IT Security News Daily Summary 2025-01-21

160 posts were published in the last hour

• 22:10 : What is a private key?
• 22:10 : ‘Sneaky Log’ Microsoft Spoofing Scheme Sidesteps Two-Factor Security
• 22:10 : Mitiga Banks$30M Series B to Expand Cloud and SaaS Security Platform
• 20:33 : Länger leben dank KI? OpenAI baut ein Sprachmodell für Stammzellen
• 20:33 : How Grand Canyon Education Enhanced Their Cloud Security with CloudGuard
• 20:32 : How Axis Security is using Xpander.AI’s agent platform to supercharge customer support ticket management
• 20:32 : Govtech giant Conduent won’t rule out cyberattack as outage drags on
• 20:32 : Otelier Security Breach Leaks Sensitive Customer and Reservation Details
• 20:32 : Mirai Variant Murdoc Botnet Exploits AVTECH IP Cameras and Huawei Routers
• 20:32 : Scaling Dynamic Application Security Testing (DAST)
• 20:32 : Using OSCAL to express Canadian cybersecurity requirements as compliance-as-code
• 20:9 : Start the year by protecting your privacy— A stalkerware quick check
• 20:5 : IT Security News Hourly Summary 2025-01-21 21h : 6 posts
• 19:36 : Redline, Vidar and Raccoon Malware Stole 1 Billion Passwords in 2024
• 19:36 : Telegram’s TON Blockchain Embarks on US Growth Mission
• 19:36 : AI-Led Cyber Fraud on a Rise in Bengaluru, Rs 1,788 Crore Stolen During Major Scam
• 19:11 : Elon Musk Takes Control Of Doge, As Vivek Ramaswamy Steps Down
• 19:11 : Start PII Leak Detection and Data Flow Mapping Where It Matters Most: In the Code
• 19:11 : Patch procrastination leaves 50,000 Fortinet firewalls vulnerable to zero-day
• 18:34 : UK Second Most Attractive Country For Investment, PwC Survey Finds
• 18:10 : OLG Bremen: Zwangsentsperrung des Smartphones per Fingerabdruck legal
• 18:9 : Trump U-Turn: TikTok’s On-Again/Off-Again U.S. Ban
• 17:36 : PoC Exploit Released for TP-Link Code Execution Vulnerability(CVE-2024-54887)
• 17:36 : Safeguard your generative AI workloads from prompt injections
• 17:5 : Worldwide IT Spending Set To Rise 9.8 Percent In 2025 – Gartner
• 17:5 : PARSIQ’s Reactive Network Provides Solution for DeFi Exchange Vulnerabilities
• 17:5 : Unlocking Vulnrichment: Enriching CVE Data
• 17:5 : How to tell if an AirTag is secretly tracking you – and what to do about it
• 17:5 : New Mirai botnet variant Murdoc Botnet targets AVTECH IP cameras and Huawei HG532 routers
• 17:5 : FunkSec Ransomware Group: AI-Powered Cyber Threat Targeting Global Organizations
• 17:5 : New Mirai Malware Variant Targets AVTECH Cameras, Huawei Routers
• 17:5 : VeraCrypt: update drops 32-bit support on Windows and fixes several security issues
• 17:5 : IT Security News Hourly Summary 2025-01-21 18h : 9 posts
• 16:34 : New Mirai Variant Murdoc_Botnet Launches DDoS Attacks via IoT Exploits
• 16:34 : Why MSPs need proactive, 24/7 threat hunting
• 16:34 : Introducing confidential containers on bare metal
• 16:34 : EMEA blog [DUTCH] | Red Hat closes Master Agreement with SLM Rijk to strengthen digital autonomy within Dutch government
• 16:34 : UK’s New Digital IDs Raise Security and Privacy Fears
• 16:7 : Geolocation and Starlink, (Tue, Jan 21st)
• 16:7 : SandboxAQ Partners with Google Cloud to Advance Quantitative AI in Enterprise Applications
• 16:7 : EFF Sends Transition Memo on Digital Policy Priorities to New Administration and Congress
• 16:7 : Phishing Risks Rise as Zendesk Subdomains Facilitate Attacks
• 15:40 : Securing Cryptocurrency Organizations
• 15:40 : Kaspersky finds US Cybersecurity budgets up by 9 percent in next 2 years
• 15:40 : Bitcoin Retreats From $109,000 Trump Inauguration High
• 15:40 : Traffic Alert and Collision Avoidance System (TCAS) II
• 15:40 : ZF Roll Stability Support Plus (RSSPlus)
• 15:40 : Siemens SIMATIC S7-1200 CPUs
• 15:40 : CISA Releases Three Industrial Control Systems Advisories
• 15:40 : Forescout Report Detail Hunters International Ransomware Gang Tactics
• 15:4 : Aufregung um “Solarspitzengesetz”: Keine Steuerung über Hersteller-Clouds
• 15:3 : Toronto school district says 40 years of student data stolen in PowerSchool breach
• 15:3 : Best Automated Patch Management Software in 2025
• 15:3 : Managing Sensitive Security Investigations in Remote Settings
• 15:3 : Consilio Guided AI PrivDetect reduces privilege review time
• 15:3 : Entrust unveils AI-powered facial biometric authentication capability
• 14:33 : Besser als neu: Wie Unternehmen mit grüner IT-Strategie Budgets und Umwelt schonen
• 14:33 : OpenAI arbeitet an KI-Agenten: Kann ChatGPT bald deinen Computer steuern?
• 14:33 : Künstliche vs. echte Freunde: Wie KI-Bots die Zukunft der sozialen Medien gestalten
• 14:33 : Microsoft gibt Windows 24H2 als automatisches Update frei – warum es trotzdem nicht jeder laden kann
• 14:33 : Eliza: Der erste Chatbot der Welt ist aus 60 Jahre altem Code wiederauferstanden
• 14:33 : BSI zertfiziert erste quantensichere Smartcard
• 14:32 : Akamai: Supporting Chinese Enterprises in Global Expansion
• 14:32 : AI tool GeoSpy analyzes images and identifies locations in seconds
• 14:32 : Vulnerability Summary for the Week of January 13, 2025
• 14:32 : Mirai Variant Murdoc_Botnet Exploits AVTECH IP Cameras and Huawei Routers
• 14:12 : SIEM am Ende? Was können XDR, SOAR & Co.
• 14:12 : BSI zertifiziert erste Smartcard mit Post-Quanten-kryptografischem Algorithmus
• 14:11 : Trump Signs Executive Order To Delay TikTok Ban
• 14:11 : Ransomware Groups Abuse Microsoft Services for Initial Access
• 14:11 : GDPR Fines Total €1.2bn in 2024
• 14:11 : OpenSSL Position and Plans on Private Key Formats for the ML-KEM and ML-DSA Post-quantum (PQ) Algorithms
• 14:5 : IT Security News Hourly Summary 2025-01-21 15h : 12 posts
• 13:37 : Tunneling Flaws Put VPNs, CDNs and Routers at Risk Globally
• 13:37 : 5 Best Endpoint Detection & Response Solutions for 2025
• 13:37 : HPE probes IntelBroker’s bold data theft boasts
• 13:37 : Almost 10% of GenAI Prompts Include Sensitive Data: Study
• 13:37 : 13,000 MikroTik Routers Hijacked by Botnet for Malspam and Cyberattacks
• 13:17 : Server verschlüsselt: Cyberangriff trifft zahlreiche Schulen in Rheinland-Pfalz
• 13:17 : [NEU] [mittel] Elasticsearch: Schwachstelle ermöglicht Denial of Service
• 13:17 : [NEU] [mittel] Kibana: Schwachstelle ermöglicht Denial of Service
• 13:16 : CERT-UA warned of scammers impersonating the agency using fake AnyDesk requests
• 13:16 : Is Unified Access Control Zero Trust’s Silver Bullet?
• 13:16 : Students, Educators Impacted by PowerSchool Data Breach
• 13:16 : Oracle To Address 320 Vulnerabilities in January Patch Update
• 12:32 : Brave Browser Vulnerability Allows Malicious Website Appears as Trusted One
• 12:32 : AI Mistakes Are Very Different from Human Mistakes
• 12:32 : Fortinet’s 2025 State of Cloud Security: Insights on Multi-Cloud Adoption, Security Challenges, and Future Trends
• 12:32 : Critical Vulnerability in ChatGPT API Enables Reflective DDoS Attacks
• 12:32 : Ransomware attackers are “vishing” organizations via Microsoft Teams
• 12:32 : Ex-CIA Analyst Pleads Guilty to Sharing Top-Secret Data with Unauthorized Parties
• 12:7 : [UPDATE] [hoch] Google Chrome und Microsoft Edge: Schwachstelle ermöglicht Codeausführung
• 12:7 : Tech CEOs Front And Centre At Trump’s Inauguration
• 12:7 : TPM-Equipped Devices Trigger Warnings Due to a Windows BitLocker Flaw
• 11:34 : heise-Angebot: iX-Workshop: Windows Server absichern und härten
• 11:34 : 7-Zip: Lücke erlaubt Umgehung von Mark-of-the-Web
• 11:34 : (g+) Yubikey und Co.: Security-Keys im Vergleich
• 11:33 : Critical SUSE Linux Distro Injection Vulnerability Allow Attackers Exploits “go-git” Library
• 11:33 : Gootloader Malware Employs Blackhat SEO Techniques To Attack Victims
• 11:33 : Beware! Fake SBI Reward APK Attacking Users to Deliver Android Malware
• 11:33 : Helping the Energy Sector Navigate NERC Complexities
• 11:33 : NASA’s Cybersecurity Initiative: What Spacecraft Manufacturers Need to Know
• 11:33 : Medusa Ransomware: What You Need To Know
• 11:33 : HPE investigating security breach after hacker claims theft of sensitive data
• 11:33 : Russian Ransomware Groups Deploy Email Bombing and Teams Vishing
• 11:8 : Webbrwoser: Brave-Sicherheitsleck sorgt für falsch angezeigte Download-Quelle
• 11:7 : Apache CXF Vulnerability Triggers DoS Attack
• 11:7 : October 2024 Cyber Attacks Statistics
• 11:7 : The Future of Automotive Cybersecurity: Why Learning Car Hacking is Essential
• 11:7 : HackGATE: Setting New Standards for Visibility and Control in Penetration Testing Projects
• 11:5 : IT Security News Hourly Summary 2025-01-21 12h : 8 posts
• 10:35 : [NEU] [mittel] Linux Kernel: Schwachstelle ermöglicht Denial of Service
• 10:34 : Microsoft Rolls Out New Administrator Protection Feature Under Windows Security
• 10:34 : Cyber Hygiene: Strengthening Your Digital Immune System Through Routine Maintenance
• 10:12 : Quellcode und mehr: Hacker bietet erneut Daten von HPE zum Verkauf an
• 10:12 : [NEU] [niedrig] vim: Schwachstelle ermöglicht Denial of Service
• 10:12 : [NEU] [mittel] OpenSSL: Schwachstelle ermöglicht Offenlegung von Informationen
• 10:11 : New Contacto Ransomware Evades AV Detection & Uses Windows Console for Execution
• 10:11 : Experts found multiple flaws in Mercedes-Benz infotainment system
• 9:33 : 7-Zip: Schwachstelle ermöglicht Codeausführung
• 9:33 : Mögliche Cyberattacke bei HPE: Interne Daten zum Verkauf im Darknet
• 9:33 : [UPDATE] [mittel] libTIFF: Schwachstelle ermöglicht Denial of Service
• 9:33 : [UPDATE] [mittel] libTIFF: Mehrere Schwachstellen ermöglichen Denial of Service
• 9:33 : [UPDATE] [mittel] libTIFF: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff
• 9:33 : [UPDATE] [mittel] Red Hat Enterprise Linux (389-ds-base): Schwachstelle ermöglicht Denial of Service
• 9:33 : [UPDATE] [mittel] Red Hat Enterprise Linux (389-ds-base): Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
• 9:32 : Most European Privacy Teams Are Understaffed and Underfunded
• 9:8 : „AI Defense“ von Cisco sichert KI-Transformation für Unternehmen
• 9:8 : Exchange 2016 und 2019 erreichen Support-Ende – in 9 Monaten
• 9:8 : Interna zum Verkauf: HPE untersucht mögliche Cyberattacke
• 9:7 : Breaking free from reactive security
• 8:33 : Gamer schlagen König Fußball: Rekord-Internetverkehr durch Spiele-Updates und Downloads
• 8:33 : Anwendung stürzt ab: Microsoft liefert Workaround für lästigen Outlook-Bug
• 8:32 : HPE breach claims, CIA analyst guilty, Hotel data exposed
• 8:14 : Sicherheit vor Messerangriffen
• 8:14 : LKA-Chef warnt vor wachsender Selbstradikalisierung auf Tiktok
• 8:13 : OWASP Smart Contract Top 10 2025 Released – What’s new!
• 8:5 : IT Security News Hourly Summary 2025-01-21 09h : 7 posts
• 7:32 : Ransomware Attack Forces UK Brit High School to Close Doors For Students
• 7:32 : Feel Reassured with Robust Machine Identity Protocols
• 7:32 : Getting Better: Advances in Secrets Rotation Tech
• 7:32 : Staying Ahead: Key Cloud-Native Security Practices
• 7:5 : OpenVPN Easy-rsa Vulnerability Allows Attacker to Bruteforce Private CA key
• 7:5 : PoC Exploit Released for TP-Link Code Execution Vulnerability (CVE-2024-54887)
• 7:5 : PNGPlug Loader Delivers ValleyRAT Malware Through Fake Software Installers
• 6:11 : Ransomware attack shuts Britain High School
• 6:11 : Traits to look out for in Cyber threat intelligence software
• 5:37 : Vim Command Line Text Editor Segmentation Vulnerability Patched
• 5:36 : CERT-UA Warns of Cyber Scams Using Fake AnyDesk Requests for Fraudulent Security Audits
• 5:36 : Scam Yourself attacks: How social engineering is evolving
• 5:13 : Fleet: Open-source platform for IT and security teams
• 5:13 : Addressing the intersection of cyber and physical security threats
• 5:5 : IT Security News Hourly Summary 2025-01-21 06h : 1 posts
• 4:9 : Cybersecurity jobs available right now: January 21, 2025
• 3:9 : Banks must keep ahead of risks and reap AI rewards
• 2:5 : IT Security News Hourly Summary 2025-01-21 03h : 3 posts
• 2:4 : ISC Stormcast For Tuesday, January 21st, 2025 https://isc.sans.edu/podcastdetail/9288, (Tue, Jan 21st)
• 1:7 : Ciso Guide To Password Security – How to Implement and Automate Key Elements of NIST 800-63B
• 1:7 : AI Workloads and High Availability Clustering – Building Resilient IT Environments
• 0:7 : HPE is investigating IntelBroker’s claims of the company hack