17.11.2025

CSO Online 17.11.2025 04:00
CISOs sollten Sicherheitsrichtlinien mit Blick auf die Belegschaft gestalten.
In vielen Unternehmen stoßen IT-Sicherheitsrichtlinien auf Widerstand, da Mitarbeitende sie als hinderlich oder praxisfern empfinden. Dies erschwert die Umsetzung, untergräbt die Wirksamkeit und belastet die Zusammenarbeit zwischen der Sicherheitsabteilung und den Fachbereichen. Statt als Partner wird Cybersecurity oft als Bremser wahrgenommen – ein fatales Sicherheitsrisiko. Für CISOs (Chief Security Information Officer) bedeutet das, dass neben technisch korrekten Richtlinien vor allem die Akzeptanz im Alltag entscheidend ist. Ein neuer Ansatz mit empathischem Policy-Engineering und strategischer Sicherheitskommunikation fördert eine nachhaltige Sicherheitskultur.

Krebs Security 16.11.2025 21:47
Microsoft this week pushed security updates to fix more than 60 vulnerabilities in its Windows operating systems and supported software, including at least one zero-day bug that is already being exploited. Microsoft also fixed a glitch that prevented some Windows 10 users from taking advantage of an extra year of security updates, which is nice because the zero-day flaw and other critical weaknesses patched today affect all versions of Windows, including Windows 10.

Heise Security 16.11.2025 16:10
Ein wichtiges Sicherheitsupdate schließt eine gefährliche Softwareschwachstelle in einigen DSL-Routern von Asus.

Heise Security 16.11.2025 15:02
Ein Sicherheitsupdate schließt Schwachstellen in Dell Alienware Command Center.

Heise Security 16.11.2025 14:17
Beim Hersteller für Computerperipherie Logitech gab es einen IT-Sicherheitsvorfall. Dabei konnten Angreifer auf interne Daten zugreifen.

Heise Security 16.11.2025 12:07
Eine weitgehend autonome, KI-gesteuerte Cyberattacke will Anthropic nicht nur entdeckt, sondern auch gestoppt haben. Aber stimmt das wirklich?

Golem 15.11.2025 14:35
Trotz der Datenübertragung in die USA spricht laut Datenschützern nichts mehr dagegen, das Office-Paket Microsoft 365 in Deutschland einzusetzen. (Microsoft 365, Office-Suite)

Golem 15.11.2025 13:35
Der Zubehörhersteller Logitech hat ein Datenleck eingeräumt. Der Angriff erfolgte wohl über Oracle-Software. (Logitech, Oracle)

The Hacker News 15.11.2025 10:21
The U.S. Department of Justice (DoJ) on Friday announced that five individuals have pleaded guilty to assisting North Korea's illicit revenue generation schemes by enabling information technology (IT) worker fraud in violation of international sanctions.
The five individuals are listed below –

Audricus Phagnasay, 24
Jason Salazar, 30
Alexander Paul Travis, 34
Oleksandr Didenko, 28, and
Erick

Golem 15.11.2025 09:00
Das als vertrauenswürdiges Adressbuch des Internets konzipierte Domain Name System ist heute Schauplatz ausgeklügelter Betrugsformen – eine Herausforderung für IT-Abteilungen. Ein Ratgebertext von Katrin Ohlmer (Server, KI)

Heise Security 15.11.2025 08:42
Bitwarden ist in der Version 2025.11 erschienen. Unter Windows stellt sie das biometrische Log-in mit Windows Hello wieder her.

Spiegel Online 15.11.2025 06:53
Von der Cyberattacke auf das Miniatur Wunderland in Hamburg sollen Zehntausende Konten betroffen sein. Experten rufen nun dazu auf, Kreditkarten zu sperren und Umsätze genau zu prüfen.

CSO Online 15.11.2025 01:47
A coordinated token farming campaign continues to flood the open source npm registry, with tens of thousands of infected packages created almost daily to steal tokens from unsuspecting developers using the Tea Protocol to reward coding work.
On Thursday, researchers at Amazon said there were over 150,000 packages in the campaign. But in an interview on Friday, an executive at software supply chain management provider Sonatype, which wrote about the campaign in April 2024, told CSO that number has now grown to 153,000.

Spiegel Online 14.11.2025 19:10
WhatsApp ist nun offen für den Austausch mit anderen Messengern – zumindest im Prinzip. In der Realität haben EU-Bürger im Moment nur zwei Dienste zur Auswahl, um Nachrichten plattformübergreifend zu verschicken.

The Hacker News 14.11.2025 18:25
The North Korean threat actors behind the Contagious Interview campaign have once again tweaked their tactics by using JSON storage services to stage malicious payloads.
"The threat actors have recently resorted to utilizing JSON storage services like JSON Keeper, JSONsilo, and npoint.io to host and deliver malware from trojanized code projects, with the lure," NVISO researchers Bart Parys, Stef

CSO Online 14.11.2025 16:48
Cybersecurity often feels like a race where you don’t know when the starting gun will fire. The moment a threat slips past the perimeter, the countdown begins. Every minute between “we detected something” and “we know what to do about it” is time the attacker spends with free rein inside your environment.
According to Enterprise Strategy Group (ESG) research, 98% of organizations say network visibility helps them move from detection to response faster, and with more confidence. That last word is key.

CSO Online 14.11.2025 16:47
In cybersecurity, time is scarce, talent is scarce, and certainty is scarce. That’s why efficiency has quietly become the most valuable currency inside the security operations center (SOC). Enterprise Strategy Group (ESG) research found that 53% of organizations say network detection and response (NDR) has helped improve SOC analyst efficiency. That might sound like a soft metric, until you consider the reality facing most teams: a global cybersecurity skills shortage, unrelenting alert volume, and increasingly complex environments. In that context, efficiency isn’t a nice-to-have. It’s survival.
Efficiency is about focus, not speed

CSO Online 14.11.2025 16:46
Every organization is chasing the same thing in security: speed, clarity, and confidence. But in reality, most are bogged down by complexity, siloed tools, and an overwhelming flood of alerts. The latest research from Enterprise Strategy Group (ESG) illustrates this tension clearly, and the numbers tell a story every security leader can relate to.
The problem: Complexity and delay

CSO Online 14.11.2025 16:44
Shadow IT is everywhere. What began with employees or departments bringing familiar tools such as personal email or file-sharing apps into the workplace has grown into unauthorized software-as-a-service (SaaS) platforms, mobile apps, and artificial intelligence (AI). With just a few clicks, these tools become part of daily workflows. But they also create significant operational risk.
In simple terms, Shadow IT is any software, hardware, or resource introduced on a network without approval through official IT, procurement, or compliance processes. This includes personal cloud storage, client-run applications, unofficial chat tools, unapproved unified-communications-as-a-service (UCaaS) solutions, or bring-your-own-device (BYOD) practices. It can also stem from rapid technology changes, overlooked systems, technical debt, or business teams developing apps and portals outside formal oversight.

CSO Online 14.11.2025 15:20
Arista Networks and Palo Alto Networks have extended their partnership to offer customers a framework for implementing zero-trust security inside the data center.
The new framework is intended to offer customers a way to blend networking control and management activities with security policies to allow integrated automation and consistent enforcement across the enterprise. In the past, Arista and Palo Alto worked together to share information but acted on it separately, and customers basically had to do any integration on their own, the vendors stated. That changes with the new agreement.

The Hacker News 14.11.2025 15:20
Cybersecurity researchers have uncovered critical remote code execution vulnerabilities impacting major artificial intelligence (AI) inference engines, including those from Meta, Nvidia, Microsoft, and open-source PyTorch projects such as vLLM and SGLang.
"These vulnerabilities all traced back to the same root cause: the overlooked unsafe use of ZeroMQ (ZMQ) and Python's pickle deserialization,"

Heise Security 14.11.2025 13:26
Auf der Darknet-Seite der kriminellen Bande cl0p sind neue Einträge zu Carglass, Fluke und NHS aufgetaucht. Dort will sie Daten geklaut haben.

CSO Online 14.11.2025 13:01
Anthropic reported that a group of what it believes to be Chinese hackers carried out a series of attacks against foreign governments and large corporations in September.
What makes the campaign stand out from the crowd is that the hackers automated the attacks using Claude Code, a popular AI tool from Anthropic.

Spiegel Online 14.11.2025 13:01
Der Informatiker Yoshua Bengio gilt als einer der wichtigsten KI-Forscher der Welt und wichtiger Gründervater der Technik. Heute hält er seine Schöpfung für brandgefährlich – und warnt vor dem Kontrollverlust.

Golem 14.11.2025 12:15
Ein Cyberangriff hat den Zahlungsdienstleister Checkout.com getroffen. Dieser zahlt das Lösegeld – allerdings nicht an die Angreifer. (Cybercrime, Cyberwar)

Infosecurity Magazine 14.11.2025 12:15
Anthropic’s Claude Code AI assistant performed 80% to 90% of the tasks involved in a recent cyber-attack campaign, said Anthropic researchers

CSO Online 14.11.2025 12:08
Cybersecurity researchers have uncovered a chain of critical remote code execution (RCE) vulnerabilities in major AI inference server frameworks, including those from Meta, Nvidia, Microsoft, and open-source projects such as vLLM and SGLang.
According to Oligo Security, these vulnerabilities stand out for the way they propagated. Developers copied code containing insecure patterns across projects, effectively transplanting the same flaw into multiple ecosystems.

Infosecurity Magazine 14.11.2025 11:13
Akira ransomware has extorted $244M since September 2025, with some attacks exfiltrating data in just two hours, a joint cybersecurity advisory warns

CSO Online 14.11.2025 11:10
I recently gave a presentation at SecTor on proactive threat hunting, which sparked some meaty conversations afterward on the show floor. On the expo floor, surrounded by “AI-first” security vendors, the CISOs and threat hunters I spoke with were worried. They’re worried because AI can elevate script kiddies into elite hackers with advanced capabilities and legions of adversarial AI bots and we’re not prepared for that — at least, not yet.
While there’s no doubt AI holds great potential for cybersecurity, in practice, it’s mainly being used to automate what we’re already doing. For companies to stand a chance, we need new approaches to AI-powered defense, not optimized ones.

Heise Security 14.11.2025 11:09
Die 3D-Modellierungssoftware 3ds Max von Autodesk ist attackierbar. Ein Sicherheitsupdate schließt Schwachstellen.

The Hacker News 14.11.2025 10:37
Key Takeaways:

85 active ransomware and extortion groups observed in Q3 2025, reflecting the most decentralized ransomware ecosystem to date.
1,590 victims disclosed across 85 leak sites, showing high, sustained activity despite law-enforcement pressure.
14 new ransomware brands launched this quarter, proving how quickly affiliates reconstitute after takedowns.
LockBit’s reappearance with

Heise Security 14.11.2025 10:21
Die für das anonyme Surfen im Netz konzipierte Linux-Distribution Tails 7.2 bringt einige Softwareupdates und bessert Probleme aus.

The Hacker News 14.11.2025 09:53
State-sponsored threat actors from China used artificial intelligence (AI) technology developed by Anthropic to orchestrate automated cyber attacks as part of a "highly sophisticated espionage campaign" in mid-September 2025.
"The attackers used AI's 'agentic' capabilities to an unprecedented degree – using AI not just as an advisor, but to execute the cyber attacks themselves," the AI upstart

Infosecurity Magazine 14.11.2025 09:45
Google filed a civil lawsuit against 25 individuals accused of ties to a Chinese cyber collective known as the ‘Smishing Triad’

Heise Security 14.11.2025 09:22
JFrog stellt eine MCP Registry vor, die lokale und externe KI-Quellen auf Sicherheit prüft. Für den AI Catalog gibt es ferner eine Suche nach Schatten-KI.

The Hacker News 14.11.2025 09:00
Cybersecurity researchers are sounding the alert about an authentication bypass vulnerability in Fortinet Fortiweb Web Application Firewall (WAF) that could allow an attacker to take over admin accounts and completely compromise a device.
"The watchTowr team is seeing active, indiscriminate in-the-wild exploitation of what appears to be a silently patched vulnerability in Fortinet's FortiWeb

Heise Security 14.11.2025 08:35
Sicherheitsupdates schließen teils kritische Schwachstellen in IBM AIX und QRadar SIEM.

Spiegel Online 14.11.2025 07:49
Mit einem ausgeklügelten System von Angeboten für Werbetreibende hat sich Google eine extreme Marktmacht verschafft. Doch jetzt wird der Druck der Wettbewerbshüter zu stark.

CSO Online 14.11.2025 06:53
November 14, 2025: The CIO100 and CSO30 ASEAN and Hong Kong Awards Gala on November 12, 2025, delivered a powerful validation of the region’s technology leadership maturity. CIO ASEAN and CSO ASEAN had the privilege of hosting an evening that brought together the most elite CIO100 and CSO30 award winners, and technology teams from Singapore, Malaysia, Indonesia, Vietnam, Cambodia, Thailand, Hong Kong, and the Philippines. They demonstrate that this region is firmly established as a strategic technology hub driving global digital transformation.
Rigor in Judging

We Live Security 13.11.2025 10:00
Look no further to learn how cybercriminals could try to crack your vault and how you can keep your logins safe