Category: SecurityNews
-
Italian Ferry Malware Attack Sparks International Probe
French intelligence agencies uncovered what appears to be a coordinated foreign interference operation targeting the GNV Fantastic. The post Italian Ferry Malware Attack Sparks International Probe appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-italian-ferry-malware-attack/
-
FTC: Instacart to refund $60M over deceptive subscription tactics
Grocery delivery service Instacart will refund $60 million to settle FTC claims that it misled customers with false advertising and unlawfully enrolled them in paid subscriptions. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/legal/instacart-to-refund-60m-over-deceptive-subscription-tactics/
-
Managed Security Service Provider – gestern, heute und künftig – Risiken beim Einsatz von MSSP
First seen on security-insider.de Jump to article: www.security-insider.de/managed-security-service-provider-mssp-risiken-dora-drittparteien-a-c2bd4a62ca9a9188a4a23041e203fcac/
-
Frankreich ermittelt: Männer mit Malware auf 2.000-Personen-Fähre erwischt
Tags: malwareZwei Angestellte sollen auf einer großen Personenfähre mit Fernzugriffs-Malware hantiert haben. Behörden sprechen von ausländischer Einmischung. First seen on golem.de Jump to article: www.golem.de/news/frankreich-ermittelt-hacking-versuch-auf-2-000-personen-faehre-2512-203434.html
-
Exploring Biometric Multi-Factor Authentication
Explore biometric mfa for enhanced security. Learn about implementation, benefits, hacking techniques, and how to protect your systems. A must-read for developers. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/exploring-biometric-multi-factor-authentication/
-
OpenAI’s GPT-5.2 Codex Boosts Agentic Coding and Cyber Vulnerability Detection
OpenAI has officially released GPT-5.2-Codex, marking a significant leap forward in AI-driven software engineering and defensive cybersecurity. Described as the most advanced >>agentic
-
New Linux Kernel Rust Vulnerability Triggers System Crashes
A critical race condition vulnerability has been discovered in the Linux kernel’s Rust Binder module, potentially causing system crashes and memory corruption. Assigned CVE-2025-68260, this issue affects the kernel’s inter-process communication mechanism and requires immediate attention from system administrators and kernel maintainers. The Vulnerability The vulnerability exists in the Rust Binder component’s death_list handling mechanism.…
-
‘Not clear’ who was behind FCDO hack, says minister, amid reports of China link UK politics live
Chris Bryant confirms October cyber-attack as the Sun names Storm 1849, a Chinese hacker group, as being responsible Reform UK have held on to a seat on Cornwall council in a byelection after a turbulent time for the party in the county.The result shows support remains for Nigel Farage’s party in Cornwall despite a flurry…
-
New Linux Kernel Rust Vulnerability Triggers System Crashes
A critical race condition vulnerability has been discovered in the Linux kernel’s Rust Binder module, potentially causing system crashes and memory corruption. Assigned CVE-2025-68260, this issue affects the kernel’s inter-process communication mechanism and requires immediate attention from system administrators and kernel maintainers. The Vulnerability The vulnerability exists in the Rust Binder component’s death_list handling mechanism.…
-
New Linux Kernel Rust Vulnerability Triggers System Crashes
A critical race condition vulnerability has been discovered in the Linux kernel’s Rust Binder module, potentially causing system crashes and memory corruption. Assigned CVE-2025-68260, this issue affects the kernel’s inter-process communication mechanism and requires immediate attention from system administrators and kernel maintainers. The Vulnerability The vulnerability exists in the Rust Binder component’s death_list handling mechanism.…
-
Microsoft Patches MSMQ Flaw That Affects IIS Web Servers
Microsoft has released an out-of-band security update to address a significant vulnerability in Message Queuing (MSMQ) functionality that impacts Windows 10 systems running IIS web servers and enterprise environments. The flaw, discovered and documented in the December 9, 2025 update (KB5071546), affects Windows 10 version 22H2 and version 21H2. The Vulnerability The MSMQ bug causes…
-
Roundcube Flaws Let Attackers Execute Malicious Scripts
Roundcube, the widely used open-source webmail software, has officially released critical security updates to address two significant vulnerabilities in its 1.6 and 1.5 LTS (Long-Term Support) versions. These flaws could allow attackers to execute malicious scripts or expose sensitive information, posing a risk to organizations and individuals relying on the platform for email communication. The…
-
Amazon Identified North Korean IT Worker by Tracking Keystroke Activity
Amazon has uncovered a North Korean imposter posing as a U.S.-based systems administrator. The discovery was made not through traditional background checks but by analyzing the subtle timing of the worker’s typing. According to a report from Bloomberg, Amazon security specialists flagged the employee due to suspicious >>keystroke input lag.
-
Clop Ransomware Group Targets Gladinet CentreStack Servers to Exfiltrate Data
Tags: attack, corporate, cyber, data, exploit, extortion, group, intelligence, Internet, ransomware, vulnerabilityThe notorious Clop ransomware group has launched a new data extortion campaign targeting internet-facing Gladinet CentreStack file servers, exploiting an unknown vulnerability to steal sensitive corporate information. Incident responders from the Curated Intelligence community first identified this campaign, which marks the latest in a series of Clop attacks targeting enterprise file transfer and storage solutions.…
-
WatchGuard Zero-Day Actively Exploited to Seize Control of Firewalls
WatchGuard has issued an urgent warning regarding a critical zero-day vulnerability in its Firebox firewall appliances that is currently being exploited in the wild. The flaw, tracked as CVE-2025-14733, allows remote attackers to seize control of affected devices without needing any authentication. Technical Details and Impact The vulnerability is an Out-of-Bounds Write flaw located in the iked process, which handles…
-
New UEFI Flaw Enables Early-Boot DMA Attacks on ASRock, ASUS, GIGABYTE, MSI Motherboards
Certain motherboard models from vendors like ASRock, ASUSTeK Computer, GIGABYTE, and MSI are affected by a security vulnerability that leaves them susceptible to early-boot direct memory access (DMA) attacks across architectures that implement a Unified Extensible Firmware Interface (UEFI) and inputoutput memory management unit (IOMMU).UEFI and IOMMU are designed to enforce a security First seen…
-
North Korean Hackers Set Record with $2 Billion Crypto Heist in 2025
North Korean cybercriminals shattered previous records in 2025, stealing at least $2.02 billion in cryptocurrency through a sophisticated campaign that represents the most successful year ever for state-sponsored digital theft despite fewer confirmed attacks. This unprecedented haul marks a 51% increase year-over-year. It brings the regime’s cumulative cryptocurrency theft to a staggering $6.75 billion, cementing…
-
FBI Disrupts Russian Crypto Laundering Hub Enabling Cybercrime
A 39-year-old Russian national is accused of working with cybercriminals to convert criminal proceeds from cryptocurrency into various cash currencies First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/fbi-disrupts-russian-crypto/
-
Sophos X-Ops skizzieren die Trends für KI in der Cybersicherheit
Künstliche Intelligenz ist längst kein Hype mehr, sondern ein fester Bestandteil moderner IT- und Sicherheitsstrategien. Sie verändert die Cybersicherheitslandschaft First seen on infopoint-security.de Jump to article: www.infopoint-security.de/sophos-x-ops-skizzieren-die-trends-fuer-ki-in-der-cybersicherheit/a43246/
-
Exploring Biometric Multi-Factor Authentication
Explore biometric mfa for enhanced security. Learn about implementation, benefits, hacking techniques, and how to protect your systems. A must-read for developers. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/exploring-biometric-multi-factor-authentication/
-
Frankreich ermittelt: Hacking-Versuch auf 2.000-Personen-Fähre
Zwei Angestellte sollen auf einer großen Personenfähre mit Fernzugriffs-Malware hantiert haben. Behörden sprechen von ausländischer Einmischung. First seen on golem.de Jump to article: www.golem.de/news/frankreich-ermittelt-hacking-versuch-auf-2-000-personen-faehre-2512-203434.html
-
Exploring Biometric Multi-Factor Authentication
Explore biometric mfa for enhanced security. Learn about implementation, benefits, hacking techniques, and how to protect your systems. A must-read for developers. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/exploring-biometric-multi-factor-authentication/
-
Targeted Phishing Attack Strikes HubSpot Users
Evalian’s Security Operations Centre has uncovered an active, sophisticated phishing campaign targeting HubSpot customers, combining business email compromise (BEC) tactics with website compromise to distribute a credential-stealing malware to unsuspecting users. The multi-layered attack demonstrates how modern threat actors are evolving their techniques to bypass traditional email security controls. The phishing campaign employs a deceptive…
-
UK Foreign Office victim of cyber-attack in October, says Chris Bryant
Minister says ‘any individual’ at low risk from hack, while Sun reports Chinese cyber gang responsible for breach The UK’s Foreign, Commonwealth and Development Office was hacked in October, the minister Chris Bryant has said.Bryant, a trade minister in Keir Starmer’s government, told Sky News there was a low risk to “any individual” from the…
-
UK Foreign Office victim of cyber-attack in October, says Chris Bryant
Minister says ‘any individual’ at low risk from hack, while Sun reports Chinese cyber gang responsible for breach The UK’s Foreign, Commonwealth and Development Office was hacked in October, the minister Chris Bryant has said.Bryant, a trade minister in Keir Starmer’s government, told Sky News there was a low risk to “any individual” from the…
-
Sichere Dateifreigabe mit Open-Source-Prinzip – LinShare bietet datenschutzkonforme Alternative für sensible Branchen
Tags: open-sourceFirst seen on security-insider.de Jump to article: www.security-insider.de/linshare-bietet-datenschutzkonforme-alternative-fuer-sensible-branchen-a-d63f3827fa89a3278bd2afc0b7467af7/
-
Sichere Dateifreigabe mit Open-Source-Prinzip – LinShare bietet datenschutzkonforme Alternative für sensible Branchen
Tags: open-sourceFirst seen on security-insider.de Jump to article: www.security-insider.de/linshare-bietet-datenschutzkonforme-alternative-fuer-sensible-branchen-a-d63f3827fa89a3278bd2afc0b7467af7/
-
AI Agents are Manthe-Middle Attacks
After 25 years defending against man-in-the-middle attacks, a security veteran explains why most AI agents replicate the same architectural risks”, creating compliance gaps, opaque decision-making, and zero-trust violations CISOs can’t ignore. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/ai-agents-are-man-in-the-middle-attacks/