As IT environments grow more complex, IT professionals are facing unprecedented pressure to secure business-critical data. With hybrid work the new standard and cloud adoption on the rise, data is increasingly distributed across different environments, providers and locations, expanding the…
Schadcode-Sicherheitslücken bedrohen FortiOS, FortiSandbox & Co.
Mehrere Produkte von Fortinet sind attackierbar. Sicherheitspatches schaffen Abhilfe. Dieser Artikel wurde indexiert von heise security News Lesen Sie den originalen Artikel: Schadcode-Sicherheitslücken bedrohen FortiOS, FortiSandbox & Co.
[NEU] [niedrig] Apache Camel: Schwachstelle ermöglicht Manipulation von Dateien
Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in Apache Camel ausnutzen, um Dateien zu manipulieren. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel: [NEU] [niedrig] Apache Camel: Schwachstelle ermöglicht Manipulation…
North Korean Hackers Use Google Play Malware to Steal SMS, Calls & Screenshots
Cybersecurity researchers at Lookout Threat Lab have uncovered a sophisticated Android surveillance tool dubbed “KoSpy,” which appears to be the work of North Korean state-sponsored hackers. This newly discovered spyware has been active since March 2022, with the most recent…
Hackers Exploiting JSPSpy To Manage Malicious Webshell Networks
Cybersecurity researchers have recently identified a cluster of JSPSpy web shell servers featuring an unexpected addition, Filebroser, a rebranded version of the open-source File Browser file management tool. This discovery sheds light on how attackers continue to leverage web shells…
Security Maturity Models: Leveraging Executive Risk Appetite for Your Secure Development Evolution
Organizations can align their processes with one of two global industry standards for self-assessment and security maturity—BSIMM and OWASP SAMM. The post Security Maturity Models: Leveraging Executive Risk Appetite for Your Secure Development Evolution appeared first on SecurityWeek. This article…
Suspected North Korea Group Targets Android Devices with Spyware
A North Korea-backed threat group, APT37, disguised KoSpy as utility apps in Google Play to infect Android devices, using the spyware for such activities as gathering sensitive information, tracking locations, capturing screenshots, recording keystrokes, and accessing files. The post Suspected…
Tech Complexity Puts UK Cybersecurity at Risk
Palo Alto Networks found that nearly two-thirds of UK organizations cited technology complexity as the most significant challenge towards building a sophisticated security posture This article has been indexed from www.infosecurity-magazine.com Read the original article: Tech Complexity Puts UK Cybersecurity…
Aerticket: Cyberangriff trifft Berliner Großhändler für Flugtickets
Nach einem Hackerangriff ist das Buchungssystem von Aerticket vorerst unbrauchbar. Eine schnelle Wiederherstellung ist wohl nicht zu erwarten. (Cybercrime, Cyberwar) Dieser Artikel wurde indexiert von Golem.de – Security Lesen Sie den originalen Artikel: Aerticket: Cyberangriff trifft Berliner Großhändler für Flugtickets
[NEU] [mittel] PaloAlto Networks PAN-OS: Mehrere Schwachstellen
Ein lokaler Angreifer kann mehrere Schwachstellen in PaloAlto Networks PAN-OS ausnutzen, um Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel: [NEU] [mittel] PaloAlto…
[NEU] [hoch] PaloAlto Networks GlobalProtect: Mehrere Schwachstellen
Ein entfernter anonymer oder lokaler Angreifer kann mehrere Schwachstellen in PaloAlto Networks GlobalProtect ausnutzen, um beliebigen Code auszuführen und erhöhte Privilegien zu erlangen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen…
[NEU] [hoch] GitLab: Mehrere Schwachstellen
Ein Angreifer kann mehrere Schwachstellen in GitLab ausnutzen, um Informationen preiszugeben, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, Daten zu manipulieren und einen Denial-of-Service-Zustand zu verursachen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie…
Mozilla Issues Urgent Firefox Update Warning to Prevent Add-on Failures
Mozilla has issued an urgent warning to all Firefox users, emphasizing the need to update their browsers before a critical root certificate expires on March 14, 2025. This certificate is used to verify signed content and add-ons across various Mozilla…
Meta warns of actively exploited flaw in FreeType library
Meta warned that a vulnerability, tracked as CVE-2025-27363, impacting the FreeType library may have been exploited in the wild. Meta warned that an out-of-bounds write flaw, tracked as CVE-2025-27363 (CVSS score of 8.1), in the FreeType library may have been actively exploited in attacks.…
Google Uncovers China-Linked Espionage Campaign Targeting Juniper Routers
Google’s Threat Analysis Group (TAG) and Mandiant have uncovered a sophisticated espionage campaign linked to China-nexus threat actors, targeting vulnerable Juniper routers used in enterprise and government networks worldwide. This discovery highlights the ongoing risks posed by state-sponsored attacks against…
New Federal Alert Warns U.S. Businesses of Medusa Ransomware Surge
In a joint advisory, US federal agencies have issued a cybersecurity warning about a sharp increase in attacks by Medusa ransomware, urging business leaders and IT teams to act immediately to protect their organizations. The Federal Bureau of Investigation (FBI),…
Webinar on Demand: Protecting Executives and Enterprises from Digital, Narrative and Physical Attacks
How hyper agenda-driven threat actors, cybercriminals, and nation-states integrate digital, narrative, and physical attacks to target organizations through their executives. The post Webinar on Demand: Protecting Executives and Enterprises from Digital, Narrative and Physical Attacks appeared first on SecurityWeek. This…
Intel Appoints Chip Veteran Lip-Bu Tan As CEO
Former board member and respected chip industry veteran Lip-Bu Tan appointed to lead troubled US chip giant Intel This article has been indexed from Silicon UK Read the original article: Intel Appoints Chip Veteran Lip-Bu Tan As CEO
Hackers Exploit Microsoft Copilot for Advanced Phishing Attacks
Hackers have been targeting Microsoft Copilot, a newly launched Generative AI assistant, to carry out sophisticated phishing attacks. This campaign highlights the risks associated with the widespread adoption of Microsoft services and the challenges that come with introducing new technologies…
New DCRat Campaign Uses YouTube Videos to Target Users
A new campaign involving the DCRat backdoor has recently been uncovered, leveraging YouTube as a primary distribution channel. Since the beginning of the year, attackers have been using the popular video-sharing platform to target users by creating fake or stolen…
Bitdefender Identifies Security Vulnerabilities Enabling Man-in-the-Middle Exploits
Cybersecurity firm Bitdefender has disclosed two high-severity security vulnerabilities affecting its legacy BOX v1 device, exposing users to potential remote code execution and man-in-the-middle attacks. The vulnerabilities, identified on March 12th, 2025, affect a product that is no longer sold…
VC Investment in Cyber Startups Surges 35%
VC firms invested 35% more in cybersecurity startups in North America and Europe in Q4 2024 than a year previously This article has been indexed from www.infosecurity-magazine.com Read the original article: VC Investment in Cyber Startups Surges 35%
IT Security News Hourly Summary 2025-03-13 12h : 11 posts
11 posts were published in the last hour 10:34 : Apple To Appeal UK Government Backdoor Order On Friday 10:34 : Head Mare and Twelve join forces to attack Russian entities 10:34 : How to detect Headless Chrome bots instrumented…
Apple To Appeal UK Government Backdoor Order On Friday
MPs demand secret High Court hearing be held in public, after government had ordered a backdoor to Apple iCloud This article has been indexed from Silicon UK Read the original article: Apple To Appeal UK Government Backdoor Order On Friday