In this Help Net Security interview, Rob Lee, Chief of Research and Head of Faculty at SANS Institute, discusses what a toxic environment looks like and how professionals can recognize red flags such as high turnover, burnout, and a pervasive…
IT Security News Hourly Summary 2025-02-03 06h : 8 posts
8 posts were published in the last hour 5:3 : Microsoft Advertisers Account Hacked Using Malicious Google Ads 5:3 : “Vámonos!” Declares DORA, but 43% of UK Financial Services Say “No” 5:3 : DoJ, Dutch Authorities Seize 39 Domains Selling…
Microsoft Advertisers Account Hacked Using Malicious Google Ads
Cybersecurity experts have uncovered a sophisticated phishing campaign targeting Microsoft advertising accounts. The attack, orchestrated through malicious Google Ads, aims to steal login credentials of users accessing Microsoft’s advertising platform. This incident highlights the growing risk of malvertising, where cybercriminals…
“Vámonos!” Declares DORA, but 43% of UK Financial Services Say “No”
On January 17TH, 2025, the EU’s Digital Operational Resilience Act (DORA) came into effect. However, a recent survey of 200 UK CISOs from Censuswide found that 43% of the UK financial services industry will miss this compliance deadline despite facing…
DoJ, Dutch Authorities Seize 39 Domains Selling Malicious Tools
The US Department of Justice (DoJ) and the Dutch National Police have seized 39 domains linked to a Pakistan-based cybercrime network operated by a group known as Saim Raza, or HeartSender. The sites sold malicious tools to transnational organized crime…
DragonNest – 511,290 breached accounts
In August 2013, the massively multiplayer online role-playing game (MMORGP) DragonNest suffered a data breach that was later redistributed as part of a larger corpus of data. The breach exposed over 500k unique email addresses along with usernames, IP addresses…
New Windows 11 (x64) Modern Kernel Race Conditions Uncovered – PoC Released
A sophisticated race condition vulnerability affecting Windows 11 (x64) kernel operations, highlighting ongoing concerns about kernel-level security in modern operating systems. These race conditions, which stem from the operating system’s inability to synchronize shared resources during concurrent operations properly, could…
BadDNS: Open-source tool checks for subdomain takeovers
BadDNS is an open-source Python DNS auditing tool designed to detect domain and subdomain takeovers of all types. BadDNS modules cname – Check for dangling CNAME records and interrogate them for subdomain takeover opportunities ns – Check for dangling NS…
How to use iCloud Private Relay for enhanced privacy
iCloud Private Relay, included with an iCloud+ subscription, enhances your privacy while browsing the web in Safari. When this feature is enabled, the traffic leaving your iPhone is encrypted and routed through two separate internet relays. This ensures that websites…
Only 3% of organizations have a dedicated budget for SaaS security
Mid-market organizations are grappling with managing the large volume of SaaS applications, both sanctioned and unsanctioned, with actual numbers often exceeding expectations, according to Cloud Security Alliance. Security teams are struggling with a growing attack surface Disconcertingly, 44% of organizations…
New Process Hollowing Attack Vectors Uncovered in Windows 11 (24H2)
The recent release of Windows 11 version 24H2 has introduced a range of new features and updates, but it has also raised significant cybersecurity concerns. A longstanding malware technique known as Process Hollowing or RunPE has encountered compatibility issues on…
DEF CON 32 – Navigating the Turbulent Skies of Aviation Cyber Regulation
Authors/Presenters: M. Weigand, S. Wagner Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel.…
Medical monitoring machines spotted stealing patient data, users warned to pull the plug ASAP
PLUS: MGM settles breach suits; AWS doesn’t trust you with security defaults; A new .NET backdoor; and more Infosec in brief The United States Food and Drug Administration has told medical facilities and caregivers that monitor patients using Contec equipment…
IT Security News Hourly Summary 2025-02-03 03h : 1 posts
1 posts were published in the last hour 2:4 : ISC Stormcast For Monday, February 3rd, 2025 https://isc.sans.edu/podcastdetail/9306, (Mon, Feb 3rd)
ISC Stormcast For Monday, February 3rd, 2025 https://isc.sans.edu/podcastdetail/9306, (Mon, Feb 3rd)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Monday, February 3rd, 2025…
The AI paradox: How tomorrow’s cutting-edge tools can become dangerous cyber threats (and what to do to prepare)
AI agents will bring enterprises to the next level, but the same applies to related vulnerabilities. Here are key tips to follow. This article has been indexed from Security News | VentureBeat Read the original article: The AI paradox: How…
IT Security News Hourly Summary 2025-02-03 00h : 3 posts
3 posts were published in the last hour 23:4 : Hackers Hijack JFK File Release: Malware & Phishing Surge 22:58 : IT Security News Weekly Summary 05 22:55 : IT Security News Daily Summary 2025-02-02
Hackers Hijack JFK File Release: Malware & Phishing Surge
Veriti Research has uncovered a potentially growing cyber threat campaign surrounding the release of the declassified JFK, RFK, and MLK files. Attackers are capitalizing on public interest in these historical documents to launch potential malware campaigns, phishing schemes, and exploit…
IT Security News Weekly Summary 05
210 posts were published in the last hour 22:55 : IT Security News Daily Summary 2025-02-02 21:5 : „Sie sollten besser aufpassen“: So absurd war das erste Chatbot-Gespräch der Welt 21:5 : Schock für Investoren: KI-Startup-Gründer verprasst 60 Millionen Dollar…
IT Security News Daily Summary 2025-02-02
39 posts were published in the last hour 21:5 : „Sie sollten besser aufpassen“: So absurd war das erste Chatbot-Gespräch der Welt 21:5 : Schock für Investoren: KI-Startup-Gründer verprasst 60 Millionen Dollar 20:5 : IT Security News Hourly Summary 2025-02-02…
„Sie sollten besser aufpassen“: So absurd war das erste Chatbot-Gespräch der Welt
Bereits 1972 haben zwei Chatbots über das Netz miteinander gesprochen: einer als Psychotherapeut, der andere als Patient. Das Ergebnis war nicht nur skurril, sondern sollte auch der Forschung dienen. Dieser Artikel wurde indexiert von t3n.de – Software & Entwicklung Lesen…
Schock für Investoren: KI-Startup-Gründer verprasst 60 Millionen Dollar
Immobilien, Schmuck, ein Tesla und eine luxuriöse Hochzeit – der Gründer des US-amerikanischen KI-Startups On Platform hat es sich auf Kosten seiner Investor:innen gut gehen lassen und sitzt jetzt in Haft. Dieser Artikel wurde indexiert von t3n.de – Software &…
IT Security News Hourly Summary 2025-02-02 21h : 1 posts
1 posts were published in the last hour 19:32 : New Phishing Scam Targets Amazon Prime Subscribers
New Phishing Scam Targets Amazon Prime Subscribers
< p style=”text-align: justify;”> A new cyber attack is putting Amazon Prime subscribers at risk. Hackers are sending malicious emails warning users that their Prime membership is about to expire. These emails contain attachments with dangerous links that redirect…