Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen oder einen unspezifischen Angriff durchzuführen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel:…
[UPDATE] [hoch] Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service
Ein Angreifer kann mehrere Schwachstellen in Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen oder nicht näher beschriebene Auswirkungen zu erzielen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen…
Xerox VersaLink C7025 Multifunction printer flaws may expose Windows Active Directory credentials to attackers
Xerox VersaLink C7025 Multifunction printer flaws could allow attackers to capture authentication credentials via pass-back attacks via LDAP and SMB/FTP services. Rapid7 researchers discovered vulnerabilities in Xerox Versalink C7025 Multifunction printers (MFPs) that could allow attackers to capture authentication credentials…
Schlösser – die Basis für Einbruchschutz
Die Zahl der Einbrüche in Deutschland ist im letzten Jahr erneut gestiegen. Auch das Bedürfnis nach mehr Sicherheit im privaten als auch im Objektbereich wächst. Der Markt bietet diverse Lösungen für den Einbruchschutz, wie Schlösser. Dieser Artikel wurde indexiert von…
Xerox Versalink: Multifunktionsdrucker geben Zugangsdaten preis
In den Versalink-Multifunktionsdruckern von Xerox wurden Schwachstellen entdeckt, durch die Angreifer Zugangsdaten abgreifen können. Dieser Artikel wurde indexiert von heise Security Lesen Sie den originalen Artikel: Xerox Versalink: Multifunktionsdrucker geben Zugangsdaten preis
Meta To Build World’s Longest Subsea Fibre Cable
Meta Platforms announces plan to build Project Waterworth, a 50,000 km cable linking five continents as it ramps infrastructure investments This article has been indexed from Silicon UK Read the original article: Meta To Build World’s Longest Subsea Fibre Cable
BitConnect Scam Exposed as Indian Authorities Seize Illicit Gains
The Directorate of Enforcement (ED) in Ahmedabad has dealt a significant blow to one of history’s largest cryptocurrency frauds, recovering Rs. 1,646 crore (approx. $219 million) in illicit crypto assets linked to the BitConnect Ponzi scheme during coordinated raids on 11 and…
Vgod RANSOMWARE Encrypt Your Entire System and Set A Ransom Notes As Wallpaper
A new ransomware strain dubbed Vgod has emerged recently as a critical cybersecurity threat. This new ransomware employs advanced encryption techniques and psychological pressure tactics. While the ransomware do so by altering the desktop wallpapers of the targeted victims. First…
LibreOffice Vulnerabilities Let Attackers Write to Arbitrary File & Extract Values
Critical vulnerabilities in LibreOffice (CVE-2024-12425 and CVE-2024-12426) allow attackers to overwrite arbitrary files and retrieve sensitive system data via malicious documents. These flaws affect both desktop users and server-side implementations, posing significant risks to enterprises and individual users relying on…
WinRAR 7.10 Latest Version Released For 500 Million Users – What’s New
The latest version of the widely-used file compression tool, WinRAR 7.10, introduces a suite of significant updates aimed at enhancing user experience, performance, and security. Released on February 18, 2025, this iteration marks a major overhaul of the software’s interface,…
Zservers takedown, Zelle payment blocks, Finastra data breach
Dutch Police take down Zservers Chase to block Zelle payments to sellers on social media Finastra notifies victims of October data breach Thanks to today’s episode sponsor, Scrut Automation Scrut Automation allows compliance and risk teams of any size to…
CYBERSNACS # Folge 31: Wie cybersicher ist die Bundestagswahl 2025?
Das BSI sieht die Durchführung der Bundestagswahl 2025 in puncto Cybersicherheit nicht als gefährdet an. Grund ist, dass in Deutschland – bis auf wenige Ausnahmen – auf Papier gewählt wird, sagt Konstantin Beck in Folge #31 unseres Podcasts CYBERSNACS Dieser…
Laserjet: Teils kritische Schwachstellen gefährden zahllose HP-Drucker
Angreifer können die Lücken ausnutzen, um aus der Ferne und ohne jegliche Authentifizierung oder Nutzerinteraktion Schadcode auszuführen. (Sicherheitslücke, Drucker) Dieser Artikel wurde indexiert von Golem.de – Security Lesen Sie den originalen Artikel: Laserjet: Teils kritische Schwachstellen gefährden zahllose HP-Drucker
Black-Hat SEO Poisioning Attacks Exploit Indian Government and Financial Websites
A sophisticated black-hat SEO poisoning campaign has compromised over 150 Indian government websites and financial institutions, redirecting millions of users to fraudulent gambling platforms promoting rummy and high-risk “investment” games. The operation, exploits vulnerabilities in government portals (.gov.in) and educational…
New XCSSET macOS malware variant used in limited attacks
Microsoft discovered a new variant of the Apple macOS malware XCSSET that was employed in limited attacks in the wild. Microsoft Threat Intelligence discovered a new variant of the macOS malware XCSSET in attacks in the wild. XCSSET is a sophisticated modular…
New Xerox Printer Flaws Could Let Attackers Capture Windows Active Directory Credentials
Security vulnerabilities have been disclosed in Xerox VersaLink C7025 Multifunction printers (MFPs) that could allow attackers to capture authentication credentials via pass-back attacks via Lightweight Directory Access Protocol (LDAP) and SMB/FTP services. “This pass-back style attack leverages a vulnerability that…
Final Draft Malware Attacks Using Outlook: Cyber Security Today for Tuesday, February 18th, 2025
Critical PostgreSQL Bug Exploited in Treasury Hack & New Threats Unveiled – Cybersecurity Today In today’s episode of Cybersecurity Today, hosted by Jim Love, we delve into major cybersecurity events, including a crucial PostgreSQL vulnerability exploited in the U.S. Treasury…
IT Security News Hourly Summary 2025-02-18 09h : 4 posts
4 posts were published in the last hour 7:32 : Beware of Fake Timesheet Report Email Leading to the Tycoon 2FA Phishing Kit 7:32 : ChatGPT Operator Prompt Injection Exploit Leaking Private Data 7:16 : heise-Angebot: iX-Workshop: Active Directory Hardening…
Beware of Fake Timesheet Report Email Leading to the Tycoon 2FA Phishing Kit
A new wave of phishing attacks is exploiting fake timesheet report emails to lure victims into the sophisticated Tycoon 2FA phishing kit. This campaign leverages Pinterest Visual Bookmarks as intermediaries, adding a deceptive layer of legitimacy to its tactics. Spider…
ChatGPT Operator Prompt Injection Exploit Leaking Private Data
OpenAI’s ChatGPT Operator, a cutting-edge research preview tool designed for ChatGPT Pro users, has recently come under scrutiny for vulnerabilities that could expose sensitive personal data through prompt injection exploits. ChatGPT Operator is an advanced AI agent equipped with web…
heise-Angebot: iX-Workshop: Active Directory Hardening – Vom Audit zur sicheren Umgebung
Lernen in einer Übungsumgebung: Sicherheitsrisiken in der Windows-Active-Directory-Infrastruktur erkennen und beheben, um die IT vor Cyberangriffen zu schützen. Dieser Artikel wurde indexiert von heise Security Lesen Sie den originalen Artikel: heise-Angebot: iX-Workshop: Active Directory Hardening – Vom Audit zur sicheren…
WinRAR 7.10 Latest Version Released – What’s New!
The popular file compression and archiving tool, WinRAR 7.10, has released with new features, interface enhancements, and improved performance. WinRAR 7.10 represents a landmark update that modernizes core components while addressing evolving user needs in data management and system security.…
AI Data Breach will surge by 2027 because of misuse of GenAI
Elon Musk, the CEO of Tesla and owner of Twitter (now X), has long expressed concerns about the potential dangers of Generative AI, even suggesting it could lead to a global “doomsday” scenario. His warnings are now gaining attention, as…
Cybersecurity Jobs in Most Demand in 2025
With the rapid expansion of digital transformation and the increasing sophistication of cyber threats, the demand for skilled cybersecurity professionals continues to rise. Organizations across industries are prioritizing security to protect sensitive data, infrastructure, and operations from cyberattacks. As we…