IT Security News Weekly Summary January

210 posts were published in the last hour

• 22:55 : IT Security News Daily Summary 2024-12-31
• 21:32 : Best of 2024: FIDO: Consumers are Adopting Passkeys for Authentication
• 21:7 : What You Need to Know about the US Treasury Breach – and How to Protect Your Organization from a “Major Incident”
• 20:32 : Konkurrenzdruck: OpenAI benötigt viel mehr Kapital als zunächst gedacht
• 20:32 : GPT Engineer: Die KI, die deine Webseite baut – wir haben sie getestet
• 20:32 : Rhode Island ’s data from health benefits system leaked on the dark web
• 20:5 : IT Security News Hourly Summary 2024-12-31 21h : 1 posts
• 19:32 : CRITICAL ALERT: Sophisticated Google Domain Exploitation Chain Unleashed
• 18:6 : Guten Rutsch und ein gesundes neues Jahr 2025!
• 18:5 : A Happy, Prosperous & Safe New Year Wish For All
• 18:5 : New Two-Step Phishing Attack Exploits Microsoft Visio and SharePoint
• 18:5 : Cybercriminals Exploit Identity Verification Systems
• 17:32 : Buying a new VPN? 3 things to consider when shopping around – and why ‘free’ isn’t always best
• 17:32 : Sanctions Imposed on North Korean Cyber Activities Supporting Nuclear Ambitions
• 17:5 : IT Security News Hourly Summary 2024-12-31 18h : 3 posts
• 16:32 : Hacking campaign compromised at least 16 Chrome browser extensions
• 16:32 : rth Korean Hackers Deploy OtterCookie Malware in Contagious Interview Campaign
• 16:32 : Cyberattack Compromises European Space Agency Online Store Security
• 16:5 : Here’s the little known iPhone data security secret, the Lockdown Mode
• 16:4 : US Treasury Department outs the blast radius of BeyondTrust’s key leak
• 15:32 : Federal Regulators Limit Location Brokers from Selling Your Whereabouts: 2024 in Review
• 15:32 : Fighting Online ID Mandates: 2024 In Review
• 15:32 : AI and Policing: 2024 in Review
• 14:34 : Wisst ihr noch? Als die Bahn einen Administrator für das 30 Jahre alte Windows 3.11 suchte
• 14:34 : Orca, Posaune und Lawine: Diese neuen Emojis sollen 2025 kommen
• 14:34 : Mehrere Arbeitsplätze übernommen: US-Finanzministerium geht von chinesischem Hackerangeriff aus
• 14:34 : Wie Griechenland Eltern dabei helfen will, den Smartphone-Konsum ihrer Kinder besser zu managen
• 14:33 : Y2K-Problem: Wie ein paar Dosen Fleisch den Millennium-Bug vorhersagten
• 14:33 : How to easily use Cloudflare’s secure DNS on your Mac and why it even matters
• 14:33 : US telco Lumen says its network is now clear of China’s Salt Typhoon hackers
• 14:32 : Data breaches in 2024: Could it get any worse?
• 14:32 : Connected contraptions cause conniption for 2024
• 14:32 : Rhode Islanders’ Data Was Leaked From a Cyberattack on State Health Benefits Website
• 14:32 : Why ISMS Policies Are Crucial for Compliance in Cybersecurity?
• 14:5 : IT Security News Hourly Summary 2024-12-31 15h : 8 posts
• 14:5 : Safeguarding Executives in the Digital World
• 13:32 : New Year’s cybersecurity resolutions that every startup should keep
• 13:32 : Cyberhaven Chrome Extension Hack Linked to Widening Supply Chain Campaign
• 13:8 : Anschlag in Magdeburg: Bundesregierung ändert Haltung zur Vorratsdatenspeicherung
• 13:7 : 2024 – The Year of Learning More and More
• 13:7 : CISA Warns of Palo Alto Networks PAN-OS Vulnerability Exploited in Wild
• 13:7 : DeepDLL– A New Approach to Detect Malicious DLLs
• 13:7 : Protect SAP Supply Chains by Preventing Cyber Attacks
• 12:32 : Trump Urges Supreme Court To Delay TikTok Deadline
• 12:32 : New York Agencies Must Publish AI Assessments Under New Law
• 12:32 : Run:ai To Open Source Software As Nvidia Completes $700m Buy
• 12:32 : US Treasury Workstations Hacked By China In ‘Major Incident’
• 12:32 : Gift Card Fraud
• 12:32 : China’s cyber intrusions took a sinister turn in 2024
• 12:9 : New U.S. DoJ Rule Halts Bulk Data Transfers to Adversarial Nations to Protect Privacy
• 11:5 : IT Security News Hourly Summary 2024-12-31 12h : 1 posts
• 11:3 : US Treasury Department Breach, Hackers Accessed Workstations
• 9:33 : [NEU] [UNGEPATCHT] [hoch] Paessler PRTG: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
• 9:33 : [UPDATE] [hoch] libxml2: Schwachstelle ermöglicht XXE Angriffe
• 9:33 : [UPDATE] [mittel] poppler: Schwachstelle ermöglicht Denial of Service
• 9:33 : [UPDATE] [hoch] Foxit PDF Editor und Foxit Reader: Mehrere Schwachstellen
• 9:33 : [UPDATE] [hoch] Oracle Fusion Middleware: Mehrere Schwachstellen
• 9:32 : ByteDance Capex Dwarfs Chinese Rivals In AI Spending Boom
• 9:32 : AI Could Manipulate Users For Profit In ‘Intention Economy’
• 9:32 : Southern China Districts Unite For Robotaxi Framework
• 9:3 : Cybervorfall: IT-Dienstleister Atos angeblich Opfer von Datendiebstahl
• 8:33 : 38C3 Tag 4: Sicherheitsalbträume, übernommene Tenants, kuriose Zahlen & Schluss
• 8:32 : Top Data Breaches in December 2024
• 8:32 : Top CVEs & Vulnerabilities of December 2024
• 8:32 : Strobes Security 2024: Year in Review
• 8:32 : Cisco data leak, Microsoft domain transition, stories of the year
• 8:7 : BVSW Wintertagung am Spitzingsee
• 8:5 : IT Security News Hourly Summary 2024-12-31 09h : 4 posts
• 7:33 : heise-Angebot: iX-Workshop: Spezialwissen für KRITIS – Prüfverfahrenskompetenz gemäß § 8a BSIG
• 7:32 : China-linked actors hacked US Treasury Department
• 7:5 : No Holiday Season for Attackers, (Tue, Dec 31st)
• 7:5 : TrueNAS CORE Vulnerability Let Attackers Execute Remote Code
• 7:5 : Chinese APT Exploits BeyondTrust API Key to Access U.S. Treasury Systems and Documents
• 6:2 : Chinese APT Hackers behind US Treasury breach of data
• 6:2 : Cybersecurity Trends of 2024: Adapting to a Changing Threat Landscape
• 5:32 : Chinese Hackers Accessed US Treasury Workstations in ‘Major’ Cybersecurity Incident
• 5:32 : Why software is the key to FI risk management
• 5:32 : Misconfigured Kubernetes RBAC in Azure Airflow Could Expose Entire Cluster to Exploitation
• 5:5 : IT Security News Hourly Summary 2024-12-31 06h : 5 posts
• 5:3 : The state of cybersecurity and IT talent shortages
• 5:2 : Regulations, security, and remote work: Why network outsourcing is booming
• 4:32 : U.S. Army Soldier Arrested in AT&T, Verizon Extortions
• 4:32 : Hottest cybersecurity open-source tools of the month: December 2024
• 4:6 : US Treasury Department Admits It Got Hacked by China
• 0:32 : An X user claimed a 7-Zip zero-day vulnerability, but 7-Zip’s creator says is a fake
• 0:5 : More telcos confirm Salt Typhoon breaches as White House weighs in
• 23:5 : IT Security News Hourly Summary 2024-12-31 00h : 3 posts
• 22:55 : IT Security News Daily Summary 2024-12-30
• 22:32 : 16 Chrome Extensions Hacked in Large-Scale Credential Theft Scheme
• 22:32 : US Treasury says China accessed government documents in ‘major’ cyberattack
• 22:2 : US Treasury says China stole documents in ‘major’ cyberattack
• 21:32 : Best of 2024: 30,000 Dealerships Down — ‘Ransomware’ Outage Outrage no. 2 at CDK Global
• 21:2 : Randall Munroe’s XKCD ‘Sun Avoidance’
• 20:32 : Volkswagen leak exposed precise location data on thousands of vehicles across Europe for months
• 20:8 : Wenn Spotify plötzlich NSFW-Inhalte anzeigt – und was dahintersteckt
• 20:8 : KI im Schlafzimmer: Wie maschinelles Lernen unsere Träume sichtbar machen könnte
• 20:7 : Is nowhere safe from AI slop? (Lock and Code S05E27)
• 20:5 : IT Security News Hourly Summary 2024-12-30 21h : 4 posts
• 19:34 : New Windows 11 24H2 bug could block future security updates – see who’s affected
• 19:34 : Windows 11 Media Update Bug Stops Security Updates
• 19:5 : The future of hybrid cloud: What to expect in 2025 and beyond
• 19:5 : Protect Yourself from Zelle Scams: Prevention Tips and Recovery Steps
• 18:5 : Forrester on cybersecurity budgeting: 2025 will be the year of CISO fiscal accountability
• 18:5 : VW Cars Leak Private Data of 800,000 — ‘Volksdaten’
• 18:5 : Rising Cyber Threats in Q3 2024: AI’s Dual Role in Attacks and Defense
• 17:32 : NFS Protocol Security Bypassed To Access Files From Remote Server
• 17:32 : Hackers Weaponize Websites With LNK File To Deliver Weaponized LZH File
• 17:32 : New Botnet Exploiting D-Link Routers To Gain Control Remotely
• 17:32 : Top public cloud service providers of 2025: How they compare
• 17:32 : Understanding VoIP DDoS Attacks: Prevention and Mitigation Strategies
• 17:5 : IT Security News Hourly Summary 2024-12-30 18h : 2 posts
• 16:32 : CISA Adds One Known Exploited Vulnerability to Catalog
• 16:32 : Catching “EC2 Grouper”- no indicators required!
• 16:3 : Italy faces DDOS attacks from Russia
• 16:3 : SquareX Researchers Uncover OAuth Vulnerability in Chrome Extensions Days Before Major Breach
• 16:3 : State Legislatures Are The Frontline for Tech Policy: 2024 in Review
• 16:3 : Fighting Automated Oppression: 2024 in Review
• 16:3 : Exposing Surveillance at the U.S.-Mexico Border: 2024 Year in Review in Pictures
• 15:32 : Cisco states that the second data leak is linked to the one from October
• 15:32 : Vulnerability Summary for the Week of December 23, 2024
• 15:5 : SquareX Researchers Expose OAuth Attack on Chrome Extensions Days Before Major Breach
• 15:5 : New 7-Zip 0-Day Exploit Leaked That Allow Attackers Control Victim Devices Remotely
• 15:5 : VyprVPN Review (2025): Can It Still Perform This Year and Beyond?
• 15:5 : How MXDR Services Solve Cyber Talent Shortages
• 14:33 : Warum ein geheimes Passwort für die Familie künftig wichtig wird – und worauf ihr dabei achten solltet
• 14:33 : Böse Weihnachtsüberraschung: Hacker übernehmen Chrome-Erweiterungen
• 14:33 : Whatsapp-Gruß zu Silvester: So lasst ihr jetzt in euren Chats Konfetti regnen
• 14:33 : Windows 11: Warum manche Nutzer aktuell keine Sicherheitsupdates installieren können
• 14:32 : Critical Infrastructure Faces Rising Ransomware Risks
• 14:5 : IT Security News Hourly Summary 2024-12-30 15h : 11 posts
• 14:2 : VyprVPN Review: Can It Still Perform This Year and Beyond?
• 14:2 : NSFOCUS ISOP Listed in The Security Analytics Platform Landscape Report by Forrester
• 13:32 : Palo Alto Networks Patches Firewall Zero-Day Exploited for DoS Attacks
• 13:6 : Gerichtsurteil: Pflicht für Fingerabdruck in Personalausweis ist rechtens
• 13:5 : Exposed Cloud Server Tracks 800,000 Volkswagen, Audi, and Skoda EVs
• 13:5 : Kubernetes Ephemeral Containers: Enhancing Security and Streamlining Troubleshooting in Production Clusters
• 13:5 : The Email Security Revolution – How the Market Landscape Has Changed
• 13:5 : The Traditional Advocates of the Security Perimeter Don’t Want You to Know about Data-Centric Security
• 13:5 : Four-Faith Industrial Router Vulnerability Exploited in Attacks
• 13:5 : ⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips
• 13:5 : New HIPAA Rules Mandate 72-Hour Data Restoration and Annual Compliance Audits
• 12:33 : Ninth Telecoms Firm Hacked By China
• 12:33 : Japan Airlines Flights Delayed By Cyber-Attack
• 12:33 : Former OpenAI Engineer, Whistleblower Passes Away At 26
• 12:33 : Italy Fines OpenAI 15m Euros Over Data Collection
• 12:33 : OpenAI Gives Details On For-Profit Shift
• 12:33 : AT&T and Verizon say networks are secure after being breached by China-linked Salt Typhoon hackers
• 12:33 : Salt Typhoon’s Reach Continues to Grow
• 12:32 : US Issues Final Rule for Protecting Personal Data Against Foreign Adversaries
• 12:3 : 38C3: Tag 3 bringt gehackte Gefängnisse, Standortdaten und Steuerbetrug
• 12:3 : The Most Dangerous People on the Internet in 2024
• 12:3 : Several Chrome Extensions Compromised in Supply Chain Attack
• 12:2 : When Good Extensions Go Bad: Takeaways from the Campaign Targeting Browser Extensions
• 11:32 : Changes in SSL and TLS support in 2024, (Mon, Dec 30th)
• 11:32 : “Vishing,” “Quishing,” and AI Scams: The New Cybercrime Techniques You Need to Know About
• 11:32 : What’s Next for Cybersecurity in 2025 and Beyond? Fortra Experts Weigh In
• 11:32 : The Future of AI Regulation: Balancing Innovation and Safety in Silicon Valley
• 11:32 : Cisco Confirms Authenticity of Data After Second Leak
• 11:5 : IT Security News Hourly Summary 2024-12-30 12h : 2 posts
• 10:32 : Verizon says it has secured its network after breach by China-linked Salt Typhoon group
• 10:5 : PoC Exploited Released for Oracle Weblogic Server Vulnerability
• 10:5 : 2024 Year in Review: What We Got Right and Looking to 2025
• 9:32 : 38C3: BitLocker-Verschlüsselung von Windows 11 umgangen, ohne PC zu öffnen.
• 9:32 : Threat actors attempt to exploit a flaw in Four-Faith routers
• 9:8 : [UPDATE] [hoch] Linux-Kernel: Schwachstelle ermöglicht Denial of Service und Privilegienerweiterung
• 9:8 : [UPDATE] [niedrig] OpenSC: Schwachstelle ermöglicht Denial of Service
• 9:8 : [UPDATE] [mittel] OpenSC: Schwachstelle ermöglicht Denial of Service
• 9:8 : [UPDATE] [niedrig] OpenSC: Mehrere Schwachstellen ermöglichen Denial of Service
• 9:7 : Understanding Data Leaks: Causes, Consequences, and Prevention Strategies
• 9:7 : Majority of UK SMEs Lack Cybersecurity Policy
• 8:33 : ChatGPT hat eine Pizza erfunden – und die ist ein Megahit
• 8:33 : Genetec-Umfrage: Physische Sicherheit trifft auf Cloud und KI
• 8:32 : Brazil Suspends BYD EV Plant Construction Over Worker Conditions
• 8:32 : Microsoft Warns of Windows 11 24H2 Issue that Blocks Windows Security Updates
• 8:32 : Cyberhaven extension hacked, ZAGG data breach, Volkswagen cloud leak
• 8:5 : IT Security News Hourly Summary 2024-12-30 09h : 1 posts
• 7:32 : Builder.ai Data Breach Exposes Sensitive Information of Over 3 Million Users
• 7:4 : Top Law Enforcement Operations in Cybersecurity in 2024: A Year of Major Strikes Against Cybercrime
• 6:33 : Anzeige: So gelingt die Zertifizierung zum Ethical Hacker
• 6:32 : Google trending Cybersecurity headlines for the last weekend
• 6:32 : Critical Flaw Exposes Four-Faith Routers to Remote Exploitation
• 6:32 : Four-Faith Industrial Routers Vulnerability Exploited in the Wild to Gain Remote Access
• 6:5 : The sixth sense of cybersecurity: How AI spots threats before they strike
• 5:5 : IT Security News Hourly Summary 2024-12-30 06h : 3 posts
• 5:2 : reconFTW: Open-source reconnaissance automation
• 4:32 : Cybercriminals tighten their grip on organizations
• 4:32 : Machine identities are the next big target for attackers
• 2:7 : Achieve Satisfaction with Streamlined Secrets Rotation Processes
• 2:7 : Empowering Security: Mastering Least Privilege
• 0:32 : ZAGG disclosed a data breach that exposed its customers’ credit card data
• 0:2 : Happy 15th Anniversary, KrebsOnSecurity!
• 23:5 : IT Security News Hourly Summary 2024-12-30 00h : 2 posts
• 22:58 : IT Security News Weekly Summary 52
• 22:55 : IT Security News Daily Summary 2024-12-29
• 21:32 : Is Platform Engineering a Step Towards Better Governed DevOps?
• 21:32 : Russia, Apple, And the New Front Line in The Fight for Internet Freedom
• 21:7 : Best Practices for Effective Privileged Access Management (PAM)
• 21:7 : Study Finds AI Can Guess Crypto Seed Phrases in 0.02 Seconds
• 20:32 : Fragwürdige Zukunftsvision: Meta plant, Facebook zur Heimat von KI-generierten Nutzern zu machen
• 20:32 : Diese 5 Bücher über KI solltest du lesen
• 19:4 : DEF CON 32 – How State Laws Meant to Protect Children Raise Other Risks
• 18:32 : Cyberhaven Hacked – Chrome Extension With 400,000 users Compromised
• 18:32 : It’s only a matter of time before LLMs jump start supply-chain attacks
• 18:32 : 16 Chrome Extensions Hacked, Exposing Over 600,000 Users to Data Theft
• 18:4 : Anomaly Detection for Cybersecurity
• 17:32 : AT&T and Verizon Hacked – Salt Typhoon Compromised The Network For High Profiles
• 17:5 : IT Security News Hourly Summary 2024-12-29 18h : 1 posts
• 16:32 : China-linked APT Salt Typhoon breached a ninth U.S. telecommunications firm
• 15:5 : 38C3: BogusBazaar-Bande betreibt noch immer Tausende Fakeshops
• 14:32 : Google-CEO erklärt 2025 zum entscheidenden Jahr für seinen KI-Assistenten Gemini