Ein entfernter, anonymer Angreifer kann eine Schwachstelle in GStreamer ausnutzen, um einen Denial of Service Angriff durchzuführen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel: [NEU] [hoch] GStreamer: Schwachstelle ermöglicht…
[NEU] [hoch] ConnectWise ScreenConnect: Schwachstelle ermöglicht Codeausführung
Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in ConnectWise ScreenConnect ausnutzen, um beliebigen Programmcode auszuführen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel: [NEU] [hoch] ConnectWise ScreenConnect: Schwachstelle ermöglicht Codeausführung
[UPDATE] [hoch] SAP Patchday April 2025: Mehrere Schwachstellen
Ein Angreifer kann mehrere Schwachstellen in SAP Software ausnutzen, um beliebigen Programmcode auszuführen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen…
159 CVEs Exploited in the Wild in Q1 2025, 8.3% Targeted Within 1-Day Vulnerabilities Exploited
VulnCheck’s latest report for Q1 2025 has identified 159 Common Vulnerabilities and Exposures (CVEs) publicly disclosed as exploited in the wild for the first time. Alarmingly, 28.3% of these Known Exploited Vulnerabilities (KEVs) saw evidence of exploitation within just one…
New Report Reveals How AI is Rapidly Enhancing Phishing Attack Precision
The Zscaler ThreatLabz 2025 Phishing Report unveils the alarming sophistication of modern phishing attacks, driven by generative AI (GenAI). By examining over 2 billion blocked phishing transactions on the Zscaler Zero Trust Exchange™ cloud security platform from January to December…
Sicherheitsupdates: Nvidia-Grafikkartentreiber unter Linux und Windows löchrig
Drei Sicherheitslücken gefährden PCs mit einer Grafikkarte von Nvidia. Im schlimmsten Fall kann Schadcode auf Linux-Systeme gelangen. Dieser Artikel wurde indexiert von heise security News Lesen Sie den originalen Artikel: Sicherheitsupdates: Nvidia-Grafikkartentreiber unter Linux und Windows löchrig
[UPDATE] [mittel] Ruby: Schwachstelle ermöglicht Manipulation von Dateien
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Ruby ausnutzen, um Dateien zu manipulieren. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel: [UPDATE] [mittel] Ruby: Schwachstelle ermöglicht Manipulation von Dateien
Earth Kurma APT Campaign Targets Southeast Asian Government, Telecom Sectors
An APT group dubbed Earth Kurma is actively targeting government and telecommunications organizations in Southeast Asia using advanced malware, rootkits, and trusted cloud services to conduct cyberespionage. This article has been indexed from Trend Micro Research, News and Perspectives Read…
FBI Offers $10 Million Reward for information on Salt Typhoon Hackers
The Federal Bureau of Investigation (FBI), in partnership with the U.S. Department of State, has announced a reward of up to $10 million for information leading to the identification or location of individuals connected to the recent “Salt Typhoon” cyberattacks.…
Hackers Claim TikTok Breach, Leak Over 900,000 Usernames and Passwords
A hacker collective known as R00TK1T claims to have breached TikTok’s user database, allegedly leaking login information for over 900,000 users. The group, which has previously made waves in the hacking community with bold claims—often with little substantiated evidence—has taken…
5 Most Common Security Attack Methods in 2024: Mandiant’s M-Trends Report
Mandiant, which was acquired by Google Cloud in 2022, paints a picture of global cyber threats from last year in order to help readers be better prepared this year. This article has been indexed from Security | TechRepublic Read the…
Cloud Infrastructure Security: Threats, Challenges & How to Protect Your Data
As cloud environments become more complex, ensuring robust security for your cloud infrastructure is no longer an option, but a necessity. The post Cloud Infrastructure Security: Threats, Challenges & How to Protect Your Data appeared first on Security Boulevard. This…
Rubrik Identity Resilience protects vulnerable authentication infrastructure
Rubrik announced its upcoming solution, Identity Resilience, designed to secure the entire identity landscape alongside data. Identity Resilience aims to protect the most common entry points for attackers – human and non-human identities (NHIs) – to help organizations maintain operations…
Detectify Asset Classification and Scan Recommendations improves vulnerability testing
Detectify announced new Asset Classification and Scan Recommendations capabilities. This innovation directly addresses a critical challenge for security teams: knowing what else, beyond their core applications, requires in-depth testing. The new features automatically classify discovered web assets based on attacker…
Why the road from passwords to passkeys is long, bumpy, and worth it – probably
The passkey standard has reached a precarious moment. Let’s not blow it, OK? This article has been indexed from Latest stories for ZDNET in Security Read the original article: Why the road from passwords to passkeys is long, bumpy, and…
AI Experts Warn Against OpenAI’s For-Profit Pivot: ‘Safeguards Could Vanish Overnight’
OpenAI’s possible restructuring to a for-profit model is receiving pushback from former staff, Nobel Laureates, and AI pioneers. This article has been indexed from Security | TechRepublic Read the original article: AI Experts Warn Against OpenAI’s For-Profit Pivot: ‘Safeguards Could…
Interlock ransomware gang started leaking data allegedly stolen from leading kidney dialysis firm DaVita
The Interlock ransomware gang claimed responsibility for the attack on the leading kidney dialysis company DaVita and leaked alleged stolen data. DaVita Inc. provides kidney dialysis services through a network of 2,675 outpatient centers in the United States, serving 200,800 patients, and 367…
Vanta AI Security Assessment evaluates AI risk
Vanta announced new ways to help organizations demonstrate AI security and evaluate AI risk across their ecosystem. With the launch of Vanta’s new AI Security Assessment offering, customers using, developing or building with AI can now more effectively address critical…
LastPass Secure Access Experiences simplifies access management
As cloud app adoption continues to rise, and the modern workplace continues to evolve, LastPass will introduce a new approach to democratize access management. Built with the needs of small-to-mid-sized businesses in mind, Secure Access Experiences represents a more unified,…
Dashlane introduces Omnix for AI-powered credential protection
Dashlane unveiled a new approach to addressing human risk in response to the rise of AI-driven phishing attacks and shadow IT in corporate environments. Built on innovation that pushes beyond vault-based password management, Dashlane Omnix is the AI-accelerated credential security platform…
BreachLock AEV simulates Real attacks to validate and prioritize exposures
BreachLock AEV automates multistep, threat-intelligence-led attack scenarios—helping security teams uncover real exposures and prioritize what matters most. Going beyond just showing security teams their risk, BreachLock Adversarial Exposure Validation simulates how real-world adversaries would exploit it by mirroring their behavior…
IT Security News Hourly Summary 2025-04-25 09h : 10 posts
10 posts were published in the last hour 6:33 : Microsoft’s Patch for Symlink Vulnerability Introduces New Windows Denial-of-Service Flaw 6:33 : Verizon DBIR Report – Small Businesses Emerges as Prime Targets for Ransomware Attacks 6:33 : Threat Actors Attacking…
50 Jahre Know-how in Sachen Sicherheit
Videor feiert 50-jähriges Bestehen und setzt in Zukunft seinen Fokus unter anderem auf neue Lösungen und intensive Partnerschaften im Bereich der Sicherheitstechnik. Dieser Artikel wurde indexiert von Newsfeed Lesen Sie den originalen Artikel: 50 Jahre Know-how in Sachen Sicherheit
Recycling und Entsorgung: Cyberangriff drängt Familienunternehmen in die Insolvenz
Bei der deutschen Recyclingfirma Eu-Rec ist es finanziell zuletzt nicht gut gelaufen. Nach einer Cyberattacke folgt nun ein Insolvenzverfahren. (Cybercrime, Cyberwar) Dieser Artikel wurde indexiert von Golem.de – Security Lesen Sie den originalen Artikel: Recycling und Entsorgung: Cyberangriff drängt Familienunternehmen…