Over 262K F5 BIG-IP devices exposed after threat actors stole source code and data on undisclosed flaws in a recent F5 breach. Over 262,000 F5 BIG-IP devices are exposed online after F5 confirmed a breach by nation-state actors who stole…
Many Online Services and Websites Affected by an AWS Outage, (Mon, Oct 20th)
The info is spreading across the news websites: For approximatively two hours, many online services or websites are suffering of an Amazon Web Services outage. Some affected services: This article has been indexed from SANS Internet Storm Center, InfoCON: green…
Does the Qantas hack include U.S. citizens?
Yes, it does. Although there is no exact number of how many U.S. citizens are affected, the number is likely enormous. Every year, Australia welcomes… The post Does the Qantas hack include U.S. citizens? appeared first on Panda Security Mediacenter.…
NSO Ordered to Stop Hacking WhatsApp, but Damages Cut to $4 Million
The judge ruled that punitive damages of $167 million awarded by a jury were excessive. The post NSO Ordered to Stop Hacking WhatsApp, but Damages Cut to $4 Million appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
Vulnerability in Dolby Decoder Can Allow Zero-Click Attacks
On Android, the out-of-bounds write issue can be triggered during the processing of media files without user interaction. The post Vulnerability in Dolby Decoder Can Allow Zero-Click Attacks appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Microsoft Revokes 200+ Fake Certificates Used in Teams Malware Attack
Microsoft has revoked over 200 fraudulent code-signing certificates used in a ransomware campaign involving fake Teams installers by threat group Vanilla Tempest This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Revokes 200+ Fake Certificates Used in…
IT Security News Hourly Summary 2025-10-20 12h : 2 posts
2 posts were published in the last hour 9:34 : PoC Exploit Released for Windows Server Update Services Remote Code Execution Vulnerability 9:34 : Canva Down – Suffers Global Outage, Leaving Millions of Users Unable to Access Platform
PoC Exploit Released for Windows Server Update Services Remote Code Execution Vulnerability
A proof-of-concept (PoC) exploit has been released for a critical vulnerability in Microsoft’s Windows Server Update Services (WSUS), enabling unauthenticated attackers to execute remote code with SYSTEM privileges on affected servers. Dubbed CVE-2025-59287 and assigned a CVSS v3.1 score of…
Canva Down – Suffers Global Outage, Leaving Millions of Users Unable to Access Platform
Canva, the popular graphic design platform, is reeling from a widespread outage that has rendered its services inaccessible to millions of users worldwide. As of 19:16 AEDT (02:46 IST), the platform’s status page reports “significantly increased error rates” impacting nearly…
How to migrate to passwordless from Azure B2C
A step-by-step, human-first guide on migrating from Azure AD B2C to passwordless authentication using modern OIDC providers like MojoAuth — with real-world lessons and pitfalls to avoid The post How to migrate to passwordless from Azure B2C appeared first on…
MSG Accused of Misusing Facial Recognition, Mishandling Data
A former Madison Square Garden executive alleges the company used facial recognition technology to target critics and violate privacy, leading to a wrongful termination and discrimination lawsuit. The case raises major concerns about surveillance, biometric data misuse, and privacy rights.…
Federated security: Building resilient operating models in complex organizations
Balance oversight and autonomy in complex organizations by building an aligned, scalable federated model for cybersecurity. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: Federated security: Building resilient operating models in complex organizations
Micron To Exit China Data Centre Chip Business
Micron reportedly plans to stop selling server chips to data centres in China after semiconductors banned for critical infrastructure This article has been indexed from Silicon UK Read the original article: Micron To Exit China Data Centre Chip Business
Pony.ai, Stellantis To Collaborate On Robotaxis In Europe
Autonomous car firm Pony.ai to work with Stellantis on autonomous taxi services in Europe, as Chinese firms expand abroad This article has been indexed from Silicon UK Read the original article: Pony.ai, Stellantis To Collaborate On Robotaxis In Europe
American Airlines Subsidiary Envoy Air Hit by Oracle Hack
Envoy Air, which operates the American Eagle brand, has confirmed that business information was stolen by hackers. The post American Airlines Subsidiary Envoy Air Hit by Oracle Hack appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
US Congress Probes Starlink Over Asia Scam Centres
US Congress investigates allegations that SpaceX’s Starlink is providing internet access to scam compounds in Myanmar This article has been indexed from Silicon UK Read the original article: US Congress Probes Starlink Over Asia Scam Centres
Carmakers Brace For Nexperia Chip Disruption
Automakers in US, Europe, say they expect production to be disrupted after China blocks export of chips made by Netherlands’ Nexperia This article has been indexed from Silicon UK Read the original article: Carmakers Brace For Nexperia Chip Disruption
A week in security (October 13 – October 19)
A list of topics we covered in the week of October 13 to October 19 of 2025 This article has been indexed from Malwarebytes Read the original article: A week in security (October 13 – October 19)
UK calls up Armed Forces veterans for digital ID soft launch
Once more into the, er, breach? The UK’s Armed Forces veterans are being tasked with one last mission – proving the government can successfully roll out a digital ID card scheme.… This article has been indexed from The Register –…
Europol dismantles SIM farm, Envoy Air compromised, Everest claims Collins hack
Europol dismantles 49 million fake account SIM farm Envoy Air confirms Oracle E-Business Suite compromise Cybercrime group Everest claims Collins Aerospace hack Huge thanks to our sponsor, ThreatLocker Imagine having the power to decide exactly what runs in your IT…
IT Security News Hourly Summary 2025-10-20 09h : 2 posts
2 posts were published in the last hour 7:4 : Using Syscall() for Obfuscation/Fileless Activity, (Mon, Oct 20th) 6:34 : MSS Claims NSA Used 42 Cyber Tools in Multi-Stage Attack on Beijing Time Systems
Using Syscall() for Obfuscation/Fileless Activity, (Mon, Oct 20th)
I found another piece of malware this weekend. This one looks more like a proof-of-concept because the second-stage payload is really “simple”, but it attracted my attention because it uses a nice technique to obfuscate the code. This article has…
MSS Claims NSA Used 42 Cyber Tools in Multi-Stage Attack on Beijing Time Systems
China on Sunday accused the U.S. National Security Agency (NSA) of carrying out a “premeditated” cyber attack targeting the National Time Service Center (NTSC), as it described the U.S. as a “hacker empire” and the “greatest source of chaos in…
Why ex-military professionals are a good fit for cybersecurity
After years of working as part of a team, many military veterans look for work that still carries meaning, challenge, and purpose. Cybersecurity offers a new way to serve and protect on a different battlefield. Earlier this year, the Department…