IT Security News Daily Summary 2025-04-11

121 posts were published in the last hour

• 21:4 : Week in Review: Fake ChatGPT passport, Apple appeals UK encryption, Oracle’s obsolete servers
• 20:36 : News alert: INE Security highlights why hands-on labs can help accelerate CMMC 2.0 compliance
• 20:5 : IT Security News Hourly Summary 2025-04-11 21h : 10 posts
• 19:36 : Florida’s New Social Media Bill Says the Quiet Part Out Loud and Demands an Encryption Backdoor
• 19:4 : Cybersecurity Community Must Not Remain Silent On Executive Order Attacking Former CISA Director
• 18:32 : Russia’s Storm-2372 Hits Orgs with MFA Bypass via Device Code Phishing
• 18:32 : Tycoon 2FA Phishing Kit Uses Advanced Evasion Techniques to Bypass Endpoint Detection Systems
• 18:32 : Threat Actors Exploit Legitimate Crypto Packages to Deliver Malicious Code
• 18:32 : Hackers Exploit Router Flaws in Ongoing Attacks on Enterprise Networks
• 18:32 : Threat Actors Launch Active Attacks on Semiconductor Firms Using Zero-Day Exploits
• 18:31 : Threat Actors Leverage Email Bombing to Evade Security Tools and Conceal Malicious Activity
• 18:5 : Fortinet Warns Attackers Retain FortiGate Access Post-Patching via SSL-VPN Symlink Exploit
• 18:5 : Beware of Fake mParivahan App Attacking Mobile Users Via WhatsApp to Steal Sensitive Data
• 18:5 : Rapid7 Reveals RCE Path in Ivanti VPN Appliance After Silent Patch Debacle
• 18:4 : Microsoft Moves Forward With Controversial Recall Feature
• 18:4 : Hackers exploit old FortiGate vulnerabilities, use symlink trick to retain limited access to patched devices
• 17:34 : BentoML Vulnerability Allows Remote Code Execution on AI Servers
• 17:34 : APT32 Hackers Weaponizing GitHub to Attack Cybersecurity Professionals & Enterprises
• 17:34 : Overcoming The Skills Shortage in Cybersecurity Through A ‘Trusted’ Approach.
• 17:34 : Can AI Be Your Trusted Partner in Securing Your Extended Business Ecosystem?
• 17:34 : The Role of AI In Cybersecurity: Enhancing Defense And Adapting To Threats
• 17:34 : Securing The AI Frontier: Addressing Emerging Threats In AI-Powered Software Development
• 17:34 : Smart Meter Security: Best Practices and Emerging Regulations
• 17:5 : IT Security News Hourly Summary 2025-04-11 18h : 6 posts
• 17:2 : BSidesLV24 – Breaking Ground – Redis Or Not: Argo CD & GitOps From An Attacker’s Perspective
• 17:2 : Ethical Hacking: The Cyber Shield Organizations Need
• 16:36 : How OSCP Holders Can Lead Their Teams to Greater Cybersecurity Resilience
• 16:36 : Meta Launches New Llama 4 AI Models
• 16:36 : Krebs probed, Nissan Leaf hack, Typhoon tariff warning
• 16:6 : Hackers post stolen data on Telegram
• 16:6 : The Pall Mall Pact and why it matters
• 15:32 : Laboratory Services Cooperative Data Breach – 1.6 Million People Impacted
• 15:31 : CISA Releases 10 ICS Advisories Covering Vulnerabilities & Exploits
• 15:31 : The Rise of Cyber Warfare and Its Global Implications
• 15:31 : NVD Revamps Operations as Vulnerability Reporting Surges
• 15:5 : Smart Buses, Smarter Threats | Securing the Future of Connected Transit
• 15:5 : Harmony SaaS Delivers Next-Level SaaS Security for Google Cloud Customers
• 15:4 : What is Active Directory (AD)?
• 15:4 : How GenAI Is Revolutionizing HR Analytics for CHROs and Business Leaders
• 14:35 : Amazon CEO Says Sellers May Pass Tariff Costs Onto Consumers
• 14:34 : Protect yourself from tax season scams
• 14:34 : Fortinet Releases Advisory on New Post-Exploitation Technique for Known Vulnerabilities
• 14:34 : Palo Alto warns of brute-force login attempts on PAN-OS GlobalProtect gateways indicating possible upcoming attacks
• 14:34 : Hackers Breach Morocco’s Social Security Database
• 14:5 : Google Cuts Hundreds Of Android, Pixel Staff – Report
• 14:5 : IT Security News Hourly Summary 2025-04-11 15h : 8 posts
• 14:4 : Hands-On Labs: The Key to Accelerating CMMC 2.0 Compliance
• 14:4 : A Security Leader’s Perspective on The Real Business Risks of Secrets Managers Redundancy
• 13:34 : It?s All In the Cards: Preventing Payment Abuse for Retailers
• 13:34 : What Is DNSSEC, and How Does It Work?
• 13:34 : Cloud Migration Strategy: The Step-By-Step Framework and Benefits
• 13:34 : Biometrics vs. passcodes: What lawyers recommend if you’re worried about warrantless phone searches
• 13:34 : Malicious NPM Packages Targeting PayPal Users
• 13:34 : Paper Werewolf Deploys PowerModul Implant in Targeted Cyberattacks on Russian Sectors
• 13:4 : Calix Pre-Auth RCE on TCP Port 6998 Allow Arbitrary Code Execution as Root User
• 13:4 : Sensata Technologies Hacked – Ransomware Attack Disrupts Operations
• 13:4 : WordPress Plugin Vulnerability Exposes Sites to Critical File Inclusion Attacks
• 12:37 : China Hits Back At Trump, Raises US Tariffs To 125 Percent
• 12:36 : Sensata Technologies Breached: Ransomware Attack Key Systems
• 12:36 : CISA Issues 10 ICS Advisories Addressing Critical Vulnerabilities and Exploits
• 12:36 : Privileged access management: Best practices, implementation, and tools
• 12:36 : Vulnerability in OttoKit WordPress Plugin Exploited in the Wild
• 12:2 : KELA Digital Cyber Analysts improves security teams’ efficiency
• 12:2 : Span Cyber Security Arena 2025: Infosec leaders to discuss the future of digital defense
• 12:2 : Initial Access Brokers Shift Tactics, Selling More for Less
• 12:2 : Google Cloud: Top 5 Priorities for Cybersecurity Leaders Today
• 11:5 : IT Security News Hourly Summary 2025-04-11 12h : 13 posts
• 11:4 : Sex-Fantasy Chatbots Are Leaking a Constant Stream of Explicit Messages
• 11:4 : Microsoft Enhances Exchange & SharePoint Server Security With New Windows Antimalware Scan
• 11:4 : SonicWall Patches High-Severity Vulnerability in NetExtender
• 11:4 : Seeing the Big Picture in Phishing Defense: IRONSCALES & CrowdStrike
• 10:38 : China Admitted to US That It Conducted Volt Typhoon Attacks: Report
• 10:2 : ISC Stormcast For Friday, April 11th, 2025 https://isc.sans.edu/podcastdetail/9404, (Fri, Apr 11th)
• 9:32 : TROX Stealer Harvests Sensitive Data Including Stored Credit Cards and Browser Credentials
• 9:32 : Ransomware Reaches A Record High, But Payouts Are Dwindling
• 9:32 : MIWIC25: Katie Beecroft, Associate Director Risk & Security, Fidelity International
• 9:32 : Ivanti 0-day RCE Vulnerability Exploitation Details Disclosed
• 9:32 : Jenkins Docker Images Vulnerability Let Attackers Insert Themselves in Network Path
• 9:31 : AMD CPU Signature Verification Vulnerability Let Attackers Load Malicious Microcode
• 9:31 : SpyNote, BadBazaar, MOONSHINE Malware Target Android and iOS Users via Fake Apps
• 9:31 : Palo Alto Networks Warns of Brute-Force Attempts Targeting PAN-OS GlobalProtect Gateways
• 9:7 : Microsoft Boosts Exchange and SharePoint Security with Updated Antimalware Scan
• 9:7 : Calix Devices Vulnerable to Pre-Auth RCE on Port 6998, Root Access Possible
• 9:6 : Chinese eCrime Group Targets Users in 120+ Countries to Steal Banking Credentials
• 9:6 : Ransomware crims hammering UK more than ever as British techies complain the board just doesn’t get it
• 8:35 : Windows Defender Antivirus Bypassed Using Direct Syscalls & XOR Encryption
• 8:35 : Cybercrime Group Changes Plans: Drops Ransomware, Focuses on Data Theft
• 8:35 : New WhatsApp Feature Allows Users to Control Media Auto-Saving
• 8:5 : AMD CPU Signature Verification Vulnerability Enables Unauthorized Microcode Execution
• 8:5 : IT Security News Hourly Summary 2025-04-11 09h : 4 posts
• 8:4 : Cyble Urges Critical Vulnerability Fixes Affecting Industrial Systems
• 7:32 : March Madness: Don’t Let Cyber Scammers Attack Your Bracket Blind Spot
• 7:32 : Gamaredon targeted the military mission of a Western country based in Ukraine
• 7:32 : President fires Krebs, Nissan Leaf hack, Typhoon tariff warning
• 7:5 : Maryland Community Colleges to Host Ribbon Cutting Events as Maryland’s Cyber Workforce Accelerator Program Ramps Up
• 7:5 : Smart TVs and security risks: What you need to know
• 7:5 : Ivanti 0-Day RCE Flaw Exploitation Details Revealed
• 7:5 : Researchers Exploit Windows Defender with XOR and System Calls
• 7:4 : Microsoft Issues Urgent Patch to Resolve Office Update Crashes
• 7:4 : iOS 18.4 Update Introduces Critical Bug in Dynamic Symbol Resolution
• 7:4 : OpenAI Shuts Down Spammer | New RAT Threatens Windows | WordPress Bug Exploited
• 6:34 : RansomHouse ransomware steals 2TB data from telecom giant
• 5:36 : Jenkins Docker Vulnerability Allows Hackers to Hijack Network Traffic
• 5:36 : Why security culture is crypto’s strongest asset
• 5:36 : OttoKit WordPress Plugin Admin Creation Vulnerability Under Active Exploitation
• 5:5 : IT Security News Hourly Summary 2025-04-11 06h : 1 posts
• 5:3 : Microsoft Issues Urgent Patch to Fix Office Update Crash
• 5:2 : iOS devices face twice the phishing attacks of Android
• 5:2 : Why remote work is a security minefield (and what you can do about it)
• 5:2 : Ransomware groups push negotiations to new levels of uncertainty
• 4:2 : New infosec products of the week: April 11, 2025
• 1:36 : Ex-Meta exec tells Senate Zuck dangled US citizen data in bid to enter China
• 1:36 : Ex-Meta exec tells Senate Zuck’s biz dangled US citizen data in bid to enter China
• 1:6 : Reimagining Democracy
• 23:6 : Certbot 4.0: Long Live Short-Lived Certs!
• 23:5 : IT Security News Hourly Summary 2025-04-11 00h : 1 posts
• 22:55 : IT Security News Daily Summary 2025-04-10
• 22:6 : Celebrating the Fortinet Training Institute’s 2025 ATC Award Winners
• 22:6 : BSidesLV24 – Breaking Ground – BOLABuster: Harnessing LLMs For Automating BOLA Detection
• 22:6 : Trump Strips Security Clearances of Ex-CISA Head Krebs, SentinelOne
• 22:6 : The ultimate guide to Microsoft Security at RSAC 2025