Category: SecurityNews
-
(g+) Cloud: Zoff im Datenraum
China baut bis 2028 über 100 Datenräume auf. Europa reagiert darauf mit eigenen Konzepten, die aber werden bislang zu wenig wahrgenommen. First seen on golem.de Jump to article: www.golem.de/news/cloud-zoff-im-datenraum-2512-203364.html
-
CSA Study: Mature AI Governance Translates Into Responsible AI Adoption
New CSA research shows mature AI governance accelerates responsible AI adoption, boosts security confidence, and enables agentic AI at scale. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/csa-study-mature-ai-governance-translates-into-responsible-ai-adoption/
-
Senate confirms new Pentagon CIO
Tags: cioKirsten Davies was confirmed for the role, along with about 100 other nominees across federal agencies, in a 53-43 vote following a Republican-led rules change that lets tranches of senior personnel get approved in a bloc by a single vote. First seen on therecord.media Jump to article: therecord.media/senate-confirms-new-pentagon-cio
-
Chinese Hackers Target Cisco’s Email Security Systems
The Chinese threat group, tracked as UAT-9686, has deployed a collection of custom-built hacking tools to maintain persistent access to compromised systems. The post Chinese Hackers Target Cisco’s Email Security Systems appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-cisco-email-security-breach/
-
ESpam unterm Weihnachtsbaum
Bitdefender-Analysen zum saisonalen Aufkommen zeigen, dass mehr als die Hälfte der weltweit im Vorfeld von Weihnachten versendeten E-Mails (51 Prozent) potenziell bösartig sind. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/e-mail-spam-weihnachtsbaum
-
Trump signs defense bill allocating millions for Cyber Command, mandating Pentagon phone security
President Donald Trump signed a $901 billion Pentagon policy bill that features a slew of cyber provisions, including a requirement that senior Defense Department officials use phones with “enhanced cybersecurity protections.” First seen on therecord.media Jump to article: therecord.media/trump-signs-ndaa-cyber-command
-
UK confirms Foreign Office hacked, says ‘low risk’ of impact to individuals
The British government confirmed on Friday that data held on a Foreign Office system was compromised in a cyber incident this fall that media outlets have attributed to a China-based hacking group. First seen on therecord.media Jump to article: therecord.media/uk-foreign-office-hacked-china
-
Hacks, thefts and disruption: The worst data breaches of 2025
TechCrunch looks back at the biggest data breaches, disruptive cyberattacks, and damaging hacks of 2025, from the raiding of U.S. government databases to a hack every month in South Korea. First seen on techcrunch.com Jump to article: techcrunch.com/2025/12/19/hacks-thefts-and-disruption-the-worst-data-breaches-of-2025/
-
Wie die künstliche Intelligenz im Jahr 2026 IT-Architekturen, Sicherheit und Wertschöpfung verschiebt
Tags: aiKünstliche Intelligenz ist im deutschen Unternehmensalltag angekommen: Laut einer aktuellen Bitkom-Studie ist sie inzwischen in jedem dritten Betrieb im Einsatz. 8 von 10 Unternehmen sehen KI als wichtigste Zukunftstechnologie. Diese Erkenntnisse decken sich mit einer Erhebung der Amerikanischen Wharton School, die zum ROI der Technologie forscht. Hier berichteten drei von vier Entscheidern bereits von positiven…
-
Jede zweite Mail mit Bezug auf Weihnachten und Weihnachtsurlaub ist bösartig
Tags: mailBitdefender-Analysen zum saisonalen Aufkommen zeigen, dass mehr als die Hälfte der weltweit im Vorfeld von Weihnachten versendeten E-Mails (51 Prozent) potenziell bösartig sind. Unter dem Gabentisch landen vor allem vermeintliche Belohnungen, kostenlose Geschenke oder Sonderangebote anlässlich der Feiertage im Namen bekannter Marken und ihrer hochwertigen Produkte. Auch Dating-Plattformen schließen sich dem Trend an. Eine kurze…
-
Was sich hinter der hochbrisanten und noch aktiven Schwachstelle React2Shell verbirgt
Anfang Dezember 2025 gab das Team hinter ‘React” der am weitesten verbreiteten Technologie für heutige Websites und digitale Dienste eine kritische Sicherheitslücke in einer seiner neuen Server-Funktion bekannt. Sicherheitsforscher nennen diesen Fehler ‘React2Shell” und stufen ihn mit CVSS 10.0 als höchst kritisch ein, da er es Fremden ermöglicht, Code auf einem Server auszuführen, […] First…
-
Criminal IP and Palo Alto Networks Cortex XSOAR integrate to bring AI-driven exposure intelligence to automated incident response
Torrance, United States / California, 19th December 2025, CyberNewsWire First seen on hackread.com Jump to article: hackread.com/criminal-ip-and-palo-alto-networks-cortex-xsoar-integrate-to-bring-ai-driven-exposure-intelligence-to-automated-incident-response/
-
A Cybersecurity Playbook for AI Adoption
AI adds real value to cybersecurity today, but it cannot yet serve as a single security guardian. Here’s how organizations can safely combine AI-driven analysis with deterministic rules and proven security practices. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/cybersecurity-playbook-ai-adoption
-
A Good Year for North Korean Cybercriminals
North Korea shifted its strategy to patiently target bigger fish for larger payouts, using sophisticated methods to execute attacks at opportune times. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/good-year-north-korean-cybercriminals
-
The Com: the growing cybercrime network behind recent Pornhub hack
Criminal ecosystem is made up of mostly male native English language speakers aged from 16 to 25Ransomware hacks, data theft, crypto scams and sextortion cover a broad range of cybercrimes carried out by an equally varied list of assailants.But there is also an English-speaking criminal ecosystem carrying out these activities that defies conventional categorisation. Nonetheless,…
-
How should Your Business Deal with Email Impersonation Attacks in 2025?
Originally published at How should Your Business Deal with Email Impersonation Attacks in 2025? by EasyDMARC. Email impersonation attacks have evolved rapidly with the … First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/how-should-your-business-deal-with-email-impersonation-attacks-in-2025/
-
What is Spoofing and a Spoofing Attack? Types Prevention
Tags: attackOriginally published at What is Spoofing and a Spoofing Attack? Types & Prevention by EasyDMARC. Spoofing, in all its forms, makes up the … First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/what-is-spoofing-and-a-spoofing-attack-types-prevention/
-
Unlocking New Possibilities for Security Operations: NSFOCUS’s AI Agent Capabilities Recognized by Authoritative Institution
Recently, Forrester, a globally renowned independent research and advisory firm, released the report “Navigate The AI Agent Ecosystem In China, Forrester Research, October 2025[1].” NSFOCUS was successfully included in this report. In the report, Forrester identified four key technological trends: With the rapid advancement of Artificial Intelligence, AI Agent technology is deepening its application within…The…
-
Was sich hinter der noch aktiven Schwachstelle React2Shell (CVE-2025-55182) verbirgt in einfachen Worten
Anfang Dezember 2025 gab das Team hinter ‘React” der am weitesten verbreiteten Technologie für heutige Websites und digitale Dienste eine kritische Sicherheitslücke in einer seiner neuen Server-Funktion bekannt. Sicherheitsforscher nennen diesen Fehler ‘React2Shell” und stufen ihn mit CVSS 10.0 als höchst kritisch ein, da er es Fremden ermöglicht, Code auf einem Server auszuführen, […] First…
-
HPE tells customers to patch fast as OneView RCE bug scores a perfect 10
Maximum-severity vuln lets unauthenticated attackers execute code on trusted infra management platform First seen on theregister.com Jump to article: www.theregister.com/2025/12/19/hpe_oneview_rce_bug/
-
Docker Fixes ‘Ask Gordon’ AI Flaw That Enabled Metadata-Based Attacks
Pillar Security has identified a critical indirect prompt injection vulnerability in Docker’s ‘Ask Gordon’ assistant. By poisoning metadata on Docker Hub, attackers could bypass security to exfiltrate private build logs and chat history. Discover how the “lethal trifecta” enabled this attack and why updating to Docker Desktop 4.50.0 is essential for developer security. First seen…
-
CLOP targets Gladinet CentreStack servers in large-scale extortion campaign
The Clop ransomware group is targeting Gladinet CentreStack file servers in a new large-scale extortion campaign. The Clop ransomware group is targeting Gladinet CentreStack file servers in a new large-scale extortion campaign aimed at stealing sensitive data from organizations worldwide. Gladinet CentreStack is a software platform that allows organizations to turn their existing file servers,…
-
UK government confirms Foreign Office cyber attack
Reports blame Chinese hacking group but minister insists the source of the attack is unclear First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366636539/UK-government-confirms-Foreign-Office-cyber-attack
-
Denmark blames Russia for destructive cyberattack on water utility
Danish intelligence officials blamed Russia for orchestrating cyberattacks against Denmark’s critical infrastructure, as part of Moscow’s hybrid attacks against Western nations. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/denmark-blames-russia-for-destructive-cyberattack-on-water-utility/
-
Denmark Blames Russia for Destructive Cyber-Attacks
The Danish intelligence service believes some pro-Russian hacktivist groups have links with the Kremlin First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/denmark-blames-russia-for/
-
Über deutsche IP-Adressen: Hacker attackieren massenhaft VPN-Zugänge
VPN-Zugänge von Cisco und Palo Alto Networks werden angegriffen. Die Attacken scheinen primär über einen deutschen Hoster zu laufen. First seen on golem.de Jump to article: www.golem.de/news/ueber-deutsche-ip-adressen-hacker-attackieren-massenhaft-vpn-zugaenge-2512-203459.html
-
Frankreich ermittelt: Verdächtige auf 2.000-Personen-Fähre mit Malware erwischt
Tags: malwareZwei Angestellte sollen auf einer großen Personenfähre mit Fernzugriffs-Malware hantiert haben. Behörden sprechen von ausländischer Einmischung. First seen on golem.de Jump to article: www.golem.de/news/frankreich-ermittelt-hacking-versuch-auf-2-000-personen-faehre-2512-203434.html
-
Microsoft-Konto gekapert: Hacker entwickeln Cyberangriffe mit Captchas weiter so schützt du dich
First seen on t3n.de Jump to article: t3n.de/news/microsoft-konto-gekapert-hacker-cyberangriffe-captchas-weiterentwickelt-1722368/