There is a new botnet that is infecting TP-Link routers: The botnet can lead to command injection which then makes remote code execution (RCE) possible so that the malware can spread itself across the internet automatically. This high severity security…
Critical ruby-saml Vulnerabilities Allow Attackers to Bypass Authentication
A critical security vulnerability has been identified in the ruby-saml library, a popular tool used for Single Sign-On (SSO) via Security Assertion Markup Language (SAML) on the service provider side. The vulnerabilities, designated as CVE-2025-25291 and CVE-2025-25292, allow attackers to…
Lazarus Group Weaponizes IIS Servers for Deploying Malicious ASP Web Shells
The notorious Lazarus group has been identified as leveraging compromised IIS servers to deploy malicious ASP web shells. These sophisticated attacks have been reported to facilitate the spread of malware, including the LazarLoader variant, and utilize privilege escalation tools to…
New kids on the ransomware block channel Lockbit to raid Fortinet firewalls
It’s March already and you haven’t patched? Researchers are tracking a newly discovered ransomware group with suspected links to LockBit after a series of intrusions were reported starting in January.… This article has been indexed from The Register – Security…
UK’s secret iCloud backdoor order triggers civil rights challenge
The U.K. government’s secret order to Apple demanding it backdoor the end-to-end encrypted version of its iCloud storage service has now been challenged by two civil rights groups, Liberty and Privacy International, which filed complaints Thursday. They called the order…
How Security Teams Should Respond to the Rise in Vulnerability Disclosures
In 2024, vulnerability disclosures hit an all-time high, with over 30,000 vulnerabilities recorded in the National Vulnerability Database (NVD). Unfortunately, we can expect these numbers to continue rising as the use of open source, GenAI, and software overall is ever-growing.…
CISA Releases Thirteen Industrial Control Systems Focusing Vulnerabilities & Exploits
The Cybersecurity and Infrastructure Security Agency (CISA) has recently issued multiple Industrial Control Systems (ICS) advisories highlighting significant security vulnerabilities across various critical infrastructure sectors. These advisories reveal several high-severity and critical vulnerabilities that demand immediate attention from organizations operating…
United States Charges Developer of LockBit Ransomware Group
Rostislav Panev, a 51-year-old dual Russian and Israeli national, has been extradited to the United States on charges related to his alleged role as a developer for the notorious LockBit ransomware group. The extradition, which took place on March 13,…
Fraudsters Impersonate Clop Ransomware to Extort Businesses
Barracuda observed threat actors impersonating the Clop ransomware group via email to extort payments, claiming to have exfiltrated sensitive data This article has been indexed from www.infosecurity-magazine.com Read the original article: Fraudsters Impersonate Clop Ransomware to Extort Businesses
IT Security News Hourly Summary 2025-03-14 12h : 12 posts
12 posts were published in the last hour 10:34 : Off the Beaten Path: Recent Unusual Malware 10:34 : A New Era of Attacks on Encryption Is Starting to Heat Up 10:34 : 9 PDQ Deploy Alternatives for Better Patch…
Off the Beaten Path: Recent Unusual Malware
Three unusual malware samples analyzed here include an ISS backdoor developed in a rare language, a bootkit and a Windows implant of a post-exploit framework. The post Off the Beaten Path: Recent Unusual Malware appeared first on Unit 42. This…
A New Era of Attacks on Encryption Is Starting to Heat Up
The UK, France, Sweden, and EU have made fresh attacks on end-to-end encryption. Some of the attacks are more “crude” than those in recent years, experts say. This article has been indexed from Security Latest Read the original article: A…
9 PDQ Deploy Alternatives for Better Patch Management
If you’re looking for PDQ Deploy alternatives, you’re either aware of the product’s limitations or exploring your options. As one user puts it: While PDQ Deploy & Inventory consistently meets our needs, the primary driver for exploring alternative solutions was…
Recent Fortinet Vulnerabilities Exploited in ‘SuperBlack’ Ransomware Attacks
The newly discovered SuperBlack ransomware has been exploiting two vulnerabilities in Fortinet firewalls. The post Recent Fortinet Vulnerabilities Exploited in ‘SuperBlack’ Ransomware Attacks appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Recent Fortinet…
Cybersecurity Industry Falls Short on Collaboration, Says Former GCHQ Director
Sir Jeremy Fleming spoke during Palo Alto Networks’ Ignite event in London on March 13 This article has been indexed from www.infosecurity-magazine.com Read the original article: Cybersecurity Industry Falls Short on Collaboration, Says Former GCHQ Director
Malware Ranking Februar: AsyncRAT sorgt in Deutschland für wirtschaftliche Schäden
Der aufstrebende Trojaner wird in professionellen Kampagnen eingesetzt, die Plattformen wie TryCloudflare und Dropbox zur Verbreitung von Malware nutzen. Dieser Artikel wurde indexiert von IT-News Cybersicherheit – silicon.de Lesen Sie den originalen Artikel: Malware Ranking Februar: AsyncRAT sorgt in Deutschland…
Securitas gewinnt Ausschreibung und neuen Partner
Securitas verzeichnet gleich zwei Erfolge – die Partnerschaft mit Essence Security für deren Überwachungssystem, als auch den Gewinn der Ausschreibung für die Passagierkontrollen am Flughafen Berlin-Brandenburg (BER). Dieser Artikel wurde indexiert von Newsfeed Lesen Sie den originalen Artikel: Securitas gewinnt…
[UPDATE] [mittel] Python: Schwachstelle ermöglicht Manipulation von Dateien
Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in Python ausnutzen, um Dateien zu manipulieren. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel: [UPDATE] [mittel] Python: Schwachstelle ermöglicht Manipulation von Dateien
[UPDATE] [niedrig] Python: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Python ausnutzen, um Sicherheitsvorkehrungen zu umgehen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel: [UPDATE] [niedrig] Python: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
Ongoing Cyber Attack Mimic Booking.com to Spread Password-Stealing Malware
Microsoft Threat Intelligence has identified an ongoing phishing campaign that began in December 2024, targeting organizations in the hospitality industry by impersonating the online travel agency Booking.com. The campaign, tracked as Storm-1865, employs a sophisticated social engineering technique called ClickFix…
New Campaign Attacking PyPI Users to Steal Sensitive Data Including Cloud Tokens
Security researchers have uncovered a sophisticated malware campaign targeting users of the Python Package Index (PyPI), Python’s official third-party software repository. This latest attack vector involves several malicious packages disguised as time-related utilities, which are actually designed to steal sensitive…
Microsoft365 Themed Attack Leveraging OAuth Redirection for Account Takeover
Two sophisticated phishing campaigns were observed targeting Microsoft 365 users by exploiting OAuth redirection vulnerabilities combined with brand impersonation techniques. Threat researchers are warning organizations about these highly targeted attacks designed to bypass traditional security controls and achieve account takeover…
[UPDATE] [mittel] Linux Kernel: Mehrere Schwachstellen ermöglichen Privilegieneskalation
Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um seine Privilegien zu erhöhen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel: [UPDATE] [mittel] Linux Kernel: Mehrere Schwachstellen ermöglichen…
[UPDATE] [mittel] ffmpeg: Schwachstelle ermöglicht Codeausführung
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in ffmpeg ausnutzen, um beliebigen Programmcode auszuführen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel: [UPDATE] [mittel] ffmpeg: Schwachstelle ermöglicht Codeausführung