IT Security News Daily Summary 2025-03-27

210 posts were published in the last hour

22:36 : Fake Snow White Movie Torrent Infects Devices with Malware
22:36 : China’s FamousSparrow flies back into action, breaches US org after years off the radar
22:5 : Even More Venmo Accounts Tied to Trump Officials in Signal Group Chat Left Data Public
22:5 : The 2025 WAF Wave from the Other Side
22:5 : New security requirements adopted by HTTPS certificate industry
21:34 : Online Tracking is Out of Control—Privacy Badger Can Help You Fight Back
21:13 : Is Your Browser Ground Zero for Cyberattacks?
20:36 : Troy Hunt’s Mailchimp List – 16,627 breached accounts
20:9 : Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection
20:5 : IT Security News Hourly Summary 2025-03-27 21h : 2 posts
19:34 : Enhancing Public Sector Cybersecurity with Akamai API Security
19:7 : SignalGate Is Driving the Most US Downloads of Signal Ever
18:35 : Kritzeln mit Künstlicher Intelligenz: Entdecke das spaßige Co-Drawing-Tool
18:35 : Microsoft-Nutzer brauchen bald kein Passwort mehr für die Anmeldung
18:35 : Warum wir KI-Agenten nicht die volle Kontrolle geben sollten
18:35 : Google Gemini Live: Die KI-App, die dein Smartphone und deine Umgebung analysiert
18:35 : Maps, Suche, Hotels: Google rollt neue Features aus, die bei der Urlaubsplanung helfen sollen
18:34 : WhatsApp Appeal Against EU Fine Backed By Court Advisor
18:9 : Koalitionsverhandlungen: Amthor will Informationsfreiheit nicht ganz abschaffen
18:7 : Money Laundering 101, and why Joe is worried
18:7 : OpenAI Bug Bounty Program Increases Top Reward to $100,000
18:7 : Blacklock Ransomware Infrastructure Breached, Revealing Planned Attacks
18:7 : March 2025 Web Server Survey
18:7 : Splunk Patches Dozens of Vulnerabilities
18:7 : CVE-2025-29927: Next.js Middleware Authorization Bypass Flaw
18:7 : What’s New in CodeSonar 9.0
17:34 : Anzeige: IT-Notfälle managen und BCM-Strategien entwickeln
17:33 : Sitecore “thumbnailsaccesstoken” Deserialization Scans (and some new reports) CVE-2025-27218, (Thu, Mar 27th)
17:33 : Trump’s SEC Pick Pledges ‘Coherent’ Crypto Rules
17:33 : Intel Board Shakeup As Three Members Confirm Retirement
17:33 : Classiscam Operators Use Automated Malicious Sites to Steal Financial Data
17:33 : Arkana Ransomware Group Claims Compromise of US Telecom Companies
17:33 : Cloud Attacks Raises by Five Times Attacking Sensitive IAM Service Accounts
17:33 : GorillaBot Attacks Windows Devices With 300,000+ Attack Commands Across 100+ Countries
17:33 : Windows Server 2025 Security Update Freezes Remote Desktop Sessions Connection
17:33 : Windows 11 January 2025 Preview Update Disconnects Remote Desktop Sessions
17:33 : New Morphing Meerkat Phishing Kit Mimics 114 Brands Using Victims’ DNS Email Records
17:5 : IT Security News Hourly Summary 2025-03-27 18h : 25 posts
17:3 : RedCurl Uses New QWCrypt Ransomware in Hypervisor Attacks
17:3 : Sextortion scams are on the rise — and they’re getting personal
17:3 : Critical Flaws Expose Millions of Solar Energy Devices To Cyberattacks
17:3 : Anthropic scientists expose how AI actually ‘thinks’ — and discover it secretly plans ahead and sometimes lies
17:3 : Deleting your personal info from Google Search is stunningly easy now – and fast
17:3 : When Getting Phished Puts You in Mortal Danger
17:3 : Signal downloads spike in the US and Yemen amid government scandal
17:3 : Security shop pwns ransomware gang, passes insider info to authorities
17:3 : CoffeeLoader Malware Loader Linked to SmokeLoader Operations
16:35 : What the $32B Google-Wiz deal says about cloud-native security
16:35 : Russian Espionage Group Using Ransomware in Attacks
16:35 : Arcane Malware Steals VPN, Gaming, and Messaging Credentials in New Cyber Threat
16:35 : Five Ways to Identify a Bank Fraud And Stay Safe
16:35 : US Department of Labor’s journey to Zero Trust security with Microsoft Entra ID
16:35 : How to manage and protect your biometric data
16:6 : Trump Administration Faces Data Breach Controversy Amid Signal Group Chat Scandal
16:6 : Signal downloads spike in the U.S. and Yemen amid government scandal
16:5 : IngressNightmare: Critical Kubernetes Flaws Put 6,500+ Clusters at Risk
16:5 : Critical Flaws in Appsmith Exposed Systems to Full Takeover
16:5 : The Cost of Delay: Privacy Risks from Post-Quantum Cryptography Inaction
16:5 : New Cybercrime Tool ‘Atlantis AIO’ Amps Up Credential Stuffing Attacks
16:5 : Fortra Report Reveals How Breaches Are Fueling Hyper-Personalized Email Attacks
16:5 : BSidesLV24 – IATC – Living With the Enemy – How To Protect Yourself (And Energy Systems)
16:5 : The Essential Role of Supply Chain Security in ASPM
16:5 : PJobRAT Malware Targets Users in Taiwan via Fake Apps
15:37 : Think your Venmo is private? You should double-check this setting
15:37 : Crooks target DeepSeek users with fake sponsored Google ads to deliver malware
15:37 : Advancing Opportunities for Women in Cybersecurity through Global Partnerships
15:36 : “This fraud destroyed my life.” Man ends up with criminal record after ID was stolen
15:36 : UK Software Firm Fined £3 Million Over Ransomware-Caused Data Breach
15:9 : Best Laptop for Cybersecurity: Top Picks for Ethical Hackers & Security Professionals
15:9 : How to protect your site from DDoS attacks – before it’s too late
15:9 : The Importance of Allyship for Women in Cyber
15:9 : A closer look at The Ultimate Cybersecurity Careers Guide
15:9 : UK NCSC offers security guidance for domain and DNS registrars
15:9 : Hackers Repurpose RansomHub’s EDRKillShifter in Medusa, BianLian, and Play Attacks
15:9 : Thank You for Joining Our Live Q&A Session on Technical Advisory Committees
14:35 : Rauchmelder im Vollzug: Kein Falschalarm durch E-Zigaretten
14:34 : Threat Actors Compromise 150,000 Websites to Promote Chinese Gambling Platforms
14:34 : 10 pesky Windows 11 24H2 bugs still haunting PCs despite several patches
14:34 : Moving from WhatsApp to Signal: A good idea?
14:34 : The Importance of Allyship For Women in Cyber
14:34 : The Future of Cloud Ownership Amid Deglobalization
14:8 : Neue Sicherheitslücken in Photovoltaik-Systemen aufgespürt
14:8 : Wordfence Intelligence Weekly WordPress Vulnerability Report (March 17, 2025 to March 23, 2025)
14:7 : To Meet Compliance Challenges, Focus on Building Great Security
14:7 : Threat Actors Use Fake Booking.com Emails to Deceive Hotel Staff and Gain System Access
14:7 : New Research Links RansomHub’s EDRKillShifter to Established Ransomware Gangs
14:7 : New FamousSparrow Malware Targets Hotels and Engineering Firms with Custom Backdoor
14:7 : CISA Releases One Industrial Control Systems Advisory
14:7 : Classiscam Actors Automate Malicious Websites To Steal Financial Data
14:7 : Legit’s prevention dashboard helps security teams proactively stop vulnerabilities
14:5 : IT Security News Hourly Summary 2025-03-27 15h : 24 posts
13:32 : Wyze Cam adds ‘no big deal’ AI filter to cut down on your notifications
13:32 : U.S. CISA adds Sitecore CMS and XP, and GitHub Action flaws to its Known Exploited Vulnerabilities catalog
13:32 : Q&A: Cybersecurity in ‘The Intelligent Era’
13:32 : SandboxAQ Strengthens Leadership in Post-Quantum Security as NIST Approves HQC Algorithm
13:32 : CrushFTP CEO’s feisty response to VulnCheck’s CVE for critical make-me-admin bug
13:32 : GetReal Security Raises $17.5 Million to Tackle Gen-AI Threats
13:19 : Cybercrime-Tool Atlantis AIO soll automatisierte Passwort-Attacken optimieren
13:19 : [UPDATE] [hoch] Oracle MySQL: Mehrere Schwachstellen
13:19 : [UPDATE] [hoch] Red Hat OpenShift Container Platform: Mehrere Schwachstellen
13:19 : [UPDATE] [mittel] Red Hat OpenShift: Schwachstelle ermöglicht Offenlegung von Informationen
13:17 : Is Someone Lurking in The Background Waiting To Impersonate You?
13:17 : Former Intel CEO Pat Gelsinger Joins Venture Capital Firm
13:17 : G2 Names INE 2025 Cybersecurity Training Leader
13:17 : PlayBoy Locker Ransomware Targets Windows, NAS, and ESXi Systems
13:17 : Large-Scale Phishing Campaign Targets Defense and Aerospace Companies
13:17 : NIS2: What do we know so far about the EU’s expanded cyber security regulation?
13:17 : Hackers Abuse COM Objects for Fileless Malware Lateral Movements
13:17 : CISA Adds Sitecore CMS Code Execution Vulnerability to List of Known Exploited Vulnerabilities
13:17 : NSW Online Registry Website Breach – 9,000+ Files Stolen by Hackers
13:17 : Synology Mail Server Let Remote Attackers Tamper System Configurations
13:17 : Threat Actors Using Powerful Cybercriminal Weapon ‘Atlantis AIO’ to Automate Credential Stuffing Attacks
13:17 : Defense Contractor MORSE to Pay $4.6M to Settle Cybersecurity Failure Allegations
13:17 : APT36 Spoofs India Post Website to Infect Windows and Android Users with Malware
13:17 : No MFA? Expect Hefty Fines, UK’s ICO Warns
12:35 : KI im Hotel und Chatbots als Reisebegleitung: Neue Lösungen sollen den Tourismus umkrempeln
12:35 : Home Assistant für Einsteiger: So nutzt du das leistungsstarke Open-Source-Tool
12:35 : Signal-Gate wird immer größer: Passwörter hochrangiger US-Sicherheitspolitiker frei im Netz
12:35 : Im Call nicht aufgepasst? Diese neue Funktion in Google Meet könnte euch retten
12:35 : [NEU] [mittel] Devolutions Remote Desktop Manager: Mehrere Schwachstellen ermöglichen Umgehen von Sicherheitsvorkehrungen
12:34 : Massive Data Breach Hits NSW Online Registry: 9,000+ Files Stolen
12:34 : Synology Mail Server Vulnerability Enables Remote System Configuration Tampering
12:34 : Reality Bites: You’re Only as Secure as Your Last API Deployment
12:7 : IT-Konzern unter Druck: Echtheit von Oracle-Kundendaten nach Cyberangriff bestätigt
12:6 : Aussie Fintech Vroom Exposes Thousands of Records After AWS Misconfiguration
11:37 : [NEU] [mittel] IBM App Connect Enterprise: Schwachstelle ermöglicht Offenlegung von Informationen
11:36 : Cloud Threats on the Rise: Alert Trends Show Intensified Attacker Focus on IAM, Exfiltration
11:36 : RedCurl Unleashes New Ransomware Targeting Hyper-V Servers Exclusively
11:36 : Lucid PhAAS Platform Uses RCS and iMessage to Evade Detection
11:36 : Malicious Google Ads Target DeepSeek Users to Spread Malware
11:36 : B1ack’s Stash MarketPlace Actors to Release 4 Million Stolen Credit Card Details for Free
11:35 : T-Mobile Coughed Up $33 Million in SIM Swap Lawsuit
11:35 : CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825)
11:35 : New Report Explains Why CASB Solutions Fail to Address Shadow SaaS and How to Fix It
11:35 : Chinese Spy Group FamousSparrow Back with a Vengeance, Targets US
11:6 : [NEU] [hoch] GitLab: Mehrere Schwachstellen
11:5 : Trump Says China Tariffs May Be Cut To Seal TikTok Deal
11:5 : CISA Adds Sitecore CMS Code Execution Vulnerability to Exploited List
11:5 : A Taxonomy of Adversarial Machine Learning Attacks and Mitigations
11:5 : Business Email Compromise, ACH Transactions, and Liability
11:5 : IT Security News Hourly Summary 2025-03-27 12h : 13 posts
10:33 : [NEU] [mittel] Acronis Cyber Protect: Schwachstelle ermöglicht Privilegieneskalation
10:32 : A Comprehensive Guide to Protect Data, Models, and Users in the GenAI Era
10:32 : PoC Exploit Released for Ingress-NGINX Remote Code Execution Vulnerabilities
10:32 : UK’s first permanent facial recognition cameras installed in South London
10:32 : More Solar System Vulnerabilities Expose Power Grids to Hacking
10:32 : Top 3 MS Office Exploits Hackers Use in 2025 – Stay Alert!
10:32 : NCA Warns of Sadistic Online “Com” Networks
10:12 : Admin-Sicherheitslücke gefährdet Backuplösung SnapCenter
10:12 : Splunk: Teils hochriskante Sicherheitslecks in mehreren Produkten
10:12 : Passiert auch Profis: Gründer von HaveIBeenPwned fällt auf Phishing-Mail rein
10:11 : Newspaper Lawsuit Against OpenAI Can Proceed Says Judge
10:11 : Ransomwared NHS software supplier nabs £3M discount from ICO for good behavior
10:11 : NCSC Urges Domain Registrars to Improve Security
9:36 : RansomHub übernimmt kriminelles Erbe von LockBit & Co.
9:36 : Backuplösung SnapCenter: Angreifer können als Admin Systeme übernehmen
9:36 : Splunk: Updates schließen Sicherheitslücken in mehreren Produkten
9:36 : [UPDATE] [mittel] Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service
9:36 : [UPDATE] [hoch] AMD Prozessoren: Mehrere Schwachstellen
9:36 : [UPDATE] [mittel] Intel Prozessoren: Mehrere Schwachstellen ermöglichen Offenlegung von Informationen
9:35 : [UPDATE] [mittel] Linux Kernel: Schwachstelle ermöglicht nicht spezifizierten Angriff
9:35 : [UPDATE] [hoch] Linux Kernel: Mehrere Schwachstellen
9:35 : Arkana Security group claims the hack of US telco provider WideOpenWest (WOW!)
9:35 : Pakistan APT Hackers Create Weaponized IndiaPost Website to Attack Windows & Android Users
9:34 : CodeQLEAKED – GitHub Supply Chain Attack Allows Code Execution Using CodeQL Repositories
9:34 : New Sophisticated Linux-Backdoor Attacking OT Systems Exploiting 0-Day RCE
9:34 : OpenAI Offering Up to $100,000 for Critical Vulnerabilities in its Infrastructure
9:9 : PoC Exploit Released for Ingress-NGINX RCE Vulnerabilities
9:9 : New “ReaderUpdate” macOS Malware Evolves with Nim and Rust Variants
9:9 : Advanced CoffeeLoader Malware Evades Security to Deliver Rhadamanthys Shellcode
9:9 : runZero’s expanded platform offers new approach to detecting and prioritizing risk
9:9 : 150,000 Sites Compromised by JavaScript Injection Promoting Chinese Gambling Platforms
8:33 : Innovative Lösungen für Haftanstalten
8:33 : Datentransfer-Software CrushFTP ermöglicht unbefugten Zugriff
8:32 : Which Top Cybersecurity Role of 2024 Was Featured in 64,000+ Job Postings?
8:32 : NHS vendor Advanced to pay £3M fine following 2022 ransomware attack
8:32 : GetReal Security platform combats AI-fueled attacks
8:9 : Microsoft bestätigt: Windows-Updates nerven Nutzer seit Januar mit RDP-Problemen
8:9 : The Four Fundamentals of Cybersecurity to Build a Resilient SOC
8:9 : Exim Use-After-Free Vulnerability Allows Privilege Escalation
8:5 : IT Security News Hourly Summary 2025-03-27 09h : 6 posts
7:36 : Ransomware group claims attack on US telecom firm, New ReaderUpdate malware variants target macOS users, Oracle customers claim stolen data
7:7 : Digital identity fatigue: The hidden impact on security, engagement, and business longevity
7:7 : CodeQLEAKED: GitHub Supply Chain Attack Enables Code Execution via CodeQL Repositories
7:7 : 12 Cybercriminals Arrested Following Takedown of Ghost Communication Platform
7:7 : NetApp SnapCenter Flaw Could Let Users Gain Remote Admin Access on Plug-In Systems
7:7 : CISA Warns of Sitecore RCE Flaws; Active Exploits Hit Next.js and DrayTek Devices
6:39 : Anzeige: Weg von AWS & Co. – mit Stackit Cloud
6:7 : NHS LockBit ransomware attack yields £3.07 million penalty on tech provider
6:7 : OpenAI Offers Up to $100,000 for Critical Infrastructure Vulnerability Reports
6:7 : Exim Use-After-Free Vulnerability Enables Privilege Escalation
6:7 : Cyber insurance isn’t always what it seems
6:7 : The hidden costs of security tool bloat and how to fix it
5:36 : 12 Cybercriminals Arrested After Ghost Communication Platform Shutdown
5:36 : Splunk RCE Vulnerability Enables Remote Code Execution via File Upload
5:36 : Hottest cybersecurity open-source tools of the month: March 2025
5:7 : ETSI releases security standard for the quantum future
5:5 : IT Security News Hourly Summary 2025-03-27 06h : 1 posts
4:15 : Splunk RCE Vulnerability Let Attackers Execute Arbitrary Code Via File Upload
3:12 : Identity security: A critical defense in 2025’s threat landscape
2:9 : ISC Stormcast For Thursday, March 27th, 2025 https://isc.sans.edu/podcastdetail/9382, (Thu, Mar 27th)
2:5 : IT Security News Hourly Summary 2025-03-27 03h : 5 posts
1:37 : Internet Archive (Archive.org) Goes Down Following “Power Outage” (Updated)
1:37 : How can I align our NHI management with GDPR and other standards?
1:37 : Which frameworks assist in ensuring compliance for NHIs?
1:37 : Legit Announces New Vulnerability Prevention Capabilities
1:11 : Cybertron Reshapes AI Security as “Cyber Brain” Grows
0:35 : Ein Stück KI-Geschichte: Deep-Learning-Modell von 2012 jetzt als Open Source verfügbar
23:34 : Internet Archive (Archive.org) Goes Down Following “Power Outage”
23:34 : Generative AI: threat or opportunity? It depends on your adaptive speed!

Post navigation