IT Security News Daily Summary 2025-06-11

210 posts were published in the last hour

• 21:36 : CISA Warns of Remote Control Flaws in SinoTrack GPS Trackers
• 21:36 : Google Releases Android 16: What’s New and What’s Missing
• 21:7 : Check Point Research Warns of Holiday-Themed Phishing Surge as Summer Travel Season Begins
• 21:7 : Cisco Isovalent Load Balancer takes aim at Broadcom’s VMware
• 20:36 : Patch Tuesday: Microsoft Patches 68 Security Flaws, Including One for Targeted Espionage
• 20:6 : Over 40,000 Internet-Connected Cameras Exposed, Streaming Live Online
• 20:6 : Interpol Dismantles 20,000 Malicious IPs and Domains Tied to 69 Malware Variants
• 20:6 : Skybox Ya No Está. El Riesgo de Esperar Sigue Ahí.
• 20:6 : Los Peligros de la Gestión de Políticas de Seguridad de Red Desarrolladas Internamente
• 20:5 : IT Security News Hourly Summary 2025-06-11 21h : 4 posts
• 19:38 : New Secure Boot Vulnerability Allows Attackers to Install Malware in PC and Server Boot Processes
• 19:6 : UK Spending Review Includes Investments In AI, Nuclear Power
• 19:6 : ConnectWise to Update Code Signing Certificates for ScreenConnect, Automate, and RMM
• 19:6 : Patch your Windows PC now before bootkit malware takes it over – here’s how
• 19:5 : How Waymo Handles Footage From Events Like the LA Immigration Protests
• 19:5 : US government’s vaccine website defaced with AI-generated content
• 18:35 : Linux Malware Authors Targeting Cloud Environments with ELF Binaries
• 18:35 : 23andMe raked by Congress on privacy, sale of genetic data
• 18:35 : Salesforce tags 5 CVEs after SaaS security probe uncovers misconfig risks
• 18:35 : Hire me! To drop malware on your computer
• 18:4 : 12 Simple Ways to Remove Your Information From the Internet
• 18:4 : How to delete your 23andMe data
• 18:4 : Top 3 Evasion Techniques In Phishing Attacks: Real Examples Inside
• 18:3 : How to Conduct a Secure Code Review – Tools and Techniques
• 18:3 : Infostealer crackdown: Operation Secure takes down 20,000 malicious IPs and domains
• 18:3 : Former Black Basta Members Use Microsoft Teams and Python Scripts in 2025 Attacks
• 17:35 : Europol: Datendiebstahl ist Big Business und eine erhebliche Bedrohung
• 17:34 : Insyde UEFI Application Vulnerability Enables Digital Certificate Injection Through NVRAM Variable
• 17:34 : Cybercriminals Exploit Fake Salesforce Tool to Steal Company Data and Demand Payments
• 17:9 : Google veröffentlicht Android 16 mit Live-Updates und mehr Sicherheit
• 17:9 : ChatGPT gegen Atari 2600: Wer gewinnt in einer Partie Schach?
• 17:8 : Mit Nvidias Supercomputern: Das deutsche Startup DeepL will das Internet jetzt in 18 Tagen übersetzen
• 17:8 : Hey Mark Zuckerberg, schau mal, wer für dein Superintelligenz-Team in Frage kommt
• 17:8 : Schlechter als ein Amateur: Warum dieser Badminton-Roboter trotzdem ein Meilenstein ist
• 17:5 : Google Layoffs Continue, As ‘Buyouts’ Offered To Search Staff
• 17:5 : Outlook Vulnerability Allows Remote Execution of Arbitrary Code by Attackers
• 17:5 : ‘Generative AI helps us bend time’: CrowdStrike, Nvidia embed real-time LLM defense, changing how enterprises secure AI
• 17:5 : IT Security News Hourly Summary 2025-06-11 18h : 13 posts
• 16:35 : 33,000 WordPress Sites Affected by Privilege Escalation Vulnerability in RealHomes WordPress Theme
• 16:35 : Uber, Wayve To Trial Robotaxis In London In 2026
• 16:35 : Windows Common Log File System Driver Vulnerability Let Attackers Escalate Privileges
• 16:35 : Linux Malware Authors Attacking Cloud Environments Using ELF Binaries
• 16:35 : FIN6 Hackers Mimic as Job Seekers to Target Recruiters with Weaponized Resumes
• 16:35 : Windows Task Scheduler Vulnerability Let Attackers Escalate Privileges
• 16:35 : Understanding OWASP Top 10 – Mitigating Web Application Vulnerabilities
• 16:35 : OffensiveCon25 – KernelGP: Racing Against The Android Kernel
• 16:35 : AI is Redefining Cyber Risk Quantification: Here’s What Every CISO Needs to Know
• 16:9 : Anzeige: IT-Grundschutz praxisnah umsetzen und zertifizieren lassen
• 16:6 : Asia dismantles 20,000 malicious domains in infostealer crackdown
• 16:5 : Reddit Sues Anthropic for Training Claude AI with User Content Without Permission
• 16:5 : Lee Enterprises Ransomware Attack Exposes Data of 40,000 Individuals
• 16:5 : AWS completes Police-Assured Secure Facilities (PASF) audit in Europe (London) AWS Region
• 15:37 : Beyond Implementation: Building a Zero Trust Strategy That Works
• 15:37 : Enhance Your Edge Native Apps with Low Latency Using Multiple EdgeWorkers
• 15:37 : Scam Phone Numbers to Block in 2025 (and How to Actually Stop Them)
• 15:37 : What is an asymmetric cyberattack?
• 15:37 : Securonix Acquires Threat Intelligence Firm ThreatQuotient
• 15:37 : 295 Malicious IPs Launch Coordinated Brute-Force Attacks on Apache Tomcat Manager
• 15:5 : Evaluating Similariy Digests: A Study of TLSH, ssdeep, and sdhash Against Common File Modifications
• 15:5 : Install this Windows patch ASAP before bootkit malware takes over your PC – here’s how
• 15:5 : Analysis to action: Operationalizing your threat intelligence
• 15:5 : Maze Banks $25M to Tackle Cloud Security with AI Agents
• 15:5 : Vulnerability Summary for the Week of June 2, 2025
• 15:5 : Connectwise is rotating code signing certificates. What happened?
• 15:5 : Congress Introduces Bill to Strengthen Healthcare Cybersecurity
• 14:38 : Angriffskampagne droht Content-Kreatoren mit Copyright-Verstößen
• 14:36 : How to turn on Android’s Private DNS Mode – and why your security depends on it
• 14:36 : Install this Windows PC update ASAP before bootkit malware takes over – here’s how
• 14:36 : Whole Foods warns of shortages after cyberattack at its primary distributor UNFI
• 14:36 : 23andMe says 15% of customers asked to delete their genetic data since bankruptcy
• 14:36 : 40,000+ Internet-connected Cameras Exposed Streaming Live on The Internet
• 14:35 : How to Use Threat Intelligence to Enhance Cybersecurity Operations
• 14:35 : Flaw in Industrial Computer Maker’s UEFI Apps Enables Secure Boot Bypass on Many Devices
• 14:35 : US Federal Authorities Disrupt Growing Malware Pyramid Network
• 14:9 : TÜV-Umfrage: Großteil der Unternehmen glaubt an eigene IT-Sicherheit, BSI nicht
• 14:6 : catdoc zero-day, NVIDIA, High-Logic FontCreator and Parallel vulnerabilities
• 14:6 : Windows Common Log File System Driver Flaw Allows Attackers to Escalate Privileges
• 14:6 : Windows Task Scheduler Flaw Allows Attackers to Escalate Privileges
• 14:6 : Your Android phone is getting a huge security upgrade for free – what’s new
• 14:6 : Red Hat’s global impact on Linux security
• 14:6 : The open source paradox: Unpacking risk, equity and acceptance
• 14:6 : Webinar Today: Rethinking Endpoint Hardening for Today’s Attack Landscape
• 14:6 : DoD issues new marching orders on secure software and SBOMs
• 14:6 : 5 Reasons to Replace VPNs with a Remote Privileged Access Management Solution (RPAM)
• 14:5 : IT Security News Hourly Summary 2025-06-11 15h : 5 posts
• 13:33 : IBM To Build First ‘Large Scale’ Quantum Computer In 2029
• 13:33 : Operation Secure: INTERPOL Disrupts 20,000 Infostealer Domains, 32 Arrested
• 13:33 : Check Point and Pax8 Partnership Provides Powerful New Security Offerings for MSPs
• 13:33 : Trump Guts Biden-Era Cyber Order, Ends Sanctions for Domestic Hackers
• 13:33 : Building a Cybersecurity Incident Response Plan – A Technical Guide
• 13:33 : HPE Aruba Network Vulnerability Exposes Sensitive Information to Hackers
• 13:33 : Microsoft to Block Attachments in Outlook Web & Windows Used by Threat Actors
• 13:33 : Advanced Persistent Threats (APTs) – Detection and Defense Strategies
• 13:33 : Trustwise protects AI deployments from security risks
• 13:33 : SpecterOps Privilege Zones enables security teams to define logical access boundaries
• 13:11 : Deepfakes und Social Engineering: So schützen Sie sich davor
• 13:11 : UEFI-BIOS-Lücken: SecureBoot-Umgehung und Firmware-Austausch möglich
• 13:8 : One Piece of the Puzzle: How a Single Digital Identifier Can Unravel Your Entire Online Life
• 13:8 : Multiple Microsoft Office Vulnerabilities Enable Remote Code Execution by Attackers
• 13:8 : Outset raises $17M to replace human interviewers with AI agents for enterprise research
• 13:8 : Black Duck Elevates Leadership with New Chief Product & Technology Officer
• 13:8 : APIContext Releases Guide to Enterprise API Readiness for Autonomous AI Agents
• 13:8 : CybaVerse Acquires SecureAck to Expand Next-Gen Security Operations Platform for SMEs and MSPs
• 13:8 : Huntress Unveils Immersive Cybersecurity Training That Puts Users in the Shoes of Hackers
• 13:8 : KnowBe4 Wins Multiple 2025 Top Rated Awards From TrustRadius
• 13:8 : Fortinet, Ivanti Patch High-Severity Vulnerabilities
• 13:7 : 20,000 Asian IPs and Domains Dismantled in Infostealer Crackdown
• 12:34 : Salesforce Industry Cloud Hit by 20 Vulnerabilities Including 0days
• 12:34 : CoreDNS Vulnerability Allows Attackers to Exhaust Server Memory via Amplification Attack
• 12:34 : I replaced my Ring with this subscription-less security camera – and it did some things better
• 12:34 : 40,000 Security Cameras Exposed to Remote Hacking
• 12:8 : Ohne Nutzerinteraktion: Microsoft Office anfällig für Schadcode-Attacken
• 12:4 : Enabling Secure AI Inference: Trend Cybertron Leverages NVIDIA Universal LLM NIM Microservices
• 12:4 : Over 80,000 servers hit as Roundcube RCE bug gets rapidly exploited
• 12:4 : How to Detect and Mitigate Insider Threats in Your Organization
• 12:4 : Cyera Raises $540 Million to Expand AI-Powered Data Security Platform
• 12:3 : Recently Disrupted DanaBot Leaked Valuable Data for 3 Years
• 12:3 : SAML SSO: 8 Easy Steps to Understand How It Works (2025 Guide)
• 12:3 : Why DNS Security Is Your First Defense Against Cyber Attacks?
• 12:3 : INTERPOL Dismantles 20,000+ Malicious IPs Linked to 69 Malware Variants in Operation Secure
• 11:35 : Spionage möglich: 40.000 Sicherheitskameras hängen ungeschützt am Netz
• 11:35 : [UPDATE] [mittel] libxml2: Schwachstelle ermöglicht Manipulation von Dateien
• 11:34 : [UPDATE] [niedrig] OpenSSH: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
• 11:34 : [UPDATE] [niedrig] libxml2: Schwachstelle ermöglicht Denial of Service
• 11:34 : [UPDATE] [mittel] Syslog-ng: Schwachstelle ermöglicht Umgehung von Sicherheitsmechanismen
• 11:34 : [UPDATE] [mittel] OWASP ModSecurity: Schwachstelle ermöglicht Denial of Service
• 11:34 : Elon Musk Backs Down After Explosive Feud With Donald Trump
• 11:34 : Microsoft fixes zero-day exploited for cyber espionage (CVE-2025-33053)
• 11:33 : Hands-On Skills Now Key to Landing Your First Cyber Role
• 11:9 : Angriffskampagne droht Content-Kreatoren mit Copyrightverstößen
• 11:9 : Release am Independence Day: Trump-Administration plant eigenen KI-Chatbot
• 11:9 : ChatGPT funktioniert nicht mehr? Diese 8 Tipps helfen, wenn die KI den Dienst verweigert
• 11:9 : macOS 26: Apple streicht beliebte Backup-Funktion – was Nutzer wissen müssen
• 11:9 : Voller Speicher durch Whatsapp? Dieses neue Feature verspricht Abhilfe
• 11:9 : Datenzentren und Krankenhäuser: Bilder zehntausender Überwachungskameras frei im Netz
• 11:5 : Apache CloudStack Flaw Allows Attackers to Execute Privileged Actions
• 11:5 : Securing Microservices – Best Practices for Distributed Systems
• 11:5 : Microsoft Teams New Audit log Feature Allows Admins to Track Individuals Actions
• 11:5 : Microsoft Defender XDR New Advanced Hunting Tables for Email and Cloud Protections
• 11:5 : Rethinking Success in Security: Why Climbing the Corporate Ladder Isn’t Always the Goal
• 11:5 : Horizon3.ai Raises $100 Million in Series D Funding
• 11:5 : How to Build a Lean Security Model: 5 Lessons from River Island
• 11:5 : SinoTrack GPS Devices Vulnerable to Remote Vehicle Control via Default Passwords
• 11:5 : IT Security News Hourly Summary 2025-06-11 12h : 20 posts
• 10:38 : Google Chrome: Mehrere Schwachstellen ermöglichen Codeausführung
• 10:38 : Mozilla Firefox: Mehrere Schwachstellen ermöglichen Codeausführung
• 10:38 : AMD Prozessoren: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
• 10:38 : APT- und Cybercrime-Gangs: Was der Namensabgleich durch die Hersteller bringt
• 10:38 : Zeitnah patchen: Kritische Schwachstellen in Windows-Netzwerken
• 10:38 : [NEU] [hoch] Google Chrome: Mehrere Schwachstellen ermöglichen Codeausführung
• 10:38 : [NEU] [hoch] Mozilla Firefox: Mehrere Schwachstellen ermöglichen Codeausführung
• 10:38 : [NEU] [mittel] AMD Prozessoren: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
• 10:37 : BT Mulls Takeover Of Troubled TalkTalk – Report
• 10:37 : AI-Powered Attacks and Lack of Cyber Readiness. How Mexico Can Respond
• 10:37 : Microsoft slows Windows 11 24H2 Patch Tuesday due to a ‘compatibility issue’
• 10:37 : Chrome, Firefox Updates Resolve High-Severity Memory Bugs
• 10:36 : Researcher Finds Five Zero-Days and 20+ Misconfigurations in Salesforce Cloud
• 10:7 : [NEU] [mittel] Fortinet FortiOS und FortiProxy: Mehrere Schwachstellen
• 10:3 : Toxic trend: Another malware threat targets DeepSeek
• 10:3 : Microsoft Teams New Update Enhances Productivity & Customization
• 10:3 : Windows Remote Desktop Services Vulnerability Allows Remote Code Execution
• 10:3 : Salesforce OmniStudio Vulnerabilities Exposes Sensitive Customer Data in Plain Text
• 10:3 : Firefox Patches Multiple Vulnerabilities That Could Lead to Browser Crash
• 10:3 : URL Scams Everywhere? These Steps Will Help You Stay Safe
• 9:40 : Cybersicherheitslage in der deutschen Wirtschaft verschärft sich
• 9:40 : [NEU] [hoch] GeoServer: Mehrere Schwachstellen
• 9:40 : [UPDATE] [mittel] Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service
• 9:40 : [UPDATE] [mittel] Apache Tomcat: Mehrere Schwachstellen
• 9:40 : [UPDATE] [mittel] Node.js: Mehrere Schwachstellen
• 9:40 : [UPDATE] [mittel] CPython: Schwachstelle ermöglicht Denial of Service
• 9:37 : Global analysis of Adversary-in-the-Middle phishing threats
• 9:37 : HPE Aruba Network Flaw Exposes Sensitive Data to Potential Hackers
• 9:37 : How IP Geolocation Enhances Password Security
• 9:37 : Half of Mobile Users Now Face Daily Scams
• 9:11 : Adobe Creative Cloud Anwendungen: Mehrere Schwachstellen
• 9:11 : Pixel Patchday Juni 2025: Mehrere Schwachstellen
• 9:11 : Forscher warnen: Gefährliche Secure-Boot-Lücke erlaubt Bootkit-Installation
• 9:8 : Two Microsoft Zero-Days for Admins to Fix in June Patch Tuesday
• 8:33 : Adobe: Mehrere Schwachstellen ermöglichen Codeausführung
• 8:33 : [NEU] [niedrig] Fortinet FortiPortal: Schwachstelle ermöglicht Offenlegung von Informationen
• 8:33 : [NEU] [mittel] Microsoft Developer Tools: Mehrere Schwachstellen
• 8:33 : [NEU] [mittel] Fortinet FortiOS: Mehrere Schwachstellen
• 8:33 : [NEU] [hoch] Adobe Magento: Mehrere Schwachstellen
• 8:33 : [NEU] [hoch] Adobe Experience Manager: Mehrere Schwachstellen ermöglichen Privilegieneskalation
• 8:32 : Microsoft Patches 67 Vulnerabilities Including WEBDAV Zero-Day Exploited in the Wild
• 8:32 : Two Microsoft Zero Days for Admins to Fix in June Patch Tuesday
• 8:9 : Intel Firmware: Schwachstelle ermöglicht Denial of Service
• 8:9 : Patchday: Schadcode-Lücken in Adobe Acrobat, InDesign & Co. geschlossen
• 8:8 : [NEU] [mittel] Intel Firmware: Schwachstelle ermöglicht Denial of Service
• 8:5 : A flaw could allow recovery of the phone number associated with any Google account
• 8:5 : Sentra boosts regulatory readiness for large enterprises
• 8:5 : IT Security News Hourly Summary 2025-06-11 09h : 10 posts
• 7:36 : Schutz aus beiden Richtungen: Drohnen einsetzen und abwehren
• 7:36 : Ungeklärte Phishing-Vorfälle rund um Booking.com
• 7:36 : Patchday: Angreifer attackieren Windows über Internet-Explorer-Komponenten
• 7:35 : ICS Patch Tuesday: Vulnerabilities Addressed by Siemens, Schneider, Aveva, CISA
• 7:35 : Vanta AI Agent automates time-consuming GRC workflows
• 7:35 : Red Canary AI agents accelerate incident response
• 7:35 : 40K IoT cameras stream secrets to browsers, Marks & Spencer taking online orders post-cyberattack, PoC Code escalates Roundcube Vuln threat
• 7:35 : Cybersecurity Today: State-Backed ChatGPT Misuse, Dark Gaboon Attacks, and Starlink Installation Controversy
• 7:9 : Microsoft Patchday Juni 2025
• 7:9 : AMD Prozessoren: Schwachstelle ermöglicht Denial of Service und Offenlegung von Informationen
• 7:9 : DNS4EU: DNS für EU-Bürger geht online
• 7:9 : Nutzer gefährdet: WebDAV-Lücke in Windows wird aktiv ausgenutzt
• 7:9 : [NEU] [hoch] Microsoft Windows: Mehrere Schwachstellen
• 7:9 : [NEU] [mittel] AMD Prozessoren: Schwachstelle ermöglicht Denial of Service und Offenlegung von Informationen
• 7:9 : [NEU] [niedrig] Broadcom Fabric OS: Mehrere Schwachstellen
• 7:5 : Insyde UEFI Flaw Enables Digital Certificate Injection via NVRAM Variable
• 6:36 : [NEU] [hoch] Microsoft Office Produkte: Mehrere Schwachstellen
• 6:35 : Multiple Chrome Flaws Enable Remote Code Execution by Attackers