IT Security News Daily Summary 2025-02-11

178 posts were published in the last hour

• 22:32 : ‘Key kernel maintainers’ still back Rust in the Linux kernel, despite the doubters
• 22:9 : OmniGPT AI Chatbot Alleged Breach: Hacker Leaks User Data, 34M Messages
• 22:9 : What Is Penetration Testing? Complete Guide & Steps
• 22:9 : OpenSSL patched high-severity flaw CVE-2024-12797
• 21:32 : Critical OpenSSL Vulnerability Allow Hackers to Launch Man-in-the-Middle Attacks
• 21:32 : The TAKE IT DOWN Act: A Flawed Attempt to Protect Victims That Will Lead to Censorship
• 21:32 : Authorities Seize 8Base Ransomware Infrastructure, Arrest Four Russians
• 21:13 : Cerebras-Perplexity deal targets $100B search market with ultra-fast AI
• 21:13 : VERT Threat Alert: February 2025 Patch Tuesday Analysis
• 21:13 : Triplestrength hits victims with triple trouble: Ransomware, cloud hijacks, crypto-mining
• 20:32 : Fortinet FortiOS & FortiProxy Zero-Day Exploited to Hijack Firewall & Gain Super Admin Access
• 20:32 : 2025-02-10: StrelaStealer infection
• 20:32 : Top 5 GRC Certifications for Cybersecurity Professionals
• 20:32 : Microsoft Patch Tuesday February 2025 – 61 Vulnerabilities Fixed, 3 Zero-Day’s Actively Exploited
• 20:32 : Fortinet 0-Day in FortiOS & FortiProxy Let Attackers Hijacks Firewall to Get Super Admin Access
• 20:32 : Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391)
• 20:7 : Microsoft February 2025 Patch Tuesday, (Tue, Feb 11th)
• 20:7 : CISA Adds Four Known Exploited Vulnerabilities to Catalog
• 20:7 : UK, US, Oz blast holes in LockBit’s bulletproof hosting provider Zservers
• 20:7 : Microsoft Patches ‘Wormable’ Windows Flaw and File-Deleting Zero-Day
• 20:7 : The Current State of the CISO with Nick Kakolowski
• 20:5 : IT Security News Hourly Summary 2025-02-11 21h : 8 posts
• 19:32 : Microsoft Patch Tuesday for February 2025 — Snort rules and prominent vulnerabilities
• 19:32 : Microsoft Patch Tuesday February 2025: 61 Vulnerabilities Including 25 RCE & 3 0-Day
• 19:32 : Fortinet Addresses Critical Zero-Day & Multiple Vulnerabilities in Major Security Update
• 19:32 : Microsoft Patch Tuesday February 2025 – 61 Vulnerabilities Fixed, 3 Actively Exploited in the Wild
• 19:32 : Adobe Plugs 45 Software Security Holes, Warn of Code Execution Risks
• 19:32 : Comic Agilé – Luxshan Ratnaravi, Mikkel Noe-Nygaard – #325 – Fixing the Bug
• 19:31 : Adam Khan on the Unique Security Challenges in Education IT
• 19:7 : Microsoft Patch Tuesday February 2025: 61 Vulnerabilities Including 25 RCE’s Fixed
• 18:32 : Secrets Security Is the Most Important Issue For Mobile Apps
• 18:32 : AUKUS blasts holes in LockBit’s bulletproof hosting provider
• 18:32 : Russian Cybercrime Network Targeted for Sanctions Across US, UK and Australia
• 18:32 : Implementing least privilege access for Amazon Bedrock
• 18:10 : Satellite Weather Software Vulnerabilities Let Attackers Execute Code Remotely
• 18:10 : Beyond the Horizon: Assessing the Viability of Single-Bit Fault Injection Attacks
• 18:9 : Preventing Attackers from Permanently Deleting Entra ID Accounts with Protected Actions
• 18:9 : Love Gone Phishy: Check Point Research Exposes Valentine’s Day Cyber Threats
• 18:9 : How Flutterwave Defines Its Growth Strategy
• 18:9 : Safer Internet Day: Cyber Experts Weigh In
• 18:9 : Researcher Details Fortinet FortiOS Vulnerabilities Allowing DoS & RCE Attacks
• 18:9 : Critical Ivanti CSA Vulnerability Let Attackers Execute Arbitrary Code Remotely
• 18:9 : FortiOS Security Fabric Vulnerability Let Attackers Escalate Privileges to Super-admin
• 18:9 : Privacy Loves Company
• 18:9 : Building a Community Privacy Plan
• 17:32 : Monero (XMR) 2025 Prediction: What Is in Store for the Top Privacy Coin?
• 17:32 : What is Blowfish?
• 17:32 : CISA Releases Two Industrial Control Systems Advisories
• 17:32 : Another person targeted by Paragon spyware comes forward
• 17:32 : SAP Releases 21 Security Patches
• 17:32 : News alert: Gcore Radar reveals 56% rise in DDoS attacks – gaming industry targeted the most
• 17:32 : Networks hosting botnet C&Cs: Same players, same problems
• 17:32 : Alabama Hacker Admits Role in SEC X Account Breach
• 17:10 : CISA Warns Of Actively Exploited Vulnerability In Microsoft Outlook
• 17:9 : How Chrome’s enhanced protection tries to keep you safe from online dangers
• 17:9 : The rising role of cloud-based SIEM in MDR: What MSPs need to know
• 17:9 : CISA election security officials placed on leave, DHS confirms
• 17:9 : Hackers Newly Registering Valentine’s Day Themed Domains for Stealthy Cyber Attacks
• 17:9 : UK Cracked Down Russian ZSERVERS Network Acts as Launchpad for Cyber Attacks
• 17:9 : Massive Mobile Malware Campaign Targets Indian Banks, Steals Financial Data
• 17:9 : Hackers Exploit SimpleHelp RMM Vulnerabilities to Deploy Backdoors and Create Admin Accounts
• 17:9 : Sophisticated Phishing Campaign Circumvents Microsoft’s Multi Factor Authentication
• 17:9 : The Rising Problem of Banking Scams in East India
• 17:9 : WhatsApp Alerts Users About a Dangerous Zero-Click Spyware Attack
• 17:5 : IT Security News Hourly Summary 2025-02-11 18h : 9 posts
• 16:35 : SAFECOM Publishes Spring 2024 SAFECOM Bi-Annual Meeting Executive Summary
• 16:35 : Man who SIM-swapped the SEC’s X account pleads guilty
• 16:35 : DDoS Attack Volume and Magnitude Continues to Soar
• 16:35 : New Chinese Hacking Campaign Targets Manufacturing Firms to Steal IP
• 16:7 : Phobos and 8Base Ransomware criminals arrest by FBI
• 16:7 : Cisco Rejects Kraken Ransomware’s Data Breach Claims
• 16:7 : What is information security management system (ISMS)?
• 16:7 : Progress Software fixed multiple high-severity LoadMaster flaws
• 16:7 : Google Confirms Android SafetyCore Enables AI-Powered On-Device Content Classification
• 15:13 : Incident Response Planning: A Portion of Planning is Worth a Pound of Gold
• 15:13 : Phishing evolves beyond email to become latest Android app threat
• 15:13 : Apple fixes zero-day vulnerability used in “extremely sophisticated attack”
• 15:13 : What is the RSA algorithm?
• 15:13 : I found the most private and secure way to browse the web – and it isn’t incognito mode
• 15:13 : CISA election security officials placed on leave: report
• 15:13 : Artificial intelligence (AI) as an Enabler for Enhanced Data Security
• 15:13 : EARLYCROW – Detecting APT Malware Command and Control Over HTTPS
• 14:32 : 4 Ways to Keep MFA From Becoming too Much of a Good Thing
• 14:13 : RATatouille: Cooking Up Chaos in the I2P Kitchen
• 14:13 : Apple ordered to grant access to users’ encrypted data
• 14:13 : I’m a security expert, and I almost fell for a North Korea-style deepfake job applicant …Twice
• 14:13 : Authorities arrest four suspected 8base ransomware operators in global takedown
• 14:13 : Check Point and Wiz Partner to Deliver End-to-End Cloud Security
• 14:13 : Authorities Disrupt 8Base Ransomware, Arrest Four Russian Operators
• 14:13 : Ransomware Gangs Increasingly Prioritize Speed and Volume in Attacks
• 14:5 : IT Security News Hourly Summary 2025-02-11 15h : 10 posts
• 13:32 : iOS 18.3.1 patches an ‘extremely sophisticated attack’ – and more
• 13:32 : Industrial Defender 8.0 offers detailed view of OT environments
• 13:32 : 8Base ransomware group leaders arrested, leak site seized
• 13:7 : SystemBC RAT Now Targets Linux, Spreading Ransomware and Infostealers
• 13:7 : OpenAI Developing Its Own Chip to Reduce Reliance on Nvidia
• 13:7 : Breaking (Fire)Walls & Glass Ceilings: Women Leading Digital Revolution and Cyber Security’s Next Frontier
• 13:7 : Crooks use Google Tag Manager skimmer to steal credit card data from a Magento-based e-stores
• 13:7 : Deepfakes: How Deep Can They Go?
• 13:7 : Intel Patched 374 Vulnerabilities in 2024
• 13:7 : 8Base Ransomware Site Seized, Phobos Suspects Arrested in Thailand
• 12:32 : New York Bans DeepSeek Over Potential Data Risks
• 12:32 : Trusted Encryption Environments
• 12:32 : SAP Security Update – 19 Vulnerabilities Across Multiple Products Patched
• 12:32 : Discord Unveils New Privacy Feature to Ignore Users Without Knowing Them
• 12:31 : Alabama Man Pleads Guilty to Hacking SEC’s X Account
• 12:13 : EARLYCROW: Detecting APT Malware Command and Control Activities Over HTTPS
• 12:13 : Hackers Exploit Valentine’s Day Domains for Sneaky Cyber Attacks
• 12:13 : IllusionCAPTCHA – A Security Mechanism To Stop AI-Based Breaking CAPTCHA
• 12:13 : US Cyber Agency Puts Election Security Staffers Who Worked With the States on Leave
• 12:13 : Gcore DDoS Radar Reveals 56% YoY Increase in DDoS Attacks
• 12:13 : Progress Software Patches High-Severity LoadMaster Flaws Affecting Multiple Versions
• 11:32 : SolarWinds Improves Web Help Desk in Latest 12.8.5 Update
• 11:32 : Akira Ransomware Dominates January 2025 as the Most Active Ransomware Threat
• 11:32 : Enhanced IllusionCAPTCHA: Advanced Protection Against AI-Powered CAPTCHA Attacks
• 11:31 : OpenAI Finds No Evidence of Breach After Hacker Offers to Sell 20 Million Credentials
• 11:5 : IT Security News Hourly Summary 2025-02-11 12h : 11 posts
• 11:4 : Arming the Defenders: A SOTI Report for Those Who Protect the Enterprise
• 11:4 : How to Protect Sales Pipelines from Cyber Threats
• 11:4 : Apple fixes zero-day flaw exploited in “extremely sophisticated” attack (CVE-2025-24200)
• 10:32 : DeepSeek Ends Promotional API Pricing Amidst Demand Surge
• 10:32 : OpenAI ‘Finalising Design’ For In-House AI Chip
• 10:32 : Threat Actors Exploit ClickFix to Deploy NetSupport RAT in Latest Cyber Attacks
• 10:32 : Protecting Your Software Supply Chain: Assessing the Risks Before Deployment
• 10:32 : Apple Mitigates “Extremely Sophisticated” Zero-Day Exploit
• 10:5 : Building a Vulnerability Management Program from Scratch
• 10:5 : USB Army Knife – A Powerful Red Team Tool for Penetration Testers
• 10:5 : OpenAI Finds No Evidence of Breach After Hacker Offers to Sell 20M Credentials
• 10:4 : The Future of Data Security Lies in Quantum-Safe Encryption
• 10:4 : OpenAI Was Not Breached, Say Researchers
• 9:32 : International Tensions Surface At Paris AI Summit
• 9:32 : BYD To Equip Nearly All EVs With Driving Automation
• 9:32 : Researchers Deliver High-Performance AI Model For Under $50
• 9:32 : SouthKorea Spy Agency Says DeepSeek Excessively Collects Personal Data
• 9:31 : FinStealer Malware Attacking Leading Indian Bank’s Mobile Users To Steal Login Credentials
• 9:4 : Evil Crow RF Tool Transforms Smartphones into Powerful RF Hacking Devices
• 9:4 : FinStealer Malware Targets Leading Indian Bank’s Mobile Users, Stealing Login Credentials
• 9:4 : Urgent Apple released iOS 18.3.1 and iPadOS 18.3.1 Security Updates
• 9:4 : Operation Phobos Aetor: Police dismantled 8Base ransomware gang
• 8:32 : Strengthening Cloud Resilience and Compliance with DORA: A Critical Focus for Financial Institutions
• 8:32 : Massive Facebook Phishing Attack Targets Hundreds of Companies for Credential Theft
• 8:32 : Progress LoadMaster Security Vulnerability let Attackers Execute Arbitrary System Commands
• 8:32 : Akira Ransomware Leads The Number of Ransomware Attacks For January 2025
• 8:32 : Alabama Man Pleaded Guilty for Hacking U.S. Securities and Exchange Commission X Account
• 8:32 : Urgent iOS update, CISA officials on administrative leave, newspaper operations impacted
• 8:7 : Gcore Radar Report Reveals 56% Year-on-year Increase in DDoS Attacks
• 8:7 : DeepSeek Accused of Over-Collecting Personal Data, Says South Korea’s Spy Agency
• 8:6 : Researchers Found North Korean Hackers Advanced Tactics, techniques, and procedures
• 8:5 : IT Security News Hourly Summary 2025-02-11 09h : 1 posts
• 7:31 : 8Base Ransomware Data Leak Sites Seized in International Law Enforcement Operation
• 7:2 : Gcore Radar report reveals 56% year-on-year increase in DDoS attacks
• 7:2 : Critical Flaw in Progress LoadMaster Allows Attackers to Execute System Commands
• 7:2 : Researchers Unveiled Tactics, Techniques, and Procedures Used by North Korean Hackers
• 6:31 : How Fast Recovery from Cyber Attacks Can Be Achieved
• 6:7 : Cyber Attack news headlines currently trending on Google
• 6:6 : Authorities Seize 8Base Ransomware Dark Web Site, Arrest Four Key Operators
• 5:31 : Testing the DeepSeek-R1 Model: A Pandora’s Box of Security Risks
• 5:31 : Arvest Bank CISO on building a strong cybersecurity culture in banking
• 5:9 : 12,000+ KerioControl Firewalls Exposed to 1-Click RCE Attack
• 5:9 : Review: Inside Cyber Warfare, 3rd Edition
• 5:9 : Apple Patches Actively Exploited iOS Zero-Day CVE-2025-24200 in Emergency Update
• 5:5 : IT Security News Hourly Summary 2025-02-11 06h : 3 posts
• 4:32 : How to detect and disable Apple AirTags that might be tracking you
• 4:9 : Ubuntu Printing Vulnerability Let Attackers Execute Arbitrary Code on Locked Laptops
• 4:8 : Cybersecurity jobs available right now: February 11, 2025
• 3:36 : Using AI To Help Keep Your Financial Data Secure
• 3:36 : LandAirSea – 337,373 breached accounts
• 2:32 : Blockchain in Healthcare: Improving Patient Data Security
• 2:31 : Apple iOS 0-day Vulnerability Exploited Wild in Extremely Sophisticated Attack
• 2:31 : Securing the Endpoint: Automating Security and Identity Management for Better Digital Experiences
• 2:13 : 
Reminder: 7-Zip & MoW, (Mon, Feb 10th)
• 2:13 : ISC Stormcast For Tuesday, February 11th, 2025 https://isc.sans.edu/podcastdetail/9318, (Tue, Feb 11th)
• 2:13 : Apple warns ‘extremely sophisticated attack’ may be targeting iThings
• 1:2 : Apple and Google take down malicious mobile apps from their app stores
• 0:32 : The Art of Human-AI Synergy: A Framework for Smart Collaboration
• 23:20 : DevSecOps platform tucks in API security as AI apps heat up
• 23:19 : Apple fixes iPhone and iPad bug exploited in ‘extremely sophisticated attacks’
• 23:5 : IT Security News Hourly Summary 2025-02-11 00h : 5 posts