IT Security News Daily Summary 2025-01-15

210 posts were published in the last hour

• 22:37 : Investigating A Web Shell Intrusion With Trend Micro™ Managed XDR
• 22:37 : DJI loosens flight restrictions, decides to trust operators to follow FAA rules
• 22:37 : Governments call for spyware regulations in UN Security Council meeting
• 22:37 : Microsoft Patch Tuesday updates for January 2025 fixed three actively exploited flaws
• 22:11 : Investigating A Web Shell Intrusion With Trend Micro™ Managed XDR
• 21:34 : Investigating A Web Shell Intrusion With Trend Micro™ Managed XDR
• 21:34 : Innovating in line with the European Union’s AI Act
• 21:11 : Investigating A Web Shell Intrusion With Trend Micro™ Managed XDR
• 20:37 : IT-Sicherheit: EU-Kommission will Gesundheitsbranche unterstützen
• 20:36 : Double-Tap Campaign: Russia-nexus APT possibly related to APT28 conducts cyber espionage on Central Asia and Kazakhstan diplomatic relations
• 20:36 : Investigating A Web Shell Intrusion With Trend Micro™ Managed XDR
• 20:36 : China’s Salt Typhoon spies spotted on US govt networks before telcos, CISA boss says
• 20:12 : Mit diesem kleinen URL-Zusatz macht ihr die Google-Suche KI-frei
• 20:12 : IT-Attacken: So will die EU-Kommission den Gesundheitssektor besser schützen
• 20:11 : Investigating A Web Shell Intrusion With Trend Micro™ Managed XDR
• 20:11 : CISA Releases Microsoft Expanded Cloud Logs Implementation Playbook
• 20:11 : A Guide to Navigating Hong Kong’s Protection of Critical Infrastructures (Computer Systems) Bill
• 20:11 : Industry Moves for the week of January 13, 2025 – SecurityWeek
• 20:11 : FBI Uses Malware’s Own ‘Self-Delete’ Trick to Erase Chinese PlugX From US Computers
• 20:5 : IT Security News Hourly Summary 2025-01-15 21h : 7 posts
• 19:34 : CISA Publishes Microsoft Expanded Cloud Log Implementation Playbook
• 19:34 : Investigating A Web Shell Intrusion With Trend Micro™ Managed XDR
• 19:12 : Investigating A Web Shell Intrusion With Trend Micro™ Managed XDR
• 19:11 : Biden Signs Order For Energy Provision For AI Data Centres
• 19:11 : Black Basta-Style Cyberattack Hits Inboxes with 1,165 Emails in 90 Minutes
• 19:11 : Even modest makeup can thwart facial recognition
• 19:11 : FBI Deletes PlugX Malware From Computers Infected by China Group
• 18:37 : Investigating A Web Shell Intrusion With Trend Micro™ Managed XDR
• 18:37 : Bye Tokens, Hello Patches
• 18:37 : The best free VPNs of 2025: Expert tested
• 18:37 : Police Use of Face Recognition Continues to Wrack Up Real-World Harms
• 18:37 : Digital Rights and the New Administration | EFFector 37.1
• 18:36 : Congratulations to the Top MSRC 2024 Q4 Security Researchers!
• 18:12 : Kopierdienst rsync mit kritischer Lücke
• 18:11 : Investigating A Web Shell Intrusion With Trend Micro™ Managed XDR
• 18:11 : Allstate Violates Drivers’ Privacy, Texas AG Alleges
• 17:34 : Sechs Bugs in rsync-Server gefixt, einer davon kritisch
• 17:34 : ePA-Pilotphase gestartet: Patientenakte “wird nie hundertprozentig sicher sein”
• 17:32 : Investigating A Web Shell Intrusion With Trend Micro™ Managed XDR
• 17:32 : Windows Patch Tuesday hits snag with Citrix software, workarounds published
• 17:32 : Lazarus Group Targets Web3 Developers with Fake LinkedIn Profiles in Operation 99
• 17:32 : Google Ads Users Targeted in Malvertising Scam Stealing Credentials and 2FA Codes
• 17:13 : Darknet: Konfigurationen und VPN-Passwörter von Fortinet-Geräten aufgetaucht
• 17:12 : Investigating A Web Shell Intrusion With Trend Micro™ Managed XDR
• 17:12 : Advanced Bot Mitigation Using Custom Rate-Limiting Techniques
• 17:11 : 5 Emerging AI Threats Australian Cyber Pros Must Watch in 2025
• 17:11 : Treasury Department hacked: Explaining how it happened
• 17:11 : DORA’s Deadline Looms: Navigating the EU’s Mandate for Threat Led Penetration Testing
• 17:5 : IT Security News Hourly Summary 2025-01-15 18h : 13 posts
• 16:32 : Investigating A Web Shell Intrusion With Trend Micro™ Managed XDR
• 16:32 : UK Tech Struggling To Innovate Under Labour, Survey Finds
• 16:32 : UK Considers Banning Ransomware Payments
• 16:32 : Redacting sensitive free-text data: build vs buy
• 16:32 : CISA Launches Playbook to Boost AI Cybersecurity Collaboration
• 16:13 : Fehler in Google OAuth: Daten von Mitarbeitern gescheiterter Start-ups gefährdet
• 16:12 : FunkSec Ransomware created using Artificial Intelligence
• 16:12 : Investigating A Web Shell Intrusion With Trend Micro™ Managed XDR
• 16:12 : Data-First IDP: Driving AI Innovation in Developer Platforms
• 16:12 : Microsoft Office support in Windows 10 ends in October too – what that really means
• 16:12 : Patch Tuesday: January 2025 Security Update Patches Exploited Elevation of Privilege Attacks
• 16:12 : Prevent the storage and data security risks of remote work
• 16:11 : 5 Trends Shaping Healthcare Cybersecurity in 2025
• 15:32 : Investigating A Web Shell Intrusion With Trend Micro™ Managed XDR
• 15:32 : U.S. CISA adds Fortinet FortiOS to its Known Exploited Vulnerabilities catalog
• 15:32 : Cyber Insights 2025: Open Source and Software Supply Chain Security
• 15:32 : New Version of Banshee Malware Targets macOS Users
• 15:32 : U.S. soldier linked to BSNL data breach: Arrest reveals cybercrime
• 15:32 : Ensuring Governance and Control Over Shadow AI
• 15:13 : Cybergang Cl0p: Angeblich Daten durch Cleo-Sicherheitslücke abgezogen
• 15:12 : Your Single-Page Applications Are Vulnerable: Here’s How to Fix Them
• 15:12 : The Advent of Quantum Cryptography and Zero Trust: A New Era In The World Of Cybersecurity
• 15:12 : Investigating A Web Shell Intrusion With Trend Micro™ Managed XDR
• 15:12 : PowerSchool data breach victims say hackers stole ‘all’ historical student and teacher data
• 15:12 : RSA Conference: 20th annual RSAC Innovation Sandbox and fifth annual Launch Pad contests are now open.
• 15:12 : Crypto klepto North Korea stole $659M over just 5 heists last year
• 15:12 : Google OAuth Flaw Leads to Account Takeover When Domain Ownership Changes
• 15:12 : Navigating 2025: Emerging Security Trends and AI Challenges for CISOs
• 14:35 : Patchday Fortinet: Hintertür ermöglicht unbefugte Zugriffe auf FortiSwitch
• 14:34 : Investigating A Web Shell Intrusion With Trend Micro™ Managed XDR
• 14:34 : UK CMA Investigates Google Over Online Search Domination
• 14:34 : Rsync vulnerabilities allow remote code execution on servers, patch quickly!
• 14:34 : North Korean IT Worker Fraud Linked to 2016 Crowdfunding Scam and Fake Domains
• 14:13 : KI in der Politik: Drei Szenarien für die Zukunft der Demokratie
• 14:12 : Akamai?s Tailored Approach to Net Zero
• 14:12 : Investigating A Web Shell Intrusion With Trend Micro™ Managed XDR
• 14:12 : Aembit Announces Speaker Lineup for the Inaugural NHIcon
• 14:12 : Hackers Exploiting Fortinet Zero-day Vulnerability In Wild To Gain Super-Admin Privileges
• 14:12 : Strengthening America’s Resilience Against the PRC Cyber Threats
• 14:12 : CyberGhost VPN Review (2025): Features, Pricing, and Security
• 14:12 : Enhancing Health Care Cybersecurity: Bridging HIPAA Gaps with Innovation
• 14:12 : The great Google Ads heist: criminals ransack advertiser accounts via fake Google ads
• 14:12 : Chrome 132 Patches 16 Vulnerabilities
• 14:12 : Sweet Security Introduces Patent-Pending LLM-Powered Detection Engine, Reducing Cloud Detection Noise to 0.04%
• 14:12 : Chinese PlugX Malware Deleted in Global Law Enforcement Operation
• 14:12 : Multi-Cloud Adoption Surges Amid Rising Security Concerns
• 14:5 : IT Security News Hourly Summary 2025-01-15 15h : 19 posts
• 13:34 : PacketCrypt Classic Cryptocurrency Miner on PHP Servers, (Tue, Jan 7th)
• 13:34 : Slew of WavLink vulnerabilities
• 13:34 : Investigating A Web Shell Intrusion With Trend Micro™ Managed XDR
• 13:34 : Critical SAP NetWeaver Flaws Let Hackers Gain System Access
• 13:34 : UnitedHealth hid its Change Healthcare data breach notice for months
• 13:14 : Standort-Tracking weit verbreitet: Mehr als 40.000 Apps sammeln Positionsdaten
• 13:14 : [NEU] [niedrig] git: Mehrere Schwachstellen ermöglichen Manipulation
• 13:14 : [NEU] [mittel] MediaWiki: Mehrere Schwachstellen
• 13:14 : [NEU] [hoch] Rsync: Mehrere Schwachstellen
• 13:14 : [NEU] [hoch] Microsoft Developer Tools: Mehrere Schwachstellen
• 13:14 : [NEU] [mittel] Microsoft Power Automate Desktop: Schwachstelle ermöglicht Codeausführung
• 13:12 : Microsoft January 2025 Patch Tuesday Comes with Fix for 159 Vulnerabilities
• 13:12 : 5 Reasons You Won’t Want to Miss CPX 2025
• 13:12 : Exposure Management: A Strategic Approach to Cyber Security Resource Constraint
• 13:12 : Nvidia, Zoom, Zyxel Patch High-Severity Vulnerabilities
• 13:12 : Large Language Models and Regulations: Navigating the Ethical and Legal Landscape
• 13:12 : The High-Stakes Disconnect For ICS/OT Security
• 13:12 : Google Cloud Researchers Uncover Flaws in Rsync File Synchronization Tool
• 13:12 : Illicit Crypto-Inflows Set to Top $51bn in a Year
• 12:34 : Sicherheitsrisiko: USA verbieten vernetzte Fahrzeuge aus China und Russland
• 12:34 : Pro-ukrainische Hacker: Erneut folgenschwerer Cyberangriff auf Russland
• 12:34 : [UPDATE] [mittel] OpenSSL: Mehrere Schwachstellen
• 12:33 : Investigating A Web Shell Intrusion With Trend Micro™ Managed XDR
• 12:33 : Meta To Cut 5 Percent Of Staff Ahead Of ‘Intense’ Year
• 12:33 : Codefinger ransomware gang uses compromised AWS keys to encrypt S3 bucket
• 12:33 : Phishing False Alarm
• 12:32 : US, Japan, South Korea Blame North Korean Hackers for $660M Crypto Heists
• 12:32 : FBI removed PlugX malware from U.S. computers
• 12:13 : Adobe Creative Cloud Applikationen: Mehrere Schwachstellen ermöglichen Codeausführung
• 12:13 : Adobe Photoshop: Mehrere Schwachstellen ermöglichen Codeausführung
• 12:13 : [NEU] [mittel] Rsync: Mehrere Schwachstellen
• 12:13 : [NEU] [mittel] Adobe Creative Cloud Applikationen: Mehrere Schwachstellen ermöglichen Codeausführung
• 12:13 : [NEU] [mittel] Adobe Photoshop: Mehrere Schwachstellen ermöglichen Codeausführung
• 12:13 : [NEU] [hoch] Fortinet FortiManager: Mehrere Schwachstellen
• 12:13 : [NEU] [mittel] Fortinet FortiOS: Mehrere Schwachstellen
• 12:12 : Investigating A Web Shell Intrusion With Trend Micro™ Managed XDR
• 12:12 : TikTok Denies ‘Pure Fiction’ Report Of Sale To Elon Musk
• 12:11 : Protecting children online: Where Florida’s new law falls short
• 12:11 : Ivanti Patches Critical Vulnerabilities in Endpoint Manager
• 12:11 : Fortinet Confirms Critical Zero-Day Vulnerability in Firewalls
• 11:36 : 10 Warnsignale falscher Social-Media-Gewinnspiele
• 11:36 : FakeCaptcha-Betrug und wie man ihn vermeidet
• 11:36 : Microsoft Patchday Januar 2025
• 11:36 : Sicherheitsrisikov: USA verbieten vernetzte Fahrzeuge aus China und Russland
• 11:36 : [NEU] [mittel] Fortinet FortiRecorder: Schwachstelle ermöglicht Offenlegung von Informationen
• 11:36 : [NEU] [hoch] Fortinet FortiSandbox: Schwachstelle ermöglicht Codeausführung
• 11:36 : [NEU] [niedrig] Fortinet FortiPortal: Mehrere Schwachstellen
• 11:36 : [NEU] [mittel] Fortinet FortiWeb: Mehrere Schwachstellen
• 11:36 : [NEU] [mittel] Fortinet FortiSIEM: Schwachstelle ermöglicht Denial of Service
• 11:34 : Investigating A Web Shell Intrusion With Trend Micro™ Managed XDR
• 11:34 : Wultra Raises €3M to Defend Quantum Cyber Threats Targets Financial Institutions
• 11:34 : CVE-2024-44243 macOS flaw allows persistent malware installation
• 11:34 : Secureworks Exposes North Korean Links to Fraudulent Crowdfunding
• 11:13 : [NEU] [mittel] Ivanti Avalanche: Mehrere Schwachstellen
• 11:13 : [NEU] [mittel] Arista EOS: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
• 11:13 : [NEU] [hoch] Rancher: Schwachstelle ermöglicht Cross-Site Scripting
• 11:13 : [NEU] [mittel] Aruba ArubaOS: Mehrere Schwachstellen ermöglichen Codeausführung
• 11:13 : [UPDATE] [mittel] Mozilla Firefox: Mehrere Schwachstellen ermöglichen das Darstellen falscher Informationen
• 11:11 : Investigating A Web Shell Intrusion With Trend Micro™ Managed XDR
• 11:11 : SEC Sues Elon Musk For Failure To Disclose Twitter Stake
• 11:5 : IT Security News Hourly Summary 2025-01-15 12h : 20 posts
• 10:33 : Google Chrome: Mehrere Schwachstellen
• 10:33 : [NEU] [hoch] Fortinet FortiVoice: Mehrere Schwachstellen
• 10:33 : [NEU] [mittel] Fortinet FortiMail: Schwachstelle ermöglicht Codeausführung
• 10:33 : [NEU] [niedrig] Fortinet FortiSIEM: Schwachstelle ermöglicht Offenlegung von Informationen
• 10:33 : [NEU] [mittel] Fortinet FortiRecorder: Schwachstelle ermöglicht Manipulation von Dateien
• 10:33 : [NEU] [hoch] Fortinet FortiSwitch: Mehrere Schwachstellen ermöglichen Codeausführung
• 10:32 : Investigating A Web Shell Intrusion With Trend Micro™ Managed XDR
• 10:32 : Chrome Security Update – Patch For 16 Vulnerabilities
• 10:13 : CMS: Typo3-Entwickler dichten zehn Sicherheitslücken ab
• 10:13 : [UPDATE] [mittel] Linux Kernel: Mehrere Schwachstellen
• 10:13 : [UPDATE] [mittel] Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service
• 10:13 : [UPDATE] [hoch] Linux Kernel: Mehrere Schwachstellen
• 10:12 : Investigating A Web Shell Intrusion With Trend Micro™ Managed XDR
• 10:12 : How Much Does It Cost To Host A Website?
• 10:12 : Wultra Secures €3M to Protect Financial Institutions from Quantum Threats
• 10:12 : Microsoft Discovers macOS Flaw CVE-2024-44243, Bypassing SIP
• 10:12 : How scammers are tricking Apple iMessage users into disabling phishing protection
• 10:12 : Open Banking Shortcomings Threaten UK Global Leadership Position Research Finds
• 10:12 : ICS Patch Tuesday: Security Advisories Published by Schneider, Siemens, Phoenix Contact, CISA
• 10:12 : Microsoft Patches Eight Zero-Days to Start the Year
• 9:35 : Google Chrome und Microsoft Edge: Schwachstelle ermöglicht Codeausführung
• 9:35 : Webkonferenzen: Zoom Workplace Apps mit Sicherheitslücken
• 9:35 : E-Mails: Experten schleusen Fälschungen mittels geknackter DKIM-Schlüssel ein
• 9:35 : Kein Klick erforderlich: Kritische Windows-Lücke lässt Schadcode per E-Mail rein
• 9:35 : [UPDATE] [niedrig] PowerDNS: Schwachstelle ermöglicht Denial of Service
• 9:35 : [UPDATE] [hoch] PowerDNS: Mehrere Schwachstellen
• 9:35 : [UPDATE] [hoch] libssh2: Mehrere Schwachstellen
• 9:35 : [UPDATE] [mittel] PowerDNS: Mehrere Schwachstellen ermöglichen Denial of Service
• 9:35 : [UPDATE] [mittel] PowerDNS: Schwachstelle ermöglicht Ausführen von beliebigem Programmcode mit den Rechten des Dienstes
• 9:34 : Investigating A Web Shell Intrusion With Trend Micro™ Managed XDR
• 9:34 : Hackers Use CVE-2024-50603 to Deploy Backdoor on Aviatrix Controllers
• 9:12 : Adobe-Patchday: Gefährliche Sicherheitslücken in Photoshop & Co. geschlossen
• 9:12 : Videokonferenzen: Zoom stopft mehrere Sicherheitslecks in Workplace Apps
• 9:12 : Microsoft: Kostenloses Windows-11-Upgrade angeblich nur für kurze Zeit
• 9:11 : The Curious Case of a 12-Year-Old Netgear Router Vulnerability, (Wed, Jan 15th)
• 9:11 : Investigating A Web Shell Intrusion With Trend Micro™ Managed XDR
• 9:11 : YouTubers Attacked By Malware: Cyber Security Today, Wednesday, January 15, 2025
• 8:35 : Microsoft-Patchday: Angreifer nutzen drei Lücken in Hyper-V aus
• 8:35 : Adobe-Patchday: Schadcode-Attacken auf Photoshop & Co. möglich
• 8:34 : Investigating A Web Shell Intrusion With Trend Micro™ Managed XDR
• 8:34 : Snyk’s mysterious package, Baltic cable suspicions, second BeyondTrust vulnerability
• 8:12 : Android-Nutzer stummgeschaltet: So umgeht ihr das nervige Whatsapp-Problem
• 8:12 : BSI warnt vor Risiken bei internetfähigen Produkten
• 8:12 : “Passwort” Folge 23: Schnitzeljagd um ein Linux-Bootkit
• 8:11 : Discerning SAP Security’s Future as a Venue for Career Growth
• 8:11 : Teleport 17 Enhances Secure Infrastructure Access for Large Enterprises
• 8:11 : Investigating A Web Shell Intrusion With Trend Micro™ Managed XDR
• 8:11 : What Is Public Cloud vs. Private Cloud? Pros and Cons Explained
• 8:11 : Zoom Security Update – Patches Multiple Vulnerabilities That Let Attackers Escalate Privileges
• 8:5 : IT Security News Hourly Summary 2025-01-15 09h : 7 posts
• 7:36 : Investigating A Web Shell Intrusion With Trend Micro™ Managed XDR
• 7:36 : FBI Deletes PlugX Malware from 4,250 Hacked Computers in Multi-Month Operation
• 7:11 : What Are Encrypted Cyber Attacks