Tag: cyberattack

Massive Botnet Targets ASUS Routers by Injecting Malicious SSH Keys

May 29, 2025 10:55 AM

Tags: access, ai, attack, authentication, botnet, cyber, cyberattack, data-breach, injection, Internet, malicious, router, tool, unauthorized, vulnerability

GreyNoise Research has publicly disclosed a sophisticated cyberattack campaign that has compromised over 9,000 ASUS routers worldwide. First detected by GreyNoise’s proprietary AI-powered analysis tool, Sift, on March 18, 2025, the campaign leverages a combination of brute-force attacks, authentication bypasses, and a known command injection vulnerability (CVE-2023-39780) to gain and maintain unauthorized access to internet-exposed…
Phishing Q1 2025: Neue Angriffsmuster und technische Schwachstellen

May 29, 2025 7:55 AM

Tags: cyberattack, phishing, ransomware, vulnerability

Im ersten Quartal 2025 zeigen sich klare Trends in der Cyberkriminalität. Phishing bleibt die häufigste Angriffsform, während gleichzeitig Ransomware-Angriffe zunehmen insbesondere in der Fertigungs- und Baubranche. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/phishing-angriffsmuster-schwachstellen
Cyberangriff auf die Webseite eines Modeunternehmens aus den USA

May 29, 2025 7:55 AM

Tags: cyberattack, usa

Valued customer, we identified and are taking steps to address a security incident. First seen on victoriassecret.com Jump to article: www.victoriassecret.com/
Cyberangriff auf eine Hotelgruppe in Deutschland

May 29, 2025 7:55 AM

Tags: cyberattack, germany

Cyberangriff auf die arcona Hotels & Resorts First seen on arcona.de Jump to article: arcona.de/de/hinweis
Separating hype from reality: How cybercriminals are actually using AI

May 28, 2025 10:55 PM

Tags: ai, attack, automation, cyber, cyberattack, cybercrime, cybersecurity, data, defense, exploit, framework, group, incident response, malicious, mitre, strategy, technology, threat, vulnerability, zero-day

The evolution of AI: Preparing defenders for tomorrow’s threats: As security professionals chart their defensive strategies, we must consider how AI will reshape cybercrime in the coming years. We also need to anticipate the fundamental pivots attackers will make, and what this evolution means for our entire industry. AI will inevitably impact vulnerability discovery, enable…
Marlink flags surge in AI-powered cyberattacks

May 28, 2025 10:55 PM

Tags: ai, cyberattack

First seen on scworld.com Jump to article: www.scworld.com/brief/marlink-flags-surge-in-ai-powered-cyberattacks
Taiwan blamed for cyberattacks against China

May 28, 2025 10:55 PM

Tags: china, cyberattack

First seen on scworld.com Jump to article: www.scworld.com/brief/taiwan-blamed-for-cyberattacks-against-china
Czech Republic accuses China’s APT31 of a cyberattack on its Foreign Ministry

May 28, 2025 8:55 PM

Tags: china, cyber, cyberattack, espionage, government, group, hacker

The Czech government condemned China after linking cyber espionage group APT31 to a cyberattack on its critical infrastructure. The Czech government strongly condemned China after the cyber espionage group APT31 was linked to a cyberattack targeting the nation’s critical infrastructure. The Czech government condemned China after APT31 hackers infiltrated a ministry’s unclassified system in 2022…
Czech Republic Blames China-Linked APT31 Hackers for 2022 Cyberattack

May 28, 2025 8:55 PM

Tags: breach, china, cyberattack, government, hacker, malicious, network, threat

The Czech Republic on Wednesday formally accused a threat actor associated with the People’s Republic of China (PRC) of targeting its Ministry of Foreign Affairs.In a public statement, the government said it identified China as the culprit behind a malicious campaign targeting one of the unclassified networks of the Czech Ministry of Foreign Affairs. The…
Cellcom Restores Regional Mobile Services After Cyberattack

May 28, 2025 6:54 PM

Tags: cyberattack, mobile, service

Customers in parts of Wisconsin and Michigan could not make calls or send text messages for nearly a week after an incident on May 14, and service is still intermittent in some areas. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/cellcom-restores-regional-mobile-services-cyberattack
Adidas Data Breach Highlights Third-Party Risks: Why AI-Based Cybersecurity Solutions Are Essential

May 28, 2025 4:55 PM

Tags: ai, breach, cyberattack, cybersecurity, data, data-breach, risk, service

On May 23, Adidas disclosed a data breach resulting from a cyberattack on a third-party customer service provider, exposing sensitive customer information in multiple regions, including the U.S. and Europe. While Adidas did not name the vendor involved, the company emphasized that the breach impacted “a few million individuals,” and included data such as contact…
Dior Cyber Attack Exposes Retail Vulnerabilities: Why Threat Detection and Response Must Be a Priority

May 28, 2025 4:55 PM

Tags: access, attack, banking, breach, china, cyber, cyberattack, data, detection, finance, korea, threat, unauthorized, vulnerability

Luxury fashion giant Dior has confirmed a cyberattack that compromised customer data in parts of Asia. The breach, discovered on May 7, impacted customers in China and South Korea, with attackers gaining unauthorized access to personal information, including names, contact details, and product preferences. According to ITPro, no financial data, such as banking or credit…
Czechia blames China for Ministry of Foreign Affairs cyberattack

May 28, 2025 4:55 PM

Tags: china, country, cyberattack, group, hacking, infrastructure

The Czech Republic says the Chinese-backed APT31 hacking group was behind cyberattacks targeting the country’s Ministry of Foreign Affairs and critical infrastructure organizations. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/czechia-blames-china-for-ministry-of-foreign-affairs-cyberattack/
Check Point übernimmt Veriti, um das Management von Risiken durch Cyberbedrohungen zu verbessern

May 28, 2025 3:55 PM

Tags: ai, cyberattack, cybersecurity, cyersecurity, risk, software

KI-gestützte Angriffe und hyper-vernetzte IT-Umgebungen haben die Aufdeckung von Bedrohungen zu einer der dringendsten Herausforderungen der Cybersicherheit in Unternehmen gemacht. Als Antwort darauf hat Check Point Software Technologies eine endgültige Vereinbarung zur Übernahme von Veriti Cybersecurity bekannt gegeben, der ersten vollautomatischen, herstellerübergreifenden Plattform zur präventiven Bedrohungserkennung und -abwehr. ‘Die Übernahme von Veriti ist ein bedeutender…
Hacker stehlen Coca-Cola-Daten

May 28, 2025 3:55 PM

Tags: access, cyberattack, dark-web, data-breach, extortion, hacker, ransom, ransomware

Der Coca-Cola-Abfüller Coca-Cola Europacific Partners ist von einem Datenleck betroffen.Cyberkriminelle behaupten in einem Darknet-Post, mehr als 64 Gigabyte Daten mit 23 Millionen Einträgen von Coca-Cola Europacific Partners gestohlen zu haben. Darunter befinden sich demnach Kundendaten und Kontaktinformationen, Verkaufsfälle und Produktdaten, Lieferadressen und Telefonnummern sowie Bestellnummern und Zusammenfassungen.Der Coca-Cola-Produzent hat sich bisher noch nicht offiziell zu…
Ukraine tallies up Russian cyberattacks on local media since start of war

May 28, 2025 2:55 PM

Tags: attack, cyberattack, ddos, disinformation, russia, ukraine

Ukraine’s SSSCIP agency said Russia has been responsible for more than 200 incidents against media outlets since the start of the war, including wiper attacks, DDoS incidents and disinformation campaigns. First seen on therecord.media Jump to article: therecord.media/ukraine-media-cyberattacks-russia-ssscip-report
MCP Server: Github-Tool ermöglicht Datenklau aus privaten Code-Repos

May 28, 2025 11:55 AM

Tags: cyberattack, github, tool

Forscher haben einen Angriff demonstriert, mit dem sich über den offiziellen Github MCP Server Code und Daten aus privaten Repos ausleiten lassen. First seen on golem.de Jump to article: www.golem.de/news/mcp-server-github-tool-ermoeglicht-datenklau-aus-privaten-code-repos-2505-196651.html
Deutschland: Mehr Malware, aber weniger Ransomware

May 28, 2025 10:55 AM

Tags: cyberattack, germany, malware, ransomware

Die digitale Bedrohungslage in Deutschland hat sich im Jahr 2024 grundlegend verändert. Zwar gingen klassische Ransomware-Angriffe deutlich zurück, doch dafür nahm die Verbreitung von Malware stark zu. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/deutschland-mehr-malware-weniger-ransomware
Veränderte Angriffsmuster: Mehr Malware, aber weniger Ransomware in Deutschland

May 28, 2025 7:54 AM

Tags: cyberattack, germany, malware, ransomware

Die Bedrohungslage durch Cyberangriffe in Deutschland hat sich 2024 strukturell verändert. Wie aktuelle Zahlen von Acronis zeigen, war Malware im vergangenen Jahr die dominierende Bedrohung: Durchschnittlich 23,7″¯Prozent der Acronis-Nutzer in Deutschland waren monatlich betroffen fast doppelt so viele wie noch 2023 mit 12″¯Prozent. Dagegen verzeichneten Angriffe mittels Ransomware im Januar 2024 im Vergleich zu… First…
Gemeinde in Brasilien mit Cyberangriff um umgerechnet € 251.000 bestohlen

May 28, 2025 7:54 AM

Tags: cyberattack

Prefeitura de cidade com 3,5 mil habitantes sofre ataque virtual e perde R$ 1,6 milhão em SC First seen on ndmais.com.br Jump to article: ndmais.com.br/seguranca/prefeitura-de-anitapolis-sofre-furto-virtual-de-r-16-mi/
Cyberangriff auf ein Bergbauunternehmen in Argentinien

May 28, 2025 7:54 AM

Tags: cyberattack, virus

Hackeo o virus en el sistema informático de YCRT desde el jueves, obliga a la Intervención a ordenar que no se usen las computadoras en toda la empresa First seen on opisantacruz.com.ar Jump to article: www.opisantacruz.com.ar/2025/05/27/hackeo-o-virus-en-el-sistema-informatico-de-ycrt-desde-el-jueves-obliga-a-la-intervencion-a-ordenar-que-no-se-usen-las-computadoras-en-toda-la-empresa/
Die wertvollsten Security-Zertifizierungen

May 28, 2025 6:54 AM

Tags: access, ai, blockchain, china, cisa, cisco, cloud, compliance, control, cyberattack, cybersecurity, data, DSGVO, endpoint, framework, germany, governance, hacker, hacking, identity, incident response, injection, international, jobs, kali, linux, monitoring, network, password, penetration-testing, privacy, resilience, risk, risk-management, sans, security-incident, service, siem, skills, social-engineering, sql, threat, usa, vulnerability, windows

Zertifizierte IT-Sicherheitsprofis sind (unter anderem) gefragter und verdienen besser.(Cybersecurity-)Zertifizierungen können eine aktienähnliche Volatilität entfalten: Ihre Popularität kann steigen oder auch fallen und sie können an Relevanz verlieren, wenn sie nicht mit den aktuellen Branchenentwicklungen Schritt halten. Allerdings sind davon nicht alle Zertifizierungen gleichermaßen betroffen: Sogenannte “Blue Chips” haben sich über den Lauf der Zeit bewährt…
Masimo says cyberattack will not prevent it from fulfilling orders

May 27, 2025 11:54 PM

Tags: cyberattack, finance, monitoring

The maker of patient monitoring devices said the incident will not have a material effect on its updated financial outlook. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/masimo-cyberattack-fulfilling-orders/749076/
China accuses Taiwan-linked group of cyberattack on local tech company

May 27, 2025 7:54 PM

Tags: china, cyberattack, group, network

According to police in Guangzhou, the group, allegedly linked to Taiwan’s ruling Democratic Progressive Party (DPP), has targeted more than 1,000 key networks in over 10 Chinese provinces. First seen on therecord.media Jump to article: therecord.media/china-accuses-taiwan-linked-group-of-cyberattacks
WordPress TI WooCommerce Wishlist Plugin Flaw Puts Over 100,000 Websites at Risk of Cyberattack

May 27, 2025 4:54 PM

Tags: cyber, cyberattack, flaw, risk, wordpress

A severe security flaw has been identified in the TI WooCommerce Wishlist plugin, a widely used WordPress extension with over 100,000 active installations. This plugin enables WooCommerce store owners to integrate wishlist functionality into their online shops, often alongside other extensions like WC Fields Factory for enhanced form customization. However, the latest version (2.9.2 as…
Wer landet im Netz der Cyber-Spinne?

May 27, 2025 3:54 PM

Tags: awareness, backup, ciso, cyber, cyberattack, edr, google, hacker, infrastructure, intelligence, login, malware, mfa, phishing, ransomware, service, social-engineering, tool, usa, vpn

Nachdem die Hackergruppe Scattered Spider unter britischen Einzelhändlern gewütet hat, verstärkt sie ihre Kooperation mit RaaS und weitet ihr Jagdgebiet aus.Der britische Einzelhändler Marks & Spencer wurde Ende April durch eine Cyberattacke erheblich in seinem Geschäftsbetrieb gestört. Voraussichtlicher Schaden: über 400 Millionen Dollar. Kurz darauf ereigneten sich ähnliche Angriffe auf die Einzelhändler Harrods und Co-op.Alle…
Velvet Chollima APTHackers Target Government Officials Using Weaponized PDFs

May 27, 2025 2:54 PM

Tags: attack, computer, cyber, cyberattack, government, group, intelligence, microsoft, threat, usa

The DPRK-linked Velvet Chollima Advanced Persistent Threat (APT) group has launched a sophisticated cyberattack campaign targeting South Korean government officials, as well as NGOs, government agencies, and media organizations across North America, South America, Europe, and East Asia. Initiated in January 2025, this attack, detailed by Microsoft’s Threat Intelligence team and reported by Bleeping Computer,…
Ausfälle bei Matlab: Cyberangriff trifft Mathworks und dessen Dienste

May 27, 2025 10:54 AM

Tags: cyberattack

Viele Akademiker können die weitverbreitete Mathematiksoftware Matlab seit Tagen nicht nutzen. Grund dafür ist ein Ransomwareangriff. First seen on golem.de Jump to article: www.golem.de/news/ausfaelle-bei-matlab-cyberangriff-trifft-mathworks-und-dessen-dienste-2505-196612.html
How Google Meet Pages Are Exploited to Deliver PowerShell Malware

May 27, 2025 8:54 AM

Tags: attack, cyber, cyberattack, email, exploit, google, macOS, malicious, malware, phishing, powershell, social-engineering, tactics, windows

A new wave of cyberattacks exploits user trust in Google Meet by deploying meticulously crafted fake meeting pages that trick victims into running malicious PowerShell commands. This campaign, dubbed ClickFix, leverages advanced social engineering tactics, bypassing traditional security measures and targeting Windows and macOS systems. The attack begins with phishing emails containing links that closely…
Diese Social-Engineering-Trends sollten Sie kennen

May 27, 2025 6:54 AM

Tags: access, ai, authentication, ceo, computer, cyberattack, cyersecurity, hacker, mail, mfa, microsoft, psychology, social-engineering, tool, vulnerability, windows

Beim Social Engineering nutzen Cyberkriminelle menschliches Verhalten für ihre Zwecke aus. Dabei lassen sich folgende Trends beobachten. Anstatt auf fortschrittliche Tools oder komplexe Skripte zu setzen, dringen erfahrene Angreifer in Systeme ein und stehlen Daten mit Hilfe der effektivsten aller Waffen: Social Engineering befindet sich an der Schnittstelle zwischen Cybersicherheit und Psychologie und nutzt menschliches…