Collecting Cyber-News from over 60 sources

Tag: computer

Adobe-Patchday: Schadcode-Sicherheitslücken gefährden Illustrator & Co.

Feb 12, 2025 9:55 AM

Tags: adobe, computer, exploit

Angreifer können an mehreren Sicherheitslücken in Anwendungen von Adobe ansetzen, um Computer zu kompromittieren. First seen on heise.de Jump to article: www.heise.de/news/Adobe-Patchday-Schadcode-Sicherheitsluecken-gefaehrden-Illustrator-Co-10279209.html
Cyberangriff auf einen Rettungsdienst in Nevada, USA

Feb 12, 2025 8:55 AM

Tags: computer, cyberattack, usa

Cyberattack temporarily disrupts computer operations at REMSA Health First seen on 2news.com Jump to article: www.2news.com/news/local/cyberattack-temporarily-disrupts-computer-operations-at-remsa-health/article_6419666c-e8b2-11ef-9607-2fab8f3c70ce.html
UK monitoring group to classify cyber incidents on earthquake-like scale

Feb 12, 2025 7:55 AM

Tags: access, application-security, attack, ceo, computer, cyber, data, exploit, government, group, hacking, incident, incident response, infrastructure, insurance, intelligence, monitoring, resilience, risk, risk-assessment, risk-management, technology, threat, vulnerability

Risk management: The CMC hopes this increased understanding will spur the development of improved incident response planning. Experts quizzed by CSO on CMC welcomed its launch.Ivan Milenkovich, vice president of cyber risk technology in EMEA at Qualys, said data from the CMC has the potential to allow IT security professionals to make better risk assessments,…
Enhancements for BloodHound v7.0 Provide Fresh User Experience and Attack Path Risk Optimizations

Feb 12, 2025 7:55 AM

Tags: access, attack, ciso, computer, control, cybersecurity, data, group, identity, incident response, metric, radius, risk, risk-assessment, threat, tool, update, vulnerability, vulnerability-management

General Availability of Improved Analysis Algorithm and Security Posture Management Improvements The BloodHound team previewed several concepts in the last couple of releases that made it easier for customers to visualize attack paths and show improvements in identity risk reduction over time. This week’s release of BloodHound v7.0 includes significant enhancements focused on improving user experience…
OpenSSL patched high-severity flaw CVE-2024-12797

Feb 11, 2025 11:55 PM

Tags: apple, communications, computer, cve, flaw, network, open-source, vulnerability

OpenSSL patched the vulnerability CVE-2024-12797, a high-severity flaw found by Apple that enables man-in-the-middle attacks. The OpenSSL Project addressed a high-severity vulnerability, tracked as CVE-2024-12797, in its secure communications library. The OpenSSL software library allows secure communications over computer networks against eavesdropping or need to identify the party at the other end. OpenSSL contains an open-source implementation…
What Is Penetration Testing? Complete Guide Steps

Feb 11, 2025 11:55 PM

Tags: computer, guide, penetration-testing

Penetration testing evaluates the security of a computer system or network. Learn more about penetesting now. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/networks/penetration-testing/
Bipartisan Senate bill would strengthen cybercrime penalties

Feb 11, 2025 9:56 PM

Tags: computer, cybercrime, fraud

The legislation from Sens. Rounds and Gillibrand would amend federal criminal code on computer fraud and stiffen punishments. First seen on cyberscoop.com Jump to article: cyberscoop.com/cybercrime-computer-fraud-bill-senate/
CERT-In Warns of High-Severity Vulnerabilities in Mozilla Firefox and Thunderbird

Feb 10, 2025 11:37 AM

Tags: browser, computer, india, vulnerability

The Indian Computer Emergency Response Team (CERT-In) has issued a vulnerability note (CIVN-2025-0016) highlighting a series of Mozilla vulnerability, including Firefox and Thunderbird. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/critical-vulnerabilities-in-mozilla-products/
Secret Taliban records published online after hackers breach computer systems

Feb 9, 2025 4:37 PM

Tags: attack, breach, computer, cyber, government, hacker

The Taliban government of Afghanistan is reeling after unidentified hackers successfully carried out a massive cyber attack against its computer systems and published over 50GB of stolen documents and files online. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/taliban-records-online-hackers-breach
Worker distraction is on the rise. Digital employee experience (DEX) platforms can help

Feb 7, 2025 11:06 PM

Tags: business, ceo, cloud, communications, computer, control, data, email, endpoint, malware, network, office, sap, service, software, switch, technology, tool, training

With the dramatic increase in remote work in the last few years, many of us are actually working longer hours, ricocheting between communication platforms, learning new systems on the fly, and struggling to fix our own tech issues.It’s all adding up to a new kind of burnoutIt’s also focusing renewed attention on the digital employee experience…
Police arrest teenager suspected of hacking NATO and numerous Spanish institutions

Feb 6, 2025 9:06 PM

Tags: access, attack, blockchain, breach, business, computer, crime, crimes, crypto, cybercrime, dark-web, data, defense, framework, hacker, hacking, international, leak, service, skills

Spain’s National Police, in a joint operation with the Civil Guard, has arrested an 18-year-old suspected of being the hacker going by aliases including “Natohub,” and known for hacking the computer services of private companies and Spanish institutions such as the Civil Guard, the Ministry of Defense, the National Mint, and the Ministry of Education,…
The cloud is not your only option: on-prem security still alive and well in Windows Server 2025

Feb 6, 2025 8:05 AM

Tags: access, attack, authentication, business, cloud, computer, data, encryption, Hardware, injection, microsoft, network, password, remote-code-execution, service, technology, tool, unauthorized, update, vmware, vulnerability, windows

We’ve often heard that on-premises solutions are on their way out, but until it’s clear that being completely in the cloud makes sense, we will remain in a long transition period. Nowhere else is this made more evident than in the new security features of Windows Server 2025.While many of these features showcase a “cloud…
Researchers Link DeepSeek’s Blockbuster Chatbot to Chinese Telecom Banned From Doing Business in US

Feb 5, 2025 11:05 PM

Tags: business, china, computer, login

DeepSeek has computer code that could send some user login information to China Mobile. The post Researchers Link DeepSeek’s Blockbuster Chatbot to Chinese Telecom Banned From Doing Business in US appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/researchers-link-deepseeks-blockbuster-chatbot-to-chinese-telecom-banned-from-doing-business-in-us/
How to Add Fingerprint Authentication to Your Windows 11 Computer

Feb 5, 2025 3:12 PM

Tags: authentication, computer, windows

You can easily add a fingerprint reader to your computer if one isn’t already built in. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/how-to-add-fingerprint-authentication-to-windows-11-computer/
Global ransomware payments plunge by a third amid crackdown

Feb 5, 2025 2:12 PM

Tags: access, attack, breach, computer, cyber, cybercrime, data, healthcare, law, ransomware

Money stolen falls from record $1.25bn to $813m as more victims refuse to pay off criminal gangsRansomware payments fell by more than a third last year to $813m (£650m) as victims refused to pay cybercriminals and law enforcement cracked down on gangs, figures reveal.The decline in such cyber-attacks where access to a computer or its…
New trojan hijacks Linux and IoT devices

Feb 5, 2025 6:12 AM

Tags: access, antivirus, attack, backup, breach, china, communications, computer, control, credentials, cyber, data, espionage, fortinet, group, Internet, iot, linux, malicious, malware, network, open-source, password, service

There’s a new trojan on the block, one that specifically targets network appliances and internet of things (IoT) devices running the open-source Linux operating system.FortiGuard Labs has identified a new malware kit, dubbed “ELF/Sshdinjector.A!tr”, that has the ability to infect and remotely control systems, establish root privilege, maintain malware presence, exfiltrate data such as user…
Hackers impersonate DeepSeek to distribute malware

Feb 4, 2025 2:12 PM

Tags: access, ai, api, attack, automation, breach, china, cloud, computer, credentials, cyberattack, data, hacker, infrastructure, leak, LLM, malicious, malware, ml, pypi, threat, tool, vulnerability

To make things worse than they already are for DeepSeek, hackers are found flooding the Python Package Index (PyPI) repository with fake DeepSeek packages carrying malicious payloads.According to a discovery made by Positive Expert Security Center (PT ESC), a campaign was seen using this trick to dupe unsuspecting developers, ML engineers, and AI enthusiasts looking…
Musk’s DOGE effort could spread malware, expose US systems to threat actors

Feb 4, 2025 10:12 AM

Tags: access, ai, api, attack, authentication, ceo, cio, computer, computing, control, cyber, cybercrime, cybersecurity, data, defense, email, exploit, governance, government, hacking, infection, infosec, international, jobs, malicious, malware, network, office, privacy, ransomware, risk, service, technology, threat, tool

Over the past 10 days, an astonishing series of actions by Elon Musk via his Department of Government Efficiency (DOGE) project has elevated the cybersecurity risk of some of the most sensitive computing systems in the US government. Musk and his team of young, inexperienced engineers, at least one of whom is not a US…
Further Adventures With CMPivot”Š”, “ŠClient Coercion

Feb 3, 2025 8:12 PM

Tags: access, ai, authentication, computer, control, data, github, microsoft, ntlm, powershell, RedTeam, service, software, tool, vulnerability, windows

Further Adventures With CMPivot”Š”, “ŠClient Coercion Perfectly Generated AI Depiction based on Title TL:DR CMPivot queries can be used to coerce SMB authentication from SCCM client hosts Introduction CMPivot is a component part of the Configuration Manager framework. With the rise in popularity for ConfigMgr as a target in red team operations, this post looks to cover a…
Schutz von Onlinekonten: Starkes Passwort reicht nicht aus

Feb 3, 2025 3:12 PM

Tags: banking, ccc, computer, cyberattack, cybercrime, data-breach, germany, Internet, mail, passkey, password, phishing
5 Encrypted Attack Predictions for 2025

Feb 1, 2025 9:12 PM

Tags: access, ai, apt, attack, automation, cloud, communications, computer, computing, control, cryptography, cyber, cyberattack, cybercrime, data, data-breach, defense, detection, email, encryption, exploit, government, group, india, infrastructure, intelligence, Internet, malicious, malware, network, phishing, ransomware, risk, service, tactics, technology, threat, update, vpn, zero-trust

The cyberthreat landscape of 2024 was rife with increasingly sophisticated threats, and encryption played a pivotal role”, a staggering 87.2% of threats were hidden in TLS/SSL traffic. The Zscaler cloud blocked 32.1 billion attempted encrypted attacks, a clear demonstration of the growing risk posed by cybercriminals leveraging encryption to evade detection. ThreatLabz reported that malware…
Vallance rejects latest charge to reform UK hacking laws

Jan 29, 2025 10:39 PM

Tags: computer, cyber, exploit, hacking, law

Science minister Patrick Vallance rejects proposed amendments to the Computer Misuse Act, arguing that they could create a loophole for cyber criminals to exploit First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366618521/Vallance-rejects-latest-charge-to-reform-UK-hacking-laws
New SLAP and FLOP CPU Attacks Expose Data From Apple Computers, Phones

Jan 29, 2025 2:36 PM

Tags: apple, attack, computer, data, exploit, mobile, phone, side-channel

New CPU side-channel attacks named SLAP and FLOP can be exploited to remotely steal data from Apple mobile and desktop devices. The post New SLAP and FLOP CPU Attacks Expose Data From Apple Computers, Phones appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/new-slap-and-flop-cpu-attacks-expose-data-from-apple-computers-phones/
Ex-worker arrested after ‘shutdown’ of British Museum computer systems

Jan 29, 2025 10:37 AM

Tags: breach, computer

London’s world-famous British Museum was forced to partially close its doors at the end of last week, following a serious security breach involving a former IT contractor. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/ex-worker-arrested-after-shutdown-of-british-museum-computer-systems
Microsoft tests ‘scareware blocker’ for Edge that uses computer vision to detect scams

Jan 28, 2025 1:36 PM

Tags: antivirus, computer, microsoft, scam, software, threat, tool

Microsoft is rolling out a new tool dubbed >>scareware blocker,>Scareware
New ransomware group Funksec is quickly gaining traction

Jan 27, 2025 9:03 PM

Tags: access, ai, attack, computer, control, country, cybercrime, data, data-breach, ddos, detection, email, encryption, extortion, government, group, leak, LLM, malware, password, powershell, ransom, ransomware, russia, rust, service, threat, tool, usa, windows

Threat reports for December showed a newcomer to the ransomware-as-a-service (RaaS) landscape quickly climbing the ranks. Called Funksec, this group appears to be leveraging generative AI in its malware development and its founders are tied to hacktivist activity.Funksec was responsible for 103 out of 578 ransomware attacks tracked by security firm NCC Group in December,…
Cybersecurity needs women, and it needs to treat them better

Jan 27, 2025 8:03 AM

Tags: cio, ciso, computer, cyber, cyberattack, cybersecurity, data-breach, group, healthcare, jobs, service, skills, technology, training

The participation of women in cybersecurity is vital, a non-negotiable proposition. Forget any current handwringing over diversity and equity; it’s fundamental that the contribution of women to the profession has made cybersecurity better.The proverbial door was kicked open long ago for women, who have made major contributions to the development of information security. But it’s…
Trump Pardons ‘Silk Road’ Dark Web Drug Market Creator

Jan 22, 2025 11:22 PM

Tags: computer, dark-web, hacking

The pardon comes after 11 years in prison for Ross Ulbricht, who was sentenced to life without parole on several charges, including computer hacking, distribution of narcotics, and money laundering. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/trump-pardons-silk-road-dark-web-drug-market-creator
7-Zip fixes bug that bypasses Windows MoTW security warnings, patch now

Jan 21, 2025 6:22 PM

Tags: computer, malicious, update, vulnerability, windows

A high-severity vulnerability in the 7-Zip file archiver allows attackers to bypass the Mark of the Web (MotW) Windows security feature and execute code on users’ computers when extracting malicious files from nested archives. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/7-zip-fixes-bug-that-bypasses-the-windows-motw-security-mechanism-patch-now/
Critical Mozilla Vulnerabilities Prompt Urgent Updates for Firefox and Thunderbird Users

Jan 21, 2025 3:22 PM

Tags: advisory, browser, computer, email, flaw, india, update, vulnerability

Mozilla Firefox and Thunderbird users are facing a series of high-severity vulnerabilities that could leave systems open to exploitation. The Indian Computer Emergency Response Team (CERT-In) issued an advisory on January 20, 2025, highlighting multiple security flaws in Mozilla’s popular browser and email client. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cert-in-reports-mozilla-vulnerabilities/