IT Security News Daily Summary 2025-03-19

210 posts were published in the last hour

22:11 : Zero-day vulnerabilities: the real threat behind Netflix’s “Zero Day”
22:11 : TotalAV vs Surfshark VPN: Features Comparison Guide
21:34 : TechRepublic EXCLUSIVE: New Ransomware Attacks are Getting More Personal as Hackers ‘Apply Psychological Pressure”
21:34 : Attackers swipe data of 500k+ people from Pennsylvania teachers union
21:2 : Names, bank info, and more spills from top sperm bank
20:39 : Webbrowser: Google stopft kritisches Sicherheitsleck in Chrome
20:38 : Suspects Charged In Huawei EU Parliament Corruption Probe
20:38 : You have 2 days to update Firefox before everything breaks
20:38 : WMI
20:18 : Sicherheitslücke mit maximaler Risikostufe in Server-Fernwartung
20:17 : “Man hat sich einen Dreck um die Sicherheit der Daten der Spieler geschert”
20:16 : 11 Nation-State Hackers Exploit Unpatched Windows Flaw Since 2017
20:15 : DEF CON 32 – Recon Village – SWGRecon: Automating SWG Rules, Policies & Bypasses
20:5 : IT Security News Hourly Summary 2025-03-19 21h : 3 posts
19:34 : Nvidia’s Cosmos-Transfer1 makes robot training freakishly realistic—and that changes everything
19:34 : Scam Alert: FBI ‘Increasingly Seeing’ Malware Distributed In Document Converters
19:34 : CISA Adds Three Known Exploited Vulnerabilities to Catalog
19:3 : Implementing Least Privilege Access for Enhanced Data Security
19:3 : IBM scores perfect 10 … vulnerability in mission-critical OS AIX
19:3 : EFF’s Reflections from RightsCon 2025
19:3 : SecPod launches Saner Cloud: A Revolutionary CNAPP For Preventive Cybersecurity
18:36 : Mit diesem Tool malt ihr gemeinsam mit KI schlechte Bilder – warum es trotzdem einen Blick wert ist
18:36 : Support-Aus: Microsoft warnt Windows-10-Nutzer und rät zum Kauf eines Computers mit Windows 11
18:36 : So einfach lassen sich Chatbots manipulieren, um Malware zu erstellen
18:36 : Führen aktuelle KI-Modelle wirklich zu AGI? Experten sind skeptisch
18:34 : New research shows we need to rethink approach to resilience and security, says leading tech firm
18:34 : Trend Micro Open Sources Cybertron LLM for Cybersecurity
17:35 : Anzeige: Penetration Testing lernen und Sicherheitslücken schließen
17:34 : BitM Up! Session Stealing in Seconds Using the Browser-in-the-Middle Technique
17:34 : Securing Europe’s Digital Future: The Quantum Race to Protect Communications
17:34 : What is a buffer overflow? How do these types of attacks work?
17:34 : Secure AI inferencing: POC with NVIDIA NIM on CoCo with OpenShift AI
17:34 : Red Hat Advanced Cluster Security 4.7 simplifies management, enhances workflows, and generates SBOMs
17:34 : HP Intros Printers with Protection Against Quantum Cyberattacks
17:10 : The Microsoft patch management guide for admins
17:10 : Analytics company Dataminr secures $85M to fund growth
17:10 : Threat Actors Exploiting Legacy Drivers to Bypass TLS Certificate Validation
17:10 : ANY.RUN’s New Android OS Support Let SOC/DFIR Team Perform Android APK Malware Analysis
17:10 : Hackers Leveraging RMM Tools To Maintain Persistence To Infiltrate And Move Through Networks
17:10 : Vulnerability Summary for the Week of March 10, 2025
17:5 : IT Security News Hourly Summary 2025-03-19 18h : 17 posts
16:33 : Stealthy Apache Tomcat Critical Exploit Bypasses Security Filters: Are You at Risk?
16:33 : Critical AMI BMC Vulnerability Allows Attackers To Bypass Authentication Remotely
16:33 : Beware of Fake GitHub “Security Alerts” Let Hackers Hijack Your Account Login Credentials
16:33 : Attackers Embedding Malicious Word file into a PDF to Evade Detections
16:33 : 41% of Success Logins Across Websites Involves Compromised Passwords
16:33 : US Sperm Donor Giant California Cryobank Hacked – Customers Personal Data Exposed
16:33 : Orion Security Raises $6 Million to Tackle Insider Threats and Data Leaks with AI-Driven DLP
16:33 : HUMAN Security Applies AI to Combatting Malicious Bots
16:33 : Most organizations change policies to reduce CISO liability risk
16:33 : Hackers Exploit Severe PHP Flaw to Deploy Quasar RAT and XMRig Miners
16:33 : Windows Shortcut Flaw Exploited by 11 State-Sponsored Groups
16:16 : Europol warns against Hybrid Cyber Threats
16:16 : Researchers Use AI Jailbreak on Top LLMs to Create Chrome Infostealer
16:16 : Hackers Use RMM Tools to Maintain Persistence and Navigate Networks Undetected
16:16 : mySCADA myPRO Manager RCE Vulnerabilities Allow Remote Attackers to Take Control of ICS Devices
16:16 : These 10 weak passwords can leave you vulnerable to remote desktop attacks
16:16 : US teachers’ union says hackers stole sensitive personal data on over 500,000 members
15:36 : 41% of Successful Logins Across Websites Involve Compromised Passwords
15:36 : Microsoft Windows NTLM File Explorer Vulnerability Exploited in The Wild – PoC Released
15:36 : VPN Vulnerabilities Become a Primary Weapon for Threat Actors Targeting Organizations
15:36 : Threat Actors Steal 3.2 Billion Login Credentials and Infect 23 Million Devices Worldwide
15:36 : Threat Actors Leverage Legacy Drivers to Circumvent TLS Certificate Validation
15:36 : California Cryobank, the largest US sperm bank, disclosed a data breach
15:35 : Threat Actors Stolen Over 3.2 Billion Login Credentials & Infected 23 Million Devices Worldwide
15:35 : March Madness Requires Vigilance on Both an Individual and Corporate Level
15:35 : DEF CON 32 – Recon Village – OWASP Amass: Expanding Data Horizons
15:35 : The Business Consequences of Believing ID Verification Myths
15:35 : Amazon Faces Criticism For Still Hosting Stalkerware Victims’ Data
15:35 : How Data Removal Services Protect Your Online Privacy from Brokers
15:35 : The Future of Work: Why Remote Desktop Solutions Are Essential
15:9 : Infosys to Pay $17.5 Million in Settlement Over 2023 Data Breach
14:33 : Assa Abloy übernimmt GfS und erweitert Marktstellung
14:33 : Attacke über GitHub-Action-Tool spähte Secrets aus und legte sie in Logdatei ab
14:32 : Cape opens $99/month beta of its privacy-first mobile plan, inks Proton deal, raises $30M
14:32 : Virtual Event Today: Supply Chain & Third-Party Risk Security Summit
14:32 : Leaked Black Basta Chats Suggest Russian Officials Aided Leader’s Escape from Armenia
14:14 : Exploit Attempts for Cisco Smart Licensing Utility CVE-2024-20439 and CVE-2024-20440, (Wed, Mar 19th)
14:14 : The Hidden Costs and Ethical Pitfalls of Content Scraping
14:14 : Agentic AI’s Role in the Future of AppSec
14:14 : Arcane Stealer Via YouTube Videos Steal Data From Network Utilities Including VPN & FileZilla
14:14 : New AI Jailbreak Technique Bypasses Security Measures to Write Malware for Google Chrome
14:14 : Cloudflare Launches Cloudforce One Threat Platform to Analyze IoCs, IP, Hashes & Domains
14:14 : The “free money” trap: How scammers exploit financial anxiety
14:14 : 1Kosmos 1Key secures shared login environments and OT systems
14:13 : APTs have been using zero-day Windows shortcut exploit for eight years (ZDI-CAN-25373)
14:13 : Vanta unveils features and capabilities to strengthen security collaboration
14:13 : Report: The State of Secrets Sprawl 2025
14:13 : 752,000 Browser Phishing Attacks Mark 140% Increase YoY
14:5 : IT Security News Hourly Summary 2025-03-19 15h : 18 posts
13:35 : Firmware angreifbar: Kritische BMC-Lücke lässt Hacker fremde Serversysteme kapern
13:34 : mySCADA myPRO RCE Vulnerabilities Expose ICS Devices to Remote Control
13:34 : Elastic expands partnership with Tines to scale security operations
13:13 : AI In Software Development: Balancing Innovation and Security in An Era of Lowered Barriers
13:13 : Attackers Hide Malicious Word Files Inside PDFs to Evade Detection
13:13 : Sante PACS Server Flaws Allow Remote Attackers to Download Arbitrary Files
13:13 : Is Firebase Phishing a Threat to Your Organization?
13:13 : Linux Foundation’s trust scorecards aim to battle rising open-source security threats
13:13 : Ex-US Cyber Command chief: Europe and 5 Eyes can’t fully replicate US intel
13:13 : Researchers name several countries as potential Paragon spyware customers
13:13 : Hackers Leveraging Azure App Proxy Pre-authentication to Access Orgs Private Network Resources
13:13 : PHP RCE Vulnerability Actively Exploited in Wild to Attack Windows-based Systems
13:13 : MirrorFace Hackers Customized AsyncRAT Execution Chain to Run Within Windows Sandbox
13:13 : Threat Actors Exploiting DLL Side-Loading Vulnerability in Google Chrome to Execute Malicious Payloads
13:13 : Hackers Abuse Cobalt Strike, SQLMap & Other Tools to Target Organizations’ Web Applications
13:13 : Industry Moves for the week of March 17, 2025 – SecurityWeek
13:12 : Chinese Hacking Group MirrorFace Targeting Europe
13:12 : Windows has an 8-year-old security issue that is exploited and known by Microsoft for some time
12:34 : Nie wieder Rechenfehler? KI prüft Paper auf Irrtürmer – warum das nicht reicht
12:34 : Warum das FBI vor frei verfügbaren File-Convertern warnt
12:34 : Neue Whatsapp-Beta: Das plant der Messanger mit Spotify
12:34 : Gemini Robotics: Googles große Sprachmodelle sollen Roboter smarter machen
12:34 : Nvidia aktualisiert Earth-2: Wie der digitale Zwilling der Erde jetzt noch bessere Wettervorhersagen ermöglichen soll
12:34 : [UPDATE] [mittel] Linux Kernel: Mehrere Schwachstellen
12:34 : [UPDATE] [mittel] PostgreSQL JDBC Treiber: Schwachstelle ermöglicht SQL Injection
12:34 : [UPDATE] [mittel] PHP: Schwachstelle ermöglicht Denial of Service
12:34 : [UPDATE] [hoch] PostgreSQL JDBC Treiber: Schwachstelle ermöglicht Codeausführung
12:32 : Reimagining the future of connectivity with Network 2.0
12:32 : Hackers Hide VenomRAT Malware Inside Virtual Hard Disk Image File
12:32 : ClearFake Infects 9,300 Sites, Uses Fake reCAPTCHA and Turnstile to Spread Info-Stealers
12:32 : Watch This Webinar to Learn How to Eliminate Identity-Based Attacks—Before They Happen
12:13 : CCC zu Schuldenbremse: Kein Geld für Ausschreibungsoptimierer wie SAP und Microsoft
12:13 : [UPDATE] [mittel] Linux Kernel: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff
12:13 : [UPDATE] [hoch] GitLab: Mehrere Schwachstellen
12:13 : [UPDATE] [mittel] Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service und unspezifische Angriffe
12:12 : SpyCloud’s 2025 Identity Exposure Report Reveals the Scale and Hidden Risks of Digital Identity Threats
12:12 : Sperm bank breach deposits data into hands of cybercriminals
12:12 : Sophisticated Attack Via Booking Websites Installs LummaStealer Malware
12:12 : VPN Vulnerabilities Emerges As The Key Tool for Threat Actors to Attack Organizations
12:12 : Scareware Combined With Phishing in Attacks Targeting macOS Users
12:12 : Brian Cox to Discuss Quantum Computing’s Impact at Infosecurity Europe 2025
11:37 : Adobe Launches AI Agents To Enhance Online Marketing
11:37 : Cloudflare Introduces Cloudforce One to Detect and Analyze IoCs, IPs, and Domains
11:37 : US Sperm Donor Giant California Cryobank Hit by Data Breach
11:37 : Rules File Backdoor: AI Code Editors exploited for silent supply chain attacks
11:37 : Fortinet Vulnerability Exploited in Ransomware Attack, CISA Warns
11:37 : Sneaky 2FA Joins Tycoon 2FA and EvilProxy in 2025 Phishing Surge
11:17 : Synology DiskStation Manager: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
11:17 : [NEU] [mittel] Checkmk: Schwachstelle ermöglicht Offenlegung von Informationen
11:17 : [NEU] [mittel] Synology DiskStation Manager: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
11:16 : Xiaomi Raises EV Target Amidst Sales Surge
11:16 : Top 10 Passwords Hackers Use to Breach RDP – Is Yours at Risk?
11:16 : Hackers Exploit Azure App Proxy Pre-Authentication to Access Private Networks
11:16 : New Jailbreak Technique Bypasses DeepSeek, Copilot, and ChatGPT to Generate Chrome Malware
11:16 : The default TV setting you should turn off ASAP – and why it makes such a big difference
11:16 : How to Secure Your Information on AWS: 10 Best Practices
11:16 : The Intersection of Public Policy and Cybersecurity: Building a Framework for 2025 and Beyond
11:16 : Cybersecurity in an Age of Geopolitical Uncertainty: The European Advantage
11:16 : Beware of Fake Coinbase Migration Messages Aimed to Steal Your Wallet Credentials
11:16 : Windows File Explorer Spoofing Vulnerability (CVE-2025-24071)
11:16 : Data Leaks and AI Agents: Why Your APIs Could Be Exposing Sensitive Information
11:16 : 5 Identity Threat Detection & Response Must-Haves for Super SaaS Security
11:16 : Gartner Warns Agentic AI Will Accelerate Account Takeovers
10:36 : Malware im Anmarsch: Ungepatchte Windows-Lücke wird seit 8 Jahren ausgenutzt
10:36 : [NEU] [hoch] Kemp LoadMaster: Schwachstelle ermöglicht Codeausführung
10:35 : [NEU] [mittel] Google Cloud Platform: Mehrere Schwachstellen ermöglichen Denial of Service
10:34 : Apple Loses Bid To Evade German Antitrust Rules
10:34 : Hackers Exploit Cobalt Strike, SQLMap, and Other Tools to Target Web Applications
10:34 : Arcane stealer: We want all your data
10:34 : Tech Show London: Making Dating Scams Less Attractive
10:6 : [NEU] [mittel] Varnish HTTP Cache: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
10:6 : [NEU] [mittel] Aruba AOS-CX: Mehrere Schwachstellen
10:6 : [NEU] [hoch] MongoDB: Schwachstelle ermöglicht Codeausführung und DoS
10:5 : Mercedes-Benz Trials Humanoid Robots From Apptronik
10:5 : Severe AMI BMC Vulnerability Enables Remote Authentication Bypass by Attackers
10:5 : Microsoft Warns of New StilachiRAT Malware
10:5 : Cloudforce One threat events platform provides a real-time view of threat activity
10:5 : Europol Warns of “Shadow Alliance” Between States and Criminals
9:36 : [NEU] [hoch] IBM AIX: Mehrere Schwachstellen ermöglichen Codeausführung
9:36 : [UPDATE] [mittel] Mattermost Plugins: Schwachstelle ermöglicht nicht spezifizierten Angriff
9:36 : [UPDATE] [hoch] Synology DiskStation Manager: Mehrere Schwachstellen
9:36 : [UPDATE] [kritisch] GitLab: Mehrere Schwachstellen
9:35 : Google To Acquire Wiz For $32bn In Cloud Security Mega-Deal
9:35 : Hackers Allegedly Selling Firewall Access to Canon Inc on Hacking Forums
9:35 : Microsoft Windows File Explorer Vulnerability Let Attackers Perform Network Spoofing – PoC Released
9:35 : Critical Synology Vulnerability Let Attackers Remote Execute Arbitrary Code
9:34 : TXOne Networks Stellar 3.2 helps organizations make informed security choices
9:34 : Cytex AICenturion protects against data exfiltration
9:6 : Zugangsdaten gefährdet: Apple patcht Phishing-Lücke in iOS erst nach Monaten
9:6 : Notrufe: 110-Ortungssystem ermöglicht präzise Standortermittlung
9:5 : Hacker Weaponizing Hard Disk Image Files To Deliver VenomRAT
9:5 : Outseer introduces Behavioral Biometrics capability
9:4 : Keysight AI Insight Brokers accelerates threat detection and response
8:38 : Anzeige: Wie Kriminelle KI nutzen und was Unternehmen tun können
8:38 : iOS-Nutzer gefährdet: Phishing-Lücke in Passwords-App erst nach Monaten gepatcht
8:37 : Nvidia Promises Continued AI Chip Demand At Developer Event
8:37 : 11 State-Sponsored Threat Actors Exploit 8-Year-Old Windows Shortcut Flaw
8:36 : MirrorFace Hackers Modify AsyncRAT Execution for Stealthy Deployment in Windows Sandbox
8:36 : CISA Warns of Supply-Chain Attack Exploiting GitHub Action Vulnerability
8:36 : Show top LLMs buggy code and they’ll finish off the mistakes rather than fix them
8:36 : Orion Security emerges from stealth to combat insider threats with AI
8:12 : Effiziente Zutrittsverwaltung mit IT-Lösungen
8:12 : Googles Schwachstellen-Scanner prüft Container-Layer und Maven-Projekte
8:11 : Advanced Cyber Attack Exploits Booking Websites to Deploy LummaStealer Malware
8:11 : CISA Warns of Fortinet FortiOS Authentication Bypass Vulnerability Exploited in Wild
8:5 : IT Security News Hourly Summary 2025-03-19 09h : 5 posts
7:32 : Critical Synology Vulnerability Allows Remote Attackers to Execute Arbitrary Code
7:32 : U.S. CISA adds Fortinet FortiOS/FortiProxy and GitHub Action flaws to its Known Exploited Vulnerabilities catalog
7:32 : Critical mySCADA myPRO Flaws Could Let Attackers Take Over Industrial Control Systems
7:32 : Google Acquires Wiz, CISA must reinstate terminated employees, Commerce Department bans DeepSeek
7:7 : Partnerangebot: envia TEL GmbH – „Community-Treffen Cybersecurity“
6:39 : Anzeige: IT-Notfälle managen und BCM-Strategien entwickeln
6:39 : Browser search can land you into ransomware troubles
6:39 : Shifting to Decentralized Data Storage: The Key to Better Data Security and Privacy
6:38 : CISA Warns of Active Exploitation in GitHub Action Supply Chain Compromise
6:38 : Cybersecurity Today: Exploited Vulnerabilities and Innovative Threat Mitigations: Wednesday, March 19, 2025
6:11 : Windows File Explorer Vulnerability Enables Network Spoofing Attacks: PoC Released
6:11 : Moving beyond checkbox security for true resilience
5:34 : Executives in the Crosshairs: How the Dark Web is Fueling Targeted Threats
5:34 : Protecting your iCloud data after Apple’s Advanced Data Protection removal in the UK

Post navigation