A critical security flaw has been disclosed in the Cacti open-source network monitoring and fault management framework that could allow an authenticated attacker to achieve remote code execution on susceptible instances. The flaw, tracked as CVE-2025-22604, carries a CVSS score…
How Interlock Ransomware Infects Healthcare Organizations
Ransomware attacks have reached an unprecedented scale in the healthcare sector, exposing vulnerabilities that put millions at risk. Recently, UnitedHealth revealed that 190 million Americans had their personal and healthcare data stolen during the Change Healthcare ransomware attack, a figure…
IT Security News Hourly Summary 2025-01-29 12h : 24 posts
24 posts were published in the last hour 10:42 : [NEU] [mittel] Rockwell Automation FactoryTalk (View SE): Mehrere Schwachstellen 10:42 : [NEU] [hoch] Rockwell Automation FactoryTalk (View ME): Mehrere Schwachstellen ermöglichen Privilegieneskalation 10:42 : [NEU] [UNGEPATCHT] [mittel] Red Hat OpenShift…
[NEU] [mittel] Rockwell Automation FactoryTalk (View SE): Mehrere Schwachstellen
Ein lokaler Angreifer kann mehrere Schwachstellen in Rockwell Automation FactoryTalk ausnutzen, um seine Privilegien zu erhöhen oder Sicherheitsmaßnahmen zu umgehen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel: [NEU] [mittel]…
[NEU] [hoch] Rockwell Automation FactoryTalk (View ME): Mehrere Schwachstellen ermöglichen Privilegieneskalation
Ein lokaler oder ein entfernter authentisierter Angreifer kann mehrere Schwachstellen in Rockwell Automation FactoryTalk ausnutzen, um beliebigen Code mit erhöhten Rechten auszuführen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel:…
[NEU] [UNGEPATCHT] [mittel] Red Hat OpenShift (Service Mesh): Mehrere Schwachstellen
Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Red Hat OpenShift ausnutzen, um Dateien zu manipulieren und einen Cross-Site-Scripting-Angriff durchzuführen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel: [NEU] [UNGEPATCHT]…
[NEU] [hoch] Google Chrome/ Microsoft Edge: Schwachstelle ermöglicht Codeausführung
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Google Chrome/ Microsoft Edge ausnutzen, um beliebigen Programmcode auszuführen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel: [NEU] [hoch] Google Chrome/ Microsoft…
Researchers Jailbreaked DeepSeek R1 to Generate Malicious Scripts
Researchers have successfully jailbroken DeepSeek R1, a cutting-edge reasoning model originating from China. Dubbed a potential challenger to tech giants like OpenAI, DeepSeek R1 has garnered international attention for its impressive problem-solving abilities in mathematics, logic, and coding. However, the…
Threat predictions for industrial enterprises 2025
Kaspersky ICS CERT analyzes industrial threat trends and makes forecasts on how the industrial threat landscape will look in 2025. This article has been indexed from Securelist Read the original article: Threat predictions for industrial enterprises 2025
How we estimate the risk from prompt injection attacks on AI systems
Posted by the Agentic AI Security Team < div> Modern AI systems, like Gemini, are more capable than ever, helping retrieve data and perform actions on behalf of users. However, data from external sources present new security challenges if untrusted…
Lynx Ransomware Infrastructure To Attack Windows, Linux, ESXi & Affiliate Panel Uncovered
Security experts has uncovered the sophisticated infrastructure of the Lynx Ransomware-as-a-Service (RaaS) group in a recent investigation. This ransomware group is Known for its cross-platform capabilities and affiliate-driven model. Lynx targets Windows, Linux, and VMware ESXi environments, posing a significant…
authID PrivacyKey protects users’ biometric identities
authID released PrivacyKey, a solution for protecting user biometric data while also avoiding all the compliance issues and risks related to biometric information storage. With the addition of PrivacyKey, authID serves as the ideal partner for organizations that previously delayed…
Industrielle Kontrollsysteme: Attacken auf kritische Infrastrukturen möglich
Es sind wichtige Sicherheitsupdates für industriellen Steuerungssysteme von unter anderem Rockwell und Schneider erschienen. Dieser Artikel wurde indexiert von heise Security Lesen Sie den originalen Artikel: Industrielle Kontrollsysteme: Attacken auf kritische Infrastrukturen möglich
Reaktion auf Semgrep: Opengrep sichert offene Codeanalyse-Tools
Opengrep bietet offene statische Codeanalyse. Unterstützt von einem Konsortium, bleibt es für Developer ohne kommerzielle Einschränkungen zugänglich. Dieser Artikel wurde indexiert von heise Security Lesen Sie den originalen Artikel: Reaktion auf Semgrep: Opengrep sichert offene Codeanalyse-Tools
Datenklau möglich: Neue CPU-Lücken gefährden iPhones, iPads und Macs
Zwei neue Angriffstechniken zielen auf Apple-Chips ab. Angreifer können aus der Ferne E-Mails, Zahlungsdaten und andere sensible Informationen abgreifen. (Sicherheitslücke, Apple) Dieser Artikel wurde indexiert von Golem.de – Security Lesen Sie den originalen Artikel: Datenklau möglich: Neue CPU-Lücken gefährden iPhones,…
Adversarial Misuse of Generative AI
< div class=”block-paragraph_advanced”> Rapid advancements in artificial intelligence (AI) are unlocking new possibilities for the way we work and accelerating innovation in science, technology, and beyond. In cybersecurity, AI is poised to transform digital defense, empowering defenders and enhancing our…
Cybersecurity in Banking: Strengthening Security Amid Rising AI Threats
As technology continues to evolve in today’s digital landscape, cybersecurity threats are becoming increasingly sophisticated. Financial institutions are one of the most vulnerable industries for cyberattacks due to their increasing reliance on technology and open banking for consumers to share…
US Probes DeepSeek National Security Implications
US officials investigating DeepSeek national security implications, amidst questions around privacy for AI start-up that rattled markets This article has been indexed from Silicon UK Read the original article: US Probes DeepSeek National Security Implications
CIS Control 04: Secure Configuration of Enterprise Assets and Software
Key Takeaways for Control 4 Most fresh installs of operating systems or applications come with preconfigured settings that are usually insecure or not properly configured with security in mind. Use the leverage provided by multiple frameworks such as CIS Benchmarks…
DeepSeek R1 Jailbroken to Generate Ransomware Development Scripts
DeepSeek R1, the latest AI model from China, is making waves in the tech world for its reasoning capabilities. Positioned as a challenger to AI giants like OpenAI, it has already climbed to 6th place on the Chatbot Arena benchmarking…
Critical Cacti Vulnerability Let Attackers Code Remotely – PoC Released
The widely used open-source network monitoring tool, Cacti, identified a critical vulnerability. The flaw, tracked as CVE-2025-22604 has a CVSS score of 9.1, indicating high severity. It allows authenticated users with device management permissions to execute arbitrary commands on the server,…
API Supply Chain Attack Exposes Millions of Airline Users Accounts to Hackers
A vulnerability in a third-party travel service API has exposed millions of airline users to potential account takeovers, enabling attackers to exploit airline loyalty points and access sensitive personal information. The flaw, discovered by Salt Labs, highlights the risks associated…
PoC Exploit Released for TP-Link Router Web Interface XSS Vulnerability
A Cross-Site Scripting (XSS) vulnerability has been identified in the TP-Link Archer A20 v3 router, specifically in firmware version 1.0.6 Build 20231011 rel.85717(5553). The issue stems from improper handling of directory listing paths on the router’s web interface. When a…
Hackers Actively Exploiting Zyxel 0-day Vulnerability to Execute Arbitrary Commands
A significant zero-day vulnerability in Zyxel CPE series devices, identified as CVE-2024-40891, is being actively exploited by attackers. This vulnerability enables attackers to execute arbitrary commands on affected devices, posing significant risks of system compromise, data theft, and network infiltration.…