdomain Registration Abused in Phishing Scams
• 20:36 : DEF CON 32 – The Village Peoples’ Panel What Really Goes On In A Village
• 20:8 : Geräte-Verdongelung: Bambu Lab kündigt Kompromiss an
• 20:7 : VICTORY! Federal Court (Finally) Rules Backdoor Searches of 702 Data Unconstitutional
• 20:7 : Supply chain attack hits Chrome extensions, could expose millions
• 20:7 : Life in the Swimlane with Marian Fehrenbacher, HR Assistant & Office Manager
• 20:5 : IT Security News Hourly Summary 2025-01-22 21h : 2 posts
• 19:9 : The best travel VPNs of 2025: Expert tested and reviewed
• 19:9 : Trump administration fires members of cybersecurity review board in ‘horribly shortsighted’ decision
• 18:32 : Catching CARP: Fishing for Firewall States in PFSync Traffic, (Wed, Jan 22nd)
• 18:32 : Cloudflare Mitigates Massive 5.6 Tbps Mirai-Variant DDoS Attack
• 18:32 : CISA and FBI Release Advisory on How Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications
• 18:32 : Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications
• 18:32 : Stratoshark: Wireshark for the cloud – now available!
• 18:7 : 3D-Drucker: Bambu Labs versuchte Geräte-Verdongelung kommt nicht
• 18:7 : 3 extensions to use for anonymous browsing – and what that even means
• 18:7 : GM Faces FTC Ban on Selling Customer Driving Data for Five Years
• 17:35 : Microsoft Released Huge Patch Tuesday Updates For January 2025
• 17:35 : Under lock and key: Protecting corporate data from cyberthreats in 2025
• 17:35 : A New Era of Protection — Multicloud Security
• 17:35 : DHS Disbands Cyber Safety Review Board, Ending One of CISA’s Few Bright Spots
• 17:34 : Willow Data Exposure Puts Over 240,000 Customer Records at Risk
• 17:34 : Tycoon 2FA Phishing Kit Upgraded to Bypass Security Measures
• 17:34 : PlushDaemon APT Targeted South Korean VPN Software
• 17:6 : Tech Giants Announce $500 Billion AI Plan In US
• 17:6 : Give users confidence in your digital infrastructure
• 17:6 : Trump administration fires members of cybersecurity review board in “horribly shortsighted” decision
• 17:6 : Authentication and Single Sign-On: Essential Technical Foundations
• 17:6 : DEF CON 32 – UDSonCAN Attacks Discovering Safety Critical Risks By Fuzzing
• 17:5 : IT Security News Hourly Summary 2025-01-22 18h : 10 posts
• 16:34 : 10 cybersecurity certifications to boost your career in 2025
• 16:34 : New Curriculum for Students Ages 8–11 Available through the Fortinet Security Awareness and Training Service
• 16:34 : Microsoft issues out-of-band fix for Windows Server 2022 NUMA glitch
• 16:34 : Trump Terminates DHS Advisory Committee Memberships, Disrupting Cybersecurity Review
• 16:14 : Microsoft Teams delivers ransomware and passwords of Cybersecurity vendors leaked
• 16:14 : CMA Chair Replaced By Government Amid Growth Drive
• 16:14 : Implementing Zero Trust Security in Kubernetes
• 16:14 : Conduent confirms outage was due to a cybersecurity incident
• 16:14 : Protecting “Free Speech” Can’t Just Be About Targeting Political Opponents
• 16:14 : Silk Road’s Dread Pirate Roberts walks free as Trump pardons dark web kingpin
• 15:34 : MasterCard DNS Error Went Unnoticed for Years
• 15:34 : The Cyber Resilience Act: How Manufacturers Can Meet New EU Standards and Strengthen Product Security
• 15:34 : Doti AI Raises £7 Million Seed Funding for Instant Access to Internal Company Data
• 15:10 : What is hacktivism?
• 15:10 : Is classic Outlook crashing when you start or reply to an email? A fix is on the way
• 15:10 : Passwords Are Out, Biometrics Are In
• 15:9 : Rimini Protect AHS safeguards against security breaches
• 15:9 : Persona helps businesses detect and prevent AI-driven fraud
• 15:9 : Mirai botnet behind the largest DDoS attack to date
• 14:36 : Warum wir das Protokoll hinter Bluesky schützen müssen
• 14:36 : BSI warnt vor Outlook-Schwachstelle: Was du jetzt tun solltest
• 14:36 : Microsoft ändert Login-Standard: So hältst du dein Konto sicher
• 14:36 : ChatGPT-Konkurrent Claude: Anthropic bringt KI-Bot aufs iPhone – das kann das neue Widget
• 14:36 : Verivox-Analyse: So steht es um das Mobilfunknetz in Deutschland
• 14:36 : Sichere Kombination für Einbruchschutz
• 14:36 : Star Blizzard: WhatsApp-Kontoübernahme durch Phishing-Kampagne
• 14:35 : What PowerSchool isn’t saying about its ‘massive’ student data breach
• 14:34 : Call for Presentations Open for SecurityWeek’s 2025 Supply Chain Security & Third-Party Risk Summit
• 14:34 : Security is Actually a Data Search Problem: How We Win by Treating it Like One
• 14:34 : Hackers Exploit Zero-Day in cnPilot Routers to Deploy AIRASHI DDoS Botnet
• 14:34 : 73% of UK Education Sector Hit by Cyber-Attacks in Past Five Years
• 14:10 : Großflächige Brute-Force-Angriffe auf M365 – vorsichtshalber Log-ins checken
• 14:9 : How to Create a Secure Username
• 14:9 : 7-Zip bug could allow a bypass of a Windows security feature. Update now
• 14:9 : Cyber Insights 2025: APIs – The Threat Continues
• 14:5 : IT Security News Hourly Summary 2025-01-22 15h : 25 posts
• 13:40 : [UPDATE] [hoch] Redis: Mehrere Schwachstellen
• 13:40 : [UPDATE] [mittel] Redis: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
• 13:40 : [UPDATE] [mittel] Redis: Schwachstelle ermöglicht Denial of Service
• 13:40 : [UPDATE] [mittel] Redis: Mehrere Schwachstellen ermöglichen Denial of Service
• 13:39 : Google Invests $1 Billion in AI Startup Anthropic
• 13:39 : Trump Pardons Silk Road Founder Ross Ulbricht, Calls Prosecutors ‘Scum’
• 13:39 : Cyber Security Tips for Educators and Parents
• 13:39 : 2024 Most Inspiring Women in Cyber Winners: Where Are They Now?
• 13:39 : Infosec was literally the last item in Trump’s policy plan, yet major changes are likely on his watch
• 13:39 : DataDome Unveils DDoS Protect to Block Attack Traffic at the Edge
• 13:39 : TRAI Calling: Fraudsters Are Now Employing Novel Strategy to Target Mobile Users
• 13:9 : Golem Karrierewelt: Live-Webinar – Microsoft-365-Sicherheitslücke TokenSmith
• 13:9 : Botnetz mit 13.000 Geräten: Cloudflare wehrt Rekord-DDoS-Angriff ab
• 13:9 : [NEU] [mittel] Oracle Siebel CRM: Mehrere Schwachstellen
• 13:9 : [NEU] [mittel] Oracle Retail Applications: Mehrere Schwachstellen
• 13:9 : [NEU] [hoch] Oracle PeopleSoft: Mehrere Schwachstellen
• 13:8 : [NEU] [hoch] Oracle MySQL: Mehrere Schwachstellen
• 13:8 : [NEU] [hoch] Oracle JD Edwards: Mehrere Schwachstellen
• 13:7 : The Growing Role of AI-Powered SAST in the Developer Toolkit
• 13:7 : Exploring Q4 2024 Brand Phishing Trends: Microsoft Remains the Top Target as LinkedIn Makes a Comeback
• 13:7 : Securing Election Integrity In 2024: Navigating the Complex Landscape of Modern Threats
• 13:7 : Murdoc Botnet Ensnaring Avtech, Huawei Devices
• 13:7 : Lookout Mobile Intelligence APIs identifies cross-platform attacks
• 13:7 : Ransomware Attacks Surge to Record High in December 2024
• 13:7 : Microsoft changes account sign-in system to keep users logged in automatically
• 12:36 : phpMyAdmin: Mehrere Schwachstellen ermöglichen Cross-Site Scripting
• 12:36 : Graylark schließt öffentlichen Zugang zu KI-Tool für Geolokalisierung
• 12:36 : [NEU] [mittel] Arista EOS: Schwachstelle ermöglicht Denial of Service
• 12:36 : [NEU] [mittel] phpMyAdmin: Mehrere Schwachstellen ermöglichen Cross-Site Scripting
• 12:36 : [NEU] [hoch] Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service
• 12:36 : [NEU] [hoch] Node.js: Mehrere Schwachstellen
• 12:36 : [NEU] [mittel] Microsoft GitHub Enterprise: Schwachstelle ermöglicht Signatur-Spoofing
• 12:35 : The State of Additive Manufacturing 2025
• 12:35 : The State of Additive Manufacturing: Head-to-Head
• 12:35 : AI Will Write Complex Laws
• 12:35 : Record-Breaking DDoS Attack Reached 5.6 Tbps
• 12:34 : DataDome DDoS Protect detects application layer-based threats
• 12:34 : 48,000+ internet-facing Fortinet firewalls still open to attack
• 12:10 : KI-Bots legen Linux-News-Seite und weitere lahm
• 12:10 : Open-Source-Filesharing: Opencloud gestartet
• 12:10 : [NEU] [mittel] Oracle Java SE: Mehrere Schwachstellen
• 12:9 : Targeted supply chain attack against Chrome browser extensions
• 12:9 : Donald Trump Pardons Silk Road Founder Ross Ulbricht
• 12:9 : Major Cybersecurity Vendors’ Credentials Found on Dark Web
• 11:34 : Researcher Says ABB Building Control Products Affected by 1,000 Vulnerabilities
• 11:34 : Account Compromise and Phishing Top Healthcare Security Incidents
• 11:9 : Book Review: Infected – A Candid Look at VirusTotal’s Birth and Legacy
• 11:9 : President Trump Pardons Silk Road Creator Ross Ulbricht After 11 Years in Prison
• 11:9 : Discover Hidden Browsing Threats: Free Risk Assessment for GenAI, Identity, Web, and SaaS Risks
• 11:5 : IT Security News Hourly Summary 2025-01-22 12h : 15 posts
• 10:37 : Praktische Tipps zum Schutz deiner Passwörter für E-Mail, soziale Netzwerke und Behörden-Websites | Offizieller Blog von Kaspersky
• 10:36 : Ex-CIA Analyst Pleaded Guilty For Leaking Top Secret National Defense Information
• 10:36 : Cloudflare Mitigates Record-Breaking 5.6Tbps DDoS Attack
• 10:9 : Oracle Java SE: Mehrere Schwachstellen
• 10:9 : Nach Angriff auf Antragsportal: D-Trust informiert über neue Erkenntnisse
• 10:9 : Jetzt patchen: Lücke in 7-Zip begünstigt Ausführung von Schadcode
• 10:8 : [UPDATE] [hoch] Oracle Java SE: Mehrere Schwachstellen
• 10:8 : [UPDATE] [mittel] Oracle Java SE: Mehrere Schwachstellen
• 10:8 : Understanding Microsoft’s CVSS v3.1 Ratings and Severity Scores
• 10:7 : CIS Control 05: Account Management
• 10:7 : From Alerts to Action: How AI Empowers SOC Analysts to Make Better Decisions
• 10:7 : Cloudflare blocked a record-breaking 5.6 Tbps DDoS attack
• 10:7 : Trump Pardons Founder of Silk Road Website
• 10:7 : AVSLabs at Cybersec Asia 2025: Securing the Digital World
• 10:7 : Xona Platform simplifies user access deployment
• 9:39 : Malware-Ranking Dezember: Ransomware-Gruppe FunkSec nutzt KI
• 9:39 : Oracle schützt Anwendungen mit 318 Sicherheitsupdates vor möglichen Attacken
• 9:39 : D-Trust infomiert über Zugriff auf Antragsportal, betrifft auch Gesundheitswesen
• 9:37 : Silicon UK AI For Your Business Podcast: Is 2025 the Year AI Becomes Superintelligent?
• 9:37 : Ransomware scum make it personal for Reg readers by impersonating tech support
• 9:37 : Welhof – 107,292 breached accounts
• 9:37 : Frame & Optic – 15,678 breached accounts
• 9:37 : Developing Security Protocols for Agentic AI Applications
• 9:37 : PlushDaemon APT Targets South Korean VPN Provider in Supply Chain Attack
• 9:10 : [NEU] [hoch] Oracle Communications Applications: Mehrere Schwachstellen
• 9:10 : [NEU] [mittel] Oracle Commerce: Schwachstelle gefährdet Vertraulichkeit
• 9:10 : [NEU] [mittel] Oracle Secure Backup: Schwachstelle gefährdet Vertraulichkeit
• 9:10 : [NEU] [mittel] Oracle REST Data Services: Schwachstelle gefährdet Integrität
• 9:10 : [NEU] [mittel] Oracle Database Server: Mehrere Schwachstellen
• 9:9 : A 7-Zip bug allows to bypass the Mark of the Web (MotW) feature
• 9:9 : EnGenius Cloud Managed ESG320 VPN Router improves security and network performance
• 9:9 : Another Critical Microsoft Patch: Cyber Security Today for Wednesday, January 22, 2024
• 8:35 : Hashtag-Zensur auf Instagram: #Biden, #Democrats und Co. blockiert
• 8:35 : IoT-Innovationen für urbane Sicherheit
• 8:35 : Ross Ulbricht: Trump schenkt dem Silk-Road-Gründer die Freiheit
• 8:34 : Record Breaking 5.6 Tbps DDoS attack Launched by Mirai Botnet
• 8:34 : Improving Security Posture with Smarter Firewall Policies: Lessons from IDC’s Latest InfoBrief
• 8:34 : Inversion6 launches service to help companies combat cyber threats
• 8:34 : 7-Zip flaw, CERT-UA impersonation, AI EO revoked
• 8:5 : IT Security News Hourly Summary 2025-01-22 09h : 8 posts
• 8:3 : Mirai Botnet Launches Record 5.6 Tbps DDoS Attack with 13,000+ IoT Devices
• 8:3 : Oracle Releases January 2025 Patch to Address 318 Flaws Across Major Products
• 7:35 : JetBrains Package Checker schützt vor bösartigen Paketen
• 7:6 : heise-Angebot: iX-Workshop: Lokales Active Directory gegen Angriffe absichern
• 7:5 : Cyber Resilience in Enterprise Industrial Control Systems: Safeguarding Critical Infrastructure
• 7:5 : Three New ICS Advisories Released by CISA Detailing Vulnerabilities & Mitigations
• 7:5 : Why Healthcare Organisations Have to Act Decisively in the Shadow of New HIPAA Updates
• 7:5 : Mirai Botnet Launches Record 5.6 Tbps DDoS Attack with 13,000+ IoT Device
• 6:34 : T- Mobile buys 200k security keys to banish data breach concerns
• 6:34 : Criminal IP and OnTheHub Partner to Deliver Advanced Cybersecurity Solutions for Education
• 6:34 : China-aligned PlushDaemon APT compromises supply chain of Korean VPN
• 6:7 : Romance scams: Online Impersonator duped a woman out of $850k
• 6:7 : IBM i Access Client Solutions Might Be Leaking Your Passwords
• 6:7 : Security Researchers Discover Critical RCE Vulnerability, Earn $40,000 Bounty
• 6:7 : The Murdoc Botnet: Reinventing Mirai to Exploit IoT Vulnerabilities
• 5:32 : Weaponized VS Code Impersonate Zoom App Steals Cookies From Chrome
• 5:32 : Acronis CISO on why backup strategies fail and how to make them resilient
• 5:5 : IT Security News Hourly Summary 2025-01-22 06h : 2 posts
• 5:4 : Privacy professionals feel more stressed than ever
• 4:32 : Cybersecurity books on ransomware you shouldn’t miss
• 3:14 : Understanding the Principle of Least Privilege (PoLP)
• 3:14 : What PCI Attestation of Compliance Is and How to Get It
• 3:13 : AI Code Generation: The Risks and Benefits of AI in Software
• 3:13 : GDPR Compliance in the US: Checklist and Requirements
• 2:33 : Hashtag-Zensur auf Instagram: #Biden, #Democrats & Co. blockiert
• 2:32 : ISC Stormcast For Wednesday, January 22nd, 2025 https://isc.sans.edu/podcastdetail/9290, (Wed, Jan 22nd)
• 2:32 : Mitiga Banks $30M Series B to Expand Cloud and SaaS Security Platform
• 2:32 : DEF CON 32 – A (Shallow) Dive Into World Of Aircraft PKI
• 2:5 : IT Security News Hourly Summary 2025-01-22 03h : 3 posts
• 1:34 : PowerSchool theft latest: Decades of Canadian student records, data from 40-plus US states feared stolen
• 1:7 : PowerSchool thieves net decades of Canadian students’ records, hit 40-plus US states
• 1:7 : Trump Frees Silk Road Creator Ross Ulbricht After 11 Years in Prison
• 0:34 : BreachForums Admin Conor Fitzpatrick (Pompompurin) to Be Resentenced
• 23:9 : Wordfence Bug Bounty Researchers: Unlock More Earning Potential With New “Refer A Researcher” Program
• 23:9 : Former CIA analyst pleaded guilty to leaking top-secret documents
• 23:5 : IT Security News Hourly Summary 2025-01-22 00h : 4 posts