Author: Andy Stern
-
Social Media Platforms Earn Billions from Scam Ads
Tags: scamRevolut claims social media sites make £3.8bn annually from scam ads targeting European users First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/social-media-platforms-billions/
-
APT Hackers Abuse Trusted Edge Services to Stealthily Deploy Malware
APT activity across APAC is rising rapidly as geopolitical tensions continue to grow, and defenders are seeing more advanced tradecraft aimed at long-term access. Taiwan stood out as the most targeted environment, with 173 tracked attacks far higher than any other regional target highlighting its role as a focal point for espionage and strategic access.…
-
Gartner-Prognose: Die sechs wichtigsten Cybersicherheits-Trends für 2026
Tags: ai, awareness, business, compliance, computing, cyberattack, cybersecurity, cyersecurity, framework, gartner, governance, resilience, risk, soc, tool, trainingLesen Sie, mit welchen Cybersecurity-Trends sich Unternehmen in diesem Jahr beschäftigen sollten.Auch im Jahr 2026 bleibt die Cybersicherheitslage angespannt. Doch was sind die wichtigsten Themen, Risiken und Chancen, mit denen sich Security-Entscheider aktuell befassen sollten?Das Marktforschungsunternehmen Gartner hat dazu folgende sechs Trends ermittelt: KI-Agenten werden zunehmend von Mitarbeitern und Entwicklern genutzt, wodurch neue Angriffsflächen entstehen.…
-
Linus Torvalds keeps his ‘fingers and toes’ rule by decreeing next Linux will be version 7.0
Tags: linuxBut first, kernel 6.19 is upon us, with many goodies First seen on theregister.com Jump to article: www.theregister.com/2026/02/09/linux_6_19_7_named/
-
LinkedIn als Einfallstor: Neue Angriffskampagne zielt auf Führungskräfte
Der Angriff folgt dabei einem klaren Muster. Am Anfang steht immer der Kontakt über den LinkedIn-Chat. Die Nachricht enthält einen Download-Link zu einem selbstentpackenden WinRAR-Archiv (SFX). Die darin enthaltenen Dateien sind auffällig gut auf Rolle und Branche des jeweiligen Opfers zugeschnitten First seen on infopoint-security.de Jump to article: www.infopoint-security.de/linkedin-als-einfallstor-neue-angriffskampagne-zielt-auf-fuehrungskraefte/a43637/
-
So prüft TÜV NORD Rechenzentren als Gesamtsystem – Rechenzentrum und Sicherheit Diese Schwachstellen treten oft auf
Tags: vulnerabilityFirst seen on security-insider.de Jump to article: www.security-insider.de/physische-sicherheit-rechenzentren-standards-herausforderungen-a-e4cff1a80de4d2a8cf1e5202a119aacd/
-
China-Linked DKnife Spyware Hijacking Internet Routers Since 2019
Cisco Talos uncovers DKnife, a China-nexus framework targeting routers and edge devices. Learn how seven stealthy implants hijack data and deliver malware via AitM attacks. First seen on hackread.com Jump to article: hackread.com/china-dknife-spyware-hijack-internet-routers-2019/
-
Schrödinger’s cat and the enterprise security paradox
Tags: control, cybersecurity, detection, exploit, framework, identity, intelligence, jobs, metric, penetration-testing, RedTeam, resilience, risk, siem, strategy, threat, tooland compromised. The dashboards might be green and the audit reports reassuring, but the uncomfortable reality is that you do not know your actual state until you observe it directly and often. Many readers will have heard of Schrödinger’s cat in passing, but the details blur over time, so it is worth revisiting what the…
-
New RecoverIt Tool Abuses Windows Service Failure Recovery to Execute Malicious Payloads
A new offensive security tool named >>RecoverIt<< has been released, offering red teamers a stealthy method for lateral movement and persistence by abusing the Windows Service recovery mechanism. The tool circumvents traditional detection methods that focus on monitoring service creation and binary paths. For years, attackers have moved laterally across networks by creating or modifying…
-
European Commission probes intrusion into staff mobile management backend
Officials explore issue affecting infrastructure after CERT-EU detected suspicious activity First seen on theregister.com Jump to article: www.theregister.com/2026/02/09/european_commission_phone_breach/
-
New research: 3 big challenges facing security teams (and how to overcome them)
Tags: aiNew research from Tines shows AI adoption is high, but manual workloads and burnout persist. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/spons/new-research-3-big-challenges-facing-security-teams-and-how-to-overcome-t/811185/
-
Exchange Online flags legitimate emails as phishing
Microsoft is investigating an ongoing Exchange Online issue that mistakenly flags legitimate emails as phishing and quarantines them. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-exchange-online-flags-legitimate-emails-as-phishing/
-
Angriffe auf KI-Cluster nehmen zu: ShadowRay 2.0 nutzt kritische Ray-Schwachstelle
Die beobachteten Angriffe folgen einem klaren Muster: Zunächst erfolgt eine umfassende Systemaufklärung, bei der Nutzerkonten, Umgebungsvariablen und Berechtigungen ausgelesen werden. Darauf aufbauend laden die Angreifer automatisiert Schadcode nach First seen on infopoint-security.de Jump to article: www.infopoint-security.de/angriffe-auf-ki-cluster-nehmen-zu-shadowray-2-0-nutzt-kritische-ray-schwachstelle/a43639/
-
TeamPCP Worm Exploits Cloud Infrastructure to Build Criminal Infrastructure
Tags: api, cloud, cybersecurity, data-breach, docker, exploit, infrastructure, kubernetes, malicious, wormCybersecurity researchers have called attention to a “massive campaign” that has systematically targeted cloud native environments to set up malicious infrastructure for follow-on exploitation.The activity, observed around December 25, 2025, and described as “worm-driven,” leveraged exposed Docker APIs, Kubernetes clusters, Ray dashboards, and Redis servers, along with the recently disclosed First seen on thehackernews.com Jump…
-
Romania’s national oil pipeline firm Conpet reports cyberattack
Romania’s national oil pipeline operator Conpet said a cyberattack disrupted its business systems and temporarily knocked its website offline. Conpet is a state-controlled company that owns and operates the country’s crude oil, condensate, and liquid petroleum product pipeline network. Its main role is to transport oil from domestic production fields and import points to refineries…
-
Firewalls und mehr: Fast 4.000 deutsche Edge-Devices hängen ohne Support im Netz
Deutsche Organisationen betreiben Tausende angreifbarer Edge-Devices wie Firewalls und VPN-Appliances. Es besteht dringender Handlungsbedarf. First seen on golem.de Jump to article: www.golem.de/news/firewalls-und-mehr-fast-4-000-deutsche-edge-devices-haengen-ohne-support-im-netz-2602-205159.html
-
Vortex Werewolf Targets Organizations With Tor-Enabled RDP, SMB, SFTP, and SSH Backdoors
A threat cluster tracked as >>Vortex Werewolf<< (also known as SkyCloak) has been observed targeting Russian government and defense organizations. The attack begins not with a typical malicious attachment, but with a highly credible phishing link. Vortex Werewolf distributes URLs that masquerade as legitimate Telegram file-sharing resources. These links, often hosted on domains designed to…
-
Flickr emails users about data breach, pins it on third party
Attackers may have snapped user locations and activity information, message warns First seen on theregister.com Jump to article: www.theregister.com/2026/02/06/flickr_emails_users_about_data_breach/
-
European Commission discloses breach that exposed staff data
The European Commission is investigating a breach after finding evidence that its mobile device management platform was hacked. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/european-commission-discloses-breach-that-exposed-staff-data/
-
US Agencies Told to Scrap End of Support Edge Devices
CISA has issued a new directive requiring federal agencies to decommission all end of support edge devices within 12 months to reduce ongoing exploitation risks First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/us-agencies-scrap-end-of-support/
-
Datenabfluss vermutet: Cyberangriff trifft EU-Kommission
Tags: cyberattackHackern ist ein Cyberangriff auf die EU-Kommission gelungen. Angriffspunkt war ein System zur Verwaltung mobiler Endgeräte – vermutlich von Ivanti. First seen on golem.de Jump to article: www.golem.de/news/datenabfluss-moeglich-cyberangriff-trifft-eu-kommission-2602-205154.html
-
NIS2: Supply chains as a risk factor
Why supply chains are particularly vulnerable: The supply chain is an attractive target for attackers for several reasons. External partners often have privileged access, work with sensitive data, or are deeply integrated into operational processes. At the same time, they are often not subject to the same security standards as large organizations.Furthermore, there is a structural lack…
-
Critical Fortinet FortiClient EMS Vulnerability Allows Remote Code Execution
A critical security vulnerability has been discovered in Fortinet’s FortiClient EMS (Endpoint Management Server), potentially exposing organizations to remote code execution attacks. The flaw, tracked as CVE-2026-21643, was disclosed on February 6, 2026, and carries a severe CVSS score of 9.1 out of 10. FortiClient EMS Vulnerability The vulnerability stems from an SQL injection flaw…
-
Researchers Find 40,000+ Exposed OpenClaw Instances
SecurityScorecard has identified over 40,000 OpenClaw deployments exposed to potential attack First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/researchers-40000-exposed-openclaw/
-
Datenabfluss möglich: Cyberangriff trifft EU-Kommission
Tags: cyberattackHackern ist ein Cyberangriff auf die EU-Kommission gelungen. Angriffspunkt war ein System zur Verwaltung mobiler Endgeräte – vermutlich von Ivanti. First seen on golem.de Jump to article: www.golem.de/news/datenabfluss-moeglich-cyberangriff-trifft-eu-kommission-2602-205154.html
-
BeyondTrust Fixes Critical Pre-Auth RCE Vulnerability in Remote Support and PRA
BeyondTrust has released updates to address a critical security flaw impacting Remote Support (RS) and Privileged Remote Access (PRA) products that, if successfully exploited, could result in remote code execution.”BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability,” the company First seen on…
-
Chinesische Netzwerktechnik als Gefahr – EU-Pläne zu Cybersicherheit: Peking warnt vor Konsequenzen
Tags: cyersecurityFirst seen on security-insider.de Jump to article: www.security-insider.de/eu-plaene-zu-cybersicherheit-peking-warnt-vor-konsequenzen-a-5180760ad3c8d5458e03eb0cf536a1b0/
-
Behörden warnen vor Hackerangriffen auf Politik und Militär
Tags: access, cyberattack, germany, hacker, infrastructure, military, qr, verfassungsschutz, vulnerabilityCyberkriminelle haben es auf Signal-Konten von deutschen Politikern, Soldaten, Diplomaten und Journalisten abgesehen.Mit gefälschten Chatnachrichten vor allem im Messengerdienst Signal nehmen Hacker zurzeit hochrangige deutsche Politiker, Soldaten, Diplomaten und auch Journalisten ins Visier davor warnen die Bundesämter für Verfassungsschutz und für Sicherheit in der Informationstechnik. Ziel des “wahrscheinlich staatlich gesteuerten” Angriffs sei es, unbemerkt Zugriff…
-
Detecting Ransomware Using Windows Minifilters to Intercept File Change Events
Tags: cyber, detection, encryption, endpoint, github, malicious, ransomware, strategy, tool, windowsA security researcher has released a new proof-of-concept (PoC) tool on GitHub designed to stop ransomware at the deepest level of the operating system. Part of a broader Endpoint Detection and Response (EDR) strategy named >>Sanctum,<< the project demonstrates how defenders can use Windows Minifilters to detect and intercept malicious file encryption before it destroys…