A newly disclosed vulnerability, CVE-2025-33073, dubbed the “Reflective Kerberos Relay Attack,” has shaken the Windows security landscape. Discovered by RedTeam Pentesting and patched by Microsoft on June 10, 2025, this flaw allows low-privileged Active Directory users to escalate privileges to…
Hackers Advertising New Blackhat Tool Nytheon AI on Popular Hacking Forums
A sophisticated new threat platform, Nytheon AI, has emerged, which combines multiple uncensored large language models (LLMs) built specifically for malicious activities. The platform, discovered by Cato CTRL, is being actively promoted on popular hacking forums, including XSS and various…
CISA Releases Guide to Protect Network Edge Devices From Hackers
CISA and international cybersecurity partners have released a comprehensive suite of guidance documents aimed at protecting critical network edge devices from increasingly sophisticated cyberattacks. This coordinated effort, involving cybersecurity authorities from nine countries, including Australia, Canada, the United Kingdom, and…
Phishing Alert as Erie Insurance Reveals Cyber “Event”
Erie Insurance reveals suspected network breach and ongoing outage This article has been indexed from www.infosecurity-magazine.com Read the original article: Phishing Alert as Erie Insurance Reveals Cyber “Event”
CCC: Gesammelte Ausweisdaten von Übernachtungsdienstleister Numa gefunden
Ein Mitglied des Chaos Computer Clubs wollte eigentlich nur übernachten – und fand eine vollständige Kundendatensammlung. Dieser Artikel wurde indexiert von heise security News Lesen Sie den originalen Artikel: CCC: Gesammelte Ausweisdaten von Übernachtungsdienstleister Numa gefunden
WiredBucks – 918,529 breached accounts
In May 2022, the now defunct social media influencer platform WiredBucks suffered a data breach that was later redistributed as part of a larger corpus of data. The incident exposed over 900k email and IP addresses alongside names, usernames, earnings…
Interpol Targets Infostealers: 20,000 IPs Taken Down, 32 Arrested, 216,000 Victims Notified
Interpol has announced a crackdown on infostealer malware in Asia as part of an effort called Operation Secure. The post Interpol Targets Infostealers: 20,000 IPs Taken Down, 32 Arrested, 216,000 Victims Notified appeared first on SecurityWeek. This article has been…
Palo Alto Networks Patches Privilege Escalation Vulnerabilities
Palo Alto Networks has released patches for seven vulnerabilities and incorporated the latest Chrome fixes in its products. The post Palo Alto Networks Patches Privilege Escalation Vulnerabilities appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
Why Open-Source Encryption and Automated Key Rotation Aren’t Enough Without Certificate Management
As organizations scale and adopt cloud-native architectures, the way they manage encryption — particularly how they issue, track and rotate certificates — has never been more critical. The post Why Open-Source Encryption and Automated Key Rotation Aren’t Enough Without Certificate…
File Data: The Hidden Ransomware Threat Costing Enterprises Millions
Your weakest link doesn’t have to stay weak. Rethink file data management strategy today to secure your organization’s data—and trust. The post File Data: The Hidden Ransomware Threat Costing Enterprises Millions appeared first on Security Boulevard. This article has been…
ConnectWise to Rotate ScreenConnect Code Signing Certificates Due to Security Risks
ConnectWise has disclosed that it’s planning to rotate the digital code signing certificates used to sign ScreenConnect, ConnectWise Automate, and ConnectWise remote monitoring and management (RMM) executables due to security concerns. The company said it’s doing so “due to concerns…
IT Security News Hourly Summary 2025-06-12 09h : 4 posts
4 posts were published in the last hour 6:33 : [UPDATE] [mittel] Mattermost: Mehrere Schwachstellen 6:33 : CISA Issues Comprehensive Guide to Safeguard Network Edge Devices 6:33 : Cybercriminals are turning stolen data into a thriving black market 6:32 :…
Übernachtungsdienstleister Numa: CCC findet gesammelte Ausweisdaten
Ein Mitglied des Chaos Computer Clubs wollte eigentlich nur übernachten – und fand eine vollständige Kundendatensammlung. Dieser Artikel wurde indexiert von heise security News Lesen Sie den originalen Artikel: Übernachtungsdienstleister Numa: CCC findet gesammelte Ausweisdaten
[NEU] [mittel] IBM Security Guardium: Schwachstelle ermöglicht Privilegieneskalation
Ein lokaler Angreifer kann eine Schwachstelle in IBM Security Guardium ausnutzen, um seine Privilegien zu erhöhen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel: [NEU] [mittel] IBM Security Guardium: Schwachstelle…
[NEU] [hoch] Microsoft 365 Copilot: Schwachstelle ermöglicht Offenlegung von Informationen
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Microsoft 365 Copilot ausnutzen, um Informationen offenzulegen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel: [NEU] [hoch] Microsoft 365 Copilot: Schwachstelle ermöglicht…
0-Click Vulnerability in Microsoft 365 Copilot Exposes Sensitive Data via Teams
Security researchers have uncovered the first-ever zero-click vulnerability in an AI agent, targeting Microsoft 365 Copilot and potentially exposing sensitive organizational data through a sophisticated attack chain dubbed “EchoLeak.” The critical flaw, assigned CVE-2025-32711 with a CVSS score of 9.3,…
Exposed eyes: 40,000 security cameras vulnerable to remote hacking
Over 40,000 internet-exposed security cameras worldwide are vulnerable to remote hacking, posing serious privacy and security risks. Bitsight warns that over 40,000 security cameras worldwide are exposed to remote hacking due to unsecured HTTP or RTSP (Real-Time Streaming Protocol) access.…
Top 12 Continuous Security Monitoring (CSM) Tools for Proactive Defense
As your business grows, so do the risks. Regulatory requirements pile up, and new attack methods evolve. At some point or other, you’re left wondering: Is it time to invest in Continuous Security Monitoring (CSM) tools? This is where the…
Smartphones: Größte Schwachstelle in Unternehmen
Mobile Endgeräte sind eine kritische Infrastruktur für Unternehmen: Unscheinbar. Allgegenwärtig. Hochriskant. Dieser Artikel wurde indexiert von IT-News Cybersicherheit – silicon.de Lesen Sie den originalen Artikel: Smartphones: Größte Schwachstelle in Unternehmen
Unerwartete Neustarts: Windows 11 24H2 bekommt nach Patchday ein Sonderupdate
Einige Systeme mit Windows 11 24H2 führen nach Installation des Juni-Updates KB5060842 unerwartete Neustarts aus. Ein Ersatzupdate soll es richten. (Updates & Patches, Microsoft) Dieser Artikel wurde indexiert von Golem.de – Security Lesen Sie den originalen Artikel: Unerwartete Neustarts: Windows…
Lemony mitigates privacy and compliance risks associated with cloud-based AI
Lemony announced its on-premise artificial intelligence solution that is redefining how organizations deploy generative AI. Lemony’s secure, hardware-based node offers enterprise-grade ‘AI in a Box,’ empowering companies to run advanced, end-to-end AI workflows privately, instantly, and without cloud dependence. Lemony’s…
CoPilot zero-click, Operation Secure, FIN6 targets recruiters
Zero-click data leak flaw in Copilot Operation Secure targets infostealer operations FIN6 targets recruiters Huge thanks to our sponsor, Vanta Is your manual GRC program slowing you down? There’s something more efficient than spreadsheets, screenshots, and manual processes — Vanta.…
Vorsorge in der IT-Sicherheit
KRITIS-Einrichtungen im Gesundheitsbereich sind beliebtes Angriffsziel von Cyberkriminellen und müssen sich verstärkt gegen Risiken wappnen. Dieser Artikel wurde indexiert von Newsfeed Lesen Sie den originalen Artikel: Vorsorge in der IT-Sicherheit
Microsoft: Windows-11-24H2-Update durch Update außer der Reihe ersetzt
Microsoft hat das Patchday-Update für Windows 11 24H2 wegen Kompatibilitätsproblemen mit einem ungeplanten Update ersetzt. Dieser Artikel wurde indexiert von heise security News Lesen Sie den originalen Artikel: Microsoft: Windows-11-24H2-Update durch Update außer der Reihe ersetzt