IT Security News Weekly Summary October

210 posts were published in the last hour

• 22:55 : IT Security News Daily Summary 2025-09-30
• 21:32 : How to Secure Enterprise Networks by Identifying Malicious IP Addresses
• 21:32 : The Power of Data Observability: Your Edge in a Fast-Changing World
• 21:32 : A breach every month raises doubts about South Korea’s digital defenses
• 21:32 : Threat Actors Hijacking MS-SQL Server to Deploy XiebroC2 Framework
• 21:32 : CISA Warns of Libraesva ESG Command Injection Vulnerability Actively Exploited in Attacks
• 21:2 : USENIX 2025: PEPR ’25 – Unlocking Cross-Organizational Insights: Practical MPC for Cloud-Based Data Analytics
• 20:32 : Google bolts AI into Drive to catch ransomware, but crooks not shaking yet
• 20:32 : OpenSSL Release Announcement for 3.5.4, 3.4.3, 3.3.5, 3.2.6, 3.0.18, 1.1.1zd and 1.0.2zm
• 20:5 : IT Security News Hourly Summary 2025-09-30 21h : 4 posts
• 20:4 : Cybersecurity Starts With You: Lessons From Phishing, Ransomware, and Real-World Mistakes
• 20:4 : Ted Cruz blocks bill that would extend privacy protections to all Americans
• 19:32 : How SOC Teams Detect Can Detect Cyber Threats Quickly Using Threat Intelligence Feeds
• 19:32 : APT35 Hackers Attacking Government, Military Organizations to Steal Login Credentials
• 19:32 : $50 Battering RAM Attack Breaks Intel and AMD Cloud Security Protections
• 19:3 : Chinese APT Phantom Taurus Targeted MS Exchange Servers Over 3 Years
• 19:3 : Tile’s Privacy Failures Leave Trackers Wide Open to Stalking
• 18:32 : Tesla Patches TCU Bug Allowing Root Access Through USB Port
• 18:32 : LLM07: System Prompt Leakage – FireTail Blog
• 17:32 : Phantom Taurus: New China-Linked Hacker Group Hits Governments With Stealth Malware
• 17:5 : IT Security News Hourly Summary 2025-09-30 18h : 12 posts
• 16:32 : Hack of US Surveillance Provider RemoteCOM Exposes Court Data
• 16:32 : MegaSys Enterprises Telenium Online Web Application
• 16:32 : Festo Controller CECC-S,-LK,-D Family Firmware
• 16:32 : OpenPLC_V3
• 16:32 : Festo CPX-CEC-C1 and CPX-CMXX
• 16:32 : Festo SBRD-Q/SBOC-Q/SBOI-Q
• 16:32 : Japan’s beer-making giant Asahi stops production after cyberattack
• 16:32 : Tile trackers plagued by weak security, researchers warn
• 16:32 : Warnings about Cisco vulns under active exploit are falling on deaf ears
• 16:32 : Meeting IEC 62443 Compliance: How CimTrak Secures Industrial Control Systems
• 16:32 : USENIX 2025: PEPR ’25 – Practical Considerations For Differential Privacy
• 16:32 : CISA says it will fill the gap as federal funding for MS-ISAC dries up
• 16:32 : Defending LLM applications against Unicode character smuggling
• 16:4 : Smishing Campaigns Exploit Cellular Routers to Target Belgium
• 16:4 : Canadian airline WestJet says some customer data stolen in June cyberattack
• 15:32 : “user=admin”. Sometimes you don’t even need to log in., (Tue, Sep 30th)
• 15:32 : US Auto Insurance Platform ClaimPix Leaked 10.7TB of Records Online
• 15:32 : Scoped Filtering: A Practical Bridge to RBAC
• 15:32 : Google’s Latest AI Ransomware Defense Only Goes So Far
• 15:32 : Achieving Crypto Agility Through eFPGA: A Prerequisite for Secure ASIC and SoC Designs
• 15:32 : TMI: How cloud collaboration suites drive oversharing and unmanaged access
• 15:32 : Call for Presentations Open for 2025 CISO Forum Virtual Summit
• 15:32 : Cyble Flags 22 Vulnerabilities Under Active Exploitation, Including Ransomware Attacks
• 15:32 : Phishing Expands Beyond Email: Why New Tactics Demand New Defences
• 15:32 : Cisco firewall flaws endanger nearly 50,000 devices worldwide
• 15:3 : Conversations and the Media Climate Accord at IBC2025
• 15:3 : Broadcom patches VMware Zero-Day actively exploited by UNC5174
• 15:3 : Hackers Actively Scanning to Exploit Palo Alto Networks PAN-OS Global Protect Vulnerability
• 15:3 : Threat Actors Allegedly Listed Veeam RCE Exploit for Sale on Dark Web
• 15:3 : Google Gemini Vulnerabilities Let Attackers Exfiltrate User’s Saved Data and Location
• 15:3 : CISA Warns of Linux Sudo Vulnerability Actively Exploited in Attacks
• 15:2 : Google Patches Gemini AI Hacks Involving Poisoned Logs, Search Results
• 15:2 : CISA says it will fill the gap as some federal funding for MS-ISAC dries up
• 15:2 : New Android RAT Klopatra Targets Financial Data
• 14:32 : Cybercrime Observations from the Frontlines: UNC6040 Proactive Hardening Recommendations
• 14:32 : New Chinese Nexus APT Group Targeting Organizations to Deploy NET-STAR Malware Suite
• 14:32 : Patchwork APT: Leveraging PowerShell to Create Scheduled Tasks and Deploy Final Payload
• 14:5 : IT Security News Hourly Summary 2025-09-30 15h : 20 posts
• 14:3 : Google’s Latest AI Ransomware Defense Only Goes So Far
• 14:3 : UK convicts Chinese national in £5.5B crypto fraud, marks world’s largest Bitcoin seizure
• 14:3 : Why Threat-Led Defense & Adversary Behavior Are Driving Security Priorities
• 14:3 : Urgent: China-Linked Hackers Exploit New VMware Zero-Day Since October 2024
• 14:3 : Stop Alert Chaos: Context Is the Key to Effective Incident Response
• 14:3 : Microsoft Expands Sentinel Into Agentic Security Platform With Unified Data Lake
• 14:3 : Researchers Disclose Google Gemini AI Flaws Allowing Prompt Injection and Cloud Exploits
• 13:32 : Hackers Use Cellular Router API to Send Malicious SMS with Weaponized Links
• 13:32 : Hackers Posing as Google Careers Recruiter to Steal Gmail Login Details
• 13:32 : The Rising Cyber Threat to Manufacturing: A Call to Action for Executives
• 13:32 : Beer Brewing Giant Asahi Halts Production Following Cyberattack
• 13:32 : Lunar Spider Infected Windows Machine in Single Click to Harvest Login Credentials
• 13:32 : Tesla’s Telematics Control Unit Vulnerability Let Attackers Gain Code Execution as Root
• 13:32 : Linux 6.17 Released With Fix for use-after-free Vulnerabilities
• 13:32 : Empowering defenders in the era of agentic AI with Microsoft Sentinel
• 13:32 : US Cuts Federal Funding for MS-ISAC Cybersecurity Program
• 13:3 : Learning from the Inevitable
• 13:3 : New Android Banking Trojan Uses Hidden VNC for Full Remote Control of Devices
• 13:3 : Beer Maker Asahi Shuts Down Production Due to Cyberattack
• 13:3 : New Smish: New York Department of Revenue
• 13:3 : Mondoo Raises $17.5 Million for Vulnerability Management Platform
• 13:3 : Misconfigurations Still Fuel Most Cloud Breaches in 2025
• 13:3 : Fezbox npm Package Uses QR Codes to Deliver Cookie-Stealing Malware
• 13:3 : Hackers Claim Data on 150000 AIL Users Stolen
• 13:3 : Acronis brings patch management to consumer backup software
• 13:3 : Gemini Trifecta Highlights Dangers of Indirect Prompt Injection
• 12:33 : Warning: Malicious AI Tools Being Distributed as Chrome Extensions by Threat Actors
• 12:33 : Hackers Actively Probe Palo Alto PAN-OS GlobalProtect Vulnerability for Exploitation
• 12:32 : New Guidance Calls on OT Operators to Create Continually Updated System Inventory
• 12:32 : CISO Conversations: John ‘Four’ Flynn, VP of Security at Google DeepMind
• 12:32 : Webinar: The BAS Summit 2025: Redefining Attack Simulation through AI
• 12:32 : Ransomware Gang Claims Maryland Breach
• 12:32 : Police Seize 439 Million In Cybercrime
• 12:32 : UK Arrests Suspect In RTX Ransomware
• 12:32 : Police Dismantle Crypto Fraud Ring
• 12:32 : Ukrainian Hackers Breach Crimean Servers
• 12:3 : How to Use Passkeys With Google Password Manager (2025)
• 12:3 : High-Severity Vulnerabilities Patched in VMware Aria Operations, NSX, vCenter
• 12:3 : California Gov. Gavin Newsom Signs Bill Creating AI Safety Measures
• 12:3 : The Reality of CTI: Voices from the Analysts
• 12:3 : Harrods Data Breach Explained
• 11:32 : CISA Issues Alert on Actively Exploited Libraesva ESG Command Injection Vulnerability
• 11:32 : Details of a Scam
• 11:32 : 260 romance scammers and sextortionists caught in huge Interpol sting
• 11:32 : Apple fixes critical font processing bug. Update now!
• 11:32 : Western Digital My Cloud NAS devices vulnerable to unauthenticated RCE (CVE-2025-30247)
• 11:5 : IT Security News Hourly Summary 2025-09-30 12h : 11 posts
• 11:2 : CISA Issues Alert on Active Exploitation of Linux and Unix Sudo Flaw
• 11:2 : Apple Updates iOS and macOS to Prevent Malicious Font Attacks
• 11:2 : Webinar Today: AI and the Trust Dilemma: Balancing Innovation and Risk
• 11:2 : Ivanti upgrades Connect Secure with hardened system and gateway improvements
• 10:32 : Phantom Taurus: 新たな中華系Nexus APTとNET-STARマルウェア スイートの発見
• 10:32 : Phantom Taurus: A New Chinese Nexus APT and the Discovery of the NET-STAR Malware Suite
• 10:32 : Researchers Publish Technical Analysis of Linux Sudo Privilege Escalation
• 10:32 : Britain’s policing minister punts facial recog nationwide
• 10:32 : Legit’s Command Center tracks AI code, models, and MCP server usage across the SDLC
• 10:32 : New Android Trojan “Datzbro” Tricking Elderly with AI-Generated Facebook Travel Events
• 10:2 : Microsoft Flags AI Phishing Attack Hiding in SVG Files
• 10:2 : U.S. CISA adds Adminer, Cisco IOS, Fortra GoAnywhere MFT, Libraesva ESG, and Sudo flaws to its Known Exploited Vulnerabilities catalog
• 10:2 : £5.5B Bitcoin fraudster pleads guilty after years on the run
• 10:2 : Cyberattack on Beer Giant Asahi Disrupts Production
• 10:2 : Asahi Suspends Operations in Japan After Cyber-Attack
• 9:33 : Threat Actors Exploiting MS-SQL Servers to Deploy XiebroC2 Framework
• 9:32 : When ‘Oprah’ Smished Me: Smishing and AI-Driven Phishing Risks
• 9:32 : Fake Postmark MCP Server Silently Stole Thousands of Emails With a Single Line of Malicious Code
• 9:32 : U.K. Police Just Seized £5.5 Billion in Bitcoin — The World’s Largest Crypto Bust
• 9:32 : Evolving Enterprise Defense to Secure the Modern AI Supply Chain
• 9:32 : CIISec Members Say Budgets Are Falling Behind Threats
• 9:2 : Tips for Merging Large PDF Files Online
• 9:2 : APT35 Hackers Targeting Government and Military to Steal Login Credentials
• 9:2 : Asahi halts ordering, shipping, and customer service after cyberattack
• 9:2 : Organizations Warned of Exploited Sudo Vulnerability
• 8:32 : Advanced Threat Hunting: Automating Large-Scale Operations with LLMs
• 8:31 : VMware Tools and Aria 0-Day Vulnerability Exploited for Privilege Escalation and Code Execution
• 8:5 : IT Security News Hourly Summary 2025-09-30 09h : 8 posts
• 8:4 : Malicious Code in Fake Postmark MCP Server Steals Thousands of Emails
• 8:4 : VMware Tools and Aria 0-Day Under Active Exploitation for Privilege Escalation
• 8:4 : Got a text about an Amazon refund? It might be a scam
• 8:4 : Scattered Spider, ShinyHunters Restructure – New Attacks Underway
• 8:4 : Greg Kroah-Hartman explains the Cyber Resilience Act for open source developers
• 8:4 : As Hardware, API and Network Vulnerabilities Rise, Defenders Rethink Strategies
• 7:32 : Apple Font Parser Vulnerability Allowing Memory Corruption Attacks
• 7:32 : Microsoft blocks AI code, Breach hits WestJet, Harrods suffers new data incident
• 7:3 : Silent Smishing : The Hidden Abuse of Cellular Router APIs
• 7:3 : Veeam RCE Exploit Allegedly Listed for Sale on Dark Web
• 7:3 : Apple Font Parser Vulnerability Enables Malicious Fonts to Crash or Corrupt Process Memory
• 7:3 : Critical Western Digital My Cloud NAS Devices Vulnerability Let Attackers Execute Malicious Code
• 7:3 : VMware Tools and Aria Operations Vulnerabilities Let Attackers Escalate Privileges to Root
• 6:32 : VMware vCenter and NSX Flaws Allow Hackers to Enumerate Usernames
• 6:32 : Risk of Prompt Injection in LLM-Integrated Apps
• 6:32 : The hidden risks inside open-source code
• 6:2 : VMware vCenter and NSX Vulnerabilities Let Attackers Enumerate Valid Usernames
• 6:2 : Cyber risk quantification helps CISOs secure executive support
• 6:2 : CISA Sounds Alarm on Critical Sudo Flaw Actively Exploited in Linux and Unix Systems
• 5:32 : Hackers Distribute Malicious Microsoft Teams Build to Steal Remote Access
• 5:32 : Lunar Spider Infected Windows Machine in Single Click and Harvested Login Credentials
• 5:32 : New Harrods Data Breach Leaks Personal Information of 430,000 Customers
• 5:32 : 10 Essential Elements of an Effective Dynamic Risk Assessment
• 5:32 : New Splunk 10 Feature – Effective Configuration
• 5:32 : Case Study: Penetration Testing for a Technology-Focused Environmental Solutions Provider
• 5:32 : Your budget Android phone might be spying on you
• 5:5 : IT Security News Hourly Summary 2025-09-30 06h : 2 posts
• 5:2 : Passkeys under threat: How a clever clickjack attack can bypass your secure login
• 5:2 : Keeping the internet afloat: How to protect the global cable network
• 4:32 : Cisco Firewalls Under Continued Attack By ArcaneDoor Threat Actor
• 4:2 : Hackers Trick Users into Download Weaponized Microsoft Teams to Gain Remote Access
• 4:2 : Cybersecurity jobs available right now: September 30, 2025
• 3:3 : Sleep Soundly Knowing Your NHIs are Managed Well
• 3:3 : How Good IAM Support Bolsters Your Security Posture
• 2:5 : IT Security News Hourly Summary 2025-09-30 03h : 2 posts
• 2:4 : ISC Stormcast For Tuesday, September 30th, 2025 https://isc.sans.edu/podcastdetail/9634, (Tue, Sep 30th)
• 1:2 : The Cybersecurity Information Sharing Act Faces Expiration
• 0:32 : Feds cut funding to program that shared cyber threat info with local governments
• 23:5 : IT Security News Hourly Summary 2025-09-30 00h : 5 posts
• 23:2 : Check Point and Wiz Roll Out Integrated Cloud Security Solution
• 22:55 : IT Security News Daily Summary 2025-09-29
• 22:2 : Inside North Korea’s DeceptiveDevelopment Job Fraud, Malware Scheme
• 22:2 : USENIX 2025: PEPR ’25 – Establishing Privacy Metrics For Genomic Data Analysis
• 21:32 : Security Breaches Found in AI-Powered Repair Tool Wondershare RepairIt
• 21:32 : Dynamic DNS Abuse Helps Threat Actors Evade Detection and Persist
• 21:2 : UK grants £1.5B loan to Jaguar Land Rover after cyberattack
• 21:2 : Asahi runs dry as online attackers take down Japanese brewer
• 21:2 : One line of malicious npm code led to massive Postmark email heist
• 20:32 : Apple Patches Single Vulnerability CVE-2025-43400, (Mon, Sep 29th)
• 20:32 : CISA Adds Five Known Exploited Vulnerabilities to Catalog
• 20:32 : CISA Strengthens Commitment to SLTT Governments
• 20:5 : IT Security News Hourly Summary 2025-09-29 21h : 4 posts
• 20:2 : Vulnerability Summary for the Week of September 22, 2025
• 19:32 : Isolate Your Database: VPC for Managed Databases Is Available Now
• 19:32 : 5 Manual Testing Techniques Every Tester Should Know
• 19:32 : Build secure network architectures for generative AI applications using AWS services
• 19:4 : Increase in Scans for Palo Alto Global Protect Vulnerability (CVE-2024-3400), (Mon, Sep 29th)
• 19:4 : Millions at Risk From Notepad++ DLL Hijacking Vulnerability
• 19:4 : ‘Aggressive’ Akira Ransomware Blitz Clubs SonicWall 2FA to DEATH
• 18:32 : Microsoft Sniffs Out AI-Based Phishing Campaign Using Its AI-Based Tools
• 18:2 : Dutch Teens Arrested Over Alleged Spying for Pro-Russian Hackers
• 17:32 : New Harrods Data Breach Exposes 430,000 Customer Personal Records
• 17:32 : Hackers Trick Users to Download Weaponized Microsoft Teams to Gain Remote Access
• 17:5 : IT Security News Hourly Summary 2025-09-29 18h : 9 posts
• 17:2 : DHS and CISA Announce Cybersecurity Awareness Month 2025
• 17:2 : EvilAI Malware Masquerades as AI Tools to Infiltrate Global Organizations
• 16:3 : Harrods Data Breach: 430,000 Customer Records Stolen Via Third-Party Attack
• 16:2 : Understanding the OWASP AI Maturity Assessment
• 16:2 : Amazon pays $2.5B settlement over deceptive Prime subscriptions
• 16:2 : Akira ransomware: From SonicWall VPN login to encryption in under four hours
• 16:2 : AI-Generated Code Used in Phishing Campaign Blocked by Microsoft
• 16:2 : Dutch Authorities Arrest Teens in Foreign Interference Case
• 16:2 : Jaguar Land Rover to resume some manufacturing within days
• 16:2 : CISA to furlough 65% of staff if government shuts down this week
• 15:33 : Retail Cyberattacks Surge as Service Desks Become Prime Targets
• 15:3 : From a Single Click: How Lunar Spider Enabled a Near Two-Month Intrusion