Seite wählen

18.07.2025

9

Kriminelle stehlen Kryptowährung im Wert von 27 Millionen Dollar von Kryptobörse

Heise Security 18.07.2025 05:03
Krypto-Diebstähle sind 2025 auf Rekordkurs. Jetzt stehlen Hacker digitale Währungen im zweistelligen Millionenwert. Die Kryptobörse übernimmt die Verluste.

9

Ransomware actors target patched SonicWall SMA devices with rootkit

CSO Online 17.07.2025 23:46
A group of hackers known for stealing enterprise data for extortion purposes has developed a persistent rootkit for SonicWall Secure Mobile Access (SMA) 100 series appliances. The rootkit was seen deployed on end-of-life but fully patched SMA 100 appliances with the help of administrative credentials likely obtained in past compromises.
“GTIG assesses with high confidence that UNC6148 is leveraging credentials and one-time password (OTP) seeds stolen during previous intrusions, allowing them to regain access even after organizations have applied security updates,” researchers from Google Threat Intelligence Group and Mandiant wrote in a report on the group’s activity.

9

CTEM vs ASM vs Vulnerability Management: What Security Leaders Need to Know in 2025

The Hacker News 17.07.2025 13:00
The modern-day threat landscape requires enterprise security teams to think and act beyond traditional cybersecurity measures that are purely passive and reactive, and in most cases, ineffective against emerging threats and sophisticated threat actors. Prioritizing cybersecurity means implementing more proactive, adaptive, and actionable measures that can work together to effectively address the

9

Cisco: Sicherheitslücken in mehreren Produkten

Heise Security 17.07.2025 09:56
In Ciscos ISE klafft eine weitere Lücke mit maximalem Bedrohungsgrad. Zudem warnt Cisco vor weiteren Lücken in mehr Produkten.

9

Oracle: 309 Sicherheitsupdates für alle möglichen Produkte

Heise Security 17.07.2025 08:52
Oracle hat zum Critical Patch Update genannten Patchday im Juli 309 Sicherheitsupdates angekündigt. Zig Produkte sind verwundbar.

9

Cisco Warns of Critical ISE Flaw Allowing Unauthenticated Attackers to Execute Root Code

The Hacker News 17.07.2025 07:37
Cisco has disclosed a new maximum-severity security vulnerability impacting Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) that could permit an attacker to execute arbitrary code on the underlying operating system with elevated privileges.
Tracked as CVE-2025-20337, the shortcoming carries a CVSS score of 10.0 and is similar to CVE-2025-20281, which was patched