IT Security News Daily Summary 2025-03-19

173 posts were published in the last hour

22:11 : Zero-day vulnerabilities: the real threat behind Netflix’s “Zero Day”
22:11 : TotalAV vs Surfshark VPN: Features Comparison Guide
21:34 : TechRepublic EXCLUSIVE: New Ransomware Attacks are Getting More Personal as Hackers ‘Apply Psychological Pressure”
21:34 : Attackers swipe data of 500k+ people from Pennsylvania teachers union
21:2 : Names, bank info, and more spills from top sperm bank
20:38 : Suspects Charged In Huawei EU Parliament Corruption Probe
20:38 : You have 2 days to update Firefox before everything breaks
20:15 : 11 Nation-State Hackers Exploit Unpatched Windows Flaw Since 2017
20:15 : DEF CON 32 – Recon Village – SWGRecon: Automating SWG Rules, Policies & Bypasses
20:5 : IT Security News Hourly Summary 2025-03-19 21h : 3 posts
19:34 : Nvidia’s Cosmos-Transfer1 makes robot training freakishly realistic—and that changes everything
19:34 : Scam Alert: FBI ‘Increasingly Seeing’ Malware Distributed In Document Converters
19:34 : CISA Adds Three Known Exploited Vulnerabilities to Catalog
19:2 : Implementing Least Privilege Access for Enhanced Data Security
19:2 : IBM scores perfect 10 … vulnerability in mission-critical OS AIX
19:2 : EFF’s Reflections from RightsCon 2025
19:2 : SecPod launches Saner Cloud: A Revolutionary CNAPP For Preventive Cybersecurity
18:34 : New research shows we need to rethink approach to resilience and security, says leading tech firm
18:34 : Trend Micro Open Sources Cybertron LLM for Cybersecurity
17:34 : Securing Europe’s Digital Future: The Quantum Race to Protect Communications
17:34 : Secure AI inferencing: POC with NVIDIA NIM on CoCo with OpenShift AI
17:34 : Red Hat Advanced Cluster Security 4.7 simplifies management, enhances workflows, and generates SBOMs
17:33 : HP Intros Printers with Protection Against Quantum Cyberattacks
17:10 : The Microsoft patch management guide for admins
17:9 : Analytics company Dataminr secures $85M to fund growth
17:9 : Threat Actors Exploiting Legacy Drivers to Bypass TLS Certificate Validation
17:9 : ANY.RUN’s New Android OS Support Let SOC/DFIR Team Perform Android APK Malware Analysis
17:9 : Hackers Leveraging RMM Tools To Maintain Persistence To Infiltrate And Move Through Networks
17:5 : IT Security News Hourly Summary 2025-03-19 18h : 17 posts
16:33 : Stealthy Apache Tomcat Critical Exploit Bypasses Security Filters: Are You at Risk?
16:32 : Critical AMI BMC Vulnerability Allows Attackers To Bypass Authentication Remotely
16:32 : Beware of Fake GitHub “Security Alerts” Let Hackers Hijack Your Account Login Credentials
16:32 : Attackers Embedding Malicious Word file into a PDF to Evade Detections
16:32 : 41% of Success Logins Across Websites Involves Compromised Passwords
16:32 : US Sperm Donor Giant California Cryobank Hacked – Customers Personal Data Exposed
16:32 : Orion Security Raises $6 Million to Tackle Insider Threats and Data Leaks with AI-Driven DLP
16:32 : HUMAN Security Applies AI to Combatting Malicious Bots
16:32 : Most organizations change policies to reduce CISO liability risk
16:32 : Hackers Exploit Severe PHP Flaw to Deploy Quasar RAT and XMRig Miners
16:32 : Windows Shortcut Flaw Exploited by 11 State-Sponsored Groups
16:15 : Europol warns against Hybrid Cyber Threats
16:15 : Researchers Use AI Jailbreak on Top LLMs to Create Chrome Infostealer
16:15 : Hackers Use RMM Tools to Maintain Persistence and Navigate Networks Undetected
16:15 : mySCADA myPRO Manager RCE Vulnerabilities Allow Remote Attackers to Take Control of ICS Devices
16:15 : These 10 weak passwords can leave you vulnerable to remote desktop attacks
16:15 : US teachers’ union says hackers stole sensitive personal data on over 500,000 members
15:35 : 41% of Successful Logins Across Websites Involve Compromised Passwords
15:35 : Microsoft Windows NTLM File Explorer Vulnerability Exploited in The Wild – PoC Released
15:35 : VPN Vulnerabilities Become a Primary Weapon for Threat Actors Targeting Organizations
15:35 : Threat Actors Steal 3.2 Billion Login Credentials and Infect 23 Million Devices Worldwide
15:35 : Threat Actors Leverage Legacy Drivers to Circumvent TLS Certificate Validation
15:35 : California Cryobank, the largest US sperm bank, disclosed a data breach
15:34 : Threat Actors Stolen Over 3.2 Billion Login Credentials & Infected 23 Million Devices Worldwide
15:34 : March Madness Requires Vigilance on Both an Individual and Corporate Level
15:34 : DEF CON 32 – Recon Village – OWASP Amass: Expanding Data Horizons
15:34 : The Business Consequences of Believing ID Verification Myths
15:34 : Amazon Faces Criticism For Still Hosting Stalkerware Victims’ Data
15:34 : How Data Removal Services Protect Your Online Privacy from Brokers
15:34 : The Future of Work: Why Remote Desktop Solutions Are Essential
15:8 : Infosys to Pay $17.5 Million in Settlement Over 2023 Data Breach
14:32 : Cape opens $99/month beta of its privacy-first mobile plan, inks Proton deal, raises $30M
14:32 : Virtual Event Today: Supply Chain & Third-Party Risk Security Summit
14:31 : Leaked Black Basta Chats Suggest Russian Officials Aided Leader’s Escape from Armenia
14:13 : Exploit Attempts for Cisco Smart Licensing Utility CVE-2024-20439 and CVE-2024-20440, (Wed, Mar 19th)
14:13 : The Hidden Costs and Ethical Pitfalls of Content Scraping
14:12 : Agentic AI’s Role in the Future of AppSec
14:12 : Arcane Stealer Via YouTube Videos Steal Data From Network Utilities Including VPN & FileZilla
14:12 : New AI Jailbreak Technique Bypasses Security Measures to Write Malware for Google Chrome
14:12 : Cloudflare Launches Cloudforce One Threat Platform to Analyze IoCs, IP, Hashes & Domains
14:12 : The “free money” trap: How scammers exploit financial anxiety
14:11 : 1Kosmos 1Key secures shared login environments and OT systems
14:11 : APTs have been using zero-day Windows shortcut exploit for eight years (ZDI-CAN-25373)
14:11 : Vanta unveils features and capabilities to strengthen security collaboration
14:11 : Report: The State of Secrets Sprawl 2025
14:11 : 752,000 Browser Phishing Attacks Mark 140% Increase YoY
14:5 : IT Security News Hourly Summary 2025-03-19 15h : 16 posts
13:34 : mySCADA myPRO RCE Vulnerabilities Expose ICS Devices to Remote Control
13:34 : Elastic expands partnership with Tines to scale security operations
13:12 : AI In Software Development: Balancing Innovation and Security in An Era of Lowered Barriers
13:12 : Attackers Hide Malicious Word Files Inside PDFs to Evade Detection
13:12 : Sante PACS Server Flaws Allow Remote Attackers to Download Arbitrary Files
13:12 : Is Firebase Phishing a Threat to Your Organization?
13:12 : Linux Foundation’s trust scorecards aim to battle rising open-source security threats
13:12 : Ex-US Cyber Command chief: Europe and 5 Eyes can’t fully replicate US intel
13:11 : Researchers name several countries as potential Paragon spyware customers
13:11 : Hackers Leveraging Azure App Proxy Pre-authentication to Access Orgs Private Network Resources
13:11 : PHP RCE Vulnerability Actively Exploited in Wild to Attack Windows-based Systems
13:11 : MirrorFace Hackers Customized AsyncRAT Execution Chain to Run Within Windows Sandbox
13:11 : Threat Actors Exploiting DLL Side-Loading Vulnerability in Google Chrome to Execute Malicious Payloads
13:11 : Hackers Abuse Cobalt Strike, SQLMap & Other Tools to Target Organizations’ Web Applications
13:11 : Chinese Hacking Group MirrorFace Targeting Europe
13:11 : Windows has an 8-year-old security issue that is exploited and known by Microsoft for some time
12:32 : Reimagining the future of connectivity with Network 2.0
12:32 : Hackers Hide VenomRAT Malware Inside Virtual Hard Disk Image File
12:32 : ClearFake Infects 9,300 Sites, Uses Fake reCAPTCHA and Turnstile to Spread Info-Stealers
12:32 : Watch This Webinar to Learn How to Eliminate Identity-Based Attacks—Before They Happen
12:12 : SpyCloud’s 2025 Identity Exposure Report Reveals the Scale and Hidden Risks of Digital Identity Threats
12:12 : Sperm bank breach deposits data into hands of cybercriminals
12:11 : Sophisticated Attack Via Booking Websites Installs LummaStealer Malware
12:11 : VPN Vulnerabilities Emerges As The Key Tool for Threat Actors to Attack Organizations
12:11 : Scareware Combined With Phishing in Attacks Targeting macOS Users
12:11 : Brian Cox to Discuss Quantum Computing’s Impact at Infosecurity Europe 2025
11:36 : Adobe Launches AI Agents To Enhance Online Marketing
11:36 : Cloudflare Introduces Cloudforce One to Detect and Analyze IoCs, IPs, and Domains
11:36 : US Sperm Donor Giant California Cryobank Hit by Data Breach
11:36 : Rules File Backdoor: AI Code Editors exploited for silent supply chain attacks
11:36 : Fortinet Vulnerability Exploited in Ransomware Attack, CISA Warns
11:36 : Sneaky 2FA Joins Tycoon 2FA and EvilProxy in 2025 Phishing Surge
11:15 : Xiaomi Raises EV Target Amidst Sales Surge
11:15 : Top 10 Passwords Hackers Use to Breach RDP – Is Yours at Risk?
11:15 : Hackers Exploit Azure App Proxy Pre-Authentication to Access Private Networks
11:15 : New Jailbreak Technique Bypasses DeepSeek, Copilot, and ChatGPT to Generate Chrome Malware
11:15 : The default TV setting you should turn off ASAP – and why it makes such a big difference
11:15 : How to Secure Your Information on AWS: 10 Best Practices
11:15 : The Intersection of Public Policy and Cybersecurity: Building a Framework for 2025 and Beyond
11:14 : Cybersecurity in an Age of Geopolitical Uncertainty: The European Advantage
11:14 : Beware of Fake Coinbase Migration Messages Aimed to Steal Your Wallet Credentials
11:14 : Windows File Explorer Spoofing Vulnerability (CVE-2025-24071)
11:14 : Data Leaks and AI Agents: Why Your APIs Could Be Exposing Sensitive Information
11:13 : 5 Identity Threat Detection & Response Must-Haves for Super SaaS Security
11:13 : Gartner Warns Agentic AI Will Accelerate Account Takeovers
10:34 : Apple Loses Bid To Evade German Antitrust Rules
10:34 : Hackers Exploit Cobalt Strike, SQLMap, and Other Tools to Target Web Applications
10:34 : Arcane stealer: We want all your data
10:34 : Tech Show London: Making Dating Scams Less Attractive
10:4 : Mercedes-Benz Trials Humanoid Robots From Apptronik
10:4 : Severe AMI BMC Vulnerability Enables Remote Authentication Bypass by Attackers
10:4 : Microsoft Warns of New StilachiRAT Malware
10:4 : Cloudforce One threat events platform provides a real-time view of threat activity
10:4 : Europol Warns of “Shadow Alliance” Between States and Criminals
9:34 : Google To Acquire Wiz For $32bn In Cloud Security Mega-Deal
9:34 : Hackers Allegedly Selling Firewall Access to Canon Inc on Hacking Forums
9:34 : Microsoft Windows File Explorer Vulnerability Let Attackers Perform Network Spoofing – PoC Released
9:34 : Critical Synology Vulnerability Let Attackers Remote Execute Arbitrary Code
9:34 : TXOne Networks Stellar 3.2 helps organizations make informed security choices
9:34 : Cytex AICenturion protects against data exfiltration
9:4 : Hacker Weaponizing Hard Disk Image Files To Deliver VenomRAT
9:4 : Outseer introduces Behavioral Biometrics capability
9:4 : Keysight AI Insight Brokers accelerates threat detection and response
8:36 : Nvidia Promises Continued AI Chip Demand At Developer Event
8:36 : 11 State-Sponsored Threat Actors Exploit 8-Year-Old Windows Shortcut Flaw
8:36 : MirrorFace Hackers Modify AsyncRAT Execution for Stealthy Deployment in Windows Sandbox
8:36 : CISA Warns of Supply-Chain Attack Exploiting GitHub Action Vulnerability
8:36 : Show top LLMs buggy code and they’ll finish off the mistakes rather than fix them
8:36 : Orion Security emerges from stealth to combat insider threats with AI
8:11 : Advanced Cyber Attack Exploits Booking Websites to Deploy LummaStealer Malware
8:11 : CISA Warns of Fortinet FortiOS Authentication Bypass Vulnerability Exploited in Wild
8:5 : IT Security News Hourly Summary 2025-03-19 09h : 4 posts
7:32 : Critical Synology Vulnerability Allows Remote Attackers to Execute Arbitrary Code
7:32 : U.S. CISA adds Fortinet FortiOS/FortiProxy and GitHub Action flaws to its Known Exploited Vulnerabilities catalog
7:32 : Critical mySCADA myPRO Flaws Could Let Attackers Take Over Industrial Control Systems
7:32 : Google Acquires Wiz, CISA must reinstate terminated employees, Commerce Department bans DeepSeek
6:38 : Browser search can land you into ransomware troubles
6:38 : Shifting to Decentralized Data Storage: The Key to Better Data Security and Privacy
6:38 : CISA Warns of Active Exploitation in GitHub Action Supply Chain Compromise
6:38 : Cybersecurity Today: Exploited Vulnerabilities and Innovative Threat Mitigations: Wednesday, March 19, 2025
6:11 : Windows File Explorer Vulnerability Enables Network Spoofing Attacks: PoC Released
6:11 : Moving beyond checkbox security for true resilience
5:34 : Executives in the Crosshairs: How the Dark Web is Fueling Targeted Threats
5:34 : Protecting your iCloud data after Apple’s Advanced Data Protection removal in the UK
5:34 : Dependency-Check: Open-source Software Composition Analysis (SCA) tool
5:6 : Knocknoc Raises Seed Funding to Scale Its Just-In-Time Network Access Control Technology
5:6 : CISA Issues Security Warning on Fortinet FortiOS Authentication Bypass Exploit
5:6 : SIM Swap Scams Growing in the Middle East — Here’s How They Work
5:5 : IT Security News Hourly Summary 2025-03-19 06h : 1 posts
4:6 : Nvidia’s GTC 2025 keynote: 40x AI performance leap, open-source ‘Dynamo’, and a walking Star Wars-inspired ‘Blue’ robot
3:38 : News alert: SquareX’s “Year of Browser Bugs” project exposes critical cybersecurity blind spots
3:38 : My Take: Here’s why Google’s $32B Wiz grab is the latest Big Tech leap sure to further erode privacy
2:20 : ISC Stormcast For Wednesday, March 19th, 2025 https://isc.sans.edu/podcastdetail/9370, (Wed, Mar 19th)
2:5 : IT Security News Hourly Summary 2025-03-19 03h : 1 posts
1:34 : Lexipol – 672,546 breached accounts
23:5 : IT Security News Hourly Summary 2025-03-19 00h : 5 posts
22:55 : IT Security News Daily Summary 2025-03-18

Related

Post navigation