Mindestens 170 Angriffe mit Millionenschaden: Ermittler nehmen eine internationale Hackergruppe ins Visier. Dieser Artikel wurde indexiert von heise security News Lesen Sie den originalen Artikel: Hackergruppe soll 170 Cyberangriffe verübt haben
Mercedes, VW und mehr: Millionen von Autos durch Bluetooth-Lücken gefährdet
Forscher haben in einem weit verbreiteten Bluetooth-Framework mehrere Schwachstellen entdeckt. Angreifer können damit Schadcode in Autos einschleusen. (Sicherheitslücke, Bluetooth) Dieser Artikel wurde indexiert von Golem.de – Security Lesen Sie den originalen Artikel: Mercedes, VW und mehr: Millionen von Autos durch…
[NEU] [mittel] ESET Sicherheitsprodukte: Schwachstelle ermöglicht Manipulation von Dateien
Ein lokaler Angreifer kann eine Schwachstelle in ESET Endpoint Security und ESET NOD32 Antivirus ausnutzen, um Dateien zu manipulieren. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel: [NEU] [mittel] ESET…
RapidFire Network Detective Vulnerabilities Expose Sensitive Data to Threat Actors
Security researchers have discovered two critical vulnerabilities in RapidFire Tools Network Detective, a widely-used network assessment and reporting tool developed by Kaseya, that expose sensitive credentials to potential attackers. The flaws, disclosed on July 10th, 2025, affect organizations using the…
Russian Basketball Star Arrested Over Ransomware Attacks on 900+ Companies
A prominent Russian basketball player has been arrested in France on charges related to one of the most extensive ransomware operations in recent years, highlighting the ongoing intersection between cybercrime and international law enforcement. Daniil Kasatkin, a 26-year-old professional basketball…
Cyberstarts Launches $300M Liquidity Fund to Help Startups Retain Top Talent
With IPOs taking longer than ever, the venture firm’s fund aims to keep startup veterans motivated while staying private. The post Cyberstarts Launches $300M Liquidity Fund to Help Startups Retain Top Talent appeared first on SecurityWeek. This article has been…
GTT Extends Palo Alto Networks Alliance to Add Managed SASE Service
GTT Communications extended its alliance with Palo Alto Networks to include an additional managed secure access service edge (SASE) offering. The post GTT Extends Palo Alto Networks Alliance to Add Managed SASE Service appeared first on Security Boulevard. This article…
Iranian-Backed Pay2Key Ransomware Resurfaces with 80% Profit Share for Cybercriminals
An Iranian-backed ransomware-as-a-service (RaaS) named Pay2Key has resurfaced in the wake of the Israel-Iran-U.S. conflict last month, offering bigger payouts to cybercriminals who launch attacks against Israel and the U.S. The financially motivated scheme, now operating under the moniker Pay2Key.I2P,…
Critical Wing FTP Server Vulnerability (CVE-2025-47812) Actively Being Exploited in the Wild
A recently disclosed maximum-severity security flaw impacting the Wing FTP Server has come under active exploitation in the wild, according to Huntress. The vulnerability, tracked as CVE-2025-47812 (CVSS score: 10.0), is a case of improper handling of null (‘\0’) bytes…
Securing Data in the AI Era
The 2025 Data Risk Report: Enterprises face potentially serious data loss risks from AI-fueled tools. Adopting a unified, AI-driven approach to data security can help. As businesses increasingly rely on cloud-driven platforms and AI-powered tools to accelerate digital transformation, the…
GrapheneOS veröffentlicht Android 16 im Stable-Kanal
Das datensparsame GrapheneOS steht als Stable-Version auf Basis von Android 16 zur Installation für Pixel-Geräte bereit. Einfach hatten es die Entwickler nicht. Dieser Artikel wurde indexiert von heise security News Lesen Sie den originalen Artikel: GrapheneOS veröffentlicht Android 16 im…
PerfektBlue: Bluetooth-Lücke in Entertainment-Systemen von Mercedes, Skoda & VW
Die Bluetooth-Schwachstellenkombination mit dem Spitznamen “PerfektBlue” schlägt gerade Wellen. Sie betrifft Fahrzeuge von Mercedes, Skoda & VW. Dieser Artikel wurde indexiert von heise security News Lesen Sie den originalen Artikel: PerfektBlue: Bluetooth-Lücke in Entertainment-Systemen von Mercedes, Skoda & VW
Wing FTP Server RCE Vulnerability Under Active Exploitation
Security researchers at Huntress have confirmed active exploitation of a critical remote code execution vulnerability in Wing FTP Server, designated CVE-2025-47812, with the first observed attack occurring just one day after the vulnerability’s public disclosure. The flaw affects versions before…
British Man Sentenced for Network Rail Wi-Fi Hack
The man was handed a suspended prison sentence for offenses relating to the hack of Network Rail public Wi-Fi, exposing customers to offensive messaging This article has been indexed from www.infosecurity-magazine.com Read the original article: British Man Sentenced for Network…
[NEU] [hoch] Apache HTTP Server: Mehrere Schwachstellen
Ein Angreifer kann mehrere Schwachstellen in Apache HTTP Server ausnutzen, um einen Denial of Service Angriff durchzuführen, um Sicherheitsvorkehrungen zu umgehen, um Informationen offenzulegen, und um Dateien zu manipulieren. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen…
[NEU] [mittel] Trend Micro Worry-Free Business Security: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Trend Micro Worry-Free Business Security ausnutzen, um Sicherheitsvorkehrungen zu umgehen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel: [NEU] [mittel] Trend Micro…
[NEU] [niedrig] QT: Schwachstelle ermöglicht Denial of Service
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in QT ausnutzen, um einen Denial of Service Angriff durchzuführen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel: [NEU] [niedrig] QT: Schwachstelle ermöglicht…
Evolving Tactics of SLOW#TEMPEST: A Deep Dive Into Advanced Malware Techniques
SLOW#TEMPEST malware uses dynamic jumps and obfuscated calls to evade detection. Unit 42 details these techniques and how to defeat them with emulation. The post Evolving Tactics of SLOW#TEMPEST: A Deep Dive Into Advanced Malware Techniques appeared first on Unit…
IT Giant Ingram Micro Restores Operations After Ransomware Attack
Ingram Micro Holding Corporation (NYSE: INGM), a global leader in IT distribution and technology solutions, has announced that it has successfully restored operations across all countries and regions following a ransomware attack identified on certain internal systems. The incident, first…
CISA Issues 13 New Advisories on Industrial Control System Vulnerabilities and Exploits
The Cybersecurity and Infrastructure Security Agency (CISA) released thirteen new Industrial Control Systems (ICS) advisories, spotlighting a range of security vulnerabilities and potential exploits affecting critical infrastructure components. These advisories are a vital resource for organizations relying on ICS technologies,…
CISA Alerts on Active Exploits Targeting Citrix NetScaler ADC and Gateway Flaw
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding active exploitation of a newly discovered vulnerability in Citrix NetScaler ADC and Gateway systems, with organizations facing an immediate deadline to implement protective measures. The vulnerability, designated…
UK Online Safety Act ‘not up to scratch’ on misinformation, warn MPs
Last summer’s riots show how some content can be harmful but not illegal The Online Safety Act fails to tackle online misinformation, leaving the UK in need of further regulation to curb the viral spread of false content, a report…
Rockerbox Data Leak – 245,949 User Records Exposed Including SSNs and Driver’s Licenses
The Rockerbox breach burst onto the threat-intelligence radar in early July 2025 when an unencrypted, 286.9 GB cloud repository holding 245,949 highly sensitive records was found openly indexed on the internet. Investigators traced the trove to Rockerbox, a Dallas-based tax-credit…
Apache HTTP Server 2.4.64 Released With Patch for 8 Vulnerabilities
The Apache Software Foundation has released Apache HTTP Server version 2.4.64, addressing eight critical security vulnerabilities that affected versions spanning from 2.4.0 through 2.4.63. This latest update resolves a range of issues, including HTTP response splitting, server-side request forgery (SSRF),…