This blog post analyzes the Vicious Trap, a honeypot network deployed on compromised edge devices. La publication suivante ViciousTrap – Infiltrate, Control, Lure: Turning edge devices into honeypots en masse. est un article de Sekoia.io Blog. This article has been…
Signal blocks Microsoft Recall from screenshotting conversations
Signal has released a new version of its end-to-end encrypted communication app for Windows that prevents Microsoft Recall and users from screenshotting text-based conversations happening in the app. The new “Screen security” setting is enabled by default and can be…
Identity Security Has an Automation Problem—And It’s Bigger Than You Think
For many organizations, identity security appears to be under control. On paper, everything checks out. But new research from Cerby, based on insights from over 500 IT and security leaders, reveals a different reality: too much still depends on people—not…
IT Security News Hourly Summary 2025-05-22 12h : 10 posts
10 posts were published in the last hour 9:33 : Hotspot Deutschland: Millionenfach eingesetzte Infostealer-Malware zerschlagen 9:33 : [UPDATE] [hoch] Checkmk: Mehrere Schwachstellen 9:33 : [UPDATE] [mittel] CPython: Schwachstelle ermöglicht Denial of Service 9:33 : [UPDATE] [hoch] Mozilla Firefox: Mehrere…
Europäischer Polizeikongress: Ermittler brauchen KI und “Small Data”
Man habe viele Daten, oft scheitere es aber in der Ermittlungsarbeit an Personalengpässen und Regulierungslücken, so Teilnehmer des Fachforums “Small Data”. Dieser Artikel wurde indexiert von heise security News Lesen Sie den originalen Artikel: Europäischer Polizeikongress: Ermittler brauchen KI und…
Sir Jony Ive Joins OpenAI
Former Apple designer Sir Jony Ive is officially joining forces with Sam Altman’s OpenAI, amid reports of new AI device This article has been indexed from Silicon UK Read the original article: Sir Jony Ive Joins OpenAI
Mysterious Database of 184 Million Records Exposes Vast Array of Login Credentials
The trove has now been taken down but included users’ logins for platforms including Apple, Google, and Meta, plus services from multiple governments. This article has been indexed from Security Latest Read the original article: Mysterious Database of 184 Million…
Microsoft Investigates Exchange Online Email Delays Impacting Australian Users
Microsoft is currently investigating an issue affecting Exchange Online, where some users in Australia are experiencing significant delays in sending and receiving emails. The problem, first acknowledged on May 22, 2025, has led to disruptions for businesses and individuals relying…
New Advanced Process Injection Attack Lets Attackers Evade EDR Detection
A novel process injection technique that effectively bypasses leading Endpoint Detection and Response (EDR) solutions by focusing solely on execution primitives, eliminating the need for memory allocation or writing operations that typically trigger security alerts. Dubbed “CONTEXT-Only Attack Surface,” this…
Everest Hacking Group Claims Coca-Cola Data Breach, Exfiltrates 23 Million Records
In a significant cybersecurity incident that could potentially affect millions of consumers, two notorious hacking groups have claimed responsibility for separate breaches of Coca-Cola systems. According to posts on dark web forums, the Everest ransomware group has reportedly compromised internal…
Cisco Identity Services RADIUS Process Vulnerability Let Attackers Trigger DoS Condition
Cisco disclosed a high-severity vulnerability affecting its Identity Services Engine (ISE) that could allow unauthenticated remote attackers to cause a denial of service condition. The vulnerability, identified as CVE-2025-20152, received a CVSS score of 8.6, reflecting its serious potential impact…
Malicious VS Code Extensions Attacking Windows Solidity Developers to Steal Login Credentials
A sophisticated campaign targeting Solidity developers has emerged, utilizing Visual Studio Code’s popularity and extension ecosystem as an attack vector. Threat actors have deployed trojanized extensions that masquerade as developer utilities while secretly exfiltrating cryptocurrency wallet credentials and other sensitive…
Partnerangebot: Fortbildung zum Adaptron BACKUP-Experten
Die Fortbildung zum ADAPTRON BACKUP-Experten vermittelt praxisnahes Know-how, um Datenverluste zu verhindern und Ihr Unternehmen schnell wieder handlungsfähig zu machen – z. B. auch nach einem Cyberangriff. Dieser Artikel wurde indexiert von Aktuelle Meldungen der Allianz für Cyber-Sicherheit Lesen Sie den…
[NEU] [mittel] Internet Systems Consortium BIND: Schwachstelle ermöglicht Denial of Service
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Internet Systems Consortium BIND ausnutzen, um einen Denial of Service Angriff durchzuführen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel: [NEU] [mittel]…
[NEU] [mittel] Trend Micro Apex Central: Mehrere Schwachstellen ermöglichen Codeausführung
Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Trend Micro Apex Central ausnutzen, um beliebigen Programmcode auszuführen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel: [NEU] [mittel] Trend Micro Apex…
[NEU] [mittel] xwiki: Schwachstelle ermöglicht Privilegieneskalation
Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in xwiki ausnutzen, um seine Privilegien zu erhöhen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel: [NEU] [mittel] xwiki: Schwachstelle ermöglicht Privilegieneskalation
UAT-6382 exploits Cityworks zero-day vulnerability to deliver malware
Talos has observed exploitation of CVE-2025-0994 in the wild by UAT-6382, a Chinese-speaking threat actor, who then deployed malware payloads via TetraLoader. This article has been indexed from Cisco Talos Blog Read the original article: UAT-6382 exploits Cityworks zero-day vulnerability…
Scammers are using AI to impersonate senior officials, warns FBI
Cybercriminals are using AI-based tools to generate voice clones of the voices of senior US officials in order to scam people. This article has been indexed from Malwarebytes Read the original article: Scammers are using AI to impersonate senior officials,…
How to disable ACR on your TV (and why it makes such a big difference for privacy)
Smarter TV operating systems offer added convenience, but they also introduce new privacy concerns, particularly around automatic content recognition (ACR). Here’s what ACR is and how you can take control. This article has been indexed from Latest stories for ZDNET…
Law enforcement dismantled the infrastructure behind Lumma Stealer MaaS
Microsoft found 394,000 Windows systems talking to Lumma stealer controllers, a victim pool that included global manufacturers. A US court order, with Europol and Japan’s JC3 dismantled the Lumma Stealer malware operation, seizing 2,300 domains used for command-and-control and blocking…
Scottish council admits ransomware crooks stole school data
Parents and teachers have personal info, ID documents leaked online, but exam season mostly unaffected Scotland’s West Lothian Council has confirmed that data was stolen from its education network after the Interlock ransomware group claimed responsibility for the intrusion earlier…
Taming the Hacker Storm: Why Millions in Cybersecurity Spending Isn’t Enough
Despite massive investment, the explosion of sophisticated malware and deepfake attacks persists because organizations struggle to verify digital identities and establish fundamental trust. The post Taming the Hacker Storm: Why Millions in Cybersecurity Spending Isn’t Enough appeared first on SecurityWeek.…
Sensitive Personal Data Stolen in West Lothian Ransomware Attack
West Lothian Council confirmed that ransomware attackers have stolen personal and sensitive information held on its education network This article has been indexed from www.infosecurity-magazine.com Read the original article: Sensitive Personal Data Stolen in West Lothian Ransomware Attack
Hotspot Deutschland: Millionenfach eingesetzte Infostealer-Malware zerschlagen
Zusammen mit Europol und anderen Behörden hat Microsoft die Malware Lumma unschädlich gemacht. Gerade in Europa sind viele Systeme infiziert. (Malware, Virus) Dieser Artikel wurde indexiert von Golem.de – Security Lesen Sie den originalen Artikel: Hotspot Deutschland: Millionenfach eingesetzte Infostealer-Malware…