14.11.2025

Heise Security 14.11.2025 05:00
Die EU-Kommission will mit einer "Omnibus-Verordnung" ihre Digitalgesetze vereinfachen. Im c't-Datenschutz-Podcast wird der geleakte Entwurf analysiert.

CSO Online 14.11.2025 02:12
New research released Thursday by Rubrik Zero Labs finds that the AI wave, and in particular agentic AI, has created a “troubling gap between the expanding identity attack surface and organizations’ ability to recover from resulting compromises.”
According to the report, Identity Crisis: Understanding & Building Resilience Against Identity-Driven Threats, the result is a surge of both non-human identities (NHIs) and agentic identities.

Golem 13.11.2025 18:16
NIS 2 kann für Netzbetreiber fehlende Rechtssicherheit, Wirtschaftsrisiken und unnötige Bürokratie bringen. Noch kann der Bundesrat etwas ändern. (Nis 2, Breko)

Heise Security 13.11.2025 18:11
Deutschland hängt mit der NIS2-Umsetzung hinterher. Der Bundestag hat den Vorschlag der Regierung nun abgesegnet. Jetzt ist der Bundesrat am Zug.

CSO Online 13.11.2025 17:39
Geräte mit End-of-Life-Software (EOL) stellen nach wie vor ein weit verbreitetes Sicherheitsproblem in Unternehmen dar.
Laut einer Studie von Palo Alto Networks laufen 26 Prozent der Linux-Systeme und acht Prozent der Windows-Systeme mit veralteten Versionen. Die Ergebnisse basieren auf Telemetriedaten von 27 Millionen Geräten in den Netzwerken von 1.800 Unternehmen.

Infosecurity Magazine 13.11.2025 15:15
A new npm worm dubbed “IndonesianFoods” has doubled the number of known malicious packages

Krebs Security 13.11.2025 14:47
Google is suing more than two dozen unnamed individuals allegedly involved in peddling a popular China-based mobile phishing service that helps scammers impersonate hundreds of trusted brands, blast out text message lures, and convert phished payment card data into mobile wallets from Apple and Google.

CSO Online 13.11.2025 14:05
AI agents and coding copilots are shaking up how — and what — developers code. But they’re also rapidly expanding the attack surface of developer machines
The latest example: Security researchers have shown how a rogue Model Context Protocol (MCP) server can inject malicious code into the built-in browser feature of Cursor, a popular AI-powered code editor.

Infosecurity Magazine 13.11.2025 14:00
An IANS study finds CISO compensation rose 6.7% on average in 2025 while budget growth halved compared to 2024

Heise Security 13.11.2025 13:08
In den Netscaler ADCs und Gateways von Citrix können Angreifer eine Cross-Site-Scripting-Lücke ausnutzen. Updates schließen sie.

The Hacker News 13.11.2025 13:04
Cybersecurity researchers have uncovered a malicious Chrome extension that poses as a legitimate Ethereum wallet but harbors functionality to exfiltrate users' seed phrases.
The name of the extension is "Safery: Ethereum Wallet," with the threat actor describing it as a "secure wallet for managing Ethereum cryptocurrency with flexible settings." It was uploaded to the Chrome Web Store on

Infosecurity Magazine 13.11.2025 12:25
A global law enforcement operation has taken down the Rhadamanthys infostealer, VenomRAT trojan and the Elysium botnet

CSO Online 13.11.2025 12:24
Ermittler aus Deutschland sind gemeinsam mit internationalen Partnern erneut erfolgreich gegen Cyberkriminalität vorgegangen.Bundeskriminalamt
Dank globaler Zusammenarbeit ist Ermittlern ein Schlag gegen die Verbreitung von Schadsoftware gelungen. Man habe “einen der gefährlichsten Stealer und einen der meistgenutzten Trojaner weltweit unschädlich gemacht”, teilten die Zentralstelle zur Bekämpfung der Internetkriminalität und das Bundeskriminalamt (BKA) mit. 

Heise Security 13.11.2025 12:22
Die Gerätemanagementsoftware Ivanti Endpoint Manager ist verwundbar. In einer aktuellen Version haben die Entwickler eine Lücke geschlossen.

Heise Security 13.11.2025 12:17
Internationalen Strafverfolgern ist ein neuerlicher Schlag gegen Malware und dahinterliegende Infrastruktur gelungen.

CSO Online 13.11.2025 12:15
The Amazon Threat Intelligence team has now disclosed an advanced persistent threat (APT) campaign that exploited vulnerabilities in Citrix systems and Cisco’s Identity Service Engine (ISE), allowing hackers to breach critical identity infrastructure even before the flaws were made publicly known.
According to Amazon’s findings, attackers had exploited “insufficient input validation” in a public API to inject a custom web shell disguised as a native Cisco ISE component, operating entirely in-memory, leveraging Java reflection and non-standard decoding routines to evade detection.

Schneier on Security 13.11.2025 12:09
The Business of Secrets: Adventures in Selling Encryption Around the World by Fred Kinch (May 24, 2004)
From the vantage point of today, it’s surreal reading about the commercial cryptography business in the 1970s. Nobody knew anything. The manufacturers didn’t know whether the cryptography they sold was any good. The customers didn’t know whether the crypto they bought was any good. Everyone pretended to know, thought they knew, or knew better than to even try to know.
The Business of Secrets is the self-published memoirs of Fred Kinch. He was founder and vice president of—mostly sales—at a US cryptographic hardware company called Datotek, from company’s founding in 1969 until 1982. It’s mostly a disjointed collection of stories about the difficulties of selling to governments worldwide, along with descriptions of the highs and (mostly) lows of foreign airlines, foreign hotels, and foreign travel in general. But it’s also about encryption…

Spiegel Online 13.11.2025 11:40
Mit internationalen Partnern haben deutsche Ermittler zwei wichtige Werkzeuge von Onlinekriminellen ausgebremst. Die Rede ist von »einem der gefährlichsten Stealer und einem der meistgenutzten Trojaner«.

The Hacker News 13.11.2025 11:30
The Race for Every New CVE
Based on multiple 2025 industry reports: roughly 50 to 61 percent of newly disclosed vulnerabilities saw exploit code weaponized within 48 hours. Using the CISA Known Exploited Vulnerabilities Catalog as a reference, hundreds of software flaws are now confirmed as actively targeted within days of public disclosure. Each new announcement now triggers a global race

The Hacker News 13.11.2025 11:16
Malware families like Rhadamanthys Stealer, Venom RAT, and the Elysium botnet have been disrupted as part of a coordinated law enforcement operation led by Europol and Eurojust.
The activity, which is taking place between November 10 and 13, 2025, marks the latest phase of Operation Endgame, an ongoing operation designed to take down criminal infrastructures and combat ransomware enablers

Infosecurity Magazine 13.11.2025 10:15
Industry body techUK calls for real-time intelligence sharing across sectors to combat fraud

The Hacker News 13.11.2025 10:10
Behind every click, there’s a risk waiting to be tested. A simple ad, email, or link can now hide something dangerous. Hackers are getting smarter, using new tools to sneak past filters and turn trusted systems against us.
But security teams are fighting back. They’re building faster defenses, better ways to spot attacks, and stronger systems to keep people safe. It’s a constant race — every

Infosecurity Magazine 13.11.2025 09:30
NHS provider Synnovis is notifying clients about the extent of a data breach 17 months after it suffered a ransomware attack

Heise Security 13.11.2025 09:08
Updates schließen Schwachstellen in Nvidia AIStore Framework, NeMo Framework und Triton Interference Server.

Heise Security 13.11.2025 08:55
Mehrere Schwachstellenberichte zu Lücken in mehreren Zohocorp-ManageEngine-Produkten sind erschienen. Updates stehen bereit.

Golem 13.11.2025 07:48
Das Miniatur Wunderland Hamburg ist Ziel einer Cyberattacke geworden. Der Angreifer konnte wohl vollständige Kreditkartendaten abgreifen. (Cybercrime, Datenschutz)

The Hacker News 13.11.2025 07:23
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting WatchGuard Fireware to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The vulnerability in question is CVE-2025-9242 (CVSS score: 9.3), an out-of-bounds write vulnerability affecting Fireware OS 11.10.2 up to and including