IT Security News Daily Summary 2025-02-14

177 posts were published in the last hour

• 22:7 : RansomHub: The New King of Ransomware? Targeted 600 Firms in 2024
• 22:7 : U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog
• 22:7 : Week in Review: CISA officials furloughed, DeepSeek’s weak security, Cairncross as cyberdirector
• 21:32 : How to restrict Amazon S3 bucket access to a specific IAM role
• 21:4 : Why EPSS is a Game-Changer for Cybersecurity Risk Management
• 20:32 : SailPoint IPO Signals Bright Spot for Cybersecurity
• 20:32 : Delinea Extends Scope of Identity Management Platform
• 20:32 : New “whoAMI” Attack Exploits AWS AMI Name Confusion for Remote Code Execution
• 20:16 : Perplexity just made AI research crazy cheap—what that means for the industry
• 20:16 : 9 Best Next-Generation Firewall (NGFW) Solutions for 2025
• 20:16 : China-linked APT Salt Typhoon breached telecoms by exploiting Cisco router flaws
• 20:16 : Lazarus Group Infostealer Malwares Attacking Developers In New Campaign
• 20:5 : IT Security News Hourly Summary 2025-02-14 21h : 6 posts
• 19:32 : Chinese Cyber-Spies Use Espionage Tools for Ransomware Side Hustle
• 19:7 : N. Korean Hackers Suspected in DEEP#DRIVE Attacks Against S. Korea
• 19:7 : XELERA Ransomware Attacking Job Seekers With Weaponized Word Documents
• 19:7 : 12 Million Zacks accounts leaked by cybercriminal
• 19:7 : Congress is PISSED at British Backdoor Bid, but Apple Stays Shtum
• 19:7 : Lazarus Group Deploys Marstech1 JavaScript Implant in Targeted Developer Attacks
• 18:32 : Meta confirms ‘Project Waterworth,’ a global subsea cable project spanning 50,000 kilometers
• 18:32 : Virginia Attorney General’s Office Struck by Cyberattack Targeting Attorneys’ Computer Systems
• 18:32 : Azul Achieves DORA Compliance
• 18:13 : Meta confirms ‘Project Waterworth,’ a global subsea cable project spanning 50,000km
• 18:13 : Introducing the AWS Trust Center
• 17:32 : Upcoming Speaking Engagements
• 17:32 : Friday Squid Blogging: Squid the Care Dog
• 17:32 : Global Crackdown on Phobos Ransomware, Two Arrested
• 17:32 : vCISOs are in high demand
• 17:17 : Anzeige: Professionelles Incident Management mit 15 Prozent Rabatt
• 17:16 : ClearML and Nvidia vulns
• 17:16 : QuSecure Secures Additional Series A Funding to Advance Post-Quantum Cryptography Solutions
• 17:16 : Scammers Exploit JFK Files Release with Malware and Phishing
• 17:16 : Lazarus Group Using New Malware Tactic To Attack Developers Globally
• 17:16 : EarthKapre APT Drops Weaponized PDF to Compromise Windows Systems
• 17:5 : IT Security News Hourly Summary 2025-02-14 18h : 9 posts
• 16:19 : ChatGPT goes Retro: Braunschweiger Firma verbindet KI-Chatbot mit Faxgeräten
• 16:19 : AI2 OLMoE ausprobiert: Wie gut funktioniert eine lokale KI auf dem iPhone?
• 16:19 : GhostGPT: Diese KI spielt Cyberkriminellen besonders in die Hände
• 16:18 : Mobile security alert as Google App Store apps start scanning for screenshot Seed Phrases
• 16:18 : Chinese Threat Group conducting espionage found moonlighting with ransomware
• 16:18 : ARM Shares Rise Amid Report Meta Will Purchase Its First Chip
• 16:18 : UK Government Partners Anthropic AI To Improve Public Services
• 16:18 : North Korean IT Workers Infiltrate International Companies To Plant Backdoors on Systems
• 16:18 : New GRC and cyber risk strategies emphasize risk adaptability
• 15:32 : FBI Alerts Users of Surge in Gmail AI Phishing Attacks
• 15:32 : Virtual Credit Cards: How They Work, Benefits, and Security Features
• 15:32 : 2FA Under Attack as Astaroth Phishing Kit Spreads
• 15:11 : Securing the Modern Workplace: Balancing Safety, Trust, and Productivity
• 15:11 : Project management with Scrum (with Podcast)
• 15:11 : Maximizing Security Through Hardware
• 15:11 : Sean Cairncross is Trump Nominee for National Cyber Director
• 14:34 : Comeback dedizierter Serverstrukturen?
• 14:34 : Münchner Cybersicherheits-Konferenz: Die Ukraine umwirbt Europa
• 14:33 : Ransomware Roundup – Lynx
• 14:33 : Critical PostgreSQL bug tied to zero-day attack on US Treasury
• 14:33 : Cybersecurity Snapshot: CISA Calls for Stamping Out Buffer Overflow Vulnerabilities, as Europol Tells Banks To Prep For Quantum Threat
• 14:33 : Threat actors are using legitimate Microsoft feature to compromise M365 accounts
• 14:33 : Russian Hackers Target Microsoft 365 Accounts with Device Code Phishing
• 14:5 : IT Security News Hourly Summary 2025-02-14 15h : 22 posts
• 14:4 : Cybersicherheit in Kriegszeiten: Täglich ist Tag Null
• 14:3 : Netwrix Privilege Secure Enhances Remote Access Security by Eliminating VPN Dependencies
• 14:3 : Apache Fineract SQL Injection Vulnerability Let Inject Malicious Data
• 14:3 : NVIDIA Container Toolkit Vulnerability Let Attackers Execute Code
• 14:3 : CISA Releases 20 ICS Advisories Detailing Vulnerabilities & Exploits
• 14:3 : Beware of Malicious Browser Updates That Installs SocGholish Malware
• 14:3 : Rising Tides: Lesley Carhart on Bridging Enterprise Security and OT—and Improving the Human Condition
• 13:33 : Lazarus Group Targets Developers Worldwide with New Malware Tactic
• 13:33 : SocGholish Malware Dropped from Hacked Web Pages using Weaponized ZIP Files
• 13:33 : Fake BSOD Attack Launched via Malicious Python Script
• 13:32 : Gaming or gambling? Lifting the lid on in-game loot boxes
• 13:32 : AI and Civil Service Purges
• 13:32 : Meta Paid Out Over $2.3 Million in Bug Bounties in 2024
• 13:32 : Lexmark issues warning about critical security vulnerabilities in printer software
• 13:11 : heise-Angebot: iX-Workshop: Spezialwissen für KRITIS – Prüfverfahrenskompetenz gemäß § 8a BSIG
• 13:10 : It’s Time to Move Beyond Awareness Training: Why Readiness Is the New Standard for Cybersecurity
• 13:10 : TikTok Returns To Apple, Google Stores In US
• 13:10 : REF7707 Hackers Target Windows & Linux Systems with FINALDRAFT Malware
• 13:9 : North Korean IT Workers Penetrate Global Firms to Install System Backdoors
• 13:9 : Protecting Hospitals from IoT Threats with Check Point
• 13:9 : New Astaroth 2FA Phishing Kit Targeting Gmail, Yahoo, Office 365, and 3rd-Party Logins
• 13:9 : Have the Last Word Against Ransomware with Immutable Backup
• 12:32 : Fake BSOD Delivered by Malicious Python Script, (Fri, Feb 14th)
• 12:32 : REF7707 Hackers Attacking Windows & Linux Machines Using FINALDRAFT Malware
• 12:32 : 2 charged over alleged New IRA terrorism activity linked to cops’ spilled data
• 12:32 : SonicWall Firewall Vulnerability Exploited After PoC Publication
• 12:32 : Microsoft Security Update Notification in February of High-Risk Vulnerabilities in Multiple Products
• 12:32 : Palo Alto Networks PAN-OS Authentication Bypass Vulnerability (CVE-2025-0108)
• 12:10 : Palo Alto PAN-OS: Exploit-Code für hochriskante Lücke aufgetaucht
• 12:10 : Datenbank manipulierbar: Hacker entstellt Webportal von Musks Doge
• 12:9 : NVIDIA Container Toolkit Vulnerable to Code Execution Attacks
• 12:9 : Salt Typhoon Targeting Old Cisco Vulnerabilities in Fresh Telecom Hacks
• 12:9 : UK’s AI Safety Institute Rebrands Amid Government Strategy Shift
• 11:34 : [NEU] [mittel] SUSE Manager: Schwachstelle ermöglicht Offenlegung von Informationen
• 11:34 : [NEU] [niedrig] MISP: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
• 11:34 : [NEU] [hoch] Lexmark Laser Printers: Mehrere Schwachstellen
• 11:33 : [NEU] [mittel] WatchGuard Firebox: Mehrere Schwachstellen
• 11:33 : [NEU] [mittel] Dell PowerEdge: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
• 11:32 : SGNL Raises $30 Million for Identity Management Solution
• 11:32 : RansomHub Becomes 2024’s Top Ransomware Group, Hitting 600+ Organizations Globally
• 11:32 : Microsoft: Russian-Linked Hackers Using ‘Device Code Phishing’ to Hijack Accounts
• 11:32 : AI-Powered Social Engineering: Ancillary Tools and Techniques
• 11:14 : Sicherheitslücke: Angreifer können PostgreSQL-Datenbanken attackieren
• 11:14 : [UPDATE] [mittel] Grafana Loki: Schwachstelle ermöglicht Cross-Site Scripting
• 11:14 : [UPDATE] [mittel] Grafana: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
• 11:14 : [UPDATE] [hoch] Apache ActiveMQ: Schwachstelle ermöglicht Codeausführung
• 11:14 : [UPDATE] [kritisch] Apache ActiveMQ: Schwachstelle ermöglicht Codeausführung
• 11:14 : [UPDATE] [hoch] Grafana: Schwachstelle ermöglicht Übernahme von Benutzerkonto
• 11:13 : Alaa Abd El Fattah’s Mother, Laila Soueif, Calls on UK Government to Help as She Continues Hunger Strike
• 11:13 : Hackers Exploit Palo Alto Firewall Vulnerability Day After Disclosure
• 11:5 : IT Security News Hourly Summary 2025-02-14 12h : 11 posts
• 10:32 : Partnerangebot: BDO Cyber Security – Schulung zum BCM-Praktiker nach BSI 200-4
• 10:8 : Malware-Ranking Januar: Formbook und SnakeKeylogger an der Spitze
• 10:8 : 20 Jahre Youtube: Von einem Video im Zoo zum Milliardengeschäft
• 10:8 : Google Maps: Kontroverses Feature bekommt Update – was damit bald möglich ist
• 10:8 : [UPDATE] [mittel] Meltdown und Spectre: Mehrere Schwachstellen
• 10:8 : [UPDATE] [hoch] IEEE WPA2: Mehrere Schwachstellen
• 10:8 : [UPDATE] [hoch] Apple Mac OS: Mehrere Schwachstellen
• 10:7 : Experts discovered PostgreSQL flaw chained with BeyondTrust zeroday in targeted attacks
• 10:7 : New Device Code Phishing Attack Exploit Device Code Authentication To Capture Authentication Tokens
• 10:7 : Watchdog ponders why Apple doesn’t apply its strict app tracking rules to itself
• 10:7 : China-Linked Espionage Tools Used in Recent Ransomware Attack
• 9:33 : Partnerangebot: reuschlaw – Digital Business Conference 2025
• 9:33 : Apple: Kartellamt meldet Bedenken gegen App-Tracking an
• 9:33 : [UPDATE] [mittel] TianoCore EDK2: Schwachstelle ermöglicht Denial of Service
• 9:33 : [UPDATE] [mittel] Linux Kernel: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff
• 9:33 : [UPDATE] [mittel] Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service und unspezifischen Angriff
• 9:32 : [UPDATE] [mittel] Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service und unspezifische Angriffe
• 9:32 : RedMike Hackers Exploited 1000+ Cisco Devices to Gain Admin Access
• 9:10 : Progress Telerik und Loadmaster: Updates dichten Sicherheitslecks ab
• 9:9 : Device Code Phishing Attack Exploits Authentication Flow to Hijack Tokens
• 9:9 : CISA Publishes 20 Advisories on ICS Security Flaws and Exploits
• 9:9 : Astaroth 2FA Phishing Kit Targets Gmail, Yahoo, Office 365, and Third-Party Logins
• 9:9 : Grip Security unveils SSPM solution to strengthen SaaS security posture
• 8:33 : Generationenkonflikt in der IT-Sicherheit: Innovation trifft Tradition
• 8:33 : Progress Telerik und Loadmaster stopfen hochriskante Sicherheitslücken
• 8:33 : München: Cyberangriff trifft Universität der Bundeswehr
• 8:32 : Project management with Scrum
• 8:32 : PostgreSQL Terminal Tool Injection Vulnerability Allows Remote Code Execution
• 8:32 : AMD Ryzen DLL Hijacking Vulnerability Let Attackers Execute Arbitrary Code
• 8:32 : Apple backdoor spat, Sarcoma hits Unimicron, Sault Tribe attacked
• 8:8 : Lexmark warnt vor Sicherheitslücken in Drucker-Software und -Firmware
• 8:7 : Dutch Authorities Dismantle Network of 127 Command-and-Control Servers
• 8:7 : Beware Fake Captchas – New Malicious Campaign Exploits WebFlow Users
• 8:7 : Valve removed the game PirateFi from the Steam video game platform because contained a malware
• 8:7 : Operational Efficiency and Cost Reduction: The Unsung Benefits of B2B IAM
• 8:7 : FBI Saves Millions and Lives in Cyber Hacking Take Down: Cyber Security Today for February 15, 2025
• 8:5 : IT Security News Hourly Summary 2025-02-14 09h : 5 posts
• 7:32 : Apache Fineract SQL Injection Vulnerability Allows Malicious Data Injection
• 7:32 : Espionage Tools Associated with China Used in Ransomware Attacks
• 7:9 : What is digital inclusion?
• 7:9 : AMD Ryzen Flaw Enables Code Execution Through DLL Hijacking
• 7:9 : The Inside Man: Security Training on a Grand Scale
• 6:32 : Anzeige: IT-Notfallplanung und BCM – so funktioniert’s
• 6:32 : From Sweethearts to Swindlers: Valentine’s Day Fraud Surges
• 6:5 : Cyberattacke auf die Universität der Bundeswehr München
• 6:5 : Hackers Exploiting Newly Discovered PAN-OS Authentication Bypass Vulnerability
• 5:33 : WinZip Vulnerability Allows Remote Attackers to Execute Arbitrary Code
• 5:33 : 2025-02-13: Quick post: ClickFix style infection for Lumma Stealer
• 5:32 : The Art of Teaching Cybersecurity Through Storytelling
• 5:32 : Pig butchering scams are exploding
• 5:32 : PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks
• 5:7 : Inconsistent security strategies fuel third-party threats
• 5:5 : IT Security News Hourly Summary 2025-02-14 06h : 2 posts
• 4:32 : WinZip Vulnerability Let Remote Attackers Execute Arbitrary Code
• 4:32 : New infosec products of the week: February 14, 2025
• 2:32 : Hackers Actively Exploiting New PAN-OS Authentication Bypass Vulnerability
• 2:32 : Chinese spies suspected of ‘moonlighting’ as tawdry ransomware crooks
• 2:9 : ISC Stormcast For Friday, February 14th, 2025 https://isc.sans.edu/podcastdetail/9324, (Fri, Feb 14th)
• 2:9 : Storm-2372 conducts device code phishing campaign
• 2:5 : IT Security News Hourly Summary 2025-02-14 03h : 3 posts
• 1:34 : The best free VPNs of 2025: Expert tested
• 1:34 : From Reactive to Predictive: Building Cyber Resilience for 2025
• 1:34 : A New Chapter in Cybersecurity Excellence: Nuspire Becomes PDI Security & Network Solutions
• 0:32 : DEF CON 32 – MFT Malicious Fungible Tokens
• 23:9 : Salt Typhoon compromises telecom providers’ Cisco devices
• 23:5 : IT Security News Hourly Summary 2025-02-14 00h : 1 posts
• 22:55 : IT Security News Daily Summary 2025-02-13