12.11.2025

CSO Online 12.11.2025 03:03
A zero day elevation of privilege Windows kernel flaw in servers, controllers, and desktops is being actively exploited and needs to be patched immediately.
That’s the advice of Satnam Narang, senior staff research engineer at Tenable, on one of the two biggest vulnerabilities that needs to be addressed from among the 63 holes identified by Microsoft in today’s November Patch Tuesday releases.

Heise Security 11.11.2025 20:10
Informationen über die IT-Infrastruktur im Kanzleramt würden laut der Exekutive das Staatswohl gefährden. Etwaige Angreifer könnten konkrete Hinweise erhalten.

The Hacker News 11.11.2025 18:37
Threat hunters have uncovered similarities between a banking malware called Coyote and a newly disclosed malicious program dubbed Maverick that has been propagated via WhatsApp.
According to a report from CyberProof, both malware strains are written in .NET, target Brazilian users and banks, and feature identical functionality to decrypt, targeting banking URLs and monitor banking applications.

Infosecurity Magazine 11.11.2025 16:45
A new cyber-attack has been observed exploiting Google Find Hub to remotely wipe Android devices, linked to North Korean APTs

Spiegel Online 11.11.2025 16:13
In Hessen will Google ein neues Rechenzentrum bauen. Die Bundesregierung feiert den Erfolg für den Standort Deutschland, doch das Engagement ist angesichts des KI-Hypes überschaubar.

The Hacker News 11.11.2025 15:44
The malware known as GootLoader has resurfaced yet again after a brief spike in activity earlier this March, according to new findings from Huntress.
The cybersecurity company said it observed three GootLoader infections since October 27, 2025, out of which two resulted in hands-on keyboard intrusions with domain controller compromise taking place within 17 hours of initial infection.
"

CSO Online 11.11.2025 13:24
Die vorgeschlagenen Änderungen der EU-Kommission durch das „Digital Omnibus”-Paket gefährden laut Datenschützern die DSGVO.
Laut einem durchgesickerten Entwurf, über den die deutsche Interessenvertretung Netzpolitik.org berichtet, würde das bevorstehende „Digital Omnibus”-Paket der EU-Kommission die Datenschutz-Grundverordnung (DSGVO) massiv verändern. Der Vorschlag soll am 19. November 2025 offiziell vorgestellt werden. Datenschützer befürchten jedoch, dass dies die DSGVO schwächen könnte.

Heise Security 11.11.2025 12:33
SAP korrigiert Schwachstellen in mehrere Produkten und dokumentiert dies in 18 Sicherheitsmitteilungen zum November-Patchday.

Infosecurity Magazine 11.11.2025 12:30
Threat actors were exploiting vulnerable versions of Triofox after a patched version was released, said Google Cloud researchers

CSO Online 11.11.2025 12:06
North Korea-linked threat actors have found a novel way to weaponize Google’s own security ecosystem, using it to wipe espionage data from victim phones remotely.
According to findings by Genians Security Center (GSC), the attackers leveraged the Android device-tracing and management service “Find Hub” to remotely wipe data on Android phones and tablets.

The Hacker News 11.11.2025 11:58
AI-enabled supply chain attacks jumped 156% last year. Discover why traditional defenses are failing and what CISOs must do now to protect their organizations.
Download the full CISO’s expert guide to AI Supply chain attacks here. 
TL;DR

AI-enabled supply chain attacks are exploding in scale and sophistication – Malicious package uploads to open-source repositories jumped 156% in

The Hacker News 11.11.2025 11:55
Cybersecurity researchers have discovered a malicious npm package named "@acitons/artifact" that typosquats the legitimate "@actions/artifact" package with the intent to target GitHub-owned repositories.
"We think the intent was to have this script execute during a build of a GitHub-owned repository, exfiltrate the tokens available to the build environment, and then use those tokens to publish

CSO Online 11.11.2025 11:26
Two cybersecurity laws that lapsed during the government shutdown moved closer to restoration on Monday after the Senate voted 60-40 to advance legislation extending them through January 2026.
The continuing resolution would restore the Cybersecurity Information Sharing Act of 2015 and the Federal Cybersecurity Enhancement Act, which expired on October 1 when Congress failed to pass a spending bill before the fiscal year deadline. The measure required additional procedural votes in the Senate this week before moving to the House for approval and then to President Trump’s desk.

CSO Online 11.11.2025 10:47
Nearly two-thirds of the world’s top private AI companies have exposed API keys and access tokens on GitHub, according to new research from cloud security firm Wiz, raising concerns that rapid growth is outpacing security discipline.
Wiz found verified secret leaks in 65% of the Forbes AI 50 companies, representing a combined valuation of more than $400 billion.

CSO Online 11.11.2025 10:46
Laut BSI haben es Cyberspione aktuell besonders auf die öffentliche Verwaltung abgesehen.
Cyberspione haben es in Deutschland derzeit besonders auf die öffentliche Verwaltung abgesehen. Das geht aus dem aktuellen Lagebericht des Bundesamtes für Sicherheit in der Informationstechnik (BSI) hervor. Eine nennenswerte Anzahl von Geschädigten gab es demnach auch in den Sektoren Verteidigung, Rechtspflege, öffentliche Sicherheit und Ordnung sowie Verteidigung. Das BSI geht, was die Angriffe von langfristig agierenden Hackergruppen angeht, allerdings generell von einem großen Dunkelfeld aus.

Infosecurity Magazine 11.11.2025 10:30
CISA has demanded federal agencies patch a zero-day vulnerability affecting Samsung devices used in LandFall spyware attacks

Heise Security 11.11.2025 10:22
Sicherheitsupdates schließen mehrere Lücken in IBM Db2 und Business Automation Workflow.

CSO Online 11.11.2025 10:17
As organizations migrate toward hybrid and multi-cloud architectures, the boundaries between network and security operations have eroded, revealing critical visibility gaps. This issue is forcing a strategic shift for enterprise security leaders: the integration of DDI (DNS, DHCP and IP address management) with current artificial intelligence (AI) platforms.
For a comprehensive overview of DDI approaches and technical best practices, see Infoblox DDI Reference Architecture and SolarWinds DDI overview. Using real-world operational models, we’ll demonstrate how DDI data, analyzed through AI engines, transforms reactive postures into predictive, autonomous defense mechanisms. The dual use is clear. DDI-AI fusion functions as a defensive shield for contextual threat detection and machine-speed response and also as an offensive capability via AI-powered breach and attack simulation.

Heise Security 11.11.2025 10:02
Neil Wyler alias Grifter erzählt seine unglaubliche Reise: vom jugendlichen Cyberkriminellen zum Sicherheitsexperten, der Großkonzerne und Regierungen berät.

Spiegel Online 11.11.2025 09:56
Das Bundesamt für Sicherheit in der Informationstechnik warnt in seinem neuen Lagebericht: Bürger schützen ihre Onlinekonten schlechter als im vergangenen Berichtszeitraum. Dabei spielt auch das Alter der User eine Rolle.

Spiegel Online 11.11.2025 09:50
Sind Songtexte in ChatGPT Kopien oder eine »iterativ-probabilistische Synthese«? In München hat der Rechteverwerter Gema einen Erfolg gegen OpenAI erzielt. Weitere Verfahren sind aber wahrscheinlich.

Heise Security 11.11.2025 08:35
Ein Sicherheitspatch beugt mögliche Attacken auf Windows-PCs mit Dell Display and Peripheral Manager vor.

Golem 11.11.2025 07:53
Eine Untersuchung aus Norwegen ruft weitere Behörden auf den Plan. Der chinesische Hersteller Yutong soll aus der Ferne seine E-Busse lahmlegen können. (Elektrobus, Sicherheitslücke)

Heise Security 11.11.2025 07:39
In den BeeStation-NAS-Systemen von Synology haben IT-Forscher auf der Pwn2Own eine Sicherheitslücke gefunden. Updates stopfen sie.

CSO Online 11.11.2025 07:00
Enterprise CISOs have been trying to move beyond passwords for more than a decade, but have run into technical roadblocks, as many legacy systems were never designed for anything other thanpasswords.
As a result, the passwordless revolution, despite its promise and the enticing premise of replacing passwords — which are becoming even easier to steal and abuse — with biometrics, one-time passcodes, security keys, and the like, may never fully come to pass.