IT Security News Weekly Summary March

210 posts were published in the last hour

• 22:55 : IT Security News Daily Summary 2025-02-28
• 22:32 : DEF CON 32 – Inside Dash Cam Custom Protocols And Discovered 0days
• 22:5 : What is a watering hole attack?
• 22:5 : Friday Squid Blogging: Eating Bioluminescent Squid
• 22:5 : DMARC Adoption among Europe’s Higher Education Sector
• 22:5 : Week in Review: Apple encryption, gamification for security, DISA breach
• 21:32 : Empowering Women in Cybersecurity: How Education and Training Are Key
• 21:2 : Microsoft Disrupts Storm-2139 for LLMjacking and Azure AI Exploitation
• 20:32 : Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab
• 20:32 : Amnesty Reveals Cellebrite Zero-Day Android Exploit on Serbian Student Activist
• 20:7 : Researchers uncover unknown Android flaws used to hack into a student’s phone
• 20:5 : IT Security News Hourly Summary 2025-02-28 21h : 2 posts
• 19:32 : $1.5B Bybit Hack is Linked to North Korea, FBI Says, in Potentially the Largest Crypto Heist Ever
• 19:32 : Ransomware criminals love CISA’s KEV list – and that’s a bug, not a feature
• 18:32 : Over 350 High-Profile Websites Hit by 360XSS Attack
• 18:32 : Microsoft to shut down Skype, Here is the Deadline
• 18:32 : Cisco Infuses Security into Networking with New Nexus Smart Switch and Hypershield Integration
• 18:4 : Cyber Security Today February 2025 Month In Review
• 17:33 : Microsoft To Retire Skype On 5 May
• 17:33 : What is multifactor authentication?
• 17:33 : Millions of stalkerware users exposed again
• 17:33 : Amnesty Finds Cellebrite’s Zero-Day Used to Unlock Serbian Activist’s Android Phone
• 17:5 : IT Security News Hourly Summary 2025-02-28 18h : 15 posts
• 17:3 : How to Avoid Costly Technical Debt and Get Your Software Project Back on Track
• 17:3 : Senator Susan Collins’ Betrayal of Maine Demands Accountability
• 17:3 : Apple Lets Stalkers Find YOU — ‘nRootTag’ Team Breaks AirTag Crypto
• 17:2 : New Phishing Scam Uses Authentic PayPal Address: Cyber Security Today February 26, 2025
• 16:33 : Google installiert Nacktscanner auf Android-Smartphones – so kannst du die App deaktivieren
• 16:33 : Microsoft: Ist ihre Videocall-App nach 14 Jahren am Ende?
• 16:33 : „Ich würde alle eliminieren“: KI wurde mit unsicherem Code trainiert, gibt plötzlich bösartige Antworten
• 16:33 : Deep Dive: Wie entscheidend KI in aktuellen Kriegen ist
• 16:32 : Openreach To Start Telephone Exchange Closure Process
• 16:32 : Hacktivist Groups Emerge With Powerful Tools for Large-Scale Cyber Operations
• 16:32 : Chinese Hackers Breach Belgium State Security Service as Investigation Continues
• 16:32 : Microsoft targets AI deepfake cybercrime network in lawsuit
• 16:32 : The biggest data breaches of 2025 — so far
• 16:9 : Belgian Intelligence Agency emails leaked by Barracuda Vulnerability
• 16:9 : Enhanced capabilities sustain the rapid growth of Vo1d botnet
• 15:32 : Chinese Hackers Exploiting Check Point’s VPN Zero-Day Flaw to Attack Orgs Worldwide
• 15:32 : Bybit Crypto Exchange Hacked for $1.5 Billion in Largest Crypto Heist
• 15:32 : Building Robust AI Systems with Verified Data Inputs
• 15:32 : Role of Continuous Threat Exposure Management in Business Security
• 15:32 : OT/ICS cyber threats escalate as geopolitical conflicts intensify
• 15:10 : Lightning-Fast Requests with Early Data
• 15:10 : The best VPN services for torrenting in 2025: Expert tested and reviewed
• 15:10 : What is FCAPS (fault, configuration, accounting, performance and security)?
• 15:9 : Gabbard Decries Britain’s Reported Demand for Apple to Provide Backdoor Access to Users’ Cloud Data
• 15:9 : MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364)
• 15:9 : 5,000 Phishing PDFs on 260 Domains Distribute Lumma Stealer via Fake CAPTCHAs
• 15:9 : RDP: a Double-Edged Sword for IT Teams – Essential Yet Exploitable
• 14:32 : Kommentar zur Cybersicherheit im öffentlichen Sektor
• 14:32 : Top Tech Conferences & Events to Add to Your Calendar in 2025
• 14:32 : Next-Gen Phishing Techniques – How Back-End Tech Made Scams More Effective
• 14:32 : Third-Party Attacks Drive Major Financial Losses in 2024
• 14:5 : Auch in Deutschland: 49.000 Zutrittskontrollsysteme hängen ungeschützt am Netz
• 14:5 : Belgium investigating alleged cyberattack on intelligence agency by China-linked hackers
• 14:5 : IT Security News Hourly Summary 2025-02-28 15h : 5 posts
• 14:5 : Nakivo Backup & Replication Tool Vulnerability Allows Attackers to Read Arbitrary Files – PoC Released
• 13:33 : Europol gelingt großer Schlag gegen Ersteller KI-generierter Kinderpornos
• 13:33 : Fünf Sicherheitslücken in Gitlab geschlossen
• 13:32 : Migrating from Hub and Spoke Network to Azure Virtual WAN
• 13:32 : In Other News: Krispy Kreme Breach Cost, Pwn2Own Berlin, Disney Hack Story
• 13:3 : Google Starts Layoffs In Cloud, HR Units
• 13:3 : DeepSeek Unveiled — Exposing the GenAI Risks Hiding in Plain Sight
• 13:3 : PingAM Java Agent Vulnerability Let Attackers Gain Unauthorized Access
• 13:3 : New Pass-the-Cookie Attack Bypass Microsoft 365 & YouTube MFA Logins
• 13:3 : Njrat Attacking Users Abusing Microsoft Dev Tunnels for C2 Communications
• 13:3 : Poco RAT Malware Exploits PDF Files to Infiltrate Systems and Steal Data
• 13:3 : OSPS Baseline: Practical security best practices for open source software projects
• 12:33 : [UPDATE] [mittel] Linux Kernel: Mehrere Schwachstellen
• 12:33 : [UPDATE] [mittel] Linux Kernel: Schwachstelle ermöglicht Denial of Service
• 12:33 : [UPDATE] [mittel] Linux Kernel: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff
• 12:32 : Cisco fixed command injection and DoS flaws in Nexus switches
• 12:8 : Malware in gefälschten GitHub-Repositorys | Offizieller Blog von Kaspersky
• 12:8 : [NEU] [hoch] Linux Kernel: Mehrere Schwachstellen
• 12:7 : Ransomware Group Takes Credit for Lee Enterprises Attack
• 12:7 : Microsoft Exposes LLMjacking Cybercriminals Behind Azure AI Abuse Scheme
• 12:7 : Cybersecurity M&A Roundup: SolarWinds Acquired for $4.4bn
• 11:34 : Videoeditor DaVinci Resolve ermöglicht Rechteausweitung in macOS
• 11:34 : Android: Riesiges Botnetz steuert 1,6 Millionen TV-Geräte
• 11:33 : JavaGhost’s Persistent Phishing Attacks From the Cloud
• 11:33 : Man Jailed 24 Years for Running Dark Web CSAM Sites from Coffee Shop
• 11:32 : New Pass-the-Cookie Attacks Bypass MFA, Giving Hackers Full Account Access
• 11:32 : Telegram as #1 Messenger Used by Cybercriminals for Communications
• 11:32 : Vo1d Botnet Evolves as It Ensnares 1.6 Million Android TV Boxes
• 11:32 : Spotlight on Regulatory Compliance: The Challenges Your IT and Security Teams May Face
• 11:8 : Partnerangebot: CARMAO Academy – „BCM-Praktiker – Zertifikatslehrgang“
• 11:8 : [NEU] [hoch] IBM MQ: Mehrere Schwachstellen
• 11:7 : Microsoft Names Suspects in Lawsuit Against AI Hackers
• 11:7 : Old Vulnerabilities Among the Most Widely Exploited
• 11:5 : IT Security News Hourly Summary 2025-02-28 12h : 13 posts
• 10:33 : DrayTek Vigor: Mehrere Schwachstellen
• 10:33 : Instagram-Feed zurücksetzen: Wie ihr die Funktion aktiviert und was sich dadurch ändert
• 10:33 : Google Übersetzer bekommt ein KI-Update: Wie die App dadurch besser wird
• 10:33 : Mehr als nur Deepseek: Auch im Bereich der Video-KI lohnt ein Blick nach China
• 10:33 : [NEU] [hoch] Rancher: Mehrere Schwachstellen
• 10:33 : [NEU] [hoch] DrayTek Vigor: Mehrere Schwachstellen
• 10:32 : How to Protect Your Digital Identity While Gaming Online
• 10:32 : Lynx Ransomware Attacking Organizations to Exfiltrate Sensitive Data
• 10:32 : Sticky Werewolf Uses Undocumented Implant to Deploy Lumma Stealer in Russia and Belarus
• 10:32 : 12,000+ API Keys and Passwords Found in Public Datasets Used for LLM Training
• 10:5 : Datendiebstahl statt Verschlüsselung dominiert
• 10:5 : Microsoft: Unsichere DES-Verschlüsselung fliegt aus Windows raus
• 10:5 : [UPDATE] [hoch] IBM QRadar SIEM (Log Source Management App): Mehrere Schwachstellen
• 10:4 : New GitHub Scam With Thousand of “mods” & “cracks” Steal Your Data
• 10:4 : 1.6 Million Android TVs Worldwide Hacked by Vo1d Botnet
• 9:33 : [UPDATE] [hoch] IBM Informix: Mehrere Schwachstellen
• 9:33 : [UPDATE] [hoch] zlib: Schwachstelle ermöglicht nicht spezifizierten Angriff
• 9:33 : [UPDATE] [mittel] zlib: Schwachstelle ermöglicht Codeausführung
• 9:33 : [UPDATE] [hoch] bzip2: Schwachstelle ermöglicht Ausführen von beliebigem Programmcode mit den Rechten des Dienstes
• 9:33 : Chinese Hackers Exploit Check Point VPN Zero-Day to Target Organizations Globally
• 9:32 : Prolific Data Extortion Actor Arrested in Thailand
• 9:5 : Nasa: Asteroiden-Sonde Lucy fotografiert zweites Ziel
• 9:4 : PingAM Java Agent Vulnerability Allows Attackers to Bypass Security
• 8:33 : Sicherheitsupdate: Angreifer können Middleware IBM TXSeries kompromittieren
• 8:33 : “Passwort” Folge 26: Homomorphe Verschlüsselung
• 8:32 : China-linked threat actors stole 10% of Belgian State Security Service (VSSE)’s staff emails
• 8:32 : 18 Best Web Filtering Solutions – 2025
• 8:32 : Wallbleed Exposes Memory Vulnerability in China’s Great Firewall DNS System
• 8:32 : 260 Domains Hosting 5,000 Weaponized PDF Files Attacking Users to Steal Credit Card Data
• 8:32 : Massive Banking Data Leaks Under Scrutiny as Cyber Fraud Cases Surge
• 8:32 : Cyber espionage increase, Nakasone cyber warning, PolarEdge exploits Cisco
• 8:7 : Die Qual der Wahl
• 8:6 : New GitHub Scam Uses Fake “Mods” and “Cracks” to Steal User Data
• 8:5 : IT Security News Hourly Summary 2025-02-28 09h : 1 posts
• 7:33 : Cyber-Bande Cl0p: Angeblich Daten bei HP und HPE geklaut
• 7:2 : IRS contractor leaked the tax returns of over 400k Americans and businesses
• 7:2 : 5 Best Practices for Bolstering Physical Access Security in Data Centers in 2025
• 6:33 : Anzeige: Sicheres Identitäts- und Zugriffsmanagement mit Entra ID
• 6:32 : Cyber Attack news headlines trending on Google
• 6:32 : 260 Domains Hosting 5,000 Malicious PDFs to Steal Credit Card Data
• 6:32 : The SOC files: Chasing the web shell
• 6:32 : Massive Cyberattack Exploits Legacy Windows Driver to Evade Detection
• 6:32 : Understanding the AI Act and its compliance challenges
• 6:4 : The First International AI Safety Report: A Call to Action
• 6:4 : Windows CE and ICS Security: A Ticking Time Bomb?
• 5:32 : DeepSeek Data Leak Exposes 12,000 Hardcoded API Keys and Passwords
• 5:32 : Winos4.0 Malware Targets Windows Users Through Malicious PDF Files
• 5:32 : The art of balancing data security with business goals
• 5:5 : IT Security News Hourly Summary 2025-02-28 06h : 4 posts
• 5:4 : Infosec products of the month: February 2025
• 4:32 : Microsoft names alleged credential-snatching ‘Azure Abuse Enterprise’ operators
• 4:32 : Beyond SMS: HYPR’s Perspective on Gmail’s Shift to QR Code Authentication
• 4:32 : University of Notre Dame Hit by Cyberattack— Hackers Say They Stole Everything
• 4:4 : DeepSeek Data Leak – 12,000 Hardcoded Live API keys and Passwords Exposed
• 4:4 : Feds: Army soldier suspected of AT&T heist Googled ‘can hacking be treason,’ ‘defecting to Russia’
• 3:3 : PayPal’s “no-code checkout” abused by scammers
• 2:32 : How Scalping Bots Exploited a Vulnerable API to Disrupt Online Retail Sales
• 2:5 : IT Security News Hourly Summary 2025-02-28 03h : 2 posts
• 2:2 : ISC Stormcast For Friday, February 28th, 2025 https://isc.sans.edu/podcastdetail/9344, (Fri, Feb 28th)
• 1:32 : Spyzie – 518,643 breached accounts
• 1:4 : Morpheus: Building Dynamic, Context-Specific Response Playbooks with AI
• 0:3 : Do Powerful Tools Enhance Your Data Security?
• 0:2 : Is Your NHI Lifecycle Management Capable?
• 0:2 : Optimistic About Future Cybersecurity Trends?
• 23:32 : GHOSTR Hacker Linked to 90+ Data Breaches Arrested
• 23:5 : IT Security News Hourly Summary 2025-02-28 00h : 6 posts
• 23:2 : Psychological Safety as a Competitive Edge
• 23:2 : Feds: Army soldier accused of AT&T heist Googled ‘can hacking be treason,’ ‘defecting to Russia’
• 22:55 : IT Security News Daily Summary 2025-02-27
• 22:33 : Symptom-Checker-Apps: Das sind die besten Anwendungen laut Stiftung Warentest
• 22:7 : eCommerce Customer Service Tips For Online Support: The Basics
• 22:7 : FBI officially fingers North Korea for $1.5B Bybit crypto-burglary
• 21:32 : Lina’s Write-up
• 21:32 : Ninth Circuit Correctly Rules That Dating App Isn’t Liable for Matching Users
• 21:32 : CMMC is Here: Simplifying Compliance with Enclaves
• 21:5 : STRIDE: A Guide to Threat Modeling and Secure Implementation
• 21:5 : Are Your VM Scans Testing the Entirety of the Network?
• 21:5 : FBI: Lazarus Group behind $1.5 billion Bybit heist
• 21:5 : Record-Breaking Data Theft: 3.9 Billion Passwords Compromised by Infostealer Malware
• 20:32 : Ransomware Attacks Reach Record-Breaking Levels In 2024 – BlackFog
• 20:32 : How to Use Slack for Business: Workplace Communication
• 20:32 : Spyzie stalkerware is spying on thousands of Android and iPhone users
• 20:5 : IT Security News Hourly Summary 2025-02-27 21h : 5 posts
• 20:4 : New Backdoor Auto-color Linux Targets Systems in US and Asia
• 19:32 : 26 New Threat Groups Spotted in 2024: CrowdStrike
• 19:7 : Sellers can get scammed too, and Joe goes off on a rant about imposter syndrome
• 19:7 : How data centers can help balance the electrical grid
• 19:7 : FBI: North Korea-linked TraderTraitor is responsible for $1.5 Billion Bybit hack
• 18:33 : Strengthening Our Emissions Accounting Process Blog
• 18:33 : Lotus Blossom Hacker Group Uses Dropbox, Twitter, and Zimbra for C2 Communications
• 18:33 : “Emergent Misalignment” in LLMs
• 18:33 : Top 10 Best Dynamic Malware Analysis Tools in 2025
• 18:32 : Comic Agilé – Luxshan Ratnaravi, Mikkel Noe-Nygaard – #327 – Including QA Tasks At Sprint Planning
• 18:8 : Meta Fixes Fault After Violent Videos Hits Instagram Reels
• 18:8 : New Malware Uses Legitimate Antivirus Driver to Bypass All System Protections
• 18:8 : DragonForce Attacks Critical Infrastructure to Exfiltrate Data and Halt Operations
• 18:7 : Threat Actors Attack Job Seekers of Fortune 500 Companies to Steal Personal Details
• 18:7 : Unpatched Vulnerabilities Attract Cybercriminals as EDR Visibility Remains Limited
• 18:7 : Squidoor: Multi-Vector Malware Exploiting Outlook API, DNS & ICMP Tunneling for C2
• 18:7 : CISA Releases Two Industrial Control Systems Advisories
• 18:7 : Schneider Electric Communication Modules for Modicon M580 and Quantum Controllers
• 18:7 : Dario Health USB-C Blood Glucose Monitoring System Starter Kit Android Application
• 18:7 : ​​2025 Unit 42 Incident Response Report — Attacks Shift to Disruption
• 17:33 : Nach Vorwürfen von Amnesty: Cellebrite entzieht Serbien eigene Forensik-Tools
• 17:32 : PolarEdge: Unveiling an uncovered ORB network
• 17:32 : Amazon Joins Quantum Race With New ‘Ocelot’ Chip
• 17:32 : Hackers Impersonate Taiwan’s Tax Authority to Deploy Winos 4.0 Malware
• 17:32 : NordLayer set to release a new security-focused browser for the enterprise
• 17:32 : Archipelo comes out of stealth with $12M funding to secure human and AI-driven code
• 17:32 : Hacker Behind Over 90 Data Leaks Arrested in Thailand
• 17:6 : Nach Vorwürfen von Amnesty: Cellebrite arbeitet nicht mehr mit Serbien zusammen
• 17:5 : From Accidental Hacker to Cybersecurity Champion: The Story of Dr. Katie Paxton-Fear, Bug Bounty Hunter with HackerOne
• 17:5 : Survey: Nearly Half of Data Breaches Involved Third-Party Remote Access
• 17:5 : IT Security News Hourly Summary 2025-02-27 18h : 13 posts
• 17:5 : DragonForce Ransomware Hits Saudi Firm, 6TB Data Stolen
• 16:34 : GPT-4.5 steht in den Startlöchern – warum das nur ein Zwischenschritt ist
• 16:34 : Global Threat Report: Cyberspionage und KI-Betrug nehmen rasant zu
• 16:33 : How Kyocera’s CISO tackles the threat of cyber risk during AI adoption
• 16:33 : Nvidia FY25 Profit Rises 130 Percent, Amid AI Boom