IT Security News Daily Summary 2025-02-07

187 posts were published in the last hour

• 22:32 : Apple’s ELEGNT framework could make home robots feel less like machines and more like companions
• 22:32 : UK Government Reportedly Demands Access to Encrypted iCloud Files Worldwide
• 22:10 : Google Maps: Dieses neue Symbol soll Autofahrern helfen – was es bedeutet
• 22:9 : ASP.NET Vulnerability Lets Hackers Hijack Servers, Inject Malicious Code
• 22:9 : iOS 18.3.1 Release Expected Within the Next Few Weeks
• 22:9 : What is DMARC: Protecting Your Domain from Email Fraud
• 22:9 : ACLU Warns DOGE’s ‘Unchecked’ Access Could Violate Federal Law
• 22:9 : Week in Review: APTs using Gemini, ransomware payments decrease, abandoned AWS risk
• 21:32 : The best VPN for streaming in 2025: Expert tested and reviewed
• 21:4 : The UK’s Demands for Apple to Break Encryption Is an Emergency for Us All
• 20:32 : EFF to Ninth Circuit: Young People Have a First Amendment Right to Use Social Media (and All of Its Features)
• 20:32 : Ransom Payments Fell 35% in 2024 After LockBit, BlackCat Takedowns
• 20:5 : IT Security News Hourly Summary 2025-02-07 21h : 7 posts
• 20:2 : The advantages and disadvantages of AI in cybersecurity
• 20:2 : Ransomware hits healthcare, critical services in January
• 19:32 : IT Teams Worry About Increasing Cost of Cyber Tools From AI Features, While Criminals Barely Use Them
• 19:32 : AI Security is API Security: What CISOs and CIOs Need to Know
• 19:9 : Trimble Releases Security Updates to Address a Vulnerability in Cityworks Software
• 19:9 : Hospital Sisters Health System impacted 882,782 individuals
• 19:9 : Meta Trained Its Llama AI Models Using 81.7 TB of Books Stolen From Torrent Shadow Libraries
• 18:32 : Best Practices for Preparing and Automating Security Questionnaires
• 18:32 : 10 Common Mistakes in Managing Your Splunk Environment (and how to avoid them)
• 18:32 : Efficient Cybersecurity Compliance: The Smart Approach to Mitigating Risks
• 18:32 : Enhancing telecom security with AWS
• 18:7 : Take my money: OCR crypto stealers in Google Play and App Store
• 18:7 : Investors, Trump and the Illuminati: What the “Nigerian prince” scams became in 2024
• 18:7 : ThreatMate Raises $3.2 Million for Attack Surface Management Platform
• 17:32 : South Korean Prosecutors To Appeal After Samsung Boss ‘Not Guilty’ Ruling
• 17:32 : A View on Understanding Non-Human Identities Governance
• 17:32 : What is physical security and how does it work?
• 17:32 : UK Home Office silent on alleged Apple backdoor order
• 17:5 : Wordfence Intelligence Weekly WordPress Vulnerability Report (January 27, 2025 to February 2, 2025)
• 17:5 : 20 Million OpenAI accounts offered for sale
• 17:5 : Hackers Exploit US Government agency’s Cloud System for Cryptojacking
• 17:5 : IT Security News Hourly Summary 2025-02-07 18h : 22 posts
• 16:33 : Tata Technologies Report Suffering Ransomware Attack
• 16:32 : Securing GAI-Driven Semantic Communications: A Novel Defense Against Backdoor Attacks
• 16:32 : Autonomous LLMs Reshaping Pen Testing: Real-World AD Breaches and the Future of Cybersecurity
• 16:32 : Top 21 Kali Linux tools and how to use them
• 16:32 : DEF CON 32 – Custom, Cheap, Easy, And Safe Badges Without Starting From Scratch
• 16:32 : Yahoo Finance: U.S. Lawmakers Push to Ban China’s DeepSeek AI Over Security Risks – Feroot Security Analysis
• 16:18 : Le Chat ausprobiert: So schlägt sich die französische KI-App im Vergleich zu ChatGPT, Claude und Deepseek
• 16:18 : Diese KI wurde für 50 Dollar in nur 30 Minuten erstellt – und soll trotzdem mit OpenAI gleichziehen
• 16:18 : 20 Jahre Google Maps: Wie sich der Kartendienst aus dem Browser zu einer der beliebtesten Apps entwickelt hat
• 16:18 : Besserer Einblick in KI-Logik: OpenAI erweitert o3-Mini um ein neues Feature
• 16:18 : KI-Power für Tabellen: Gemini verwandelt Google Sheets-Daten jetzt in Grafiken
• 16:18 : Europol: Finanzinstitute sollten rasch auf quantensichere Kryptografie umsatteln
• 16:17 : DOGE sparks Cybersecurity concerns
• 16:17 : 7,000 Exposed Ollama APIs Leave DeepSeek AI Models Wide Open to Attack
• 16:17 : Cybercriminals Target IIS Servers to Spread BadIIS Malware
• 16:17 : Cyber Attack Severity Rating System Established in UK
• 16:17 : Hackers Attacking Web Login Pages of Popular Firewalls for Brute-Force Attacks
• 16:17 : FINALLY! FCC Gets Tough on Robocall Fraud
• 16:17 : WhatsApp Uncovers Zero-Click Spyware Attack Linked to Israeli Firm Paragon
• 16:16 : Gmail Confirms AI Hack: 2.5 Billion Users Warned of Phishing Scam
• 16:16 : DeepSeek App Transmits Sensitive User and Device Data Without Encryption
• 16:16 : Most UK GDPR Enforcement Actions Targeted Public Sector in 2024
• 15:33 : RBI’s Anti-Fraud Masterstroke: bank.in and fin.in Domains to Revolutionize Online Banking Security
• 15:33 : The best travel VPNs of 2025: Expert tested and reviewed
• 15:33 : Cyber Attack Severity Rating System Established in U.K.
• 15:33 : HPE begins notifying data breach victims after Russian government hack
• 15:32 : Screenshot-Reading Malware
• 15:32 : Researchers at University of Crete Developes Uncrackable Optical Encryption
• 15:13 : EU Bans AI Systems Deemed ‘Unacceptable Risk’
• 14:17 : Cybersicher mit sechs Cybertrends
• 14:16 : Blue Origin Mission Successfully Tests Lunar Gravity
• 14:16 : UK Orders Apple To Provide Access To Encrypted User Data – Report
• 14:16 : In Other News: Cybersecurity Salaries, NanoLock Collapse, NSO Transparency Report
• 14:16 : CISA Warns of Active Exploits Targeting Trimble Cityworks Vulnerability
• 14:16 : Malicious AI Models on Hugging Face Exploit Novel Attack Technique
• 14:5 : IT Security News Hourly Summary 2025-02-07 15h : 10 posts
• 13:32 : Hackers Leveraging Image & Video Attachments to Deliver Malware
• 13:32 : How to use Tor to privately browse the web – it’s easier than you think
• 13:32 : Information of 883,000 Stolen in Crippling Attack on Hospital Sisters Health System
• 13:12 : Microsoft Sysinternals 0-Day Vulnerability Enables DLL Injection Attacks on Windows
• 13:12 : Ghidra 11.3 Released – A Major Update to NSA’s Open-Source Tool
• 13:12 : New Scareware Attack Targeting Mobile Users to Deploy Malicious Antivirus Apps
• 13:12 : Check Point Helps Gentera Secure the Financial Future of Millions
• 13:12 : New Facebook Fake Copyright Notices Phishing Steals Your FB Credentials
• 13:12 : New Attack Technique Uncovered Abusing Kerberos Delegation in Active Directory Networks
• 13:12 : CISA Warns of Active Exploitation in Trimble Cityworks Vulnerability Leading to IIS RCE
• 12:33 : UK government demands Apple backdoor to encrypted cloud data: report
• 12:32 : Coalition of US states to file lawsuit after Musk’s DOGE gains access to Americans’ personal data
• 12:32 : UK Engineering Giant IMI Hit by Cyberattack
• 12:32 : Attackers compromise IIS servers by leveraging exposed ASP.NET machine keys
• 12:13 : [UPDATE] [mittel] Oracle Java SE: Mehrere Schwachstellen
• 12:13 : [UPDATE] [hoch] Oracle Java SE: Mehrere Schwachstellen
• 12:13 : [NEU] [mittel] libtasn1: Schwachstelle ermöglicht Denial of Service
• 12:13 : [NEU] [UNGEPATCHT] [kritisch] ProFTPD: Schwachstelle ermöglicht Codeausführung
• 12:12 : Microsoft Edge Vulnerabilities Let Attackers Execute Remote Code – Update Now!
• 12:12 : UK industry leaders unleash hurricane-grade scale for cyberattacks
• 12:11 : 430,000 Impacted by Data Breaches at New York, Pennsylvania Healthcare Organizations
• 12:11 : Microsoft Identifies 3,000+ Publicly Disclosed ASP.NET Machine Keys Vulnerable to Code Injection
• 12:11 : AI-Powered Social Engineering: Reinvented Threats
• 11:32 : 7-Zip 0-Day Flaw Added to CISA’s List of Actively Exploited Vulnerabilities
• 11:32 : Third-Party Risk Management Failures Expose UK Finance Sector
• 11:10 : Kaspersky Anti-Virus: Schwachstelle ermöglicht Denial of Service
• 11:10 : [NEU] [hoch] Moxa Switch (EDS, ICS, IKS und SDS): Schwachstelle ermöglicht Denial of Service
• 11:10 : [NEU] [mittel] Kaspersky Anti-Virus: Schwachstelle ermöglicht Denial of Service
• 11:9 : SSL 2.0 turns 30 this Sunday… Perhaps the time has come to let it die?, (Fri, Feb 7th)
• 11:9 : Logsign Vulnerability Allows Remote Attackers to Bypass Authentication
• 11:9 : Research Reveals Data Breaches On The Rise at UK Law Firms
• 11:9 : PowerSchool data breach affected 16,000 students in the UK
• 11:9 : Developers Beware! Malicious ML Models Detected on Hugging Face Platform
• 11:9 : India’s RBI Introduces Exclusive “bank.in” Domain to Combat Digital Banking Fraud
• 11:5 : IT Security News Hourly Summary 2025-02-07 12h : 20 posts
• 10:33 : Ohne Nutzerinteraktion: Kritische Outlook-Lücke wird aktiv ausgenutzt
• 10:9 : Microsoft Edge: Mehrere Schwachstellen
• 10:9 : Anthropic setzt auf KI – aber Bewerbungen müssen selbst verfasst werden
• 10:9 : In diesem PDF läuft Linux – das steckt dahinter
• 10:9 : Geheimbefehl: Apple soll Briten Behördenzugriff auf verschlüsselte iCloud geben
• 10:9 : [NEU] [hoch] Microsoft Dynamics 365: Schwachstelle ermöglicht Privilegieneskalation
• 10:9 : [NEU] [mittel] HP LaserJet: Schwachstelle ermöglicht Denial of Service
• 10:9 : [NEU] [hoch] Microsoft Edge: Mehrere Schwachstellen
• 10:8 : Chinese-Speaking Group Manipulates SEO with BadIIS
• 10:8 : Hackers Exploit DeepSeek & Qwen AI Models for Malware Development
• 10:8 : Developers Beware! Malicious ML Models Found on Hugging Face Platform
• 10:8 : New Facebook Fake Copyright Notices to Steal Your FB Accounts
• 10:8 : Hackers Exploiting SimpleHelp Vulnerabilities to Deploy Malware on Systems
• 10:8 : Attackers used a public ASP.NET machine to conduct ViewState code injection attacks
• 10:8 : HPE Aruba Networking ClearPass Policy Manager Vulnerabilities Allow Arbitrary Code Execution
• 10:7 : DeepSeek iOS App Sending Data Unencrypted to ByteDance Controlled Server
• 10:7 : Dell Update Manager Plugin Vulnerability Let Hackers Access Sensitive Data
• 10:7 : Ex-Google Engineer Charged for Stealing AI Secrets to China
• 10:7 : Logsign Vulnerability Remote Attackers to Bypass Authentication
• 10:7 : Trimble Cityworks Customers Warned of Zero-Day Exploitation
• 9:33 : Britische Regierung erzwingt Zugriff auf Apples verschlüsselte Cloud-Daten
• 9:32 : Cybercriminals Weaponize Graphics Files in Phishing Attacks
• 9:10 : Google Chrome / Microsoft Edge: Mehrere Schwachstellen
• 9:10 : Defekter Sicherheitspatch für HCL BigFix Server Automation repariert
• 9:10 : Datenleck bei Thermomix: Daten von 1 Million deutscher Nutzer im Darknet
• 9:10 : heise-Angebot: Online-Kurs mit Hochschulzertifikat: IT-Sicherheit in Produktionsanlagen
• 9:10 : Recaptcha: Google trackt, KI trainiert, Datenschützer schauen zu
• 9:10 : [UPDATE] [kritisch] Microsoft Office: Mehrere Schwachstellen
• 9:10 : [UPDATE] [mittel] Prozessoren: Schwachstelle ermöglicht Offenlegung von Informationen und Umgehung von Kryptografie
• 9:10 : [UPDATE] [hoch] wget: Schwachstelle ermöglicht Offenlegung von Informationen
• 9:10 : [UPDATE] [kritisch] Sophos XG Firewall: Schwachstelle ermöglicht Codeausführung
• 9:10 : [UPDATE] [hoch] bzip2: Schwachstelle ermöglicht Ausführen von beliebigem Programmcode mit den Rechten des Dienstes
• 9:9 : Former Google Engineer Charged for Allegedly Stealing AI Secrets for China
• 8:33 : Kooperation für Kompetenz
• 8:33 : Angriffe mit Ransomware: 2024 wieder deutlich weniger Lösegeld gezahlt
• 8:33 : Thermomix-Forum: Hacker erbeuten millionenfach Nutzerdaten von Vorwerk
• 8:32 : Hackers Exploiting DeepSeek & Qwen AI Models To Develop Malware
• 8:32 : Securing Data Catalog Implementation
• 8:32 : Outlook RCE bug, Kimsuky forceCopy malware, Treasury tightens DOGE
• 8:5 : IT Security News Hourly Summary 2025-02-07 09h : 10 posts
• 8:3 : Dell Update Manager Plugin Flaw Exposes Sensitive Data
• 8:3 : Building a Culture of Security: Employee Awareness and Training Strategies
• 8:3 : Self-sovereign identity could transform fraud prevention, but…
• 8:3 : DeepSeek Security Concerns: Cyber Security Today for Friday, February 7, 2025
• 7:32 : Hackers Exploited 3,000+ ASP.NET Keys To Execute Code on IIS Server Remotely
• 7:32 : Barracuda Networks Adds Ability to Scan Outbound Email Messages
• 7:8 : Sicherheitsexperten enthüllen triviale Datenlecks bei Legaltechs
• 7:7 : Richter Scale measurement for Cyber Attacks and OpenAI data breach details
• 7:7 : DeepSeek iOS App Leaks Data to ByteDance Servers Without Encryption
• 7:7 : Splunk Unveils a New AI Based Honeypot “DECEIVE” to Log Attacker Activities
• 6:32 : Anzeige: IT-Sicherheit für Webentwickler mit 15 Prozent Rabatt
• 6:32 : India to launch new domain name for banks to fight digital fraud
• 6:11 : UK Government to introduce a digital ID wallet
• 6:11 : Critical Flaws in HPE Aruba ClearPass Expose Systems to Arbitrary Code Execution
• 6:11 : Ghidra 11.3 released: New features, performance improvements, bug fixes
• 6:11 : Hackers Exploiting SimpleHelp RMM Flaws for Persistent Access and Ransomware
• 5:33 : Bitwarden erhöht Zugangssicherheit von Nutzerkonten
• 5:32 : Splunk Introduces “DECEIVE” an AI-Powered Honeypot to Track Cyber Threats
• 5:32 : Infosec pros struggle under growing compliance
• 5:5 : IT Security News Hourly Summary 2025-02-07 06h : 6 posts
• 4:32 : Sectigo Debuts Post-Quantum Cryptography Testing Platform with Crypto4A
• 4:32 : The Next Y2K? How Past IT Challenges Shape Modern Cybersecurity
• 4:32 : New infosec products of the week: February 7, 2025
• 4:32 : Overconfident execs are making their companies vulnerable to fraud
• 4:11 : 2025-02-07: Three days of scans and probes and web traffic hitting my web server
• 4:11 : The RAT Pack Returns: ValleyRAT’s Devious Delivery Methods
• 3:32 : Apple missed screenshot-snooping malware in code that made it into the App Store, Kaspersky claims
• 2:32 : Keeper Security and Ingram Micro expand partnership
• 2:32 : WatchGuard joins AWS ISV Accelerate Program
• 2:32 : EFF Applauds Little Rock, AR for Cancelling ShotSpotter Contract
• 2:15 : If Ransomware Inc was a company, its 2024 results would be a horror show
• 2:5 : IT Security News Hourly Summary 2025-02-07 03h : 2 posts
• 1:32 : ISC Stormcast For Friday, February 7th, 2025 https://isc.sans.edu/podcastdetail/9314, (Fri, Feb 7th)
• 1:32 : BTS #45 – Understanding Firmware Vulnerabilities in Network Appliances
• 0:9 : EFF Applauds Little Rock, AK for Cancelling ShotSpotter Contract
• 23:32 : S. Korea’s Notorious Sex Crime Hub Ya-moon Hacked, User Data Leaked
• 23:32 : 2024 FINMA ISAE 3000 Type II attestation report available with 179 services in scope
• 23:32 : 2024 PiTuKri ISAE 3000 Type II attestation report available with 179 services in scope
• 23:11 : U.S. CISA adds Microsoft Outlook, Sophos XG Firewall, and other flaws to its Known Exploited Vulnerabilities catalog
• 23:5 : IT Security News Hourly Summary 2025-02-07 00h : 11 posts
• 22:55 : IT Security News Daily Summary 2025-02-06