Cybersecurity company SentinelOne has revealed that a China-nexus threat cluster dubbed PurpleHaze conducted reconnaissance attempts against its infrastructure and some of its high-value customers. “We first became aware of this threat cluster during a 2024 intrusion conducted against an organization…
IT Security News Hourly Summary 2025-04-29 15h : 12 posts
12 posts were published in the last hour 13:4 : Threat Actors Accelerate Transition from Reconnaissance to Compromise – New Report Finds 13:4 : Google Chrome Vulnerability Allows Attackers to Bypass Sandbox Restrictions – Technical Details Revealed 13:4 : Millions…
Elevating MSSP Managed Security Services with Managed Detection and Response (MDR)
In today’s rapidly evolving cyber security landscape, managed security service providers (MSSPs) must continuously innovate to meet the growing demands of their clients. As an MSSP, one powerful way to enhance your service portfolio and deliver exceptional value is by…
The 5 Best VPNs for Amazon Fire Stick in 2025
Check out TechRepublic’s list of top Amazon Fire Stick VPNs for safe streaming in 2025. This article has been indexed from Security | TechRepublic Read the original article: The 5 Best VPNs for Amazon Fire Stick in 2025
OpenBSD 7.7 Released with Significant Performance & Security Enhancements
OpenBSD 7.7, the 58th release of the security-focused operating system, was officially launched on April 28, 2025. This release substantially improves multiple areas, including performance optimization, hardware support, and security enhancements. The new version features notable performance improvements, particularly on…
Google Warns of 75 Zero-Day Vulnerabilities Exploited in the Wild
Google’s Threat Intelligence Group (GTIG) has revealed that 75 zero-day vulnerabilities were exploited in the wild during 2024, highlighting both evolving attacker tactics and shifting targets in the global cybersecurity landscape. While this figure decreases from the 98 zero-days observed…
Europol Creates Operational Taskforce to Tackle Violence-as-a-Service
In response to the concerning rise of “violence-as-a-service” (VaaS) and the exploitation of youth by organized crime, Europol has announced the formation of a new Operational Task Force (OTF), codenamed GRIMM. This multinational initiative, led by Sweden, brings together law…
Google Chrome Vulnerability Let Attackers Escape Payload from Sandbox – Technical Details Disclosed
A critical vulnerability in Google Chrome has recently been discovered that allows malicious actors to break out of the browser’s protective sandbox environment, potentially giving attackers access to the underlying operating system. The flaw, identified as CVE-2025-2783, affects Chrome versions…
Fraudulent email domain tracker: April 2025
This is the first release in a new Castle series highlighting email domains associated with fraudulent activity. Our goal is to provide visibility into email infrastructure commonly abused by bots and fraudsters, so that security teams can improve their detection…
Bitwarden Access Intelligence defends against credential risks and phishing
Bitwarden launched Access Intelligence, a set of new capabilities that enables enterprises to proactively defend against internal credential risks and external phishing threats. Access Intelligence introduces two core functionalities: Risk Insights, which allows IT teams to identify, prioritize, and remediate…
New Gremlin Infostealer Distributed on Telegram
Administrators of a Telegram channel named CoderSharp have been advertising Gremlin Stealer since March 2025 This article has been indexed from www.infosecurity-magazine.com Read the original article: New Gremlin Infostealer Distributed on Telegram
Krisenkommunikation: Litfaßsäule 4.0 warnt Darmstädter
Die Litfaßsäule 4.0 bringt Digitalisierung und traditionelle Stadtmöbel zusammen, um Bürger auch in Krisensituationen zu informieren – sogar bei Stromausfall. Dieser Artikel wurde indexiert von Newsfeed Lesen Sie den originalen Artikel: Krisenkommunikation: Litfaßsäule 4.0 warnt Darmstädter
Blinded from Above: How Relentless Cyber-Attacks Are Knocking Satellites Out of Sight
According to the Center for Strategic & International Studies’ (CSIS) 2025 Space Threat Assessment, space systems’ susceptibility to cyberattacks has gained significant attention. With approximately 720 cyber incidents reported across sectors in 2024 by the European Repository of Cyber Incidents…
What is an automation architect?
An automation architect is a senior IT professional responsible for the strategic design, development and governance of automation initiatives across an organization. This article has been indexed from Search Security Resources and Information from TechTarget Read the original article: What…
Infosec pros tell Trump to quit bullying Chris Krebs – it’s undermining security
Top voices warn that political retaliation puts democracy and national defense at risk The Electronic Frontier Foundation (EFF) and numerous infosec leaders are lobbying US President Donald Trump to drop his enduring investigation into Chris Krebs, claiming that targeting the…
Investigating the Role of DarkStorm Team in the Recent X Outage
It has been reported that Elon Musk’s social media platform, X, formerly known as Twitter, was severely disrupted on Monday after a widespread cyberattack that has caused multiple service disruptions. Data from outage monitoring service Downdetector indicates that at…
ExtraHop strenghtens network detection and response
ExtraHop launched all-in-one sensor designed to unify network traffic collection that scales across a number of security use cases. This further advances ExtraHop’s vision to consolidate NDR, network performance monitoring (NPM), intrusion detection (IDS), and full packet forensics into an…
Docker: Rechteausweitungslücke in Desktop für Windows
Angreifer können ihre Rechte durch ein Sicherheitsleck in Docker Desktop für Windows ausweiten. Ein Update korrigiert das. Dieser Artikel wurde indexiert von heise security News Lesen Sie den originalen Artikel: Docker: Rechteausweitungslücke in Desktop für Windows
Hauptstadtportal berlin.de nach DDoS-Attacke wieder online
Am vergangenen Freitag begann ein umfassende DDoS-Angriff auf Portal der Hauptstadt. Betroffen waren Bürgerdienste und auch das Intranet der Verwaltung. Dieser Artikel wurde indexiert von heise security News Lesen Sie den originalen Artikel: Hauptstadtportal berlin.de nach DDoS-Attacke wieder online
Nordkoreanische Fake-ITler: “Wie dick ist Kim Jong-un?”
Nordkoreanische Fake-ITler sollen sich zu Tausenden in Fortune-500-Unternehmen eingeschlichen haben. Sie zu erkennen erfordert ungewöhnliche Methoden. (Nordkorea, Security) Dieser Artikel wurde indexiert von Golem.de – Security Lesen Sie den originalen Artikel: Nordkoreanische Fake-ITler: “Wie dick ist Kim Jong-un?”
Threat Actors Accelerate Transition from Reconnaissance to Compromise – New Report Finds
Cybercriminals are leveraging automation across the entire attack chain, drastically reducing the time from reconnaissance to compromise. The data shows a staggering 16.7% global increase in scans, with over 36,000 scans per second targeting not just exposed ports but delving…
Google Chrome Vulnerability Allows Attackers to Bypass Sandbox Restrictions – Technical Details Revealed
A severe vulnerability, identified as CVE-2025-2783, has been discovered in Google Chrome, specifically targeting the Mojo inter-process communication (IPC) component on Windows systems. This high-impact flaw, with a CVSS score of 8.8, stems from improper handle validation and management within…
Millions of Apple Airplay-Enabled Devices Can Be Hacked via Wi-Fi
Researchers reveal a collection of bugs known as AirBorne that would allow any hacker on the same Wi-Fi network as a third-party AirPlay-enabled device to surreptitiously run their own code on it. This article has been indexed from Security Latest…
Google Threat Intelligence Group (GTIG) tracked 75 actively exploited zero-day flaws in 2024
Google tracked 75 zero-day flaws exploited in 2024, down from 98 in 2023, according to its Threat Intelligence Group’s latest analysis. In 2024, Google tracked 75 exploited zero-day vulnerabilities, down from 98 in 2023 but up from 63 in 2022.…