Tag: cyberattack
-
Cyberangriff: Hacker machen Medion ein Weihnachtsgeschenk
by
in SecurityNewsDie Angreifer wollen am 25. Dezember rund 1,5 TByte an Unternehmensdaten veröffentlichen. Medion spricht nach wie vor nur von einer IT-Störung. First seen on golem.de Jump to article: www.golem.de/news/cyberangriff-hacker-machen-medion-ein-weihnachtsgeschenk-2412-191850.html
-
Kritische LDAP-Schwachstelle in Windows (CVE-2024-49112)
by
in SecurityNewsNoch ein kleiner Nachtrag vom Dezember 2024-Patchday. Zum 10. Dezember 2024 hat Microsoft einen kritische Schwachstelle (CVE-2024-49112) im Lightweight Directory Access Protocol (LDAP) öffentlich gemacht. Diese ermöglicht Remote-Angriffe auf Windows-Clients und -Server, wurde aber gepatcht. Es gibt aber eine Reihe … First seen on borncity.com Jump to article: www.borncity.com/blog/2024/12/19/kritische-ldap-schwachstelle-in-windows-cve-2024-49112/
-
US considers banning TP-Link routers over cybersecurity concerns
by
in SecurityNewsThe U.S. government may ban TP-Link routers in 2025 if investigations confirm their use could pose a national security risk. The U.S. government is investigating whether TP-Link routers, linked to cyberattacks, pose a national security risk, the Wall Street Journal reported. According to the WSJ, the U.S. government is considering banning TP-Link routers starting in…
-
Die 10 häufigsten LLM-Schwachstellen
by
in SecurityNews
Tags: access, ai, api, application-security, awareness, breach, cloud, control, cyberattack, data, detection, dos, encryption, injection, least-privilege, LLM, ml, monitoring, privacy, RedTeam, remote-code-execution, risk, service, tool, update, vulnerability, zero-trust -
Russia-linked APT29 group used red team tools in rogue RDP attacks
by
in SecurityNewsRussia-linked APT29 group uses malicious RDP configuration files, adapting red teaming methods for cyberattacks to compromise systems. In October 2024, the Russia-linked cyber espionage group APT29 (aka Earth Koshchei, SVR group, Cozy Bear, Nobelium, BlueBravo, Midnight Blizzard, and The Dukes) used rogue RDP attacks via phishing emails targeting governments, think tanks, and Ukrainian entities to steal data and install malware. The…
-
Opswat Expands Critical Infrastructure Defense With Fend Buy
by
in SecurityNewsData Diodes Enhance Air-Gapped Network Security, Deliver Advanced Network Isolation. Opswat’s acquisition of Fend integrates advanced hardware-based security with Opswat’s platform, delivering robust protection against cyberattacks on critical infrastructure like power grids and water systems. Fend’s small-form-factor data diodes meet the demand for affordable, scalable solutions. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/opswat-expands-critical-infrastructure-defense-fend-buy-a-27099
-
US considers banning TP-Link routers over cybersecurity risks
by
in SecurityNewsThe U.S. government is considering banning TP-Link routers starting next year if ongoing investigations find that their use in cyberattacks poses a national security risk. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/us-considers-banning-tp-link-routers-over-cybersecurity-risks/
-
Cyber-Angriffe auf das Online-Shopping-Erlebnis: Thales warnt vor bösartigen Bots
by
in SecurityNewsFirst seen on datensicherheit.de Jump to article: www.datensicherheit.de/cyber-angriffe-online-shopping-erlebnis-thales-warnung-boesartigkeit-bots
-
Datenleck bei United Kiosk
by
in SecurityNewsDer digitale Zeitschriftenhändler United Kiosk ist bereits ab dem 21. Oktober 2024 Opfer eines gezielten Cyberangriffs geworden. Das Unternehmen informierte seine Kunden zunächst nur über eine vermeintliche ‘technische Störung”. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/datenleck-united-kiosk
-
KI-gestützte Cybersicherheit 10 Prognosen für das Jahr 2025
by
in SecurityNewsSchon seit vielen Jahren warnen Cybersicherheitsexperten auf der ganzen Welt vor den Gefahren KI-gestützter Cyberangriffe. Langsam werden diese Warnungen nun Realität. In diesem Jahr kam KI noch vor allem in Deepfake-, Phishing- und Spear Phishing-Kampagnen zum Einsatz. Für die kommenden Jahre ist aber mit einem deutlichen Anstieg der Anwendungsfälle zu rechnen. KI-gestützte Cyberangriffe werden mehr…
-
Careto A legendary Threat Group Targets Windows By Deploy Microphone Recorder And Steal Files
by
in SecurityNewsRecent research has linked a series of cyberattacks to The Mask group, as one notable attack targeted a Latin American organization in 2022, where attackers compromised the organization’s MDaemon email server and exploited the WorldClient webmail component to maintain persistent access. While the initial compromise vector remains unknown, the successful exploitation of the MDaemon server…
-
Multicloud-Security von Zscaler – Zero Trust Segmentation soll Ransomware-Angriffe verhindern
by
in SecurityNewsFirst seen on security-insider.de Jump to article: www.security-insider.de/zscaler-zero-trust-segmentation-netzwerksicherheit-a-bb218220a04159b641a1729cabddbe89/
-
IT-Ausfälle, KI-Angriffe und Lieferketten-Risiken
by
in SecurityNewsCybersicherheitsexperten haben für 2025 zunehmende IT-Ausfälle, gezielte KI-Angriffe und massive Störungen der Lieferketten vorhergesagt. Die Schwachstellen reichen von KI-Prozessoren bis hin zu Satelliteninternet mit globalen Auswirkungen auf Kommunikation und Wirtschaft. First seen on itsicherheit-online.com Jump to article: www.itsicherheit-online.com/news/cybersecurity/it-ausfaelle-ki-angriffe-und-lieferketten-risiken/
-
Neue Angriffskette von TA397 verbreitet Spionage-RATs
by
in SecurityNewsDie Security-Experten von Proofpoint haben einen neuen Angriff der APT-Gruppe TA397 (auch unter dem Namen ‘Bitter” bekannt) näher analysiert. Die untersuchte Attacke richtete sich gegen eine Organisation aus der türkischen Rüstungsbranche und fand im November 2024 statt. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/neue-angriffskette-von-ta397-verbreitet-spionage-rats
-
Top 10 Cyberattacks in 2024 that Stole the Spotlight
by
in SecurityNews
Tags: attack, corporate, cyberattack, data, exploit, infrastructure, ransomware, threat, vulnerabilityCyberattacks this year have escalated into a high-stakes battle, with increasingly advanced attacks targeting critical infrastructure, personal data, and corporate systems. From state-sponsored cyberattacks to ransomware campaigns, the top cyberattacks of 2024 have proven that threat actors have been weaponizing advanced technologies to exploit vulnerabilities in both private and public sectors. First seen on thecyberexpress.com…
-
From Taiwan to Korea: TIDRONE Threat Actor Targets ERP Software
by
in SecurityNewsThe AhnLab Security Intelligence Center (ASEC) has uncovered a series of cyberattacks on Korean companies orchestrated by the TIDRONE threat actor. Known for its focus on Taiwanese defense and drone... First seen on securityonline.info Jump to article: securityonline.info/from-taiwan-to-korea-tidrone-threat-actor-targets-erp-software/
-
Nebraska AG Files 1st State Lawsuit in Change Health Breach
by
in SecurityNewsMore States Likely To Push Similar Legal Claims Against Change Healthcare and UHG. UnitedHealth Group is facing scores of proposed class action lawsuits involving the massively disruptive cyberattack and mega data breach at its Change Healthcare IT services unit this year. But now the company faces the first in what will likely be many more…
-
Amazon Security Chief On Stopping 2.7 Trillion EC2 Attacks, 28 Billion S3 Storage Attempts
by
in SecurityNewsAmazon cybersecurity leader CJ Moses on stopping trillions of EC2 cyberattacks, billions of AWS S3 storage and DDoS attacks, and threat actors. First seen on crn.com Jump to article: www.crn.com/news/security/2024/amazon-security-chief-on-stopping-2-7-trillion-ec2-attacks-28-billion-s3-storage-attempts
-
Next-gen cybercrime: The need for collaboration in 2025
by
in SecurityNews
Tags: ai, attack, awareness, cloud, crime, crimes, cyber, cyberattack, cybercrime, cybersecurity, defense, exploit, framework, group, healthcare, infrastructure, intelligence, risk, service, strategy, tactics, technology, threat, training, vulnerabilityCybercrime is a relentless and evolving threat to organizations worldwide. However, with the right insights, we can significantly enhance our security, mitigate risks, and stay ahead of these criminals.FortiGuard Labs’ Cyberthreat Predictions for 2025 report is designed to provide exactly these insights. It identifies emerging threat trends for the coming year and offers actionable guidance…
-
Hackers Demand Ransom in Rhode Island Health System Data Breach
by
in SecurityNewsIn a major cyberattack, the state of Rhode Island has fallen victim to a security breach potentially exposing the personal information of thousands of residents. First seen on hackread.com Jump to article: hackread.com/hackers-ransom-rhode-island-health-system-data-breach/
-
Hacker missbrauchen Google-Calendar zum Angriff auf Postfächer
by
in SecurityNewsCheck Point hat eine neue Hacker-Kampagne aufgedeckt: Der Google-Calendar wird missbraucht, um Postfächer anzugreifen. Sie missbrauchen dabei Benachrichtigungen, um Phishing-E-Mails an den Sicherheitsmaßnahmen vieler Postfächer vorbei zu schmuggeln. Google-Calendar ist ein Tool zur Organisation von Zeitplänen und zur Zeitverwaltung, das Einzelpersonen und Unternehmen bei der effizienten Planung ihrer Arbeitszeit unterstützt. Nach Angaben von Calendly.com wird…
-
Nahezu alle Hacker sind der Ansicht, dass durch KI-Tools ein neuer Angriffsvektor entstanden ist
by
in SecurityNewsEine neue Umfrage unter Hackern zeigt, dass KI nicht nur Hackern hilft, effizienter zu werden, sondern dass KI selbst ‘reif für die Ausbeutung” ist. Nur selten kann man einen Hacker fragen: ‘Was denken Sie?”, wenn es um Cyberangriffe, Cybersicherheitsbemühungen und die Zukunft geht, die er erwartet. Der Bugcrowd-Bericht ‘2024 Inside the Mind of a Hacker…
-
Autozulieferer LKQ Opfer eines Cyberangriffs
by
in SecurityNews
Tags: cyberattackKurze Information für Leser, die ggf. in geschäftlicher Verbindung mit dem Zulieferer von Fahrzeugteilen, LKQ, stehen. Der US-Anbieter hat ja auch europäische Ableger. Mir ist gerade die Information untergekommen, dass LKQ Opfer eines Cyberangriffs geworden ist. Das geht aus einer … First seen on borncity.com Jump to article: www.borncity.com/blog/2024/12/17/autozulieferer-lkq-opfer-eines-cyberangriffs/
-
Detection Engineer’s Guide to Powershell Remoting
by
in SecurityNews
Tags: access, attack, automation, computer, control, credentials, crowdstrike, cyberattack, data, detection, edr, endpoint, exploit, firewall, guide, hacker, malicious, microsoft, mitre, monitoring, network, penetration-testing, powershell, risk, service, siem, threat, tool, update, windowsPowershell Remoting is a powerful feature in Windows that enables IT administrators to remotely execute commands, manage configurations, and automate tasks across multiple systems in a network. Utilizing Windows Remote Management (WinRM), it facilitates efficient management by allowing centralized control over endpoints, making it an essential tool for system administrators to streamline operations and maintain…
-
DORA steht vor der Tür
by
in SecurityNews
Tags: ai, cisco, cloud, compliance, computing, crypto, cyberattack, cybersecurity, cyersecurity, detection, dora, endpoint, infrastructure, monitoring, resilience, risk, risk-management, service, threat, tool, vulnerability, zero-trustsrcset=”https://b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_1942670248.jpg?quality=50&strip=all 12500w, b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_1942670248.jpg?resize=300%2C168&quality=50&strip=all 300w, b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_1942670248.jpg?resize=768%2C432&quality=50&strip=all 768w, b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_1942670248.jpg?resize=1024%2C576&quality=50&strip=all 1024w, b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_1942670248.jpg?resize=1536%2C864&quality=50&strip=all 1536w, b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_1942670248.jpg?resize=2048%2C1152&quality=50&strip=all 2048w, b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_1942670248.jpg?resize=1240%2C697&quality=50&strip=all 1240w, b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_1942670248.jpg?resize=150%2C84&quality=50&strip=all 150w, b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_1942670248.jpg?resize=854%2C480&quality=50&strip=all 854w, b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_1942670248.jpg?resize=640%2C360&quality=50&strip=all 640w, b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_1942670248.jpg?resize=444%2C250&quality=50&strip=all 444w” width=”1024″ height=”576″ sizes=”(max-width: 1024px) 100vw, 1024px”>DORA soll die Cybersicherheit in der Finanzbranche erhöhen. Vector Image Plus Shutterstock.comAb 17. Januar 2025 sind alle Finanzdienstleister in der EU verpflichtet, den Digital Operational Resilience Act (DORA)…
-
Voice Phishing on Microsoft Teams Facilitates DarkGate Malware Attack
by
in SecurityNewsTrend Micro has revealed a new vector for cyberattacks: voice phishing (vishing) conducted via Microsoft Teams. This tactic was recently employed to distribute DarkGate malware, a sophisticated threat capable of... First seen on securityonline.info Jump to article: securityonline.info/voice-phishing-on-microsoft-teams-facilitates-darkgate-malware-attack/