By 2028, SSL/TLS certificate lifecycles may be cut down to just 47 days – a dramatic shift from the current 398-day maximum. Apple’s recent ballot submission to the CA/Browser Forum proposes this change, and it’s gaining traction among industry leaders,…
JumpCloud Acquires Stack Identity to Extend Access Management Reach
JumpCloud this week revealed it has acquired Stack Identity to fuel an effort to add identity security and access visibility capabilities to its directory. The post JumpCloud Acquires Stack Identity to Extend Access Management Reach appeared first on Security Boulevard.…
Patient monitors with backdoor are sending info to China, CISA warns
Contec CMS8000, a patient monitor manufactured by a Chinese company, and Epsimed MN-120, which is the same monitor but relabeled, exfiltrate patients’ data to a hard-coded IP address and have a backdoor that can be used to download and execute…
[UPDATE] [hoch] PHP: Schwachstelle ermöglicht Offenlegung von Informationen
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in PHP ausnutzen, um Informationen offenzulegen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel: [UPDATE] [hoch] PHP: Schwachstelle ermöglicht Offenlegung von Informationen
[UPDATE] [mittel] MIT Kerberos: Mehrere Schwachstellen ermöglichen Denial of Service
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in MIT Kerberos ausnutzen, um einen Denial of Service Angriff durchzuführen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel: [UPDATE] [mittel] MIT Kerberos:…
How to find out if an AirTag is tracking you – and what to do about it
Apple’s trackers have been misused to track some without their consent. Here’s how to check if an AirTag is tracking you, whether you use an iPhone or Android phone. Plus, what to do next if you find one. This article…
CISA, FDA Warn of Dangerous Backdoor in Contec Patient Monitors
CISA and FDA say Contec patient monitors used in the US contain a backdoor function that could allow remote attackers to tamper with the device. The post CISA, FDA Warn of Dangerous Backdoor in Contec Patient Monitors appeared first on…
Google Bans 158,000 Malicious Android App Developer Accounts in 2024
Google said it blocked over 2.36 million policy-violating Android apps from being published to the Google Play app marketplace in 2024 and banned more than 158,000 bad developer accounts that attempted to publish such harmful apps. The tech giant also…
Italy Bans Chinese DeepSeek AI Over Data Privacy and Ethical Concerns
Italy’s data protection watchdog has blocked Chinese artificial intelligence (AI) firm DeepSeek’s service within the country, citing a lack of information on its use of users’ personal data. The development comes days after the authority, the Garante, sent a series…
Top 5 AI-Powered Social Engineering Attacks
Social engineering has long been an effective tactic because of how it focuses on human vulnerabilities. There’s no brute-force ‘spray and pray’ password guessing. No scouring systems for unpatched software. Instead, it simply relies on manipulating emotions such as trust,…
US nonprofit healthcare provider says hackers stole medical and personal data of 1M+ patients
Community Health Center (CHC), a Connecticut-based nonprofit healthcare provider, has confirmed that hackers accessed the sensitive data of more than a million patients. In a filing with Maine’s attorney general on Thursday, CHC said it detected suspicious activity on its…
One policy to rule them all
How cyberattackers exploit group policies, what risks attacks like these pose, and what measures can be taken to protect against such threats. This article has been indexed from Securelist Read the original article: One policy to rule them all
Coyote Banking Malware Weaponizing Windows LNK Files To Execute Malicious Scripts
A new wave of cyberattacks leveraging the Coyote Banking Trojan has been identified, targeting financial institutions in Brazil. This sophisticated malware employs malicious Windows LNK (shortcut) files as an entry point to execute PowerShell scripts, enabling multi-stage infection chains that…
ChatGPT, DeepSeek Vulnerable to AI Jailbreaks
Different research teams have demonstrated jailbreaks against ChatGPT, DeepSeek, and Alibaba’s Qwen AI models. The post ChatGPT, DeepSeek Vulnerable to AI Jailbreaks appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: ChatGPT, DeepSeek Vulnerable…
SimpleHelp RMM: Angriffe auf Sicherheitslücken beobachtet
In SimepleHelp RMM missbrauchen Angreifer Sicherheitslücken, um Netzwerke zu kompromittieren. Updates stehen bereit. Dieser Artikel wurde indexiert von heise Security Lesen Sie den originalen Artikel: SimpleHelp RMM: Angriffe auf Sicherheitslücken beobachtet
Medizinische Überwachung: Backdoor in verbreiteten Patientenmonitoren entdeckt
Durch die Backdoor fließen nicht nur laufend Patientendaten nach China. Auch lassen sich die Geräte von dort aus vollständig kontrollieren. (Sicherheitslücke, Security) Dieser Artikel wurde indexiert von Golem.de – Security Lesen Sie den originalen Artikel: Medizinische Überwachung: Backdoor in verbreiteten…
[NEU] [hoch] VMware Aria Operations, VMware Aria Operations for Logs und VMware Cloud Foundation:: Mehrere Schwachstellen
Ein entfernter authentisierter Angreifer kann mehrere Schwachstellen in VMware Aria Operations for Logs, VMware Aria Operations und VMware Cloud Foundation ausnutzen, um Informationen preiszugeben, erhöhte Berechtigungen zu erlangen und einen Cross-Site-Scripting-Angriff durchzuführen. Dieser Artikel wurde indexiert von BSI Warn- und…
[UPDATE] [hoch] Oracle Java SE: Mehrere Schwachstellen
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Java SE ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel: [UPDATE] [hoch]…
[UPDATE] [mittel] HTTP/2: Mehrere Schwachstellen ermöglichen Denial of Service
Ein entfernter, anonymer Angreifer kann eine Schwachstellen in verschiedenen http/2 Implementierungen ausnutzen, um einen Denial of Service Angriff durchzuführen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel: [UPDATE] [mittel] HTTP/2:…
Authorities Seized 39 Websites that Selling Hacking Tools to Launch Cyber Attacks
Authorities have seized 39 websites allegedly used to sell hacking tools and fraud-enabling software. The crackdown targeted a Pakistan-based network of online marketplaces operated by a group known as Saim Raza (aka HeartSender), which allegedly facilitated cyberattacks on individuals and businesses worldwide. The…
DeepSeek’s Flagship AI Model Under Fire for Security Vulnerabilities
Cyber reports exposed major security flaws in DeepSeek’s R1 LLM This article has been indexed from www.infosecurity-magazine.com Read the original article: DeepSeek’s Flagship AI Model Under Fire for Security Vulnerabilities
IT Security News Hourly Summary 2025-01-31 12h : 12 posts
12 posts were published in the last hour 10:35 : Cyberangriffe auf SimpleHelp RMM beobachtet 10:34 : Restoring SOC Team Confidence Amid Waves of False Positives 10:34 : Cisco’s Webex Chat Vulnerabilities Let Attackers Access Organizations Chat Histories 10:34 :…
Cyberangriffe auf SimpleHelp RMM beobachtet
In SimepleHelp RMM missbrauchen Angreifer Sicherheitslücken, um Netzwerke zu kompromittieren. Updates stehen bereit. Dieser Artikel wurde indexiert von heise Security Lesen Sie den originalen Artikel: Cyberangriffe auf SimpleHelp RMM beobachtet
Restoring SOC Team Confidence Amid Waves of False Positives
Imagine you’re a performer at a circus. You’re juggling balls, pins, torches, and the occasional chainsaw, all while blindfolded. Shouts from the crowd are coming from every direction, and new objects keep getting tossed in without notice. You’re juggling as…