IT Security News Daily Summary 2024-12-12

181 posts were published in the last hour

• 22:35 : The Growing Importance of Secure Crypto Payment Gateways
• 22:35 : EFF Speaks Out in Court for Citizen Journalists
• 21:5 : Cleo patches file transfer zero-day flaw under attack
• 21:5 : Yahoo cybersecurity team sees layoffs, outsourcing of ‘red team,’ under new CTO
• 20:35 : Google Launches Gemini 2.0 with Autonomous Tool Linking
• 20:35 : Malware Analysis: A Kernel Land Rootkit Loader for FK_Undead
• 20:5 : What’s the difference between jailbreaking and rooting?
• 20:5 : X’s Last-Minute Update to the Kids Online Safety Act Still Fails to Protect Kids—or Adults—Online
• 20:5 : Fake IT Workers Funneled Millions to North Korea, DOJ Says
• 20:5 : IT Security News Hourly Summary 2024-12-12 21h : 9 posts
• 19:38 : Midjourney zeigt neues KI-Tool Patchwork: Was es kann und wie ihr es ausprobieren könnt
• 19:38 : OpenAI-CEO Sam Altman dämpft Erwartungen an AGI: Ist die Superintelligenz doch weniger bedeutend als gedacht?
• 19:38 : So lässt euch Whatsapp bald schneller auf Sprachnachrichten antworten
• 19:37 : Something to Read When You Are On Call and Everyone Else is at the Office Party
• 19:37 : UN Body To Protect Subsea Cables Holds First Meeting
• 19:37 : US Sanctions Chinese Cybersecurity Firm for Firewall Exploit, Ransomware Attacks
• 19:37 : Phishing: The Silent Precursor to Data Breaches
• 19:37 : Charges Against CISOs Create Worries, Hope in Security Industry: Survey
• 19:37 : Introducing the AWS Network Firewall CloudWatch Dashboard
• 18:33 : 7 must-know IAM standards in 2025
• 18:33 : AI Slop is Hurting Security — LLMs are Dumb and People are Dim
• 18:3 : Proactive Threat Detection: The Role of Network Security
• 18:3 : Meta Donates $1 Million To Donald Trump Inauguration Fund
• 18:3 : Authorities Shut Down 27 DDoS-for-Hire Platforms, Arrest 3 Admins
• 18:3 : MITRE ATT&CK Evaluation Results 2024 – Cynet Became a Leader With 100% Detection & Protection
• 18:3 : CISA and FCC Issue Urgent Call for Cyber Hardening for Communications Infrastructure
• 17:37 : Security Flaws in WordPress Woffice Theme Prompts Urgent Update
• 17:5 : US To Raise Tariffs On Chinese Solar Wafers, Polysilicon, Tungsten
• 17:5 : Mastering Seamless Single Sign-On: Design, Challenges, and Implementation
• 17:5 : ExpressVPN review: One of the fastest VPNs we’ve tested
• 17:5 : The best VPN services for iPad: Expert tested and reviewed
• 17:5 : Forensic Analysis in the eXp Realty Case: Privacy and Evidence Integrity
• 17:5 : Critical Apple Security Vulnerability CVE-2024-44131 Patched: What You Need to Know
• 17:5 : IT Security News Hourly Summary 2024-12-12 18h : 6 posts
• 16:32 : Siemens Solid Edge SE2024
• 16:32 : Siemens COMOS
• 16:32 : Cleo patches zero-day exploited by ransomware gang
• 16:32 : Remcos RAT Malware Evolves with New Techniques
• 16:7 : Australia To ‘Charge’ Tech Firms For News Content, After Meta Ends Licensing Deal
• 16:7 : Silent Push Raises $10 Million for Preemptive Threat Intelligence Platform
• 15:40 : Wordfence Intelligence Weekly WordPress Vulnerability Report (December 2, 2024 to December 8, 2024)
• 15:40 : Cyber Threat from Chinese software powering critical infrastructure in USA
• 15:40 : Siemens CPCI85 Central Processing/Communication
• 15:40 : Experts discovered surveillance tool EagleMsgSpy used by Chinese law enforcement
• 15:40 : Data brokers should stop trading health and location data, new bill proposes
• 15:40 : Update now! Apple releases new security patches for vulnerabilities in iPhones, Macs, and more
• 15:40 : Sublime Snags $60M Series B for Email Security Tech
• 15:40 : Shielded on All Sides: How Company Executives Can Mitigate Virtual Kidnapping Schemes
• 15:6 : The Ghost of Christmas Past – AI’s Past, Present and Future
• 15:6 : Gamaredon Deploys Android Spyware “BoneSpy” and “PlainGnome” in Former Soviet States
• 15:6 : Over 300K Prometheus Instances Exposed: Credentials and API Keys Leaking Online
• 14:38 : What To Do When You?re Under a DDoS Attack: A Guide to Action
• 14:38 : Is your phone infected with Pegasus spyware? This $1 app can check
• 14:38 : Can Data Embassies Make AI Safer Across Borders?
• 14:38 : VPN Server Switching: Benefits and Best Practices for Privacy and Speed
• 14:38 : What’s Happening with 23andMe? Data Privacy and Uncertain Future
• 14:7 : OpenAI hat Sora offenbar mit Videospiel-Inhalten trainiert – das könnte ein Problem werden
• 14:7 : Duolingo und Netflix: Warum ihr eine Sprache lernen sollt und euch sonst Konsequenzen drohen
• 14:7 : Warum ihr das neue Windows-Update schnell installieren solltet
• 14:7 : So kannst du bald alle Whatsapp-Nachrichten verstehen – egal in welcher Sprache
• 14:7 : BSI legt Kommunikation von 30.000 BadBox-Drohnen lahm
• 14:6 : Which AI Skills Does Your Business Need?
• 14:6 : Antidot Malware Attacking Employees Android Devices To Inject Malicious Payloads
• 14:6 : IP Copilot wants to use AI to turn your Slack messages into patents
• 14:6 : Security Operations in 2025 and Beyond
• 14:6 : Apache issues patches for critical Struts 2 RCE bug
• 14:6 : Mobile Surveillance Tool EagleMsgSpy Used by Chinese Law Enforcement
• 14:6 : The state of AppSec tooling: 4 ways to step up to modern software security
• 14:5 : IT Security News Hourly Summary 2024-12-12 15h : 15 posts
• 13:33 : Scammers Exploit Fake Domains in Dubai Police Phishing Scams
• 13:33 : New Chinese Surveillance Tool Attack Android Users Since 2017
• 13:33 : Malicious ESLint Package Let Attackers Steal Data And Inject Remote Code
• 13:33 : Triad Nexus, Chinese Hackers Using 200,000 Domains For Widespread Cyber Attack
• 13:33 : Keeping Explore St. Louis Safe: How Check Point’s Technology Secures a Dynamic Public Network
• 13:33 : Operation PowerOFF took down 27 DDoS platforms across 15 countries
• 13:33 : Microsoft MFA Bypassed via AuthQuake Attack
• 13:32 : How to Choose the Right Test Data Management Tools
• 13:32 : Top 10 dmarcian Alternatives: Features, Pricing, Pros, and Cons
• 13:9 : Cyber Resilience Act: Vernetzte Produkte müssen bald besser abgesichert sein
• 13:9 : 27 DDoS-For-Hire Services Disrupted In Run-Up To Holiday Season
• 13:9 : Mike Morse Law Firm Chooses Keeper Security to Safeguard its Sensitive Legal Data
• 13:9 : The Unsolvable Problem: XZ and Modern Infrastructure
• 13:9 : SaaS Budget Planning Guide for IT Professionals
• 13:8 : Researchers Uncover Symlink Exploit Allowing TCC Bypass in iOS and macOS
• 12:35 : Sicherheit: Google verbessert Stalking-Schutz bei Bluetooth-Trackern
• 12:35 : Per Brute Force: Forscher knacken Microsofts Multi-Faktor-Authentifizierung
• 12:34 : Apple Touts Ongoing UK Investment, As Tim Cook Meets Prime Minister
• 12:34 : 27 DDoS Attack Services Taken Down by Law Enforcement
• 12:6 : [UPDATE] [hoch] Google Chrome: Mehrere Schwachstellen
• 12:6 : [UPDATE] [mittel] Python: Schwachstelle ermöglicht Denial of Service
• 12:6 : [UPDATE] [mittel] Python: Schwachstelle ermöglicht Codeausführung
• 12:5 : ConvoC2 – A Red Teamers Tool To Execute Commands on Hacked Hosts Via Microsoft Teams
• 12:5 : Lights out for 18 more DDoS booters in pre-Christmas Operation PowerOFF push
• 12:5 : Researchers find security flaws in Skoda cars that may let hackers remotely track them
• 11:34 : Apple macOS: Mehrere Schwachstellen
• 11:34 : [NEU] [hoch] Apple macOS: Mehrere Schwachstellen
• 11:34 : [UPDATE] [niedrig] Red Hat Advanced Cluster Security: Schwachstelle ermöglicht Denial of Service
• 11:33 : [UPDATE] [mittel] Ruby: Schwachstelle ermöglicht Denial of Service
• 11:33 : Google Unveils Next Gen AI Gemini 2.0
• 11:33 : Cleo 0-day Vulnerability Exploited to Deploy Malichus Malware
• 11:33 : Krispy Kreme cybersecurity incident disrupts online ordering
• 11:32 : Lookout Discovers New Spyware Deployed by Russia and China
• 11:4 : Sicherheitslücken drohen im gesamten Gerätelebenszyklus
• 11:4 : Apple Safari: Mehrere Schwachstellen
• 11:4 : Apple iOS und iPadOS: Mehrere Schwachstellen
• 11:4 : [NEU] [mittel] Mattermost: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff
• 11:4 : [NEU] [hoch] Red Hat Enterprise Linux (Ceph Storage): Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
• 11:4 : [NEU] [mittel] Apple Safari: Mehrere Schwachstellen
• 11:4 : [NEU] [hoch] Gitea: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
• 11:3 : [NEU] [hoch] Apple iOS und iPadOS: Mehrere Schwachstellen
• 11:2 : The evolution and abuse of proxy networks
• 11:2 : Cleo Patches Exploited Flaw as Security Firms Detail Malware Pushed in Attacks
• 10:36 : Die zehn größten Datenpannen 2024
• 10:36 : Sicherheitspatch: Angreifer können über TeamViewer-Lücke Windows-Dateien löschen
• 10:36 : Verlosung von Deutschlandtickets: Falsche QR-Codes in Bussen und Bahnen entdeckt
• 10:35 : Apple iOS devices are more vulnerable to phishing than Android
• 10:35 : Careto is back: what’s new after 10 years of silence?
• 10:35 : British Army zaps drones out of the sky with laser trucks
• 10:35 : Hunk Companion, WP Query Console Vulnerabilities Chained to Hack WordPress Sites
• 10:35 : 27 DDoS-for hire platforms seized by law enforcement
• 10:35 : WordPress Hunk Companion Plugin Flaw Exploited to Silently Install Vulnerable Plugins
• 10:35 : Insurance Worker Sentenced After Illegally Accessing Claimants’ Data
• 10:3 : Apple stopft schwere Sicherheitslücken, kein Patch für iOS 17
• 10:3 : [NEU] [hoch] IBM QRadar SIEM: Mehrere Schwachstellen
• 10:3 : [NEU] [mittel] Mozilla Thunderbird: Schwachstelle ermöglicht Path-Traversal Angriff
• 10:2 : We must adjust expectations for the CISO role
• 10:2 : Three-Quarters of Security Leaders Admit Gaps in Hardware Knowledge
• 9:38 : Mozilla Thunderbird: Schwachstelle ermöglicht Path-Traversal Angriff
• 9:37 : GitLab Security Update, Patch for Critical Vulnerabilities
• 9:37 : Russia’s Secret Blizzard APT targets Ukraine with Kazuar backdoor
• 9:37 : 8 Trends Reshaping Network Security in 2025
• 9:37 : Citrix acquires deviceTRUST and Strong Network
• 9:37 : Jetico Search locates and manages sensitive data
• 9:13 : HPE ProLiant undSynergy: Mehrere Schwachstellen ermöglichen Privilegieneskalation
• 9:13 : Atlassian schützt Confluence & Co. vor möglichen DoS-Attacken
• 9:12 : Kein Angriff zu Weihnachten: Polizei nimmt 27 illegale DDoS-Dienste vom Netz
• 9:12 : [UPDATE] [hoch] Red Hat Ansible Automation Platform: Mehrere Schwachstellen
• 9:12 : [UPDATE] [hoch] docker: Mehrere Schwachstellen
• 9:12 : [UPDATE] [hoch] http/2 Implementierungen: Schwachstelle ermöglicht Denial of Service
• 9:12 : [UPDATE] [mittel] GNU libc: Schwachstelle ermöglicht Denial of Service
• 9:11 : The story behind Sekoia.io Custom Integrations
• 9:11 : Bitcoin ATM giant Byte Federal says 58,000 users’ personal data compromised in breach
• 9:11 : Firefox ditches Do Not Track because nobody was listening anyway
• 8:37 : Zukunftsfähig sichern im Perimeter
• 8:36 : BadRAM Attack Breaches AMD Secure VMs with $10 Device
• 8:36 : Operation PowerOFF, FCC telco rules, ZLoader returns
• 8:5 : IT Security News Hourly Summary 2024-12-12 09h : 5 posts
• 8:3 : Epic Games Launcher: Sicherheitslücke ermöglicht Rechteausweitung
• 8:2 : Only Cynet delivers 100% protection and detection visibility in the 2024 MITRE ATT&CK Evaluation
• 7:32 : Europol Dismantles 27 DDoS Attack Platforms Across 15 Nations; Admins Arrested
• 7:5 : Bundesrechnungshof bemängelt fehlende Redundanz von Bundeswehr-IT
• 7:5 : heise-Angebot: iX-Workshop: Fortgeschrittene Administration von Kubernetes
• 7:5 : Splunk RCE Vulnerability Let Attackers Execute Remote Code
• 7:5 : AI vs. (secure) software developers
• 7:4 : How to Defend Against High Cyberthreat Activity During the Holidays
• 6:33 : Anzeige: So funktioniert Penetration Testing
• 6:32 : Europol Shutsdown 27 DDoS Service Provider Platforms
• 6:32 : SpartanWarriorz Phish Kits: Uncovered
• 6:32 : Cybercrime Network Busted: Turning Airbnbs Into Fraud Centers
• 6:6 : No User Interaction, no Alerts: Azure MFA Cracked in an Hour
• 6:6 : Glazed and Confused: Krispy Kreme Battles Cyberattack
• 5:36 : Citrix goes shopping in Europe and returns with gifts for security-conscious customers
• 5:36 : Shaping effective AI governance is about balancing innovation with humanity
• 5:5 : IT Security News Hourly Summary 2024-12-12 06h : 3 posts
• 5:2 : Exposed APIs and issues in the world’s largest organizations
• 4:34 : Keycloak: Open-source identity and access management
• 4:7 : How cyber-secure is your business? | Unlocked 403 cybersecurity podcast (ep. 8)
• 3:7 : AI: Overhyped or Essential for the Workforce?
• 2:5 : IT Security News Hourly Summary 2024-12-12 03h : 4 posts
• 2:4 : Meta ist down: Whatsapp, Instagram und Facebook von Störungen betroffen
• 2:3 : ISC Stormcast For Thursday, December 12th, 2024 https://isc.sans.edu/podcastdetail/9252, (Thu, Dec 12th)
• 1:34 : Building Confidence with Strategic Secrets Management
• 1:34 : Safe Handling of Data: Why Secrets Sprawl is a Risk
• 1:5 : INTERPOL & Trend’s Fight Against Cybercrime
• 1:4 : Sora and ChatGPT Currently Down Worldwide: OpenAI Working on a Fix
• 0:36 : Cyberbullying and the Law: When Does Online Harassment Become a Criminal Offense?
• 0:8 : How Should OT Companies Measure Cyber Risk? | ARIA Cybersecurity
• 23:34 : Blocking Chinese spies from intercepting calls? There ought to be a law
• 23:5 : IT Security News Hourly Summary 2024-12-12 00h : 4 posts
• 23:4 : Test page title
• 22:55 : IT Security News Daily Summary 2024-12-11