IT Security News Daily Summary 2025-02-04

210 posts were published in the last hour

22:2 : Spyware maker Paragon confirms US government is a customer
22:2 : OpenSSL 3.5: Upcoming Release Announcement
21:32 : U.K. Announces ‘World-First’ Cyber Code of Practice for Companies Developing AI
21:32 : How to properly implement Exchange Extended Protection
21:3 : Gemini in Google Maps: Diese KI-Funktion soll den Kartendienst verbessern
21:2 : Spyware maker Paragon confirms U.S. government is a customer
20:32 : Sophos Completes Acquisition of Secureworks
20:32 : Randall Munroe’s XKCD ‘Stromatolites’
20:32 : DEF CON 32 – Hacker Vs. AI Perspectives From An Ex-Spy
20:5 : Jailbreak Anthropic’s new AI safety system for a $15,000 reward
20:5 : How State Tech Policies in 2024 Set the Stage for 2025
20:5 : IT Security News Hourly Summary 2025-02-04 21h : 4 posts
20:5 : Key Issues Shaping State-Level Tech Policy
19:32 : Cloud PAM benefits, challenges and adoption best practices
19:32 : AMD, Google disclose Zen processor microcode vulnerability
18:32 : Data Governance Essentials: Policies and Procedures (Part 6)
18:32 : New Tiny FUD Attacking macOS Users Bypassing Antivirus and Security Tools
18:32 : 3 SOC Challenges Solved by Threat Intelligence
18:7 : CPR Finds Threat Actors Already Leveraging DeepSeek and Qwen to Develop Malicious Content
18:7 : Poisoned Go programming language package lay undetected for 3 years
18:7 : Survey Sees Organizations Being Overwhelmed by Remediation Challenges
18:7 : Critical Zero-Day Vulnerability in Zyxel Devices Sparks Widespread Exploitation
18:7 : New Microsoft “Scareware Blocker” Prevents Users from Tech Support Scams
18:7 : Security Concerns Rise with MediaTek February 2025 WLAN Vulnerabilities
17:32 : Insider Threat Program Modernization: Trends, Technologies, and Whole-Person Risk Assessment
17:32 : Who’s Behind the Seized Forums ‘Cracked’ & ‘Nulled’?
17:32 : Exploitation of Over 700 Vulnerabilities Came to Light in 2024
17:32 : DeepSeek’s Rise: A Game-Changer in the AI Industry
17:32 : Federal Employees Sue OPM Over Alleged Unauthorized Email Database
17:6 : Jahresbericht: Erneut knapp 2,4 Millionen Apps aus Google Play verbannt
17:5 : New ValleyRAT Malware Variant Spreading via Fake Chrome Downloads
17:5 : Processing Cloud Data With DuckDB And AWS S3
17:5 : Check Point Ranks #1 in Threat Prevention Testing: Miercom 2025 Enterprise & Hybrid Mesh Firewall Report
17:5 : AMD Patches CPU Vulnerability That Could Break Confidential Computing Protections
17:5 : AttackIQ Bolsters Cyber Defenses with DeepSurface’s Risk-Analysis Tech
17:5 : IT Security News Hourly Summary 2025-02-04 18h : 12 posts
16:33 : Subgruppen-Erkennung: Wendepunkt in der Malware-Abwehr
16:32 : SOC 2 Made Simple: Your Guide to Certification
16:32 : What is Internet Key Exchange (IKE)?
16:32 : New AI “agents” could hold people for ransom in 2025
16:32 : Valley News Live exposed more than a million job seeker’s resumes
16:5 : Some updates to our data feeds, (Tue, Feb 4th)
16:5 : Taiwan bans DeepSeek AI and Meta warns its insider threats
16:5 : AMD fixed a flaw that allowed to load malicious microcode
16:5 : Critical Windows OLE Zero-Click Vulnerability Let Attacker to Execute Arbitrary Code
16:5 : Hackers Using HTTP Client Tools To Takeover Microsoft 365 Accounts
16:5 : Grubhub serves up security incident with a side of needing to change your password
16:5 : Malicious Go Package Exploits Module Mirror Caching for Persistent Remote Access
15:34 : Let’s Encrypt: 6-Tage-Zertifikate, keine Ablauf-Nachrichten zu Zertifikaten mehr
15:33 : Android Security Update Fixes Linux Kernel RCE Flaw Allow Read/Write Access
15:33 : 1- Click RCE Vulnerability in Voyager PHP Allow Attackers Execute Arbitrary Code
15:33 : Apache Cassandra Vulnerability Allows Attackers to Gain Access Data Centers
15:33 : Schneider Electric Modicon M580 PLCs, BMENOR2200H and EVLink Pro AC
15:33 : AutomationDirect C-more EA9 HMI
15:33 : Schneider Electric Pro-face GP-Pro EX and Remote HMI
15:33 : Schneider Electric Web Designer for Modicon
15:33 : Schneider Electric Modicon M340 and BMXNOE0100/0110, BMXNOR0200H
15:33 : Top 15 Cloud Compliance Tools in 2025
15:32 : OpenSSL 3.5 Release Announcement
15:6 : Whatsapp bestätigt Angriff von Spyware-Unternehmen – was ihr jetzt wissen müsst
15:6 : WhatsApp am Handgelenk: So nutzt du den Messenger auf deiner Smartwatch
15:6 : Europäische Alternative zu ChatGPT und Deepseek: Das steckt hinter OpenEuroLLM
15:6 : Hacker beißen sich am neuen Claude 3.5 die Zähne aus – hier kannst du es selbst versuchen
15:6 : 20 Jahre Haft für Deepseek-Nutzung: US-Politiker wollen die China-KI verbieten
15:6 : Let’s Encrypt: Ende von Zertifikat-Ablauf-Nachrichten und 6-Tage-Zertifikate
15:5 : ANY.RUN Enhances Malware Detection and Performance to Combat 2025 Cyber Threats
15:5 : The best malware removal software of 2025: Expert tested and reviewed
15:5 : Analyzing ELF/Sshdinjector.A!tr with a Human and Artificial Analyst
15:5 : US accuses Canadian math prodigy of $65M crypto scheme
15:5 : Cycode Change Impact Analysis boosts application security posture
14:33 : Roadshow: IT-Security und Datenschutz im Fokus
14:32 : CVE-2025-21298: A Critical Windows OLE Zero-Click Vulnerability
14:32 : AI-Powered Personalized Learning: Revolutionizing Education
14:32 : DaggerFly-Linked Linux Malware Targets Network Appliances
14:5 : SpyCloud Leads the Way in Comprehensive Identity Threat Protection
14:5 : Ontinue ION for IoT Security secures critical operational environments
14:5 : Threefold Increase in Malware Targeting Credential Stores
14:5 : IT Security News Hourly Summary 2025-02-04 15h : 25 posts
14:5 : Sophisticated Phishing Attack Bypasses Microsoft ADFS MFA
13:33 : [UPDATE] [mittel] 7-Zip: Schwachstelle ermöglicht Codeausführung
13:32 : From CES 2025 to the Boardroom: How Emerging Tech Trends Will Reshape Enterprise Solutions
13:32 : How to Prevent Phishing Attacks with Multi-Factor Authentication
13:32 : AMD Patches CPU Vulnerability Found by Google
13:32 : Russian cybercrooks exploiting 7-Zip zero-day vulnerability (CVE-2025-0411)
13:32 : North Korean Hackers Deploy FERRET Malware via Fake Job Interviews on macOS
13:32 : Russian Cybercrime Groups Exploiting 7-Zip Flaw to Bypass Windows MotW Protections
13:7 : AMD Prozessor: Schwachstelle ermöglicht das umgehen von Sicherheitsmaßnahmen
13:7 : [NEU] [mittel] AMD Prozessor: Schwachstelle ermöglicht das umgehen von Sicherheitsmaßnahmen
13:7 : [NEU] [mittel] Apache Cassandra: Mehrere Schwachstellen.
13:7 : [UPDATE] [hoch] libxml2: Schwachstelle ermöglicht remote Code Execution
13:7 : [UPDATE] [mittel] OpenSSL: Schwachstelle ermöglicht Offenlegung von Informationen
13:6 : [UPDATE] [mittel] Red Hat Enterprise Linux (Jinja): Mehrere Schwachstellen ermöglichen Codeausführung
13:5 : SpyCloud Pioneers the Shift to Holistic Identity Threat Protection
13:5 : Cybercriminals Exploiting HTTP Client Tools to Hijack Microsoft 365 Accounts
13:5 : New FUD Malware Targets MacOS, Evading Antivirus and Security Tools
13:5 : Beware of SmartApeSG Campaigns that Deliver NetSupport RAT
13:5 : Coyote Banking Trojan targets Brazilian users, stealing data from 70+ financial apps and websites
13:5 : Tangerine Turkey: Cryptocurrency Mining Worm Unveiled in Global Campaign
13:5 : Smiths Group Discloses Security Breach
13:5 : Threat Actors Exploit DeepSeek’s Popularity to Distribute Infostealers on PyPI
13:5 : How to Root Out Malicious Employees
13:5 : Massive Data Leak Exposes 1.5 Billion Records from Chinese Platforms and Government
12:33 : Jetzt bei HaveIBeenPwned: Daten von fast 100 Millionen Glücksspielern geleakt
12:33 : [NEU] [mittel] Xerox WorkCentre: Mehrere Schwachstellen
12:32 : N. Korean ‘FlexibleFerret’ Malware Hits macOS with Fake Zoom, Job Scams
12:32 : Deepfakes and the 2024 US Election
12:32 : Google Patched Linux Kernel RCE Vulnerability In Android Allow Attackers Gain Read/Write Access
12:32 : Abandoned AWS S3 Buckets Can be Reused to Hijack Global Software Supply Chain
12:32 : Personal Information Compromised in GrubHub Data Breach
12:32 : Nymi Band 4 delivers passwordless MFA to deskless workers in OT environments
12:6 : Samsung Android: Mehrere Schwachstellen
12:6 : Jetzt bei HaveIBeenPwned: Daten von fast 100 Millionen 1win-Nutzern geleakt
12:6 : [NEU] [mittel] Samsung Android: Mehrere Schwachstellen
12:5 : Cyberattack on NHS causes hospitals to miss cancer care targets
12:5 : Cyber Insights 2025: The CISO Outlook
12:5 : Watch Out For These 8 Cloud Security Shifts in 2025
12:5 : Surge in Infostealer Attacks Threatens EMEA Organizations’ Data Security
11:34 : Cybersicherheit: NIS2 und KI-gesteuerten Angriffen mit externen SOC-Services begegnen
11:34 : Partnerangebot: AWARE7 GmbH – „Meine digitale Sicherheit für Dummies“
11:33 : Als Hochzeitseinladung getarnt: WhatsApp-Nachrichten mit Malware-Installern
11:33 : [NEU] [mittel] IBM Security Verify Access: Mehrere Schwachstellen
11:33 : Stealers on the Rise: A Closer Look at a Growing macOS Threat
11:32 : European Start-Ups Adopt DeepSeek To Cut Costs
11:32 : Amazon Introduces Redshift Security Features to Prevent Data Leaks
11:32 : WatchTowr warns abandoned S3 buckets pose supply chain risk
11:32 : Decentralized Identity: Revolutionizing Identity Verification in The Digital World
11:32 : Casio UK site compromised, equipped with web skimmer
11:32 : Texas to Establish Cyber Command Amid “Dramatic” Rise in Attacks
11:6 : Partnerangebot: SANS Institute – „Capture the Flag“
11:6 : Sicherheit: Zero-Day-Lücke im Android-Kernel wird aktiv ausgenutzt
11:6 : [NEU] [UNGEPATCHT] [mittel] Roundcube: Schwachstelle ermöglicht Cross-Site Scripting
11:6 : [NEU] [hoch] Red Hat Enterprise Linux (Podman und Buildah): Schwachstelle ermöglicht Manipulation von Dateien
11:5 : Apple Service Ticket Portal Vulnerability Leaks Sensitive Information
11:5 : IT Security News Hourly Summary 2025-02-04 12h : 19 posts
11:5 : Abandoned AWS S3 buckets can be reused in supply-chain attacks that would make SolarWinds look ‘insignificant’
11:5 : Vulnerability Patched in Android Possibly Exploited by Forensic Tools
10:33 : Google Android: Mehrere Schwachstellen
10:33 : “Datenschutzbedenken zurückstellen”: Merz will Rabatt für Bereitstellung von Patientendaten
10:33 : [NEU] [hoch] Google Android: Mehrere Schwachstellen
10:32 : Texas Bans DeepSeek, Other Chinese Apps
10:32 : Trump Says Planned US Sovereign Wealth Fund Could Buy TikTok
10:32 : What Is a Security Operations Center (SOC)?
10:32 : Tripwire Patch Priority Index for January 2025
10:32 : Grubhub confirms data breach affecting customers and drivers
10:32 : Man charged with stealing $65 million by exploting DeFI protocols vulnerabilities
10:6 : [NEU] [niedrig] Dell PowerProtect Data Domain OS: Schwachstelle ermöglicht Offenlegung von Informationen
10:5 : Google Patches 47 Android Kernel Security Flaws
10:5 : New Attack Technique to Bypassing EDR as Low Privileged Standard User
10:5 : UK govt must learn fast and let failing projects die young
10:5 : DeepSeek Compared to ChatGPT, Gemini in AI Jailbreak Test
10:5 : AMD SEV-SNP Vulnerability Allows Malicious Microcode Injection with Admin Access
10:5 : Taiwan Bans DeepSeek AI Over National Security Concerns, Citing Data Leakage Risks
10:5 : Casio and Others Hit by Magento Web Skimmer Campaign
9:33 : Patchday Android: Angreifer nutzen Kernel-Sicherheitslücke aus
9:33 : [UPDATE] [mittel] Oracle Java SE: Mehrere Schwachstellen
9:33 : [UPDATE] [hoch] bzip2: Schwachstelle ermöglicht Ausführen von beliebigem Programmcode mit den Rechten des Dienstes
9:33 : [UPDATE] [mittel] ClamAV: Mehrere Schwachstellen ermöglichen Denial of Service
9:33 : [UPDATE] [mittel] PostgreSQL: Mehrere Schwachstellen
9:32 : OpenAI Launches Research Analysis AI Agent
9:32 : Ontario ‘Ripping Up’ Starlink Contract
9:32 : FlexibleFerret Malware Attacking macOS Users, Evading XProtect Detections
9:32 : Google patches 47 Android security flaws, including one that has been actively exploited
9:32 : Meet the Hired Guns Who Make Sure School Cyberattacks Stay Hidden
9:11 : ChatGPT erfindet Zitate und Fälle – Australischer Anwalt blamiert sich
9:11 : Deepseek: Ist die KI aus China doch nicht so energiesparend wie erhofft?
9:11 : Support von Windows 10 verlängern: Was es für euer Geld gibt – und was nicht
9:11 : 1win-Datenleck: Knapp 100 Millionen Nutzerdatensätze bei Have-I-Been-Pwned
9:10 : Detection engineering at scale: one step closer (part two)
9:10 : CVE-2025-0411: Ukrainian Organizations Targeted in Zero-Day Campaign and Homoglyph Attacks
9:10 : New Attack Method Bypasses EDR with Low Privileged Access
9:9 : Researchers Discover Novel Techniques to Protect AI Models from Universal Jailbreaks
9:9 : Beware of Fake DeepSeek PyPI packages that Delivers Malware
9:9 : Microsoft Azure AI Face Service Elevation of Privilege Vulnerability Let Attackers Gain Network Access
9:9 : Roundcube XSS Vulnerability Let Attackers Inject Malicious Files
9:9 : Canadian National Charged for Stealing $65 Million in Crypto
8:33 : Moderne Gefahrenabwehr: Effizient, robust, wirtschaftlich
8:33 : HP Anyware: Linux-Client ermöglicht Rechteausweitung
8:33 : Österreich: Faxverbot stürzt Gesundheitssektor ins Chaos
8:32 : SoftBank, OpenAI Create Joint Venture To Market AI In Japan
8:32 : Google patches odd Android kernel security bug amid signs of targeted exploitation
8:32 : What 2025 HIPAA Changes Mean to You
8:32 : Why logs aren’t enough: Enhancing SIEM with AI-driven NDR
8:32 : Exploited vulnerabilities rising, ban on DeepSeek, crypto scams make comeback
8:5 : IT Security News Hourly Summary 2025-02-04 09h : 9 posts
8:2 : ValleyRAT Attacking Org’s Accounting Department with New Delivery Techniques
7:33 : heise-Angebot: iX-Workshop IT-Sicherheit: Angriffstechniken verstehen und erfolgreich abwehren
7:32 : Linux Kernel 6.14 Officially Released for Testers
7:32 : AI-Powered Security Management for the Hyperconnected World
7:32 : Check Point Ranks #1 in Threat Prevention Testing Miercom 2025 Enterprise & Hybrid Mesh Firewall Report
7:32 : ValleyRAT Attacking Org’s Accounting Department With New Delivery Techniques
7:32 : Crtical Microsoft Accounts Authentication Bypass Vulnerability Let Attackers Gain Remote Access
7:32 : Multiple Dell PowerProtect Vulnerabilities Let Attackers Compromise System
7:5 : Tunnel: Software-Updates auf dem Autozug verursachen Staus
7:4 : Canadian National Charged with Stealing $65 Million in Crypto
6:32 : WhatsApp users targeted by Paragon Spyware
6:32 : Considerations while choosing a cybersecure database for Generative AI
6:32 : Google Patches 47 Android Security Flaws, Including Actively Exploited CVE-2024-53104
6:32 : Microsoft Patches Critical Azure AI Face Service Vulnerability with CVSS 9.9 Score
6:7 : Multiple Flaws in Dell PowerProtect Allow System Compromise
6:7 : AsyncRAT Abusing Python and TryCloudflare For Stealthy Malware Delivery
6:7 : Aim for crypto-agility, prepare for the long haul
5:32 : Roundcube XSS Flaw Allows Attackers to Inject Malicious Files
5:32 : Common Vulnerability Scoring System (CVSS) vs. Risk: Why are we still having this conversation?
5:32 : What you can do to prevent workforce fraud
5:5 : Vernetzte Geräte: Höhere Sicherheitsanforderungen greifen im August 2025
5:5 : IT Security News Hourly Summary 2025-02-04 06h : 6 posts
5:4 : Canadian Man Stole $65 Million in Crypto in Two Platform Hacks, DOJ Says
5:4 : 8 steps to secure GenAI integration in financial services
4:32 : Microsoft SharePoint Connector Flaw Could’ve Enabled Credential Theft Across Power Platform
4:32 : Casio UK Web Store Hacked to Inject Customer Credit Card Stealing Scripts

Post navigation