Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Ruby ausnutzen, um einen Denial of Service Angriff durchzuführen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel: [NEU] [mittel] Ruby: Schwachstelle ermöglicht…
[NEU] [mittel] PHP: Mehrere Schwachstellen
Ein Angreifer kann mehrere Schwachstellen in PHP ausnutzen, um Daten zu manipulieren, beliebigen Code auszuführen, vertrauliche Informationen preiszugeben, einen Denial of Service Zustand herbeizuführen oder andere nicht näher spezifizierte Auswirkungen zu verursachen. Dieser Artikel wurde indexiert von BSI Warn- und…
Microsoft Warns of Cyber Attack Mimic Booking .com To Deliver Password Stealing Malware
Microsoft Threat Intelligence has identified an ongoing phishing campaign impersonating Booking.com to deliver credential-stealing malware. The campaign, which began in December 2024, targets hospitality organizations in North America, Oceania, Asia, and Europe. This sophisticated attack specifically aims at individuals in…
Lazarus Hackers Exploiting IIS Servers to Deploy ASP-based Web Shells
Researchers have identified a series of sophisticated attacks by the notorious Lazarus group targeting South Korean web servers. The threat actors have been breaching IIS servers to deploy ASP-based web shells, which are subsequently used as first-stage Command and Control…
RSA Conference Playbook: Smart Strategies from Seasoned Attendees
Your guide on how to get through the conference with your sanity, energy, and key performance indicators (KPIs) intact. The post RSA Conference Playbook: Smart Strategies from Seasoned Attendees appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
Why Most Microsegmentation Projects Fail—And How Andelyn Biosciences Got It Right
Most microsegmentation projects fail before they even get off the ground—too complex, too slow, too disruptive. But Andelyn Biosciences proved it doesn’t have to be that way. Microsegmentation: The Missing Piece in Zero Trust Security Security teams today are under…
Live Ransomware Demo: See How Hackers Breach Networks and Demand a Ransom
Cyber threats evolve daily. In this live webinar, learn exactly how ransomware attacks unfold—from the initial breach to the moment hackers demand payment. Join Joseph Carson, Delinea’s Chief Security Scientist and Advisory CISO, who brings 25 years of enterprise security…
[NEU] [mittel] expat: Schwachstelle ermöglicht Denial of Service
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in expat ausnutzen, um einen Denial of Service Angriff durchzuführen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel: [NEU] [mittel] expat: Schwachstelle ermöglicht…
[NEU] [mittel] Kubernetes: Schwachstelle ermöglicht Umgehung von Sicherheitsmechanismen
Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in Kubernetes ausnutzen, um Sicherheitsmechanismen zu umgehen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel: [NEU] [mittel] Kubernetes: Schwachstelle ermöglicht Umgehung von Sicherheitsmechanismen
[NEU] [niedrig] HCL AppScan Enterprise: Schwachstelle ermöglicht Offenlegung von Informationen
Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in HCL AppScan Enterprise ausnutzen, um Informationen offenzulegen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel: [NEU] [niedrig] HCL AppScan Enterprise: Schwachstelle ermöglicht…
TP-Link Router Botnet
There is a new botnet that is infecting TP-Link routers: The botnet can lead to command injection which then makes remote code execution (RCE) possible so that the malware can spread itself across the internet automatically. This high severity security…
Critical ruby-saml Vulnerabilities Allow Attackers to Bypass Authentication
A critical security vulnerability has been identified in the ruby-saml library, a popular tool used for Single Sign-On (SSO) via Security Assertion Markup Language (SAML) on the service provider side. The vulnerabilities, designated as CVE-2025-25291 and CVE-2025-25292, allow attackers to…
Lazarus Group Weaponizes IIS Servers for Deploying Malicious ASP Web Shells
The notorious Lazarus group has been identified as leveraging compromised IIS servers to deploy malicious ASP web shells. These sophisticated attacks have been reported to facilitate the spread of malware, including the LazarLoader variant, and utilize privilege escalation tools to…
New kids on the ransomware block channel Lockbit to raid Fortinet firewalls
It’s March already and you haven’t patched? Researchers are tracking a newly discovered ransomware group with suspected links to LockBit after a series of intrusions were reported starting in January.… This article has been indexed from The Register – Security…
UK’s secret iCloud backdoor order triggers civil rights challenge
The U.K. government’s secret order to Apple demanding it backdoor the end-to-end encrypted version of its iCloud storage service has now been challenged by two civil rights groups, Liberty and Privacy International, which filed complaints Thursday. They called the order…
How Security Teams Should Respond to the Rise in Vulnerability Disclosures
In 2024, vulnerability disclosures hit an all-time high, with over 30,000 vulnerabilities recorded in the National Vulnerability Database (NVD). Unfortunately, we can expect these numbers to continue rising as the use of open source, GenAI, and software overall is ever-growing.…
CISA Releases Thirteen Industrial Control Systems Focusing Vulnerabilities & Exploits
The Cybersecurity and Infrastructure Security Agency (CISA) has recently issued multiple Industrial Control Systems (ICS) advisories highlighting significant security vulnerabilities across various critical infrastructure sectors. These advisories reveal several high-severity and critical vulnerabilities that demand immediate attention from organizations operating…
United States Charges Developer of LockBit Ransomware Group
Rostislav Panev, a 51-year-old dual Russian and Israeli national, has been extradited to the United States on charges related to his alleged role as a developer for the notorious LockBit ransomware group. The extradition, which took place on March 13,…
Fraudsters Impersonate Clop Ransomware to Extort Businesses
Barracuda observed threat actors impersonating the Clop ransomware group via email to extort payments, claiming to have exfiltrated sensitive data This article has been indexed from www.infosecurity-magazine.com Read the original article: Fraudsters Impersonate Clop Ransomware to Extort Businesses
IT Security News Hourly Summary 2025-03-14 12h : 12 posts
12 posts were published in the last hour 10:34 : Off the Beaten Path: Recent Unusual Malware 10:34 : A New Era of Attacks on Encryption Is Starting to Heat Up 10:34 : 9 PDQ Deploy Alternatives for Better Patch…
Off the Beaten Path: Recent Unusual Malware
Three unusual malware samples analyzed here include an ISS backdoor developed in a rare language, a bootkit and a Windows implant of a post-exploit framework. The post Off the Beaten Path: Recent Unusual Malware appeared first on Unit 42. This…
A New Era of Attacks on Encryption Is Starting to Heat Up
The UK, France, Sweden, and EU have made fresh attacks on end-to-end encryption. Some of the attacks are more “crude” than those in recent years, experts say. This article has been indexed from Security Latest Read the original article: A…
9 PDQ Deploy Alternatives for Better Patch Management
If you’re looking for PDQ Deploy alternatives, you’re either aware of the product’s limitations or exploring your options. As one user puts it: While PDQ Deploy & Inventory consistently meets our needs, the primary driver for exploring alternative solutions was…
Recent Fortinet Vulnerabilities Exploited in ‘SuperBlack’ Ransomware Attacks
The newly discovered SuperBlack ransomware has been exploiting two vulnerabilities in Fortinet firewalls. The post Recent Fortinet Vulnerabilities Exploited in ‘SuperBlack’ Ransomware Attacks appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Recent Fortinet…