IT Security News Daily Summary 2024-12-10

210 posts were published in the last hour

22:7 : Webhook security: Risks and best practices for mitigation
22:7 : Why software composition analysis is essential for open source security
21:38 : Vom Prompt zum Malbuch: Mit Bild-KI im Handumdrehen kreativ werden
21:5 : Microsoft Patch Tuesday for December 2024 contains four critical vulnerabilities
21:5 : VERT Threat Alert: December 2024 Patch Tuesday Analysis
21:5 : Microsoft holds last Patch Tuesday of the year with 72 gifts for admins
21:5 : US sanctions Chinese cybersecurity company for firewall compromise, ransomware attacks
21:5 : Microsoft fixes exploited zero-day (CVE-2024-49138)
20:41 : Microsoft Patch Tuesday December 2024, 71 Vulnerabilities Fixed Including 1 Zero-day
20:41 : Microsoft Ships Urgent Patch for Exploited Windows CLFS Zero-Day
20:41 : Scam Kit Maker Rebuilding Business After Telegram Channel Shut Down
20:5 : IT Security News Hourly Summary 2024-12-10 21h : 11 posts
20:2 : Introducing EFF’s New Video Series: Gate Crashing
19:39 : Cloud Native Firewall Tests Expose Critical Gaps: How Check Point Minimizes Security Impact
19:39 : US military grounds entire Osprey tiltrotor fleet over safety concerns
19:39 : Comic Agilé – Mikkel Noe-Nygaard, Luxshan Ratnaravi – #315 – Stickies
19:39 : Auguria Streamlines Management of Security Log Data
19:7 : Microsoft Patch Tuesday: December 2024, (Tue, Dec 10th)
19:7 : Black Basta Ransomware Uses MS Teams, Email Bombing to Spread Malware
19:7 : National Instruments LabVIEW
19:7 : Google Cloud expands vulnerability detection for Artifact Registry using OSV
19:7 : Speaking Freely: Tomiwa Ilori
19:7 : Adobe Patches Over 160 Vulnerabilities Across 16 Products
18:38 : Microsoft Patch Tuesday December 2024, Patch for 16 Critical Security Flaws
18:38 : A Practical Guide to Securing NodeJS APIs With JWT
18:38 : OpenAI’s Sora: Everything You Need to Know
18:38 : Microsoft enhanced Recall security, but will it be enough?
18:37 : US sanctions Chinese cybersecurity firm for firewall hacks targeting critical infrastructure
18:37 : Androxgh0st Malware Continues Targeting IoT Devices and Critical Infrastructure
18:37 : Introducing an enhanced version of the AWS Secrets Manager transform: AWS::SecretsManager-2024-09-16
18:2 : 3AM Ransomware: What You Need To Know
17:34 : Dell Urges Immediate Update to Fix Critical Power Manager Vulnerability
17:34 : GitGuardian Extends Reach to Manage Non-Human Identities
17:6 : BadRAM: Historischer Seitenkanal hebelt RAM-Verschlüsselung aus
17:6 : Microsoft Challenge Will Test LLM Defenses Against Prompt Injections
17:5 : Cleo File Transfer Vulnerability Under Exploitation – Patch Pending, Mitigation Urged
17:5 : IT Security News Hourly Summary 2024-12-10 18h : 19 posts
16:35 : BadRAM: Historischer Seitenkanal hebelt Confidential Computing in der Cloud aus
16:35 : US Senator announces new bill to secure telecom companies in wake of Chinese hacks
16:35 : SAP fixed critical SSRF flaw in NetWeaver’s Adobe Document Services
16:35 : Wald.ai Raises $4M in Seed Funding to Protect Data in Conversations With AI Assistants
16:34 : Critical OpenWrt Bug: Update Your Gear!
16:34 : Hackers Exploit AWS Misconfigurations in Massive Data Breach
16:34 : AWS-LC FIPS 3.0: First cryptographic library to include ML-KEM in FIPS 140-3 validation
16:9 : 6 Tipps zum Schutz neuer Geräte während der Feiertage | Avast
16:8 : Ransomware related news trending on Google
16:8 : Hackers Exploit Visual Studio Code for Malicious Remote Access
16:8 : AMD secure VM tech undone by DRAM meddling
16:8 : Schneider Electric EcoStruxure Foxboro DCS Core Control Services
16:8 : CISA Releases Seven Industrial Control Systems Advisories
16:8 : Rockwell Automation Arena
16:8 : Horner Automation Cscape
16:8 : MOBATIME Network Master Clock
16:8 : Cato Networks Introduces Industry’s First SASE-native IoT/OT Security Solution
16:7 : Obsidian Security Achieves Snowflake Ready Validation and Financial Services Competency
16:7 : New Malware Campaign Attacks Manufacturing Industry
15:38 : Rechtsberatung: Warum jeder siebte Deutsche lieber ein Online-Tool nutzt, statt einen Anwalt zu kontaktieren
15:38 : Vergesst ihr oft Whatsapp-Nachrichten? So will euch der Messenger bei dem Problem helfen
15:38 : Störungen im Ticker: Ausfälle bei Microsoft 365 – so könnt ihr die Programme trotzdem nutzen
15:38 : Das neue Outlook kommt: Von diesen zwei Windows-Programmen müsst ihr euch bald verabschieden
15:38 : Was ist denn jetzt AGI und wann kommt sie? Microsoft und OpenAI sind unterschiedlicher Meinung
15:38 : BSI untersucht Sicherheit von smarten Heizkörperthermostaten
15:37 : What is user authentication?
15:37 : What is a stream cipher?
15:37 : What is a block cipher?
15:37 : Why Unified Endpoint Management Is Non-Negotiable for IT Teams in 2025
15:37 : Microsoft Challenges Hackers with $10,000 AI Cybersecurity Contest
15:7 : NTLM-Relay-Angriffe: Microsoft ergreift Gegenmaßnahmen
15:6 : Bot Reporting: 4 Key Differences to Consider
15:6 : Hackers Target Job Seekers with AppLite Trojan Using Fake Job Emails
15:6 : Demystifying Kubernetes in 5 Minutes
15:6 : Cleo File Transfer Tool Vulnerability Exploited in Wild Against Enterprises
15:6 : AppLite: A New AntiDot Variant Targeting Mobile Employee Devices
15:6 : Decoding SMS Pumping Fraud: Protecting Your Communications
15:6 : Romania Annuls Elections After TikTok Campaign and Cyberattacks Linked to Russia
15:6 : Black Basta Ransomware: New Tactics and Growing Threats
15:5 : Stamus Networks Clear NDR uncovers unauthorized activity
15:5 : Fake Recruiters Distribute Banking Trojan via Malicious Apps in Phishing Scam
15:5 : Utility Companies Face 42% Surge in Ransomware Attacks
14:37 : Microsoft ergreift Maßnahmen gegen NTLM-Relay-Angriffe
14:37 : RedLine Malware Weaponizing Pirated Corporate Softwares To Steal Logins
14:36 : Novel iVerify Tool Detects Widespread Use of Pegasus Spyware
14:36 : Horizon3.ai NodeZero Insights enables executives to visualize changes in their security posture
14:7 : Künstliche Intelligenz: OpenAIs o1-Modell soll Forscher ausgetrickst haben
14:7 : Verdächtige verhaftet: Betrüger plündern von Airbnbs aus fremde Bankkonten
14:6 : Visual Studio Tunnels Abused For Stealthy Remote Access
14:6 : Dashlane vs 1Password (2024): Which Password Manager Is Better?
14:6 : Cybersecurity News Round-Up 2024: 10 Biggest Stories That Dominated the Year
14:6 : EU Cyber Resilience Act: What You Need to Know
14:6 : Cohesity completes its merger with Veritas; here’s how they’ll integrate
14:6 : Axios and Unit 42’s Sam Rubin Discuss Disruptive Cyberattacks
14:5 : Fully patched Cleo products under renewed ‘zero-day-ish’ mass attack
14:5 : SAP Patches Critical Vulnerability in NetWeaver
14:5 : Versa Endpoint DLP prevents data exfiltration
14:5 : New AppLite Malware Targets Banking Apps in Phishing Campaign
14:5 : IT Security News Hourly Summary 2024-12-10 15h : 19 posts
13:38 : [UPDATE] [mittel] AngularJS: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
13:38 : [UPDATE] [niedrig] Angular: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
13:38 : [UPDATE] [mittel] Bootstrap: Mehrere Schwachstellen ermöglichen Cross-Site Scripting
13:38 : [UPDATE] [mittel] Red Hat Enterprise Linux (pki-core): Schwachstelle ermöglicht Offenlegung von Informationen
13:38 : [UPDATE] [hoch] Red Hat Enterprise Linux pki-core: Mehrere Schwachstellen
13:37 : EU cybersecurity rules for smart devices enter into force
13:37 : Microsoft Bets $10,000 on Prompt Injection Protections of LLM Email Client
13:37 : Five Ways Spear Phishing Tactics are Evolving in 2025
13:37 : Attackers actively exploiting flaw(s) in Cleo file transfer software (CVE-2024-50623)
13:36 : The Future of Network Security: Automated Internal and External Pentesting
13:36 : Scottish Parliament TV at Risk of Deepfake Attacks
13:6 : Transfer-Software von Cleo: Hinter Firewall bringen, Patch wirkungslos
13:5 : How Red Teaming Helps Meet DORA Requirements
13:5 : November 2024’s Most Wanted Malware: Androxgh0st Leads the Pack, Targeting IoT Devices and Critical Infrastructure
13:5 : Poker Cheaters Allegedly Use Tiny Hidden Cameras to Spot Dealt Cards
13:5 : A CISO’s Guide to Managing Risk as the World Embraces AI
13:5 : Heart surgery device maker’s security bypassed, data encrypted and stolen
13:5 : Astrix Security Banks $45M Series B to Secure Non-Human Identities
13:5 : China’s Surveillance System: Cracks in a Digital Panopticon
12:33 : Künstliche Intelligenz: OpenAIs o1-Modell soll Forscher hintergangen haben
12:32 : Malware Analysis: A Kernel Land Rootkit Loader for FK_Undead
12:32 : Full-Face Masks to Frustrate Identification
12:32 : TikTok ban in US: Company seeks emergency injunction to prevent it
12:32 : Cisco Says Flaws in Industrial Routers, BGP Tool Remain Unpatched 8 Months After Disclosure
12:3 : [NEU] [hoch] Dell Avamar: Mehrere Schwachstellen ermöglichen Codeausführung
12:3 : Critical SAP Vulnerabilities Let Attackers Upload Malicious PDF Files
12:3 : Hackers Weaponize Visual Studio Code Remote Tunnels for Cyber Espionage
12:3 : Phone Phishing Gang Busted: Eight Arrested in Belgium and Netherlands
12:2 : Heart Device Maker Artivion Suffers Ransomware Breach
12:2 : Court Ruling Provides Clarity on Appeals Against ICO Fines
11:38 : Enthält potenziell Schadcode: Kritische Upgrade-Lücke gefährdet Openwrt-Firmware
11:38 : [NEU] [mittel] IBM App Connect Enterprise: Schwachstelle ermöglicht Denial of Service
11:38 : [NEU] [mittel] Dell OpenManage Server Administrator: Mehrere Schwachstellen
11:38 : [NEU] [mittel] Barco ClickShare: Schwachstelle ermöglicht Codeausführung
11:38 : [NEU] [mittel] Autodesk FBX SDK: Schwachstelle ermöglicht Codeausführung
11:37 : Tesla To Use Human Back-Up Drivers For Cybercab Fleet
11:37 : OpenAI Releases Sora Video-Generation Tool
11:37 : Former OpenAI Researcher Raises $40m For AI Voice Start-Up
11:37 : Reddit Introduces AI Search Tool
11:36 : You can boost your cybersecurity skills for free with this new initiative
11:36 : Hackers are exploiting a flaw in popular file-transfer tools to launch mass hacks, again
11:36 : Microsoft Rolls Out Default NTLM Relay Attack Mitigations
11:5 : IT Security News Hourly Summary 2024-12-10 12h : 17 posts
11:3 : [NEU] [UNGEPATCHT] [mittel] ffmpeg: Schwachstelle ermöglicht Denial of Service
11:3 : [NEU] [hoch] SAP Patchday Dezember 2024: Mehrere Schwachstellen
11:3 : [NEU] [hoch] Apache Superset: Mehrere Schwachstellen
11:3 : [NEU] [hoch] Qlik Sense: Mehrere Schwachstellen ermöglichen Codeausführung
11:2 : Dell Warns of Critical Code Execution Vulnerability in Power Manager
11:2 : 21 years since its inception, GNU Shepherd 1.0.0 is released
10:34 : Maximizing Security Data in Splunk with Tripwire’s New App
10:34 : Unlocking the Value of DSPM: What You Need to Know
10:34 : Bitfinex heist gets the Netflix treatment after ‘cringey couple’ sentenced
10:34 : CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force
10:34 : Ongoing Phishing and Malware Campaigns in December 2024
10:5 : IBM App Connect Enterprise Certified Container mit Schadcode-Lücke
10:5 : [UPDATE] [hoch] Linux Kernel: Mehrere Schwachstellen ermöglichen Codeausführung
10:5 : [UPDATE] [mittel] Linux Kernel: Schwachstelle ermöglicht Denial of Service
10:5 : [UPDATE] [niedrig] RabbitMQ: Mehrere Schwachstellen ermöglichen Cross-Site Scripting
10:5 : [UPDATE] [mittel] jQuery: Mehrere Schwachstellen ermöglichen Cross-Site Scripting
10:5 : [UPDATE] [mittel] Linux Kernel: Mehrere Schwachstellen ermöglichen Codeausführung
10:4 : $50 Million Radiant Capital Heist Blamed on North Korean Hackers
9:38 : KI erzeugt aus Umgebungsgeräuschen realistische Bilder – wie das funktioniert
9:37 : Bluesky wird von deutschsprachigen Bots unterwandert: Welche Probleme sie verursachen können
9:37 : KI im Porträt: „Ich wollte den Algorithmen, die unser Leben bestimmen, ein Gesicht geben“
9:37 : Google Trends 2024: Das haben deutsche Nutzer in diesem Jahr besonders oft gesucht
9:35 : Google Announces Quantum Chip Error ‘Breakthrough’
9:35 : China Opens Nvidia Antitrust Probe After US Sanctions
9:35 : Researchers Uncovered Hackers Infrastructre Using Passive DNS Technique
9:35 : Given Today’s Data Complexity, a Platform Mindset is Crucial for Cyber Recovery
9:4 : Mehrere Regionen betroffen: Russland nimmt sich für Testzwecke selbst vom Netz
9:4 : [UPDATE] [hoch] Drupal: Mehrere Schwachstellen
9:3 : Defending Against AI-Powered Attacks in a “Spy vs. Spy” World
9:2 : SecureAuth protects sensitive information with biometric continuous identity assurance
9:2 : Major Drop in Cyber-Attack Reports from Large UK Financial Businesses
8:33 : Modernes Schließsystem für Rathauskomplex
8:33 : SAP-Patchday: Updates schließen teils kritische Sicherheitslücken
8:33 : OpenWrt: Angreifer hätten bestimmte Images mit Schadcode verseuchen können
8:32 : Aiming for Whales: Phishing Tactics Are Climbing the Corporate Ladder
8:32 : TikTok Asks For Emergency Pause On US Divestiture Law
8:32 : Let’s Encrypt to End Support for Online Certificate Status Protocol (OCSP)
8:32 : Cybersecurity Companies Must Practice What They Preach to Avoid the Data Paradox
8:32 : Romanian energy attack, medical device disruption, Deloitte responds to data theft claims
8:5 : IT Security News Hourly Summary 2024-12-10 09h : 16 posts
8:4 : Hackers Attacking Global Sporting Championships Via Fake Domains To Steal Logins
7:39 : heise-Angebot: iX-Workshop: E-Rechnungspflicht – Anpassung von Faktura- und ERP-Software
7:39 : WordPress: WPForms-Plug-in reißt Sicherheitsleck in 6 Millionen Webseiten
7:39 : Gefälschte Schlussverkaufaktionen: Neue Betrugsmasche auf Instagram
7:38 : Black Basta Ransomware Leverages Microsoft Teams To Deliver Malicious Payloads
7:38 : Hackers Target Android Users via WhatsApp to Steal Sensitive Data
7:38 : Mauri Ransomware Leverages Apache ActiveMQ Vulnerability to Deploy CoinMiners
7:38 : New Meeten Malware Attacking macOS And Windows Users To Steal Logins
7:38 : WhatsApp finally fixes View Once flaw that allowed theft of supposedly vanishing pics
7:38 : Massive Data Harvesting Operation Exploits AWS Customer Misconfigurations
7:37 : Ransomware Disrupts Operations at Leading Heart Surgery Device Maker
7:37 : PowerDMARC One-Click Auto DNS Publishing with Entri
7:37 : Balancing Security and Convenience With EV Charging
7:5 : Authorities Dismantled Hackers Who Stolen Millions Using AirBnB
7:5 : 50% of M&A Security Issues are Non-Malicious
7:5 : Brand Impersonations Surge 2000% During Black Friday
6:33 : Mysterious Drone-Like Objects Disrupting Electronics in New Jersey: Is It a New Cyber Threat or Something More?
6:33 : Cyber Threats in the Form of MS Office Email Attachments: A Growing Danger
6:33 : U.S. Subsidiary of a Japanese water Treatment Company Hit By Ransomware Attack
6:33 : APT-C-53 Weaponizing LNK Files To Deploy Malware Into Target Systems
6:33 : The Next Frontier: Predictions Driving Tech and Security in 2025
6:4 : Preventing data leakage in low-node/no-code environments
5:32 : Hackers Can Hijack Your Terminal Via Prompt Injection using LLM-powered Apps
5:32 : Strengthening security posture with comprehensive cybersecurity assessments
5:5 : IT Security News Hourly Summary 2024-12-10 06h : 6 posts
4:34 : Empowering Teams with Secure Cloud Environments
4:34 : How Secrets Security Boosts Business Value
4:34 : Leveraging NHI Lifecycle Management for Innovation
4:34 : Cybersecurity jobs available right now: December 10, 2024
4:34 : Neosync: Open-source data anonymization, synthetic data orchestration
4:5 : Deutschlands Behörden sollen Sicherheitslücken wenigstens melden

Post navigation