Author: Andy Stern
-
European Commission probes intrusion into staff mobile management backend
Officials explore issue affecting infrastructure after CERT-EU detected suspicious activity First seen on theregister.com Jump to article: www.theregister.com/2026/02/09/european_commission_phone_breach/
-
US Agencies Told to Scrap End of Support Edge Devices
CISA has issued a new directive requiring federal agencies to decommission all end of support edge devices within 12 months to reduce ongoing exploitation risks First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/us-agencies-scrap-end-of-support/
-
Romania’s national oil pipeline firm Conpet reports cyberattack
Romania’s national oil pipeline operator Conpet said a cyberattack disrupted its business systems and temporarily knocked its website offline. Conpet is a state-controlled company that owns and operates the country’s crude oil, condensate, and liquid petroleum product pipeline network. Its main role is to transport oil from domestic production fields and import points to refineries…
-
NIS2: Supply chains as a risk factor
Why supply chains are particularly vulnerable: The supply chain is an attractive target for attackers for several reasons. External partners often have privileged access, work with sensitive data, or are deeply integrated into operational processes. At the same time, they are often not subject to the same security standards as large organizations.Furthermore, there is a structural lack…
-
European Commission discloses breach that exposed staff data
The European Commission is investigating a breach after finding evidence that its mobile device management platform was hacked. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/european-commission-discloses-breach-that-exposed-staff-data/
-
Critical Fortinet FortiClient EMS Vulnerability Allows Remote Code Execution
A critical security vulnerability has been discovered in Fortinet’s FortiClient EMS (Endpoint Management Server), potentially exposing organizations to remote code execution attacks. The flaw, tracked as CVE-2026-21643, was disclosed on February 6, 2026, and carries a severe CVSS score of 9.1 out of 10. FortiClient EMS Vulnerability The vulnerability stems from an SQL injection flaw…
-
Firewalls und mehr: Fast 4.000 deutsche Edge-Devices hängen ohne Support im Netz
Deutsche Organisationen betreiben Tausende angreifbarer Edge-Devices wie Firewalls und VPN-Appliances. Es besteht dringender Handlungsbedarf. First seen on golem.de Jump to article: www.golem.de/news/firewalls-und-mehr-fast-4-000-deutsche-edge-devices-haengen-ohne-support-im-netz-2602-205159.html
-
Datenabfluss vermutet: Cyberangriff trifft EU-Kommission
Tags: cyberattackHackern ist ein Cyberangriff auf die EU-Kommission gelungen. Angriffspunkt war ein System zur Verwaltung mobiler Endgeräte – vermutlich von Ivanti. First seen on golem.de Jump to article: www.golem.de/news/datenabfluss-moeglich-cyberangriff-trifft-eu-kommission-2602-205154.html
-
TeamPCP Worm Exploits Cloud Infrastructure to Build Criminal Infrastructure
Tags: api, cloud, cybersecurity, data-breach, docker, exploit, infrastructure, kubernetes, malicious, wormCybersecurity researchers have called attention to a “massive campaign” that has systematically targeted cloud native environments to set up malicious infrastructure for follow-on exploitation.The activity, observed around December 25, 2025, and described as “worm-driven,” leveraged exposed Docker APIs, Kubernetes clusters, Ray dashboards, and Redis servers, along with the recently disclosed First seen on thehackernews.com Jump…
-
Flickr emails users about data breach, pins it on third party
Attackers may have snapped user locations and activity information, message warns First seen on theregister.com Jump to article: www.theregister.com/2026/02/06/flickr_emails_users_about_data_breach/
-
Vortex Werewolf Targets Organizations With Tor-Enabled RDP, SMB, SFTP, and SSH Backdoors
A threat cluster tracked as >>Vortex Werewolf<< (also known as SkyCloak) has been observed targeting Russian government and defense organizations. The attack begins not with a typical malicious attachment, but with a highly credible phishing link. Vortex Werewolf distributes URLs that masquerade as legitimate Telegram file-sharing resources. These links, often hosted on domains designed to…
-
Researchers Find 40,000+ Exposed OpenClaw Instances
SecurityScorecard has identified over 40,000 OpenClaw deployments exposed to potential attack First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/researchers-40000-exposed-openclaw/
-
Datenabfluss möglich: Cyberangriff trifft EU-Kommission
Tags: cyberattackHackern ist ein Cyberangriff auf die EU-Kommission gelungen. Angriffspunkt war ein System zur Verwaltung mobiler Endgeräte – vermutlich von Ivanti. First seen on golem.de Jump to article: www.golem.de/news/datenabfluss-moeglich-cyberangriff-trifft-eu-kommission-2602-205154.html
-
Behörden warnen vor Hackerangriffen auf Politik und Militär
Tags: access, cyberattack, germany, hacker, infrastructure, military, qr, verfassungsschutz, vulnerabilityCyberkriminelle haben es auf Signal-Konten von deutschen Politikern, Soldaten, Diplomaten und Journalisten abgesehen.Mit gefälschten Chatnachrichten vor allem im Messengerdienst Signal nehmen Hacker zurzeit hochrangige deutsche Politiker, Soldaten, Diplomaten und auch Journalisten ins Visier davor warnen die Bundesämter für Verfassungsschutz und für Sicherheit in der Informationstechnik. Ziel des “wahrscheinlich staatlich gesteuerten” Angriffs sei es, unbemerkt Zugriff…
-
Chinesische Netzwerktechnik als Gefahr – EU-Pläne zu Cybersicherheit: Peking warnt vor Konsequenzen
Tags: cyersecurityFirst seen on security-insider.de Jump to article: www.security-insider.de/eu-plaene-zu-cybersicherheit-peking-warnt-vor-konsequenzen-a-5180760ad3c8d5458e03eb0cf536a1b0/
-
BeyondTrust Fixes Critical Pre-Auth RCE Vulnerability in Remote Support and PRA
BeyondTrust has released updates to address a critical security flaw impacting Remote Support (RS) and Privileged Remote Access (PRA) products that, if successfully exploited, could result in remote code execution.”BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability,” the company First seen on…
-
Detecting Ransomware Using Windows Minifilters to Intercept File Change Events
Tags: cyber, detection, encryption, endpoint, github, malicious, ransomware, strategy, tool, windowsA security researcher has released a new proof-of-concept (PoC) tool on GitHub designed to stop ransomware at the deepest level of the operating system. Part of a broader Endpoint Detection and Response (EDR) strategy named >>Sanctum,<< the project demonstrates how defenders can use Windows Minifilters to detect and intercept malicious file encryption before it destroys…
-
Singapore Launches Largest-Ever Cyber Defense Operation After UNC3886 Targets All Major Telcos
Singapore has launched its largest-ever coordinated cyber defense operation following a highly targeted cyberattack on telecommunications that affected all four of the country’s major telecommunications operators. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/singapore-unc3886-telecom-cyberattack/
-
Black Basta Ransomware Integrates BYOVD Technique to Evade Defenses
A recent campaign by the Black Basta ransomware group has revealed a significant shift in attack tactics. This is a departure from standard operations, where attackers typically deploy a separate tool to turn off security software before running the actual ransomware. In this specific campaign, the ransomware payload bundles a vulnerable driver known as the…
-
Microsoft, Amazon Co. als Köder für Telefon-Betrug
Angreifer kapern die Benachrichtigungs-Workflows von Branchenriesen wie Microsoft, Amazon und Zoom. Weltweit sind über 20.000 Unternehmen betroffen, rund 18 Prozent davon aus Europa. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/microsoft-amazon-betrug
-
Instant Messaging wird zum Einfallstor für Cyberangriffe – Sichere Kommunikation wird zur strategischen Pflicht für Autobauer
Tags: cyberattackFirst seen on security-insider.de Jump to article: www.security-insider.de/instant-messaging-sicherheit-autoindustrie-a-f49b59a2b7c0ed930cdcb44b998a1e07/
-
Instant Messaging wird zum Einfallstor für Cyberangriffe – Sichere Kommunikation wird zur strategischen Pflicht für Autobauer
Tags: cyberattackFirst seen on security-insider.de Jump to article: www.security-insider.de/instant-messaging-sicherheit-autoindustrie-a-f49b59a2b7c0ed930cdcb44b998a1e07/
-
United Airlines CISO on building resilience when disruption is inevitable
Aviation runs on complex digital systems built for stability, safety, and long lifecycles. That reality creates a unique cybersecurity challenge for airlines, where disruption … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/09/deneen-defiore-united-airlines-aviation-cybersecurity-strategy/
-
Mindestens 30 GB gestohlen – Datenleck bei Dating-App Bumble
Tags: data-breachFirst seen on security-insider.de Jump to article: www.security-insider.de/hackerangriff-auf-dating-app-bumble-nutzerdaten-gestohlen-a-c83ea13de10c0e7081020238a599f20f/
-
Cybersquatting Attacks Exploit Trusted Brands to Steal Customer Data and Spread Malware
The nightmare scenario for any modern business is simple but devastating: scammers clone your website, steal your domain identity, and rob your customers. By the time the complaints roll in, the money is gone, and your reputation is left in tatters. This practice, known as cybersquatting, is no longer just a nuisance it is a…
-
Mindestens 30 GB gestohlen – Datenleck bei Dating-App Bumble
Tags: data-breachFirst seen on security-insider.de Jump to article: www.security-insider.de/hackerangriff-auf-dating-app-bumble-nutzerdaten-gestohlen-a-c83ea13de10c0e7081020238a599f20f/
-
Allama: Open-source AI security automation
Allama is an open-source security automation platform that lets teams build visual workflows for threat detection and response. It includes integrations with 80+ types of … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/09/allama-open-source-ai-security-automation-platform/
-
Over 5 Million Misconfigured Git Web Servers Found Exposing Secrets Online
A massive widespread vulnerability in web server configurations has left millions of websites open to data theft and unauthorised takeover. A new 2026 study conducted by the Mysterium VPN research team reveals that nearly 5 million web servers worldwide are publicly exposing their .git repository metadata. The Scale of the Leak The research scanned the internet for…