Cybersecurity researchers have flagged two malicious packages that were uploaded to the Python Package Index (PyPI) repository and came fitted with capabilities to exfiltrate sensitive information from compromised hosts, according to new findings from Fortinet FortiGuard Labs. The packages, named…
[NEU] [hoch] CrushFTP: Schwachstelle ermöglicht Privilegieneskalation
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in CrushFTP ausnutzen, um seine Privilegien zu erhöhen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel: [NEU] [hoch] CrushFTP: Schwachstelle ermöglicht Privilegieneskalation
Impact of Unpatched Vulnerabilities in 2025
Vulnerability-based attacks are growing. Undoubtedly, these attacks are hackers’ favorite ways to gain initial access. Such attacks rose by 124% in the third quarter of 2024 compared to 2023. Furthermore, the quick shot of hackers taking advantage of the security…
Spyware Maker NSO Group Found Liable for Hacking WhatsApp
A judge has found that NSO Group, maker of the Pegasus spyware, has violated the US Computer Fraud and Abuse Act by hacking WhatsApp in order to spy on people using it. Jon Penney and I wrote a legal paper…
US and Japan Blame North Korea for $308m Crypto Heist
A joint US-Japan alert attributed North Korean hackers with a May 2024 crypto heist worth $308m from Japan-based company DMM This article has been indexed from www.infosecurity-magazine.com Read the original article: US and Japan Blame North Korea for $308m Crypto…
What do ransomware and Jesus have in common? A birth month and an unwillingness to die
35 years since AIDS first borked a PC and we’re still no closer to a solution Feature Your Christmas holidays looked quite different in the ’80s to how they do today. While some will remember what it was like to…
American Addiction Centers Data Breach Impacts 422,000 People
American Addiction Centers says the personal information of more than 422,000 people was stolen in a data breach. The post American Addiction Centers Data Breach Impacts 422,000 People appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Albania Bans TikTok For One Year After Stabbing
Albania to ban access to TikTok for one year after schoolboy stabbed to death, as regulators seek child social media protections This article has been indexed from Silicon UK Read the original article: Albania Bans TikTok For One Year After…
Microsoft Diversifying 365 Copilot Away From OpenAI
Microsoft reportedly adding internal and third-party AI models to enterprise 365 Copilot offering as it seeks to diversify, cut costs This article has been indexed from Silicon UK Read the original article: Microsoft Diversifying 365 Copilot Away From OpenAI
Spyware Maker NSO Group Found Liable In US Court
Landmark ruling finds NSO Group liable on hacking charges in US federal court, after Pegasus spyware used to hack journalists, activists This article has been indexed from Silicon UK Read the original article: Spyware Maker NSO Group Found Liable In…
2025 NDAA Provides $3 Billion Funding for FCC’s Rip-and-Replace Program
The 2025 National Defense Authorization Act (NDAA) has been signed into law and it authorizes several cyber-related initiatives. The post 2025 NDAA Provides $3 Billion Funding for FCC’s Rip-and-Replace Program appeared first on SecurityWeek. This article has been indexed from…
Altersvorsorge ade: NFT-Scammer bringt 85-jährigen Künstler um seine Ersparnisse
Der Betrüger gab sich als Kunsthändler aus und wollte die Werke des 85-Jährigen als NFTs gewinnbringend verkaufen. Am Ende verlor der Künstler sein ganzes Geld. (Cybercrime, Security) Dieser Artikel wurde indexiert von Golem.de – Security Lesen Sie den originalen Artikel:…
[UPDATE] [hoch] Microsoft Windows: Mehrere Schwachstellen
Ein Angreifer kann mehrere Schwachstellen in verschiedenen Versionen von Microsoft Windows und Microsoft Windows Server ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuführen, seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen. Dieser Artikel…
Adobe Patches ColdFusion Flaw at High Risk of Exploitation
Adobe has released patches for a high-severity ColdFusion vulnerability for which proof-of-concept (PoC) code exists. The post Adobe Patches ColdFusion Flaw at High Risk of Exploitation appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
CISA Adds Acclaim USAHERDS Vulnerability to KEV Catalog Amid Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a now-patched high-severity security flaw impacting Acclaim Systems USAHERDS to the Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation in the wild. The vulnerability in question…
North Korean Hackers Pull Off $308M Bitcoin Heist from Crypto Firm DMM Bitcoin
Japanese and U.S. authorities have formerly attributed the theft of cryptocurrency worth $308 million from cryptocurrency company DMM Bitcoin in May 2024 to North Korean cyber actors. “The theft is affiliated with TraderTraitor threat activity, which is also tracked as…
IT Security News Hourly Summary 2024-12-24 12h : 3 posts
3 posts were published in the last hour 10:32 : Spyware Maker NSO Group Liable for WhatsApp User Hacks 10:7 : [UPDATE] [mittel] PostgreSQL: Schwachstelle ermöglicht Denial Of Service 10:7 : One third of adults can’t delete device data
Spyware Maker NSO Group Liable for WhatsApp User Hacks
A US judge has ruled in favor of WhatsApp in a long-running case against commercial spyware-maker NSO Group This article has been indexed from www.infosecurity-magazine.com Read the original article: Spyware Maker NSO Group Liable for WhatsApp User Hacks
[UPDATE] [mittel] PostgreSQL: Schwachstelle ermöglicht Denial Of Service
Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in PostgreSQL ausnutzen, um einen Denial Of Service Angriff durchzuführen oder um Informationen offenzulegen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel: [UPDATE]…
One third of adults can’t delete device data
Easier to let those old phones gather dust in a draw, survey finds The UK’s Information Commissioner’s Office (ICO) has warned that many adults don’t know how to wipe their old devices, and a worrying number of young people just…
Von Anti-Piraterie-Gruppe: Usenet-Provider fordert nach Rechtsstreit Entschädigung
News-Service Europe musste 2011 wegen einer Klage bezüglich Online-Piraterie seine Dienste einstellen. Nach einem Sieg vor Gericht will der Provider nun Geld sehen. (Rechtsstreitigkeiten, Urheberrecht) Dieser Artikel wurde indexiert von Golem.de – Security Lesen Sie den originalen Artikel: Von Anti-Piraterie-Gruppe:…
Sega Considers Starting Own Game Subscription Service
Sega ‘evaluating’ starting its own game subscription service, as on-demand business model makes headway in video game business This article has been indexed from Silicon UK Read the original article: Sega Considers Starting Own Game Subscription Service
Google Proposes Remedies After Antitrust Defeat
Google proposes modest remedies to restore search competition, while decrying government overreach and planning appeal This article has been indexed from Silicon UK Read the original article: Google Proposes Remedies After Antitrust Defeat
Foldable Shipments Slow In China Amidst Global Growth Pains
Shipments of foldable smartphones show dramatic slowdown in world’s biggest smartphone market amidst broader growth pains for segment This article has been indexed from Silicon UK Read the original article: Foldable Shipments Slow In China Amidst Global Growth Pains