IT Security News Daily Summary 2024-12-11

210 posts were published in the last hour

22:32 : Microsoft Defender XDR demonstrates 100% detection coverage across all cyberattack stages in the 2024 MITRE ATT&CK® Evaluations: Enterprise
22:32 : Frequent freeloader part II: Russian actor Secret Blizzard using tools of other groups to attack Ukraine
22:4 : How Cryptocurrency Turns to Cash in Russian Banks
22:4 : Securing the future: building a culture of security
21:34 : Supreme Court Permits Nvidia Investor Lawsuit To Proceed
21:34 : CISA Updates Toolkit with Seven New Resources to Promote Public Safety Communications and Cyber Resiliency
21:34 : The best AirTag wallets of 2024: Expert tested
21:34 : Patch Tuesday: Microsoft Patches One Actively Exploited Vulnerability, Among Others
21:34 : What is identity and access management? Guide to IAM
20:34 : Krispy Kreme Cyber Attack Disrupted Online Ordering in the US
20:6 : Mit lokaler KI die eigenen Dokumente durchsuchen: Dieses Tool soll es einfach machen – aber klappt das auch?
20:6 : Google stellt Gemini 2.0 vor: Wie die KI künftig nützlicher werden soll
20:6 : Microsoft gibt euch schnelleren Zugriff auf Copilot: Warum das aber zu Problemen führen könnte
20:6 : Datenpanne bei Booking.com: Nutzer findet fremde Buchung in seinem Konto – wegen Tippfehler
20:6 : Microsoft erweitert iPhone-Integration in Windows: Was jetzt möglich ist
20:5 : Apple Updates Everything (iOS, iPadOS, macOS, watchOS, tvOS, visionOS), (Wed, Dec 11th)
20:5 : Apple Pushes Major iOS, macOS Security Updates
20:5 : IT Security News Hourly Summary 2024-12-11 21h : 1 posts
19:32 : Brazil’s Internet Intermediary Liability Rules Under Trial: What Are the Risks?
19:5 : TikTok Files Challenge Against Canadian Shutdown Order
19:4 : Krispy Kreme Doughnut Corporation admits to hole in security
19:4 : December Patch Tuesday shuts down Windows zero-day
18:37 : US Sanctions Chinese Cybersecurity Firm for 2020 Ransomware Attack
18:37 : Industry Moves for the week of December 9, 2024 – SecurityWeek
18:37 : No Doughnuts Today? Cyberattack Puts Krispy Kreme in a Sticky Situation
18:37 : Secret Blizzard Deploys Kazuar Backdoor in Ukraine Using Amadey Malware-as-a-Service
18:9 : Trotz Neuwahlen: Regierung will BKA-Gesetz noch schnell ändern
18:8 : iVerify: Pegasus spyware infections may be much higher than previously thought
17:32 : Apple Intelligence Launches In UK, Siri Integrated With ChatGPT
17:32 : The Growing Threat of E-Skimming: Why March 2025’s PCI Deadline Matters
17:32 : Flare Raises $30M Series B Led by Base 10 Partners to Continue Growth in Security Intelligence and Threat Exposure Management Markets
17:5 : IT Security News Hourly Summary 2024-12-11 18h : 23 posts
17:2 : Russian government spies targeted Ukraine using tools developed by cybercriminals
17:2 : Why Medical Records Are Prime Targets for Cyberattacks and How to Stay Safe
17:2 : Here’s Why You Need A New App After Google RCS Issue
17:2 : Secret Blizzard Targets Ukrainian Military with Custom Malware
16:39 : US Awards Micron $6.1 Billion From US Chips Act
16:39 : Krispy Kreme discloses cyberattack that is disrupting online orders
16:39 : Cortex XDR Delivers Unmatched 100% Detection in MITRE Evals 2024
16:39 : Resecurity introduces Government Security Operations Center (GSOC) at NATO Edge 2024
16:39 : Operation Digital Eye Reveals Cybersecurity Breach
16:39 : Sophisticated Scam Targets UAE Residents with Fake Police Fines
16:9 : Rechtsgutachten zum Digitalzwang
16:8 : Teaching an Old Framework New Tricks: The Dangers of Windows UI Automation
16:8 : Rising Cyber Extortion Threats Targeting Large Companies in 2024
16:8 : AuthQuake Flaw Allowed MFA Bypass Across Azure, Office 365 Accounts
16:8 : Hackers Deploy Weaponized LNK Files for Malicious Payload Delivery
16:8 : US Charged Chinese Hackers for Exploiting Thousands of Firewall
16:7 : Reserachers Uncovered Zloader DNS Tunneling Tactics For Stealthy C2 Communication
16:7 : Story of the Year: global IT outages and supply chain attacks
16:7 : Cortex XDR Delivers Unmatched 100% Detection in MITRE ATT&CK Round 6
16:7 : BadRAM Attack Uses $10 Equipment to Break AMD Processor Protections
16:7 : Brain Cipher Ransomware Group Claims Deloitte UK Data Breach
16:7 : New Malware Technique Could Exploit Windows UI Framework to Evade EDR Tools
16:7 : Cyber Incident Disrupting Krispy Kreme Online Orders
15:35 : MITRE ATT&CK® Evaluations Highlights Check Point Detection
15:35 : Google unveils AI coding assistant ‘Jules,’ promising autonomous bug fixes and faster development cycles
15:35 : Google’s new Trillium AI chip delivers 4X speed and powers Gemini 2.0
15:35 : Google Gemini 2.0: Could this be the beginning of truly autonomous AI?
15:34 : Ivanti fixed a maximum severity vulnerability in its CSA solution
15:34 : Google Pays $55,000 for High-Severity Chrome Browser Bug
15:34 : BT Group Confirms Cyberattack by Black Basta Ransomware Group
15:4 : Europol vereitelt weihnachtliche Attacken von 27 DDoS-Bootern
15:3 : CrowdStrike vs Wiz: Which Offers Better Cloud Security and Value?
15:3 : Researchers uncover Chinese spyware used to target Android devices
15:3 : Oasis Security Details MFA Security Flaw Found in Microsoft Cloud Services
15:3 : ZLoader Malware Returns With DNS Tunneling to Stealthily Mask C2 Comms
15:3 : Microsoft MFA AuthQuake Flaw Enabled Unlimited Brute-Force Attempts Without Alerts
15:3 : South Korea Takes Down Fraudulent Online Trading Network Used to Extort $6.3M
14:35 : Thales: Verlagerung von reaktiven zu proaktiven Maßnahmen
14:35 : Zimperium: „Mishing“-Bedrohungen nehmen deutlich zu
14:35 : Europol: 27 DDoS-Booter vor weihnachtlichen Angriffen abgeschaltet
14:34 : APT-C-60 Hackers Penetrate Org’s Network Using a Weapanized Google Drive link
14:34 : Now on Demand: Inside a Hacker’s Playbook – How Cybercriminals Use Deepfakes
14:34 : Microsoft Azure MFA Flaw Allowed Easy Access Bypass
14:6 : Privacy Reclaim: Warum ein Unternehmen Klageansprüche gegen Google kauft
14:6 : Firefox: Mozilla entfernt die Do-Not-Track-Funktion – diese Alternative gibt es
14:6 : ChatGPT bekommt ein Upgrade: Was OpenAIs Canvas für dich tun kann
14:6 : Spotify Wrapped, Playstation Wrap-Up und Co.: Warum mich digitale Jahresrückblicke nerven
14:6 : Bluesky plant Abomodell: Was sich hinter der Bezahlschranke verbergen könnte
14:5 : IT Security News Hourly Summary 2024-12-11 15h : 11 posts
14:4 : AMD Chip VM Memory Protections Broken by BadRAM
14:4 : DMD Diamond Launches Open Beta for v4 Blockchain Ahead of 2025 Mainnet
13:35 : Operation Digital Eye: China-linked relies on Visual Studio Code Remote Tunnels to spy on Europen entities
13:6 : [UPDATE] [mittel] PHP: Schwachstelle ermöglicht Offenlegung von Informationen
13:6 : [UPDATE] [hoch] PHP: Mehrere Schwachstellen
13:5 : California Mulls Health Warnings For Social Media Sites
13:5 : Global Ongoing Phishing Campaign Targets Employees Across 12 Industries
13:5 : CIS Control 09: Email and Web Browser Protections
13:5 : A Cloud Reality Check for Federal Agencies
13:5 : Atlassian, Splunk Patch High-Severity Vulnerabilities
13:5 : Microsoft enforces defenses preventing NTLM relay attacks
12:41 : Adobe Photoshop: Schwachstelle ermöglicht Codeausführung
12:41 : Adobe Creative Cloud Applikationen: Mehrere Schwachstellen
12:41 : [NEU] [hoch] Adobe Creative Cloud Applikationen: Mehrere Schwachstellen
12:41 : [NEU] [hoch] Atlassian Confluence: Mehrere Schwachstellen
12:41 : [NEU] [mittel] ILIAS: Mehrere Schwachstellen
12:41 : [NEU] [hoch] Ivanti Connect Secure und Policy Secure: Mehrere Schwachstellen ermöglichen Codeausführung
12:41 : [NEU] [mittel] Atlassian Bitbucket: Mehrere Schwachstellen
12:37 : Jailbreaking LLM-Controlled Robots
12:37 : Three more vulns spotted in Ivanti CSA, all critical, one 10/10
12:37 : Google’s Willow Chip Signals the Urgency of Post-Quantum Cryptography Migration
12:37 : Researchers Uncover Espionage Tactics of China-Based APT Groups in Southeast Asia
12:37 : What is Nudge Security and How Does it Work?
12:37 : Chinese EagleMsgSpy Spyware Found Exploiting Mobile Devices Since 2017
12:10 : Google Chrome: Mehrere Schwachstellen
12:10 : HP Computer: Schwachstelle ermöglicht Denial of Service
12:10 : Dell Computer: Mehrere Schwachstellen
12:10 : Lenovo Computer: Schwachstelle ermöglicht Privilegieneskalation
12:10 : Microsoft Patchday Dezember 2024
12:10 : [NEU] [mittel] Lenovo Computer: Schwachstelle ermöglicht Privilegieneskalation
12:10 : [NEU] [mittel] Adobe Experience Manager: Mehrere Schwachstellen
12:9 : [NEU] [hoch] Ivanti Sentry: Schwachstelle ermöglicht Manipulation von Dateien
12:9 : [NEU] [mittel] Ivanti Patch SDK: Schwachstelle ermöglicht Löschen von Dateien
12:9 : [NEU] [mittel] Ivanti Desktop and Server Management: Schwachstelle ermöglicht Löschen von Dateien
12:7 : GM Kills Cruise Robotaxi Business, After Funding Is Pulled
12:7 : Windows RDP Service Flaw let Hackers Execute Remote Code
12:7 : KnowBe4 Report Finds 44% of HR Professionals Have Encountered Fraudulent or Scam Job Applications
12:7 : 446,000 Impacted by Center for Vein Restoration Data Breach
12:7 : Operation PowerOFF Takes Down DDoS Boosters
11:34 : Sophos-Exploits aus China: FBI sucht mutmaßlichen Entwickler per Steckbrief
11:34 : heise-Angebot: NIS2, Ransomware und Zero Trust: Erster Blick ins Programm der secIT 2025
11:34 : [UPDATE] [niedrig] OpenSC: Mehrere Schwachstellen
11:34 : [UPDATE] [mittel] libvirt: Schwachstelle ermöglicht Denial of Service
11:34 : [UPDATE] [niedrig] OpenSC: Schwachstelle ermöglicht Denial of Service
11:34 : [UPDATE] [mittel] libvirt: Schwachstelle ermöglicht Denial of Service oder Offenlegung von Informationen
11:33 : Chinese national charged for hacking thousands of Sophos firewalls
11:33 : ICS Patch Tuesday: Security Advisories Released by Siemens, Schneider, CISA, Others
11:33 : Top 10 Web Design Security Best Practices to Follow in 2025
11:33 : BadRAM: $10 hack unlocks AMD encrypted memory
11:32 : US Sanctions Chinese Firm at Center of Global Firewall Hack
11:5 : IT Security News Hourly Summary 2024-12-11 12h : 22 posts
11:4 : Millionenbelohnung: FBI sucht mutmaßlichen Entwickler von Sophos-Exploits
11:3 : [NEU] [hoch] Ivanti Cloud Services Appliance: Mehrere Schwachstellen
11:3 : [NEU] [mittel] Red Hat JBoss Enterprise Application Platform: Schwachstelle ermöglicht Offenlegung von Informationen
11:3 : [NEU] [mittel] Siemens SICAM: Schwachstelle ermöglicht Offenlegung von Informationen
11:3 : [NEU] [UNGEPATCHT] [hoch] Siemens SIMATIC S7: Mehrere Schwachstellen ermöglichen Codeausführung
11:3 : [NEU] [kritisch] Microsoft Windows: Mehrere Schwachstellen
11:2 : US Charges, Sanctions Chinese Man Accused of Sophos Firewall Hacking
11:2 : Cybersecurity Products or Platforms – Which is More Effective?
10:35 : Kopfgeld ausgesetzt: Chinesen sollen 81.000 Sophos-Firewalls infiltriert haben
10:35 : [NEU] [hoch] Microsoft Muzic: Schwachstelle ermöglicht Codeausführung
10:35 : [NEU] [hoch] Microsoft SystemCenter: Mehrere Schwachstellen
10:34 : New DCOM Attack Exploits Windows Installer for Backdoor Access
10:34 : Ivanti CSA Vulnerabilities Let Attackers Gain Admin Access
10:34 : SOC 2 Policies: What They Should Include and Why They Matter
10:34 : Leveraging Crypto Agility to Meet DORA Requirements in Financial Services by January 2025
10:34 : Microsoft Fixes 71 CVEs Including Actively Exploited Zero-Day
10:8 : Rezept für Online-Privatsphäre in der Weihnachtszeit | Avast
10:8 : AMD Prozessoren: Schwachstelle ermöglicht Manipulation von Daten
10:8 : Solarwinds Web Help Desk: Software-Update schließt kritische Lücken
10:8 : [NEU] [mittel] AMD Prozessoren: Schwachstelle ermöglicht Manipulation von Daten
10:7 : Under-16s Social Media Ban: A UK Government Proposal
10:7 : ChatGPT Two Years On: Experts Weigh In
9:33 : Zeitplan veröffentlicht: Let’s Encrypt schafft OCSP-Zertifikatsüberprüfung ab
9:33 : [UPDATE] [mittel] Linux Kernel: Mehrere Schwachstellen
9:33 : [UPDATE] [mittel] Linux-Kernel (bluetooth): Schwachstelle ermöglicht Denial of Service und Code-Ausführung
9:33 : [UPDATE] [hoch] Linux Kernel: Schwachstelle ermöglicht nicht spezifizierten Angriff
9:32 : New Microsoft Purview features help protect and govern your data in the era of AI
9:32 : Picus provides automated pentesting testing to help uncover critical risks
9:32 : Zero Day in Cleo File Transfer Software Exploited En Masse
9:9 : Patchday: Angreifer attackieren Windows und verschaffen sich System-Rechte
9:9 : Patchday: Adobe schließt mehr als 160 Sicherheitslücken in Acrobat & Co.
9:9 : heise-Angebot: iX-Workshop: Linux-Server härten
9:8 : 6 Tips to Protect Your New Devices During the Holiday Season | Avast
9:8 : CyTwist’s detection engine combats AI-generated malware
9:8 : Trellix Drive Encryption enhances security against insider attacks
9:7 : Cato Networks extends SASE-based protection to IoT/OT environments
9:7 : Snowflake Pledges to Make MFA Mandatory
8:37 : IoB-Tracking – die nächste Stufe der Datenerfassung
8:37 : Ivanti patcht zahlreiche Produkte
8:37 : Dringend patchen: Lücke im CLFS-Treiber von Windows wird aktiv ausgenutzt
8:36 : Telecom security bill, Google’s quantum chip, Chinese cyber firm sanctions
8:8 : BSI-Warnung: Vermehrte Brute-Force-Angriffe auf Citrix Netscaler Gateways
8:8 : “Passwort” Folge 20: Pacific Rim – Hackback nach China
8:5 : IT Security News Hourly Summary 2024-12-11 09h : 9 posts
8:4 : Chrome Security Update, Patch For Multiple Vulnerabilities
8:4 : Disclosure Rules Lead To Less Disclosure: Cyber Security Today for Wednesday, December 11, 2024
7:38 : Sichere Software entwickeln: Kostenlose Tools und Fortbildungen bei der OpenSSF
7:38 : BSI: Schwachstellen smarter Heizkörperthermostate gefunden
7:38 : Cybercriminals Impersonate Dubai Police to Defraud Consumers in the UAE – Smishing Triad in Action
7:37 : FCC Responds to telecoms attack dubbed ‘worst in our nation’s history’
7:37 : Phishers Nabbed in International Sting
7:37 : Decrypting Full Disk Encryption with Dissect
7:37 : Microsoft Fixes 72 Flaws, Including Patch for Actively Exploited CLFS Vulnerability
7:3 : Apple iPhone Users Warned About Data-Stealing Vulnerability in TCC Feature
7:3 : Pros and Cons of Differentiating Cloud Security Tools
7:3 : Massive Data Breach Hits Senior Dating Website, Exposing Over 765,000 Users
7:3 : U.S. Charges Chinese Hacker for Exploiting Zero-Day in 81,000 Sophos Firewalls
6:33 : Weitgehend ignoriert: Firefox entfernt Haken für “Do Not Track”
6:32 : WPForms Vulnerability Let Users Issues Subscription Payments
6:32 : Are pre-owned smartphones safe? How to choose a second-hand phone and avoid security risks
6:32 : Patch Tuesday Update – December 2024
5:34 : Open source malware up 200% since 2023
5:8 : US names Chinese national it alleges was behind 2020 attack on Sophos firewalls
5:8 : Cybersecurity in the Digital Frontier: Reimagining Organizational Resilience
5:7 : Why crisis simulations fail and how to fix them
5:5 : IT Security News Hourly Summary 2024-12-11 06h : 1 posts
4:32 : Containers have 600+ vulnerabilities on average
3:34 : Ivanti Issues Critical Security Updates for CSA and Connect Secure Vulnerabilities
2:34 : Patch Tuesday, December 2024 Edition
2:34 : The ‘Ghost Gun’ Linked to Luigi Mangione Shows Just How Far 3D-Printed Weapons Have Come
2:5 : IT Security News Hourly Summary 2024-12-11 03h : 5 posts
2:3 : Vulnerability Symbiosis: vSphere?s CVE-2024-38812 and CVE-2024-38813 [Guest Diary], (Wed, Dec 11th)
2:3 : ISC Stormcast For Wednesday, December 11th, 2024 https://isc.sans.edu/podcastdetail/9250, (Wed, Dec 11th)
2:3 : Post-Quantum Cryptography: The Implications of Google’s Willow and Other Quantum Computers for Cybersecurity
2:2 : Staying Ahead: The Role of NHIDR in Modern Cybersecurity
1:32 : U.S. CISA adds Microsoft Windows CLFS driver flaw to its Known Exploited Vulnerabilities catalog
23:34 : Microsoft December 2024 Patch Tuesday addressed actively exploited zero-day
23:5 : IT Security News Hourly Summary 2024-12-11 00h : 3 posts

Post navigation