IT Security News Daily Summary 2025-10-01

165 posts were published in the last hour

• 21:32 : OpenSSL patches 3 vulnerabilities, urging immediate updates
• 21:2 : WestJet Confirms Passenger IDs and Passports Stolen in Cyberattack
• 21:2 : Threat Actors Leveraging Senior Travel Scams to Deliver Datzbro Malware
• 21:2 : Ukraine Warns of Weaponized XLL Files Delivers CABINETRAT Malware Via Zip Files
• 21:2 : Passwordless 101 for SaaS: Magic Links, OTP, or Passkeys?
• 20:32 : What Does the Government Shutdown Mean for Cybersecurity?
• 20:32 : Anker offered to pay Eufy camera owners to share videos for training its AI
• 20:5 : IT Security News Hourly Summary 2025-10-01 21h : 2 posts
• 20:2 : Fake Google Careers Recruiters Target Gmail Users in Phishing Scam
• 20:2 : AI agent hypefest crashing up against cautious leaders, Gartner finds
• 20:2 : ‘Delightful’ root-access bug in Red Hat OpenShift AI allows full cluster takeover
• 19:2 : Nvidia and Adobe vulnerabilities
• 18:32 : Air Force admits SharePoint privacy issue as reports trickle out of possible breach
• 18:3 : Google Adds AI-Powered Ransomware Protection and Recovery to Drive for Desktop
• 18:2 : Red Hat OpenShift AI Flaw Opens Door to Full Infrastructure Takeover
• 18:2 : US Air Force investigates ‘privacy-related issue’ amid rumored SharePoint shutdown
• 18:2 : CISA Ends Funding for MS-ISAC Program for State and Local Governments
• 18:2 : Top Strategies for Effective and Secure Identity Risk Monitoring
• 18:2 : New WireTap Attack Extracts Intel SGX ECDSA Key via DDR4 Memory-Bus Interposer
• 17:32 : CISA Ends Funding for MS-ISAG Program for State and Local Governments
• 17:32 : Cybersecurity Awareness Month: Security starts with you
• 17:18 : UK Police Convicts Pair in £5.5 Billion Bitcoin Launder Case
• 17:18 : UK government tries again to access encrypted Apple customer data: Report
• 17:18 : New DNS Malware Detour Dog Delivers Strela Stealer Using DNS TXT Records
• 17:18 : New FlipSwitch Hooking Technique Bypasses Linux Kernel Defenses
• 17:18 : New Google Drive Desktop Feature adds AI-powered Ransomware Detection to Prevent Cyberattacks
• 17:18 : Microsoft Previews Graph Framework to Better Integrate Cybersecurity Tools
• 17:18 : Release Announcement for OpenSSL 3.6.0
• 17:5 : IT Security News Hourly Summary 2025-10-01 18h : 11 posts
• 16:32 : Meet SpamGPT and MatrixPDF, AI Toolkits Driving Malware Attacks
• 16:2 : Canadian Police Seize $40M in Digital Assets After Closing TradeOgre
• 16:2 : Broadcom Issues Patches for VMware NSX and vCenter Security Flaws
• 15:32 : Policy-as-Code for Terraform in Regulated Environments
• 15:32 : Databricks boosts data security with AI-powered suite
• 15:32 : Cyber Awareness Month: Phishing and Software Updates Still Matter Most
• 15:32 : WestJet Confirms Data Breach – Customers Personal Information Exposed
• 15:32 : MatrixPDF Attacks Gmail Users Bypassing Email Filters and Fetch Malicious Payload
• 15:32 : CISA Warns of Cisco IOS and IOS XE SNMP Vulnerabilities Exploited in Attacks
• 15:32 : Medusa Ransomware Gang Offers BBC Reporter Millions for Inside Hack Access
• 15:32 : Massive Breach Allows Hackers to Steal Employee Data from the US Federal Agencies
• 15:32 : Datzbro Android Banking Trojan Targets Seniors With Device-Takeover Attacks
• 15:3 : Navigating Complexity: CISO Strategies for Security Tool Consolidation and Budget Optimization
• 15:3 : Top 10 Best Vulnerability Management Software in 2025
• 15:3 : Shortcut-based Credential Lures Deliver DLL Implants
• 15:2 : Landmark US cyber-information-sharing program expires, bringing uncertainty
• 14:32 : Data breach at Canadian airline WestJet affects 1.2M passengers
• 14:32 : UK government tries again to access encrypted Apple customer data: report
• 14:32 : KnowBe4 Is a Proud Participant in the Microsoft Security Store Partner Ecosystem
• 14:32 : 200,000 More SIM Cards Found Linked to Secret Telecom Network in NYC
• 14:32 : Proofpoint Previews Strategy for Applying AI Agents to Better Secure Data
• 14:32 : Learn How Leading Security Teams Blend AI + Human Workflows (Free Webinar)
• 14:32 : OneLogin Bug Let Attackers Use API Keys to Steal OIDC Secrets and Impersonate Apps
• 14:5 : IT Security News Hourly Summary 2025-10-01 15h : 16 posts
• 14:3 : Ukraine Warns of Weaponized XLL Files Delivering CABINETRAT Malware via Zip Archives
• 14:3 : World’s Largest Crypto Seizure Nets £5.5 Billion in Bitcoin
• 14:3 : Final 3 days to score extra discounts on community passes to TechCrunch Disrupt 2025
• 14:3 : Navigating Holiday Threats: Strengthening PC Resilience with Desktops as a Service (DaaS)
• 14:3 : Gemini AI flaws could have exposed your data
• 14:3 : OpenSSL Vulnerabilities Allow Private Key Recovery, Code Execution, DoS Attacks
• 14:3 : North Korea’s IT workers are targeting firms beyond tech, crypto, and the U.S.
• 13:32 : Detour Dog’s DNS Hijacking Infects 30,000 Websites with Strela Stealer
• 13:32 : Chinese State-Sponsored Hackers Exploiting Network Edge Devices to Harvest Sensitive Data
• 13:32 : 5 Essential Cyber Security Tips for Cyber Security Awareness Month
• 13:3 : DNS Hijacking 101: How It Happens and What You Can Do to Prevent It
• 13:3 : London Court Convicts Chinese Mastermind Behind £5bn Crypto Seizure
• 13:3 : Senior Travel Scams Used by Threat Actors to Distribute Datzbro Malware
• 13:3 : Patchwork APT Using PowerShell Commands to Create Scheduled Task and Downloads Final Payload
• 13:3 : Protecting Sensitive Data When Employees Use AI Chatbots
• 13:3 : Exium by NETGEAR brings unified SASE and firewall protection to SMEs and MSPs
• 13:3 : Google Drive for desktop will spot, stop and remedy ransomware damage
• 13:3 : Red Hat OpenShift AI Flaw Exposes Hybrid Cloud Infrastructure to Full Takeover
• 13:3 : How Leading Security Teams Blend AI + Human Workflows (Free Webinar)
• 12:33 : WestJet Confirms Data Breach Exposing Customer Personal Information
• 12:32 : Malicious PyPI Package Mimics as SOCKS5 Proxy Tool Attacking Windows Platforms
• 12:32 : Top 100 World’s Best Cybersecurity Companies in 2025
• 12:32 : 3.7M breach notification letters set to flood North America’s mailboxes
• 12:32 : Chinese APT ‘Phantom Taurus’ Targeting Organizations With Net-Star Malware
• 12:32 : Federal cuts force many state and local governments out of cyber collaboration group
• 12:32 : Landmark US cyber information-sharing program expires, bringing uncertainty
• 12:3 : Quantum Resistance and Coding for a Post-Quantum Bitcoin
• 12:2 : Multiple NVIDIA Flaws Allow Attackers to Escalate Privileges on Systems
• 12:2 : The Case for Multidomain Visibility
• 12:2 : Canadian Airline WestJet Says Hackers Stole Customer Data
• 12:2 : Fuel iX Fortify helps enterprises expose GenAI vulnerabilities at scale
• 11:34 : New FlipSwitch Hooking Method Overcomes Linux Kernel Defenses
• 11:34 : Implementing Governance on Databricks Using Unity Catalog
• 11:34 : Use of Generative AI in Scams
• 11:33 : New Chinese Nexus APT Hackers Attacking Organizations to Deliver NET-STAR Malware Suite
• 11:33 : New Battering RAM Attack Bypasses Latest Defenses on Intel and AMD Cloud Processors
• 11:33 : Red Hat Openshift AI Service Vulnerability Allow Attackers to Take Control of the Infrastructure
• 11:33 : Autonomous AI adoption stalls amid trust and governance crisis
• 11:33 : Cybersecurity Awareness Month 2025: Prioritizing Identity to Safeguard Critical Infrastructure
• 11:33 : Descope Raises $35 Million in Seed Round Extension
• 11:33 : NIST Publishes Guide for Protecting ICS Against USB-Borne Threats
• 11:33 : Top Data Breaches In September 2025
• 11:33 : Hackers Exploit Milesight Routers to Send Phishing SMS to European Users
• 11:33 : 2025 Cybersecurity Reality Check: Breaches Hidden, Attack Surfaces Growing, and AI Misperceptions Rising
• 11:5 : IT Security News Hourly Summary 2025-10-01 12h : 7 posts
• 11:2 : Apple urges users to update iPhone and Mac to patch font bug
• 11:2 : Cybersecurity Awareness Month 2025:Prioritizing Identity to Safeguard Critical Infrastructure
• 11:2 : AI Tops Cybersecurity Investment Priorities, PwC Finds
• 10:32 : TOTOLINK X6000R: Three New Vulnerabilities Uncovered
• 10:32 : Crowdsourced AI += Exodia Labs
• 10:32 : New DNS Malware ‘Detour Dog’ Uses TXT Records to Deliver Strela Stealer
• 10:32 : Imgur yanks Brit access to memes as parent company faces fine
• 10:32 : Too many Cisco ASA firewalls still unsecure despite zero-day attack alerts
• 10:32 : CMMC is coming, but most contractors still have a long road to full compliance
• 10:12 : Best DLP Services to Protect Your Data
• 10:2 : Forensic journey: hunting evil within AmCache
• 10:2 : New Android Banking Trojan “Klopatra” Uses Hidden VNC to Control Infected Smartphones
• 10:2 : New China-Aligned Hackers Hit State and Telecom Sectors
• 9:32 : Hackers Abuse EV Certificates to Sign Completely Undetectable DMG Malware
• 9:32 : Explain digital ID or watch it fizzle out, UK PM Starmer told
• 9:32 : Broadcom Fails to Disclose Zero-Day Exploitation of VMware Vulnerability
• 9:32 : Campaign Warns Solicitors and House Buyers of Payment Diversion Fraud
• 9:2 : Hackers Exploit Cellular Router’s API to Send Malicious SMS Messages With Weaponized Links
• 9:2 : Schools are swotting up on security yet still flunk recovery when cyberattacks strike
• 9:2 : Battering RAM Attack Breaks Intel and AMD Security Tech With $50 Device
• 9:2 : Top CVEs & Vulnerabilities of September 2025
• 9:2 : Siemens simplifies OT security with virtualized, encrypted connectivity
• 8:32 : Red Hat OpenShift AI Vulnerability Lets Attackers Seize Infrastructure Control
• 8:32 : Ukraine Warns of CABINETRAT Backdoor + XLL Add-ins Spread via Signal ZIPs
• 8:32 : ICO: Imgur’s UK Decision Won’t Prevent Regulatory Fine
• 8:5 : IT Security News Hourly Summary 2025-10-01 09h : 7 posts
• 8:3 : Battering RAM Exploit Bypasses Modern Protections in Intel, AMD Cloud Processors
• 8:3 : Google Publishes Security Hardening Guide to Counter UNC6040 Threats
• 8:3 : New Android Banking Trojan Uses Hidden VNC to Gain Complete Remote Control Over Device
• 8:2 : Windows 11 25H2 Released for General Availability – Know Issues and Mitigations
• 8:2 : 48+ Cisco Firewalls Vulnerable to Actively Exploited 0-Day Vulnerability in the Wild
• 8:2 : New 360 Strata platform delivers actionable intelligence to protect sensitive data
• 7:32 : Navigating AI Standards and Regulations
• 7:32 : Akuity unveils AI-powered incident detection and automation for Kubernetes
• 7:32 : China-linked group linked to new malware, 2024 VMware zero-day still exploited, iOS fixes a bevy of glitches
• 7:3 : Why AI Browsers Could Put Your Money at Risk
• 7:2 : 48+ Cisco Firewalls Hit by Actively Exploited 0-Day Vulnerability
• 7:2 : Cisco IOS/IOS XE SNMP Vulnerabilities Exploited in Ongoing Attacks, Warns CISA
• 7:2 : WestJet confirms cyberattack exposed IDs, passports in June incident
• 7:2 : Beware! Threat Actors Distributing Malicious AI Tools as Chrome Extensions
• 7:2 : OpenSSL Vulnerabilities Let Attackers Execute Malicious Code and Recover Private Key Remotely
• 6:32 : Hackers love LOTL, this approach shuts them down
• 6:2 : Microsoft Sentinel Launches AI-Driven Agentic SIEM Platform for Enterprise Security
• 5:32 : Google Gemini Vulnerabilities Let Hackers Steal Saved Data and Live Location
• 5:32 : MatrixPDF Campaign Evades Gmail Filters to Deliver Malicious Payloads
• 5:32 : Top 10 Best Autonomous Endpoint Management Software In 2025
• 5:32 : A2AS framework targets prompt injection and agentic AI security risks
• 5:32 : 50,000 Cisco Firewalls Exposed
• 5:5 : IT Security News Hourly Summary 2025-10-01 06h : 3 posts
• 5:2 : How to stop a single vendor breach from taking down your business
• 5:2 : Biometric spoofing isn’t as complex as it sounds
• 4:2 : Imperva Enhances Client-Side Protection to Help You Stay Ahead of PCI-DSS Compliance
• 4:2 : Ransomware remains the leading cause of costly cyber claims
• 3:32 : Beijing-backed burglars master .NET to target government web servers
• 2:5 : IT Security News Hourly Summary 2025-10-01 03h : 1 posts
• 2:2 : ISC Stormcast For Wednesday, October 1st, 2025 https://isc.sans.edu/podcastdetail/9636, (Wed, Oct 1st)
• 2:2 : 10 File Threats That Slip Past Traditional Security—and How to Stop Them
• 0:8 : Microsoft Extends Windows 10 Security Updates for EEA Customers
• 23:33 : [Guest Diary] Comparing Honeypot Passwords with HIBP, (Wed, Oct 1st)
• 23:5 : IT Security News Hourly Summary 2025-10-01 00h : 11 posts
• 23:1 : IT Security News Weekly Summary October
• 22:55 : IT Security News Daily Summary 2025-09-30
• 22:32 : Fake North Korean IT workers sneaking into healthcare, finance, and AI
• 22:2 : Tile trackers are a stalker’s dream, say Georgia Tech researchers
• 22:2 : Enhance Your Cyber Resilience with Capable NHIs
• 22:2 : Firewall Migration Checklist: Complete 10-Step Guide for IT Teams
• 22:2 : Critical CISA Cybersecurity Law is Hours Away from Expiring