Cisco Talos discovered an ongoing malicious campaign operated by a financially motivated threat actor targeting users, predominantly in Poland and Germany. This article has been indexed from Cisco Talos Blog Read the original article: New TorNet backdoor seen in widespread…
Apple Security Update – Patch for iOS Zero-day, MacOS & More
Apple has responded to a newly discovered zero-day vulnerability affecting its operating systems by releasing an array of security updates to protect users from potential exploitation. The updates span iOS, iPadOS, macOS, watchOS, tvOS, visionOS, and Safari, demonstrating Apple’s commitment…
EU announced sanctions on three members of Russia’s GRU Unit 29155
The EU sanctioned three members of Russia’s GRU Unit 29155 for cyberattacks on Estonia’s government agencies in 2020. The European Union announced sanctions for three members (Nikolay Korchagin, Vitaly Shevchenko, and Yuriy Denisov) of Unit 29155 of Russia’s military intelligence…
Hackers Using Hidden Text Salting Technique To Confuse Spam Filters & Evade Detection
Cybercriminals are increasingly employing a technique known as “hidden text salting” to bypass spam filters and evade detection. This method, which saw a surge in usage during the latter half of 2024, poses a significant threat to organizations relying on…
New Attack Mimics USPS To Deliver Malicious PDF In To Attack Mobile Devices
A sophisticated phishing campaign has been uncovered, leveraging malicious PDFs disguised as official U.S. Postal Service (USPS) communications to target mobile users. This attack, identified by Zimperium’s zLabs team, employs a novel obfuscation technique to bypass traditional endpoint security measures…
Apple Patches First Exploited iOS Zero-Day of 2025
Apple has released fixes for dozens of vulnerabilities in its mobile and desktop products, including an iOS zero-day exploited in attacks. The post Apple Patches First Exploited iOS Zero-Day of 2025 appeared first on SecurityWeek. This article has been indexed…
IT Security News Hourly Summary 2025-01-28 12h : 23 posts
23 posts were published in the last hour 10:36 : Apple macOS, iPadOS und iOS: : Mehrere Schwachstellen 10:36 : Juniper-Router: Maßgeschneiderte Backdoors warten auf Magic Packets 10:36 : Fix nur vor Ort möglich: Zyxel schickt Firewalls per Update in…
Apple macOS, iPadOS und iOS: : Mehrere Schwachstellen
Apple hat mehrere Schwachstellen in seinen Produkten Safari, iOS, iPadOS und macOS behoben. Ein Angreifer kann diese Schwachstellen ausnutzen, um Schadcode auszuführen, das System oder eine Anwendung zum Absturz bringen, um sensible Benutzerdaten preiszugeben, Dateien zu manipulieren, erweiterte Rechte bis…
Juniper-Router: Maßgeschneiderte Backdoors warten auf Magic Packets
IT-Forscher haben Backdoors auf Juniper-Routern entdeckt und untersucht. Sie werden durch Magic Packets aktiviert. Dieser Artikel wurde indexiert von heise Security Lesen Sie den originalen Artikel: Juniper-Router: Maßgeschneiderte Backdoors warten auf Magic Packets
Fix nur vor Ort möglich: Zyxel schickt Firewalls per Update in Bootschleife
Die betroffenen Zyxel-Firewalls lassen sich nicht mehr aus der Ferne warten. Admins müssen per Kabel dran, um eine neue Firmware einzuspielen. (Firewall, Firmware) Dieser Artikel wurde indexiert von Golem.de – Security Lesen Sie den originalen Artikel: Fix nur vor Ort…
[NEU] [mittel] Red Hat Enterprise Linux: Schwachstelle ermöglicht Ausspaehen von Informationen
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Red Hat Enterprise Linux ausnutzen, um Informationen auszuspähen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel: [NEU] [mittel] Red Hat Enterprise Linux:…
[NEU] [hoch] Apple macOS, iPadOS und iOS: : Mehrere Schwachstellen
Ein Angreifer kann mehrere Schwachstellen in Apple macOS, Apple iPadOS und Apple iOS ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, beliebigen Code auszuführen, sensible Daten offenzulegen, Dateien zu manipulieren, erhöhte Rechte zu erlangen – einschließlich Root-Rechte, Sicherheitsmaßnahmen zu umgehen und einen…
Crypto Exchange KuCoin To Pay $297m In US Settlement
Major crypto exchange KuCoin agrees to pay more than $297m in US legal settlement in latest result of crypto enforcement actions This article has been indexed from Silicon UK Read the original article: Crypto Exchange KuCoin To Pay $297m In…
Indian News Publishers Join OpenAI Legal Action
Indian news publishing group files to join legal action against OpenAI over alleged misuse of copyrighted materials to train ChatGPT models This article has been indexed from Silicon UK Read the original article: Indian News Publishers Join OpenAI Legal Action
New Phishing Scam Targets Amazon Prime Membership to Steal Credit Card Data
A recent investigation has uncovered a sophisticated phishing campaign leveraging malicious PDF files to redirect unsuspecting users to fake Amazon-branded phishing websites. Researchers from Unit 42 reported that this campaign utilizes PDFs containing embedded links as an initial lure to…
Hackers Use Hidden Text Salting to Bypass Spam Filters and Evade Detection
In the latter half of 2024, Cisco Talos identified a significant increase in email threats leveraging “hidden text salting,” also referred to as HTML poisoning. This deceptive yet effective technique enables cybercriminals to bypass email parsers, confuse spam filters, and…
New Hacker Group Using 7z & UltraVNC Tool to Deploy Malware Evading Detection
A sophisticated cyber campaign targeting Russian-speaking entities has been identified by cybersecurity researchers, unveiling a deceptive operation imitating the Tactics, Techniques, and Procedures (TTPs) of the Gamaredon APT group. The attackers believed to be part of the GamaCopy group, exploited…
Hackers Mimic USPS To Deliver Malicious PDF In Attack Targeted Mobile Devices
In a detailed analysis published on January 27, 2025, Zimperium’s zLabs team uncovered a sophisticated phishing campaign targeting mobile devices through malicious PDF files. Disguised as communications from the United States Postal Service (USPS), this campaign employs advanced social engineering…
Stratoshark – A New Wireshark Tool Released for Cloud
The masterminds behind the revolutionary network analyzer Wireshark have unveiled a new tool, Stratoshark, designed to bring their proven methodology to system call analysis. Marking over 25 years since Wireshark’s inception, this latest development continues the legacy of democratizing complex…
DeepSeek AI Rising Star Hit By CyberAttack
DeepSeek is a Chinese artificial intelligence company that has recently made waves in the AI market. What it… The post DeepSeek AI Rising Star Hit By CyberAttack appeared first on Hackers Online Club. This article has been indexed from Hackers…
Credentials of Major Cybersecurity Vendors Found on Dark Web for $10
As a result of recent findings on dark web marketplaces, it has been found that many account credentials from major security vendors are being sold. According to Cyble, the rise of information stealers has been largely responsible for this…
Apple Safari: Mehrere Schwachstellen
Es bestehen mehrere Schwachstellen in Apple Safari. Ein Angreifer kann diese Schwachstellen in Apple Safari ausnutzen, um Schadcode auszuführen, das System oder eine Anwendung zum Absturz bringen, um sensible Benutzerdaten preiszugeben und den Benutzer zu täuschen. Zur Ausnutzung genügt es,…
Nur gefühlt sicher: 89 Prozent der deutschen Firmen waren Opfer von Ransomware
Fast 90 Prozent der deutschen Betriebe waren bereits von Ransomware-Angriffen betroffen. Dennoch sind sie mehrheitlich von ihren Sicherheitsmaßnahmen überzeugt. Dieser Artikel wurde indexiert von heise Security Lesen Sie den originalen Artikel: Nur gefühlt sicher: 89 Prozent der deutschen Firmen waren…
[NEU] [hoch] Apple Safari: Mehrere Schwachstellen
Ein Angreifer kann mehrere Schwachstellen in Apple Safari ausnutzen, um die Authentifizierung zu umgehen, einen Spoofing-Angriff durchzuführen, vertrauliche Informationen preiszugeben, einen Denial-of-Service-Zustand zu verursachen und beliebigen Code auszuführen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security…