A new campaign involving the DCRat backdoor has recently been uncovered, leveraging YouTube as a primary distribution channel. Since the beginning of the year, attackers have been using the popular video-sharing platform to target users by creating fake or stolen…
Bitdefender Identifies Security Vulnerabilities Enabling Man-in-the-Middle Exploits
Cybersecurity firm Bitdefender has disclosed two high-severity security vulnerabilities affecting its legacy BOX v1 device, exposing users to potential remote code execution and man-in-the-middle attacks. The vulnerabilities, identified on March 12th, 2025, affect a product that is no longer sold…
VC Investment in Cyber Startups Surges 35%
VC firms invested 35% more in cybersecurity startups in North America and Europe in Q4 2024 than a year previously This article has been indexed from www.infosecurity-magazine.com Read the original article: VC Investment in Cyber Startups Surges 35%
IT Security News Hourly Summary 2025-03-13 12h : 11 posts
11 posts were published in the last hour 10:34 : Apple To Appeal UK Government Backdoor Order On Friday 10:34 : Head Mare and Twelve join forces to attack Russian entities 10:34 : How to detect Headless Chrome bots instrumented…
Apple To Appeal UK Government Backdoor Order On Friday
MPs demand secret High Court hearing be held in public, after government had ordered a backdoor to Apple iCloud This article has been indexed from Silicon UK Read the original article: Apple To Appeal UK Government Backdoor Order On Friday
Head Mare and Twelve join forces to attack Russian entities
We analyze the activities of the Head Mare hacktivist group, which has been attacking Russian companies jointly with Twelve. This article has been indexed from Securelist Read the original article: Head Mare and Twelve join forces to attack Russian entities
How to detect Headless Chrome bots instrumented with Puppeteer?
Headless Chrome bots powered by Puppeteer are a popular choice among bot developers. The Puppeteer API’s ease of use, combined with the lightweight nature of Headless Chrome, makes it a preferred tool over its full-browser counterpart. It is commonly used…
INE Security Alert: Using AI-Driven Cybersecurity Training to Counter Emerging Threats
Cary, North Carolina, 13th March 2025, CyberNewsWire The post INE Security Alert: Using AI-Driven Cybersecurity Training to Counter Emerging Threats appeared first on Cybersecurity Insiders. This article has been indexed from Cybersecurity Insiders Read the original article: INE Security Alert:…
UK ICO Fires GDPR “Warning Shot” Over Use of Children’s Data
The UK’s information commissioner has warned that all digital firms using children’s data must follow the GDPR This article has been indexed from www.infosecurity-magazine.com Read the original article: UK ICO Fires GDPR “Warning Shot” Over Use of Children’s Data
Sicherheitsupdates: Root-Sicherheitslücke bedroht Cisco-ASR-Router
Der Netzwerkausrüster Cisco hat mehrere Schwachstellen geschlossen, über die Angreifer etwa ASR-Router attackieren können. Dieser Artikel wurde indexiert von heise security News Lesen Sie den originalen Artikel: Sicherheitsupdates: Root-Sicherheitslücke bedroht Cisco-ASR-Router
Abusing with style: Leveraging cascading style sheets for evasion and tracking
Cascading Style Sheets (CSS) are ever present in modern day web browsing, however its far from their own use. This blog will detail the ways adversaries use CSS in email campaigns for evasion and tracking. This article has been indexed…
Investigating Scam Crypto Investment Platforms Using Pyramid Schemes to Defraud Victims
We identified a campaign spreading thousands of sca crypto investment platforms through websites and mobile apps, possibly through a standardized toolkit. The post Investigating Scam Crypto Investment Platforms Using Pyramid Schemes to Defraud Victims appeared first on Unit 42. This…
How to set up Bitwarden for personal and work use – and why you should keep them separate
Don’t let work invade your personal life. Separate your passwords with two Bitwarden accounts for better security and peace of mind. This article has been indexed from Latest stories for ZDNET in Security Read the original article: How to set…
6 Potential Security Concerns With the Eventual Rollout of 6G
6G could be available by the end of the decade, which should decrease latency and connectivity speeds for users. However, these wireless networks present new cybersecurity challenges. What should industry professionals prepare for? What Is 6G? 6G will be the…
‘People Are Scared’: Inside CISA as It Reels From Trump’s Purge
Employees at the Cybersecurity and Infrastructure Security Agency tell WIRED they’re struggling to protect the US while the administration dismisses their colleagues and poisons their partnerships. This article has been indexed from Security Latest Read the original article: ‘People Are…
Flugticketgroßhändler: Cyberangriff legt Buchungssystem von Aerticket lahm
Nach einem Hackerangriff ist das Buchungssystem von Aerticket vorerst unbrauchbar. Eine schnelle Wiederherstellung ist wohl nicht zu erwarten. (Cybercrime, Cyberwar) Dieser Artikel wurde indexiert von Golem.de – Security Lesen Sie den originalen Artikel: Flugticketgroßhändler: Cyberangriff legt Buchungssystem von Aerticket lahm
Modat launches premier product, Modat Magnify for Cybersecurity Professionals
The Hague, the Netherlands, 13th March 2025, CyberNewsWire This article has been indexed from Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News Read the original article: Modat launches premier product, Modat Magnify for Cybersecurity Professionals
Medusa ransomware hit over 300 critical infrastructure organizations until February 2025
The Medusa ransomware operation hit over 300 organizations in critical infrastructure sectors in the United States until February 2025. The FBI, CISA, and MS-ISAC have issued a joint advisory detailing Medusa ransomware tactics, techniques, and indicators of compromise (IOCs) based…
Fake Captcha Malware Attacking Windows Users To execute PowerShell Commands
A sophisticated malware campaign is targeting Windows users through deceptive CAPTCHA verification prompts that trick victims into executing malicious PowerShell scripts. This resurgence of fake CAPTCHA attacks, identified in early February 2025, represents a growing threat as attackers continue to…
Hackers Using JSPSpy Tool To Manage Malicious Webshell Infrastructure
Cybersecurity researchers have identified a cluster of servers hosting JSPSpy, a Java-based webshell first observed in 2013, now being deployed alongside a rebranded file management tool. The webshell features a graphical interface enabling remote access and file management capabilities, making…
GitLab Warns of Multiple Vulnerabilities Let Attackers Login as Valid User
GitLab has released critical security patches for multiple vulnerabilities that could potentially allow attackers to authenticate as legitimate users or even execute remote code under specific circumstances. The company has urged all self-managed GitLab installations to immediately upgrade to versions…
Google Chrome und Microsoft Edge: Mehrere Schwachstellen
Es bestehen mehrere Schwachstellen in Google Chrome und Microsoft Edge. Ein Angreifer kann diese Schwachstellen ausnutzen, um Dienste zum Absturz zu bringen, bösartigen Code auszuführen, Daten zu verändern, vertrauliche Informationen zu stehlen und Sicherheitsvorkehrungen zu umgehen. Damit die Schwachstellen erfolgreich…
Sicherheitslücken: Gitlab-Entwickler raten zu zügigem Update
Es sind wichtige Sicherheitsupdates für die Softwareentwicklungsplattform Gitlab erschienen. Dieser Artikel wurde indexiert von heise security News Lesen Sie den originalen Artikel: Sicherheitslücken: Gitlab-Entwickler raten zu zügigem Update
[UPDATE] [kritisch] Webkit/Apple : Schwachstelle ermöglicht Umgehung von Sicherheitsmechanismen
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Webkit und in Apple iOS, Apple iPadOS, Apple macOS und Apple Safari ausnutzen, um Sicherheitsmechanismen zu umgehen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie…