The RansomHub ransomware group has rapidly emerged as one of the most prolific cybercrime syndicates of 2024–2025. As this ransomware group done by expanding its arsenal to target Windows, VMware ESXi, Linux, and FreeBSD systems in global attacks. RansomHub ransomware…
XCSSET macOS malware returns with first new version since 2022
Known for popping zero-days of yesteryear, Microsoft puts Apple devs on high alert Microsoft says there’s a new variant of XCSSET on the prowl for Mac users – the first new iteration of the malware since 2022.… This article has…
New FinalDraft Malware Spotted in Espionage Campaign
A newly identified malware family abuses the Outlook mail service for communication, via the Microsoft Graph API. The post New FinalDraft Malware Spotted in Espionage Campaign appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
A PostgreSQL zero-day was also exploited in US Treasury hack (CVE-2025-1094)
The suspected Chinese state-sponsored hackers who breached workstations of several US Treasury employees in December 2024 did so by leveraging not one, but two zero-days, according to Rapid7 researchers. It was initially reported that the attackers compromised the Treasury’s BeyondTrust…
IT Security News Hourly Summary 2025-02-17 15h : 15 posts
15 posts were published in the last hour 13:32 : Beware! Fake Outlook Support Calls Leading to Ransomware Attacks 13:32 : New XCSSET Malware Targets macOS Users Through Infected Xcode Projects 13:32 : Xerox Printer Vulnerability Exposes Authentication Data Via…
Beware! Fake Outlook Support Calls Leading to Ransomware Attacks
Telekom Security has recently uncovered a significant vishing (voice phishing) campaign targeting individuals and organizations across Germany. This operation appears to be linked to a ransomware group employing sophisticated social engineering tactics. The attackers impersonate Microsoft Outlook support personnel, aiming…
New XCSSET Malware Targets macOS Users Through Infected Xcode Projects
Microsoft Threat Intelligence has identified a new variant of the XCSSET macOS malware, marking its first update since 2022. This sophisticated malware continues to target macOS users by infecting Xcode projects, a critical tool for Apple developers. The latest variant…
Xerox Printer Vulnerability Exposes Authentication Data Via LDAP and SMB
A critical security vulnerability in Xerox’s Versalink C7025 Multifunction Printer (MFP) has been uncovered, exposing enterprise networks to credential theft and lateral attacks. The flaw, discovered by Rapid7 Principal IoT Researcher Deral Heiland, enables malicious actors to intercept Lightweight Directory…
Stealthy Malware in WordPress Sites Enables Remote Code Execution by Hackers
Security researchers have uncovered sophisticated malware targeting WordPress websites, leveraging hidden backdoors to enable remote code execution (RCE). These attacks exploit vulnerabilities in WordPress core features and plugins, allowing hackers to gain unauthorized access, execute arbitrary code, and maintain control…
Bridging the Gap Between Security and Risk with CRQ
Cybersecurity and risk management are often treated as separate disciplines within organizations. Security teams focus on identifying and mitigating technical threats, while risk teams take a broader approach to evaluating business exposure. However, this disconnect creates a challenge: security teams…
Brocade SANnav: Angreifer können Zugangsdaten durch Sicherheitslecks erlangen
Broadcom warnt vor Sicherheitslücken in Brocade SANnav, durch die Angreifer unbefugt Zugang erlangen können. Aktualisierte Software schließt sie. Dieser Artikel wurde indexiert von heise Security Lesen Sie den originalen Artikel: Brocade SANnav: Angreifer können Zugangsdaten durch Sicherheitslecks erlangen
Verschlüsselter Messenger: Elon Musks X blockiert plötzlich Links zu Signal
Wer auf X einen Link zur Kontaktaufnahme via Signal teilen will, kommt derzeit nicht weit. Egal, ob öffentlich oder privat: Die Links werden blockiert. (X, Virus) Dieser Artikel wurde indexiert von Golem.de – Security Lesen Sie den originalen Artikel: Verschlüsselter…
My Very Personal Guidance and Strategies to Protect Network Edge Devices, (Thu, Feb 6th)
Last week, CISA and other national cyber security organizations published an extensive document outlining “Guidance and Strategies to Protect Network Edge Devices.” [1] The document is good but also very corporate and “bland.” It summarizes good, well-intended advice that will help…
HashFlare Fraud: Two Estonians Admit to Running $577M Crypto Scam
Two Estonian nationals plead guilty to a $577M cryptocurrency Ponzi scheme through HashFlare, defrauding hundreds of thousands globally.… This article has been indexed from Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News Read the original article: HashFlare Fraud:…
Threat Actors Exploiting Modified SharpHide Tool to Conceal Registry Entries
Threat actors are leveraging a modified version of the SharpHide tool to create hidden registry entries, significantly complicating detection and removal efforts. This technique exploits vulnerabilities in Windows registry handling, using null-terminated strings to obscure malicious entries. The modified SharpHide…
CISA Warns of Active Exploitation of Apple iOS Security Flaw
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory warning of active exploitation of a critical security flaw in Apple’s iOS and iPad operating systems. Tracked as CVE-2025-24200, the vulnerability permits attackers with physical access to bypass critical…
Check Point’s SASE Tops Scores for Threat Prevention
Known malware is dangerous, but the real risk lies in never-before-seen zero day threats that slip past defenses. For companies adopting the SASE security model, effective threat prevention is non-negotiable. That’s why Check Point delivers industry-leading protection for SASE and…
The CISO’s Myopia
Fifteen years ago, I wrote an article entitled “The CSO’s Myopia.” At the time, I aimed to highlight a critical limitation in information security management. I demonstrated how many information… The post The CISO’s Myopia appeared first on Cyber Defense…
Russian State Hackers Target Organizations With Device Code Phishing
Russian hackers have been targeting government, defense, telecoms, and other organizations in a device code phishing campaign. The post Russian State Hackers Target Organizations With Device Code Phishing appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
South Korea Suspends DeepSeek AI Downloads Over Privacy Violations
South Korea has formally suspended new downloads of Chinese artificial intelligence (AI) chatbot DeepSeek in the country until the service makes changes to its mobile apps to comply with data protection regulations. Downloads have been paused as of February 15,…
[UPDATE] [mittel] Intel Firmware: Mehrere Schwachstellen
Ein lokaler Angreifer kann mehrere Schwachstellen in der Intel Firmware ausnutzen, um erweiterte Rechte zu erlangen, einen Denial of Service Zustand herbeizuführen oder vertrauliche Informationen preiszugeben. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen…
[UPDATE] [mittel] Intel Prozessoren: Mehrere Schwachstellen
Ein lokaler Angreifer kann mehrere Schwachstellen in verschiedenen Intel Prozessoren und zugehöriger Software ausnutzen, um seine Privilegien zu erhöhen, um einen Denial of Service Zustand herbeizuführen und um Informationen offenzulegen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID):…
[UPDATE] [hoch] Golang Go: Mehrere Schwachstellen
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Golang Go ausnutzen, um Sicherheitsvorkehrungen zu umgehen und um Dateien zu manipulieren. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel: [UPDATE] [hoch]…
IDOR Vulnerability in ExHub Allows Attackers to Alter Hosting Configurations
A security researcher recently uncovered a high-risk Insecure Direct Object Reference (IDOR) vulnerability in ExHub, a cloud hosting and collaboration platform used by over 2 million developers. The flaw enabled attackers to manipulate web hosting configurations for any project hosted…