IT Security News Daily Summary 2025-01-29

210 posts were published in the last hour

22:34 : Hackers are hijacking WordPress sites to push Windows and Mac malware
22:20 : Russian UAC-0063 Targets Europe and Central Asia with Advanced Malware
22:20 : Exposed DeepSeek Database Revealed Chat Prompts and Internal Data
21:20 : FBI Seizes Leading Hacking Forums Cracked.io and Nulled.to
21:20 : Aquabot variant v3 targets Mitel SIP phones
21:20 : U.S. CISA adds Apple products’ flaw to its Known Exploited Vulnerabilities catalog
21:20 : Microsoft 365 Down – Widespread Outage Affects Users and Admins
20:35 : KI treibt Energieverbrauch hoch: 30 Zeilen Linux-Code könnten das ändern
20:35 : Deepseek: Diese Sicherheits- und Privatsphäreprobleme solltet ihr beachten
20:35 : Digitalisierung: In diesem EU-Land sind Behörden komplett online
20:34 : The OWASP NHI Top 10 and AI risk: What you need to know
20:34 : Introducing WAF Rule Tester: Test with Confidence, Deploy without Fear | Impart Security
20:20 : Why You Don’t Need That New JavaScript Library
20:20 : DeepSeek Chatbot Beats OpenAI on App Store Leaderboard
20:20 : How we kept the Google Play & Android app ecosystems safe in 2024
20:5 : IT Security News Hourly Summary 2025-01-29 21h : 4 posts
19:34 : FBI Seizes Leading Hacking Forums Cracked.to and Nulled.to
19:34 : OpenAI tailored ChatGPT Gov for government use – here’s what that means
19:34 : Streamline the connectivity between your environment and Red Hat Insights services
19:11 : Observo’s AI-native data pipelines cut noisy telemetry by 70%, strengthening enterprise security
18:32 : CISA Adds One Known Exploited Vulnerability to Catalog
18:32 : These are the 10 worst PIN codes
18:14 : What DeepSeek’s R1 Model Means For AI Innovation and Enterprise Security
18:14 : SLAP/FLOP: Apple Silicon’s ‘Son of Spectre’ Critical Flaws
18:14 : Lazarus Group Uses React-Based Admin Panel to Control Global Cyber Attacks
17:12 : Whatsup Gold, Observium and Offis vulnerabilities
17:12 : Lynx Ransomware Architecture to Attack Windows, Linux, ESXi Uncovered
17:12 : Russian APT28 Hackers Exploit Zero-Day Vulnerabilities to Target Government and Security Sectors
17:12 : Hackers Exploit OAuth 2.0 Code Flow Using AiTM Attack on Microsoft Azure AD
17:12 : New Apple SLAP & FLOP Side-Channel Attacks Let Attackers Steal Login Details From Browser
17:12 : MGM Resorts settles lawsuits after millions of customer records stolen in data breaches
17:12 : Hackers Allegedly Selling Fortinet Vulnerability Exploit on Dark Web Forums
17:12 : Apple Chips Vulnerability Exposes Credit Cards & Location History to Hackers
17:12 : State-sponsored Actors Abusing Gemini to Fuel Cyber Attacks
17:12 : Windows 11 24H2 Update Breaks Web camera, Audio, & USB
17:12 : Our Digital Footprints are Breadcrumbs for Mapping our Personal Behavior
17:12 : Cybercriminals Use Google Ads and URL Cloaking to Spread Malware
17:5 : IT Security News Hourly Summary 2025-01-29 18h : 9 posts
16:35 : Magility 2025: Rückblick, Highlights und Ausblick
16:34 : New Zyxel Zero-Day Under Attack, No Patch Available
16:34 : Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891)
16:34 : AI Surge Drives Record 1205% Increase in API Vulnerabilities
16:16 : Mishing Cyber Attack from malicious PDF
16:16 : Why is my Mitel phone DDoSing strangers? Oh, it was roped into a new Mirai botnet
16:16 : Ongoing report: Babuk2 (Babuk-Bjorka)
16:16 : Flare Academy is Here!
16:16 : Nation-State Hackers Abuse Gemini AI Tool
15:32 : Oligo Raises $50M to Tackle Application Detection and Response
15:26 : Was zuerst? Priorisierung von Patches
15:26 : Scareware-Blocker: Microsoft geht mit Machine Learning gegen Betrüger vor
15:25 : Clutch grabs $20M to build out its non-human security ID platform
15:25 : Critical remote code execution bug found in Cacti framework
15:25 : WhatsApp’s Image “View Once” Feature Flaw Allowing Unlimited Views
15:25 : Google Researchers Breakdowns The Malware Obfuscator Scatterbrain
15:25 : The GenAI Scam Revolution
15:25 : Swimlane Vulnerability Response Management offers risk-based prioritization
15:25 : New Hellcat Ransomware Gang Employs Humiliation Tactics
14:37 : Egal ob für Smartphone, PC oder Bankkarte: Diese PINs solltest du vermeiden
14:37 : Zuckerberg und Musk versprechen Freiheit: Warum die KI-Regulierung genau das Gegenteil bedeutet
14:37 : So könnte Windows 11 das Teilen von Dateien vereinfachen
14:37 : Ex-Intel-CEO stellt auf Deepseek um: Diese Vorteile sieht er gegenüber OpenAIs KI-Modellen
14:37 : Fake-SMS von Telegram im Umlauf: Wie ihr die Betrugsmasche erkennt und vermeidet
14:37 : Sechs Technologietrends für den Sicherheitssektor
14:10 : Zwei Sidechannel-Attacken auf Apples M-Prozessoren
14:9 : WhatsApp’s “View Once” Feature Flaw Let Anyone View the Image Unlimitedly
14:9 : Top 8 Penetration Testing Tools to Enhance Your Security
14:9 : IoMT Security Is Critical as Patients Take Control of Own Healthcare
14:9 : Hackers Using SparkRAT In Wild To Attack Windows, macOS, and Linux Systems
14:9 : Hellcat Ransomware Attacking Organization In Raas Model With Affiliates
14:9 : Malware Infections Surge from Fake VPN Downloads
14:9 : Threat Actors Exploit Government Websites for Phishing
14:5 : IT Security News Hourly Summary 2025-01-29 15h : 23 posts
13:36 : [UPDATE] [hoch] VLC: mehrere Schwachstellen
13:36 : [UPDATE] [hoch] Perl: Mehrere Schwachstellen
13:36 : [UPDATE] [niedrig] Perl: Schwachstelle ermöglicht Manipulation von Dateien
13:36 : [UPDATE] [mittel] PostgreSQL: Mehrere Schwachstellen
13:36 : [UPDATE] [mittel] Perl: Schwachstelle ermöglicht Denial of Service
13:34 : Panda Free Antivirus: The Free, Complete Solution to Protect Your Devices
13:34 : Engineering giant Smiths Group says hackers accessed its systems during cyberattack
13:34 : DeepSeek’s popularity exploited by malware peddlers, scammers
13:34 : Organizations with dark web presence face significantly higher breach likelihood
13:18 : heise-Angebot: iX-Workshop: Effiziente IT-Sicherheit für kleine und mittlere Unternehmen
13:18 : [UPDATE] [mittel] OpenSSL: Schwachstelle ermöglicht Denial of Service und Offenlegung von Informationen
13:17 : [UPDATE] [mittel] OpenVPN: Mehrere Schwachstellen ermöglichen Denial of Service und Privilegieneskalation
13:17 : [UPDATE] [mittel] Linux Kernel: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff
13:17 : [UPDATE] [mittel] Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service und unspezifische Angriffe
13:16 : A Security Loophole in WhatsApp’s “View Once” Mode
13:16 : The Journey to Autonomous Cyber Security
13:16 : Transform your approach to data security
13:16 : FleshStealer, A New Infostealer Attacking Chrome & Mozilla Users
13:16 : PoC Exploit Released for Actively Exploited Windows CLFS Buffer Overflow
13:16 : Navigating Advanced Threat Landscapes
13:16 : ‘Bro delete the chat’: Feel the panic shortly before cops bust major online fraud ring
13:16 : New SLAP and FLOP CPU Attacks Expose Data From Apple Computers, Phones
13:16 : Using AI To Help Keep Your Financial Data Safe
12:34 : The Trial at the Tip of the Terrorgram Iceberg
12:34 : ExxonMobil Lobbyist Caught Hacking Climate Activists
12:34 : Looking Back to Look Forward: 2024’s Top Email Threats
12:34 : Aquabot Botnet Targeting Vulnerable Mitel Phones
12:21 : Scareware-Blocker: Microsoft geht gegen Support-Scammer vor
12:20 : Cobalt Strike and a Pair of SOCKS Lead to LockBit Ransomware
12:20 : Smiths Group Scrambling to Restore Systems Following Cyberattack
12:20 : DeepSeek’s Deep Risks: What You Need to Know | Grip Security
12:20 : New SLAP & FLOP Attacks Expose Apple M-Series Chips to Speculative Execution Exploits
12:20 : AI in Cybersecurity: What’s Effective and What’s Not – Insights from 200 Experts
12:20 : Breakout Time Accelerates 22% as Cyber-Attacks Speed Up
12:20 : Chinese GenAI Startup DeepSeek Sparks Global Privacy Debate
11:39 : [NEU] [mittel] Moxa Switch: Schwachstelle ermöglicht Denial of Service
11:39 : [NEU] [niedrig] TYPO3 “oidc” Extension: Schwachstelle ermöglicht Erlangen von Benutzerrechten
11:37 : Windows CLFS Buffer Overflow Vulnerability CVE-2024-49138 – PoC Released
11:37 : Hackers Attacking Windows, macOS, and Linux systems With SparkRAT
11:37 : New Aquabot Malware Actively Exploiting Mitel SIP phones injection vulnerability
11:37 : API Vulnerabilities Surge 1,025%, Threatening AI Security (PDF)
11:37 : New Aquabot Malware Attacking Mitel SIP To Inject Commands
11:36 : Rockwell Patches Critical, High-Severity Vulnerabilities in Several Products
11:19 : VMware: Hochriskante SQL-Injection-Lücke gefährdet Avi Load Balancer
11:19 : Asyldebatte: Union fordert Gesichtserkennung und mehr Überwachung
11:18 : Taking a Threat Adapted Approach to Vulnerability Management
11:18 : Point72 Founder Says DeepSeek Is ‘Super Bullish’ For AI Industry
11:18 : OpenAI’s Altman Promises ‘Much Better’ Models After DeepSeek Reveal
11:18 : Hellcat Ransomware Attacking Government Organizations & Educational Institutions
11:18 : Attackers actively exploit a critical zero-day in Zyxel CPE Series devices
11:18 : SimpleHelp Remote Access Software Exploited in Attacks
11:18 : Critical Cacti Security Flaw (CVE-2025-22604) Enables Remote Code Execution
11:18 : How Interlock Ransomware Infects Healthcare Organizations
11:5 : IT Security News Hourly Summary 2025-01-29 12h : 24 posts
10:42 : [NEU] [mittel] Rockwell Automation FactoryTalk (View SE): Mehrere Schwachstellen
10:42 : [NEU] [hoch] Rockwell Automation FactoryTalk (View ME): Mehrere Schwachstellen ermöglichen Privilegieneskalation
10:42 : [NEU] [UNGEPATCHT] [mittel] Red Hat OpenShift (Service Mesh): Mehrere Schwachstellen
10:42 : [NEU] [hoch] Google Chrome/ Microsoft Edge: Schwachstelle ermöglicht Codeausführung
10:41 : Researchers Jailbreaked DeepSeek R1 to Generate Malicious Scripts
10:41 : Threat predictions for industrial enterprises 2025
10:41 : How we estimate the risk from prompt injection attacks on AI systems
10:41 : Lynx Ransomware Infrastructure To Attack Windows, Linux, ESXi & Affiliate Panel Uncovered
10:41 : authID PrivacyKey protects users’ biometric identities
10:22 : Industrielle Kontrollsysteme: Attacken auf kritische Infrastrukturen möglich
10:22 : Reaktion auf Semgrep: Opengrep sichert offene Codeanalyse-Tools
10:22 : Datenklau möglich: Neue CPU-Lücken gefährden iPhones, iPads und Macs
10:21 : Adversarial Misuse of Generative AI
10:21 : Cybersecurity in Banking: Strengthening Security Amid Rising AI Threats
10:21 : US Probes DeepSeek National Security Implications
10:21 : CIS Control 04: Secure Configuration of Enterprise Assets and Software
10:21 : DeepSeek R1 Jailbroken to Generate Ransomware Development Scripts
10:21 : Critical Cacti Vulnerability Let Attackers Code Remotely – PoC Released
10:21 : API Supply Chain Attack Exposes Millions of Airline Users Accounts to Hackers
10:21 : PoC Exploit Released for TP-Link Router Web Interface XSS Vulnerability
10:21 : Hackers Actively Exploiting Zyxel 0-day Vulnerability to Execute Arbitrary Commands
10:21 : Frenos Raises $3.88M in Seed Funding for OT Security Assessment Platform
10:21 : AuthID PrivacyKey protects users’ biometric identities
10:20 : Scores of Critical UK Government IT Systems Have Major Security Holes
9:40 : LKA-Chef warnt vor Identitätsdiebstahl durch KI
9:39 : DeepSeek Goes Quiet For Lunar New Year After AI Shock
9:39 : X Works With Visa To Offer Real-Time Payments
9:39 : Google Researchers Breakdowns Scatterbrain Behind PoisonPlug Malware
9:39 : Zyxel CPE Zero-Day (CVE-2024-40891) Exploited in the Wild
9:39 : Cyberhaven for AI provides visibility into AI tool usage
9:39 : How Lazarus Group built a cyber espionage empire
9:39 : Absolute Resilience Platform updates improve resilience across endpoints
9:39 : Bitwarden centralizes cryptographic key management
9:9 : From PowerShell to a Python Obfuscation Race!, (Wed, Jan 29th)
9:9 : FleshStealer: A new Infostealer Attacking Chrome & Mozilla Users
9:9 : Cyberhaven for AI secures enterprise AI usage
9:9 : DeepSeek – New AI Disruptor Gets Hit With Cyber Attack: Cyber Security Today for Wednesday, January 29, 2025
8:33 : Elektronische Patientenakte: Gematik hielt Sicherheitslücke für “akzeptabel”
8:33 : Nach Cyberattacken: DeepSeek deaktiviert Registrierung
8:32 : Tech Tycoons Lose $94bn In DeepSeek AI Sell-Off
8:32 : Ransomware shutdowns, GRU sanctions, Lynx ransomware details
8:10 : Pflicht-Trainings für Cyberversicherte
8:10 : “Passwort” Folge 24: Zertifikate sind schwierig, Malwarenamen auch
8:9 : Windows 11 24H2 Update Bug: Users Report Disruptions in Web Camera and USB Devices
8:5 : IT Security News Hourly Summary 2025-01-29 09h : 3 posts
7:36 : Fake DeepSeek Campaign Attacking macOS Users to Deliver Poseidon Malware
7:36 : Spending watchdog blasts UK govt over sloth-like cyber resilience progress
7:20 : Attackers exploit SimpleHelp RMM Software flaws for initial access
6:34 : Data Engineers Should Be Aware of These Cloud Security Challenges
6:34 : Azure Key Vault Vulnerabilities Could Leak Sensitive Data After Entra ID Breach
6:34 : How Compliance Automation Enhances Data Security
6:25 : Anzeige: So geht Effizienzsteigerung durch KI mit Microsoft Copilot
6:25 : Whitehall vulnerable to Cyber Attacks and malware threats
6:25 : Vulnerability in Airline Integration Service enables A Hacker to Gain Entry To User Accounts
6:25 : TP-Link Router Web Interface XSS Vulnerability – PoC Exploit Released
6:25 : Zyxel CPE Devices Face Active Exploitation Due to Unpatched CVE-2024-40891 Vulnerability
6:24 : Broadcom Warns of High-Severity SQL Injection Flaw in VMware Avi Load Balancer
6:24 : UAC-0063 Expands Cyber Attacks to European Embassies Using Stolen Documents
5:32 : Building Resilience Against Zero-Day Threats in Third-Party Risk Management
5:32 : Preparing financial institutions for the next generation of cyber threats
5:18 : PoC Exploit Released for Critical Cacti Vulnerability Let Attackers Code Remotely
5:18 : Hackers Seize Control of 3,000 Companies Through Critical Vulnerabilities
5:18 : 2025-01-28: Malwre infection from web inject activity
5:18 : API Supply Chain Attacks Surge, Exposing Critical Security Gaps
5:18 : Cyberattack Crashes the Party Amid DeepSeek’s Meteoric Rise
5:18 : Cloudflare’s Data Pipeline Powered to Handle 700 Million Events Per Second
5:18 : SEC and FCA fines: Issues jump
5:18 : Cybersecurity crisis in numbers
5:5 : IT Security News Hourly Summary 2025-01-29 06h : 2 posts
4:36 : Only 13% of organizations fully recover data after a ransomware attack
4:9 : PowerSchool Starts Notifying Students Following Massive Breach
3:13 : The curious story of Uncle Sam’s HR dept, a hastily set up email server, and fears of another cyber disaster
2:37 : Projekt Stargate: Die 500 Milliarden Dollar sollen nur an OpenAI gehen – laut Insidern
2:36 : VMware Avi Load Balancer Vulnerability Let Attackers Gain Database Access
2:18 : ISC Stormcast For Wednesday, January 29th, 2025 https://isc.sans.edu/podcastdetail/9300, (Wed, Jan 29th)
2:18 : What is the role of data synthesis in my CI/CD pipeline, anyway?
2:18 : Reverse engineering your test data: It’s not as safe as you think it is
2:5 : IT Security News Hourly Summary 2025-01-29 03h : 1 posts
1:9 : SLAP, Apple, and FLOP: Safari, Chrome at risk of data theft on iPhone, Mac, iPad Silicon
0:32 : SLAP, Apple, and FLOP: Safari, Chrome at risk of data theft on iPhone, Mac Silicon
0:32 : DeepSeek: The Silent AI Takeover That Could Cripple Markets and Fuel China’s Cyberwarfare
0:16 : VMware fixed a flaw in Avi Load Balancer
0:15 : EFF to State AGs: Time to Investigate Crisis Pregnancy Centers
23:5 : IT Security News Hourly Summary 2025-01-29 00h : 6 posts

Post navigation