IT Security News Daily Summary 2025-01-08

175 posts were published in the last hour

• 22:32 : Top 15 email security best practices for 2025
• 22:32 : Flock Safety quietly hired a sitting California mayor. Now he’s suing Flock.
• 22:32 : New AWS Skill Builder course available: Securing Generative AI on AWS
• 22:17 : Corporate Cyber Governance: Owning Cyber Risk at the Board Level
• 21:13 : Supporting Safe and Secure K-12 Schools
• 21:13 : Mitel 0-day, 5-year-old Oracle RCE bug under active exploit
• 21:13 : Mitel 0-day, 5-year-old Oracle RCE bugs under active exploit
• 20:23 : US to Launch Cyber Trust Mark to Label Secure Smart Devices
• 20:23 : Gayfemboy Botnet targets Four-Faith router vulnerability
• 20:23 : Ivanti Warns of New Zero-Day Attacks Hitting Connect Secure Product
• 20:23 : Green Bay Packers Retail Site Hacked, Data of 8,500 Customers Exposed
• 20:23 : Ivanti Connect Secure zero-day exploited by attackers (CVE-2025-0282)
• 20:5 : IT Security News Hourly Summary 2025-01-08 21h : 1 posts
• 19:9 : Neglected Domains Used in Malspam to Evade SPF and DMARC Security Protections
• 18:32 : Ukrainian hackers take credit for hacking Russian ISP that wiped out servers and caused internet outages
• 18:32 : Insecure Medical Devices — Illumina DNA Sequencer Illuminates Risks
• 18:14 : Sam Altman Denies Sexually Abusing Sister
• 18:14 : Apple Still Prevented From Selling iPhone 16s In Indonesia
• 18:14 : Meta Decision To Drop Fact-Checking Slammed By Staff, Oversight Board, EU
• 18:14 : API and Security: From IT to Cyber
• 18:13 : US Cyber Trust Mark logo for smart devices is coming
• 18:13 : Customize the scope of IAM Access Analyzer unused access analysis
• 17:32 : Anatomy of a Nuclear Scare
• 17:32 : Telegram Shared Data of Thousands of Users After CEO’s Arrest
• 17:32 : Chinese Hackers Target U.S. Treasury Sanctions Office
• 17:22 : Time for a new job—9 work-from-home scams and how to spot them
• 17:22 : From Awareness to Action—Cybersecurity for Everyone from K through Gray
• 17:22 : Japan says Chinese hackers targeted its government and tech companies for years
• 17:22 : Jordan Approves Blockchain Technology to Boost Innovation
• 17:5 : IT Security News Hourly Summary 2025-01-08 18h : 9 posts
• 16:32 : New AI-Focused Modules in Our Security Awareness and Training Service
• 16:32 : Solana Pioneers Quantum Resistance in Blockchain Technology
• 16:32 : Crypto Dealers Targeted in Alarming Kidnapping and Extortion Cases
• 16:32 : Phishing Campaign Impersonating SSA Deploys Remote Access Tool
• 16:32 : Las Vegas Tesla Cybertruck Explosion: How Data Transformed the Investigation
• 16:18 : Japan and Philippines face Cyber Attacks from China
• 16:18 : Update Chrome and Firefox now to patch these critical security flaws
• 16:18 : How to protect VMs with Azure Bastion hosts
• 16:18 : DNA sequencers found running ancient BIOS, posing risk to clinical research
• 15:32 : AWS Cloud Security: Key Components, Common Vulnerabilities, and Best Practices
• 15:32 : Japan Links Chinese Hacker MirrorFace to Dozens of Cyberattacks Targeting Security and Tech Data
• 15:32 : Census III study spotlights ongoing open-source software security challenges
• 15:32 : Meet the WAF Squad | Impart Security
• 15:32 : US Launches Cyber Trust Mark for IoT Devices
• 15:5 : Forscher: KI sorgt für effektiveres Phishing
• 15:5 : Data Security: Challenges, Solutions, and the Path Forward
• 15:5 : How to Defend Against the Three Most Dangerous Cybersecurity Attacks
• 15:4 : Swimlane Hero helps solve complex security operations problems
• 14:33 : Wie die sozialen Medien mit KI ihr eigenes Ende heraufbeschwören
• 14:33 : Drosselt die Telekom das Netz? Verbraucherzentrale sucht Personen mit Netzproblemen
• 14:33 : So will Whatsapp langweilige Umfragen aufpeppen
• 14:33 : Mehr Kontrolle für Whatsapp-User: Schluss mit nervigen Animationen
• 14:33 : Keine Lust auf Windows 11? Wie du deinen Rechner trotz Support-Ende nutzen kannst
• 14:32 : Edtech giant PowerSchool says hackers accessed personal data of students and teachers
• 14:32 : Phish-free PayPal Phishing
• 14:32 : Rationalizing the Stack: The Case for Security Vendor Consolidation
• 14:32 : The U.S. Cyber Trust Mark set to launch
• 14:8 : Gunnebo übernimmt Carl Wittkopp: Innovation trifft Tradition
• 14:7 : New PayPal Phishing Scam Exploits MS365 Tools and Genuine-Looking Emails
• 14:7 : Gravy Analytics Hit by Cyberattack, Hackers Allegedly Stole data
• 14:7 : Oops Siri Can Listen Secretly. Apple Settles $95M Eavesdropping Privacy Lawsuit
• 14:7 : UN’s aviation agency confirms attack on recruitment database
• 14:7 : EU court fines European Commission for breaching its own data privacy laws
• 14:7 : Protecting Web-Based Work
• 14:7 : Researchers Expose NonEuclid RAT Using UAC Bypass and AMSI Evasion Techniques
• 14:7 : Scammers Exploit Microsoft 365 to Target PayPal Users
• 14:5 : IT Security News Hourly Summary 2025-01-08 15h : 17 posts
• 13:32 : Chrome Security Update – Patch for Multiple Security Vulnerabilities
• 13:32 : Thousands Impacted by Casio Data Breach
• 13:32 : Six Tech Trends Shaping the Future of Brand Experiences
• 13:7 : Onapsis: KI keine signifikante Bedrohung für ERP-Anwendungen
• 13:7 : LibreOffice: Mehrere Schwachstellen
• 13:6 : USA starten IT-Sicherheitskennzeichen “U.S. Cyber Trust Mark”
• 13:6 : [UPDATE] [hoch] Red Hat OpenShift: Mehrere Schwachstelle
• 13:6 : [UPDATE] [mittel] Python: Schwachstelle ermöglicht Codeausführung
• 13:6 : [UPDATE] [mittel] Red Hat OpenShift: Mehrere Schwachstellen
• 13:6 : [UPDATE] [hoch] CUPS: Mehrere Schwachstellen ermöglichen Ausführung von beliebigem Programmcode
• 13:6 : [UPDATE] [kritisch] Tinyproxy: Mehrere Schwachstellen
• 13:5 : Las Vegas Cybertruck Suspect Used ChatGPT – Police
• 13:5 : The Role of AI in Evolving Cybersecurity Attacks
• 13:5 : The Fundamental Components to Achieving Shift-Left Success
• 13:5 : AT&T Breach 2024: Customer Data Exposed in Massive Cyber Attack
• 13:5 : Cybersecurity Funding Reached $9.5 Billion in 2024: Report
• 13:5 : BioConnect unveils biometric devices for secure access control
• 12:32 : Mitel MiCollab, Oracle WebLogic Server vulnerabilities exploited by attackers
• 12:32 : Top 5 Malware Threats to Prepare Against in 2025
• 12:17 : Mozilla Firefox und Firefox ESR: Mehrere Schwachstellen
• 12:17 : [NEU] [niedrig] VMware Cloud Foundation: Schwachstelle ermöglicht Offenlegung von Informationen
• 12:17 : [NEU] [mittel] ABB AC-500: Mehrere Schwachstellen
• 12:17 : [NEU] [mittel] Dell PowerScale: Schwachstelle ermöglicht Denial of Service
• 12:16 : [NEU] [hoch] SonicWall SonicOS: Mehrere Schwachstellen
• 12:16 : [NEU] [hoch] Mozilla Firefox und Firefox ESR: Mehrere Schwachstellen
• 12:15 : Scammers Impersonate Authorities to Swipe OTPs with Remote Access Apps
• 12:15 : Insider Threat: Tackling the Complex Challenges of the Enemy Within
• 11:33 : heise-Angebot: iX-Workshop: Effiziente IT-Sicherheit für kleine und mittlere Unternehmen
• 11:32 : Anthropic Nears Deal For $2 Billion Amazon Investment – Report
• 11:32 : Casio says hackers stole personal data of 8,500 people during October ransomware attack
• 11:32 : Casio Admits Security Failings as Attackers Leak Employee and Customer Data
• 11:17 : Google Chrome: Schwachstelle ermöglicht Codeausführung
• 11:17 : IBM stopft Sicherheitslecks in Cognos Controller
• 11:17 : heise-Angebot: iX-Workshop für KMUs: Schritt für Schritt zur sicheren IT
• 11:17 : Wegen Sicherheitslücken: Ärzteschaft empfiehlt Widerspruch zu ePA für alle
• 11:17 : [UPDATE] [mittel] Red Hat JBoss Enterprise Application Platform: Mehrere Schwachstellen
• 11:17 : [NEU] [hoch] Google Chrome: Schwachstelle ermöglicht Codeausführung
• 11:16 : Zuckerberg Axes Facebook Fact-Checkers, Claims ‘Censorship’
• 11:16 : How Nation-State Actors and Organised Hackers Involving in Their Ways of Cyber Attacks
• 11:16 : Crims backdoored the backdoors they supplied to other miscreants. Then the domains lapsed
• 11:16 : Chrome 131, Firefox 134 Updates Patch High-Severity Vulnerabilities
• 11:16 : New Mirai Botnet Exploits Zero-Days in Routers and Smart Devices
• 11:5 : IT Security News Hourly Summary 2025-01-08 12h : 10 posts
• 10:32 : Understanding WebRTC Security Architecture and IoT
• 10:32 : Mirai Botnet Variant Exploits Four-Faith Router Vulnerability for DDoS Attacks
• 10:21 : Millions of Email Servers Exposed Due to Missing TLS Encryption
• 10:21 : How to protect yourself from phishing attacks in Chrome and Firefox
• 10:21 : Cyber Threats Rising: US Critical Infrastructure Under Increasing Attack in 2025
• 10:21 : Tripwire Enterprise Integration Framework (TEIF) Is Thriving. Here’s How You Can Benefit
• 10:20 : CIS Control 07: Continuous Vulnerability Management
• 10:20 : First Android Update of 2025 Patches Critical Code Execution Vulnerabilities
• 10:20 : FCC Launches ‘Cyber Trust Mark’ for IoT Devices to Certify Security Compliance
• 10:20 : Fake Government Officials Use Remote Access Tools for Card Fraud
• 9:32 : UN aviation agency confirms hacker breached recruitment database to access thousands of records
• 9:32 : Rethinking Incident Response: How Organizations Can Avoid Budget Overruns and Delays
• 9:23 : US-Sicherheitsbehörde warnt vor Attacken auf MiCollab und WebLogic Server
• 9:23 : heise-Angebot: IT-Security-Kongressmesse: Jetzt Gratis-Ticket für die secIT 2025 sichern
• 9:23 : [NEU] [hoch] Ruby: Schwachstelle ermöglicht Offenlegung von Informationen
• 9:23 : [UPDATE] [kritisch] Mitel MiCollab: Mehrere Schwachstellen
• 9:22 : Critical Vulnerabilities in Moxa Routers Allow Root Privilege Escalation
• 9:22 : Meta replaces fact-checking with community notes post ‘Cultural Tipping Point’
• 9:21 : Transcend Migration Accelerator improves privacy strategies for organizations
• 8:32 : Washington State Filed Lawsuit Against T-Mobile Massive Data Breach
• 8:32 : Cyber Trust label, UK deepfake laws, Treasury attack details
• 8:32 : North Korean Hackers Targeting MacOS: Cyber Security Today for Wednesday, January 8, 2025
• 8:19 : Spionageschutz im Spannungsfeld
• 8:19 : Webbrowser: Chrome- und Firefox-Updates stopfen teils hochriskante Lücken
• 8:16 : 1000’s Of SonicWall Devices Remain Vulnerable To CVE-2024-40766
• 8:16 : PriveShield – Advanced Privacy Protection with Browser Profile Isolation
• 8:16 : Stalwart – All-in-One Open-Source Secure Mail Server with JMAP, IMAP4, POP3, and SMTP
• 8:16 : U.S. CISA adds Oracle WebLogic Server and Mitel MiCollab flaws to its Known Exploited Vulnerabilities catalog
• 8:5 : IT Security News Hourly Summary 2025-01-08 09h : 7 posts
• 7:34 : Sicherheitslücken: Hintertür gefährdet Industrie-Router von Moxa
• 7:31 : Securely Sign and Manage Documents Digitally With DocuSign and Ballerina
• 7:25 : How YouTube Channels Can Be Defended Against Cyber Threats
• 7:25 : Oracle WebLogic Vulnerability Actively Exploited in Cyber Attacks – CISA
• 7:25 : Silent Spies: How Russian Surveillance Systems Are Tracking You Worldwide
• 7:25 : Critical BIOS/UEFI Vulnerabilities Allow Attackers To Overwrite System Firmware
• 7:24 : Akamai to quit its CDN in China, seemingly not due to trouble from Beijing
• 6:31 : State-Funded Actors Are Driving the Ransomware Threat Landscape
• 6:26 : PHP Servers Vulnerability Exploited To Inject PacketCrypt Cryptocurrency Miner
• 6:26 : Oracle WebLogic Vulneraiblity Actively Exploited in Cyber Attacks – CISA
• 6:26 : Why an “all gas, no brakes” approach for AI use won’t work
• 5:32 : Veracode Targets Malicious Code Threats With Phylum Acquisition
• 5:32 : Hackers Use PhishWP to Steal Payment Info on WordPress Sites
• 5:32 : Scaling penetration testing through smart automation
• 5:18 : Casio Hacked – Servers Compromised by a Ransomware Attack
• 5:18 : Almost 8500 People Affected by Casio Data Leak
• 5:18 : E-commerce Faced Heightened Cybersecurity Threats During Holiday Season
• 5:18 : The top target for phishing campaigns
• 5:18 : CISA Flags Critical Flaws in Mitel and Oracle Systems Amid Active Exploitation
• 5:5 : IT Security News Hourly Summary 2025-01-08 06h : 2 posts
• 4:32 : Indian government websites are still redirecting users to scam sites
• 4:7 : Cybersecurity jobs available right now: January 8, 2025
• 2:11 : ISC Stormcast For Wednesday, January 8th, 2025 https://isc.sans.edu/podcastdetail/9270, (Wed, Jan 8th)
• 2:5 : IT Security News Hourly Summary 2025-01-08 03h : 3 posts
• 1:22 : The Digital Battlefield: Understanding Modern Cyberattacks and Global Security
• 1:22 : Top Tech Talent Reemployment Project: Helping Job Seekers Shine!
• 1:22 : Reemployment Project: Meet Alex Ryan
• 0:32 : Compliance as cybersecurity: A reality check on checkbox risk management
• 0:32 : DEF CON 32 – Psychic Paper: Making E-Ink Access Badges Accessible For Anyone
• 0:32 : The Role of IAM in Securing Cloud Transactions
• 0:32 : Challenges and Solutions in API Security
• 0:20 : FCC boss urges speedy spectrum auction to fund ‘Rip’n’Replace’ of Chinese kit
• 0:20 : A Day in the Life of a Prolific Voice Phishing Crew
• 23:15 : CISA: BeyondTrust breach affected Treasury Department only
• 23:15 : Veracode Targets Malicious Code Threats with Phylum Acquisition
• 23:5 : IT Security News Hourly Summary 2025-01-08 00h : 2 posts