Criminelen stelen afbeeldingen videomeetings en gevoelige data handelsbedrijf
[Security.NL maakt Nederland veilig] [22 Oct 25 @ 17:26]
Een ransomwaregroep heeft bij het Amerikaanse handelsbedrijf Jewett-Cameron Trading afbeeldingen van videomeetings, gevoelige ...
This free IGA tool boosts your identity security
[The Register - Security] [22 Oct 25 @ 17:00]
Here are five ways tenfold's free IGA solution helps you streamline identity governance and access control. Partner Content In a world where one wrong click can set off a catastrophic breach, org...
Philips Hue Bridge en Samsung Galaxy S25 gehackt tijdens Pwn2Own
[Security.NL maakt Nederland veilig] [22 Oct 25 @ 16:50]
Onderzoekers zijn er tijdens de Pwn2Own-wedstrijd in het Ierse Cork in geslaagd om de Philips Hue Bridge en Samsung Galaxy S25 ...
Ziekenhuis Maagdeneilanden bijna 5 maanden offline na ransomware-aanval
[Security.NL maakt Nederland veilig] [22 Oct 25 @ 15:50]
Een ziekenhuis op de Amerikaanse Maagdeneilanden is wegens een ransomware-aanval bijna vijf maanden offline geweest. De aanval ...
TARmageddon flaw in Async-Tar Rust library allows to smuggle extra archives when the library is processing nested TAR files
[Security Affairs] [22 Oct 25 @ 15:26]
CVE-2025-62518 TARmageddon flaw in Rust async-tar and forks like tokio-tar may allow remote code execution, says Edera. Edera team disclosed a vulnerability tracked as CVE-2025-62518 (CVSS score: 8...
Forking confusing: Vulnerable Rust crate exposes uv Python packager
[The Register - Security] [22 Oct 25 @ 15:15]
Forks of forks of forks, but which ones are patched? A vulnerability in the popular Rust crate async-tar has affected the fast uv Python package manager, which uses a forked version that's now patc...
Chinese Threat Actors Exploit ToolShell SharePoint Flaw Weeks After Microsoft's July Patch
[THN : The Hacker News] [22 Oct 25 @ 14:56]
Threat actors with ties to China exploited the ToolShell security vulnerability in Microsoft SharePoint to breach a telecommunications company in the Middle East after it was publicly disclosed and...
Digitaal rijbewijs op smartphone wordt standaard in Europese Unie
[Security.NL maakt Nederland veilig] [22 Oct 25 @ 14:41]
Een digitaal rijbewijs op smartphones wordt de standaard in de Europese Unie. Het zal nog wel mogelijk zijn om een fysiek ...
'Cyberaanval Jaguar Land Rover kost Verenigd Koninkrijk 2,2 miljard euro'
[Security.NL maakt Nederland veilig] [22 Oct 25 @ 14:12]
De cyberaanval op Jaguar Land Rover (JLR) kost het Verenigd Koninkrijk omgerekend 2,2 miljard euro en heeft meer dan ...
Home Depot Halloween phish gives users a fright, not a freebie
[Malwarebytes Unpacked] [22 Oct 25 @ 14:02]
Boo! A Home Depot Halloween “giveaway” isn’t a treat—it’s a phishing trick. Fake links, tracking pixels, and compromised sites are the real prizes.
Zero-click Dolby audio bug lets attackers run code on Android and Windows devices
[Malwarebytes Unpacked] [22 Oct 25 @ 14:00]
The bug, tracked as CVE-2025-54957, could let attackers run code via audio files.
Bridging the Remediation Gap: Introducing Pentera Resolve
[THN : The Hacker News] [22 Oct 25 @ 13:55]
From Detection to Resolution: Why the Gap Persists A critical vulnerability is identified in an exposed cloud asset. Within hours, five different tools alert you about it: your vulnerability scanne...
Fake Nethereum NuGet Package Used Homoglyph Trick to Steal Crypto Wallet Keys
[THN : The Hacker News] [22 Oct 25 @ 13:43]
Cybersecurity researchers have uncovered a new supply chain attack targeting the NuGet package manager with malicious typosquats of Nethereum, a popular Ethereum .NET integration platform, to steal...
TP-Link dicht kritiek command injection-lek in Omada-gateways
[Security.NL maakt Nederland veilig] [22 Oct 25 @ 12:40]
TP-Link heeft firmware-updates uitgebracht voor een kritieke kwetsbaarheid in de Omada-gateways waardoor een ongeauthenticeerde ...
Jaguar Land Rover cyber-meltdown tipped to cost the UK almost £2B
[The Register - Security] [22 Oct 25 @ 12:29]
That's a lot of extended warranties The Jaguar Land Rover (JLR) cyberattack could end up being the costliest such incident in UK history, billed at an estimated £1.9 billion and affecting over 5,00...
Oracle brengt kritieke beveiligingsupdates uit voor allerlei producten
[Security.NL maakt Nederland veilig] [22 Oct 25 @ 12:19]
Oracle heeft voor allerlei producten kritieke beveiligingsupdates uitgebracht en roept klanten op om die meteen te installeren. ...
Kan een platform de voorwaarden met terugwerkende kracht herzien om AI te kunnen trainen met alle gebruikersdata?
[Security.NL maakt Nederland veilig] [22 Oct 25 @ 12:02]
Juridische vraag: Veel is al gezegd over de recente aankondiging van Linkedin om standaard gebruikersposts en -data te ...
Deep analysis of the flaw in BetterBank reward logic
[Securelist - Information about Viruses, Hackers and Spam] [22 Oct 25 @ 12:00]
Kaspersky experts break down the recent BetterBank incident involving ESTEEM token bonus minting due to the lack of liquidity pool validation.
Episode Three: Blown Cover
[The Intercept] [22 Oct 25 @ 12:00]
How confidential informants like LeBron Gaither, recruited by police as a teen and killed by a drug dealer, are seen by the criminal system as disposable. The post Episode Three: Blown Cover appear...
WhatsApp toont waarschuwing bij delen van scherm met onbekenden
[Security.NL maakt Nederland veilig] [22 Oct 25 @ 11:59]
WhatsApp gaat waarschuwingen tonen wanneer gebruikers hun scherm met onbekende contacten delen, zo heeft Meta aangekondigd. Dit ...
Why You Should Swap Passwords for Passphrases
[THN : The Hacker News] [22 Oct 25 @ 11:26]
The advice didn't change for decades: use complex passwords with uppercase, lowercase, numbers, and symbols. The idea is to make passwords harder for hackers to crack via brute force methods. But m...
183 miljoen gecompromitteerde e-mailadressen toegevoegd aan HIBP
[Security.NL maakt Nederland veilig] [22 Oct 25 @ 11:22]
Aan datalekzoekmachine Have I Been Pwned (HIBP) zijn 183 miljoen gecompromitteerde e-mailadressen toegevoegd. Hiervan waren ...
Google waarschuwt voor malware-aanval via malafide captcha
[Security.NL maakt Nederland veilig] [22 Oct 25 @ 11:00]
Google waarschuwt internetgebruikers voor een aanval waarbij wordt geprobeerd om via een malafide captcha malware te ...
Researchers Identify PassiveNeuron APT Using Neursite and NeuralExecutor Malware
[THN : The Hacker News] [22 Oct 25 @ 10:58]
Government, financial, and industrial organizations located in Asia, Africa, and Latin America are the target of a new campaign dubbed PassiveNeuron, according to findings from Kaspersky. The cyber...
Vidar-malware gebruikt multi-threading voor sneller stelen van wachtwoorden
[Security.NL maakt Nederland veilig] [22 Oct 25 @ 10:19]
Onderzoekers hebben een nieuwe versie van de Vidar-malware ontdekt die multi-threading gebruikt om sneller wachtwoorden en ...
UK data regulator defends decision not to investigate MoD Afghan data breach
[The Register - Security] [22 Oct 25 @ 09:15]
ICO says probe unnecessary after reviewing ministry's handling of leak The UK's data protection regulator declined to launch an investigation into a leak at the Ministry of Defence that risked the ...
TARmageddon Flaw in Async-Tar Rust Library Could Enable Remote Code Execution
[THN : The Hacker News] [22 Oct 25 @ 09:05]
Cybersecurity researchers have disclosed details of a high-severity flaw impacting the popular async-tar Rust library and its forks, including tokio-tar, that could result in remote code execution ...
Russia-linked COLDRIVER speeds up malware evolution after LOSTKEYS exposure
[Security Affairs] [22 Oct 25 @ 08:06]
Russia-linked COLDRIVER rapidly evolved its malware since May 2025, refining tools just days after releasing its LOSTKEYS variant, says Google. The Russia-linked hacking group COLDRIVER has been qu...
TP-Link Patches Four Omada Gateway Flaws, Two Allow Remote Code Execution
[THN : The Hacker News] [22 Oct 25 @ 06:38]
TP-Link has released security updates to address four security flaws impacting Omada gateway devices, including two critical bugs that could result in arbitrary code execution. The vulnerabilities ...
Japanese retailer Muji halted online sales after a ransomware attack on logistics partner
[Security Affairs] [21 Oct 25 @ 20:55]
Muji halted online sales after a ransomware attack on its logistics partner Askul, disrupting orders, app services, and website access. Japanese retailer giant Muji suspended online sales after a r...
How malware vaccines could stop ransomware's rampage
[The Register - Security] [21 Oct 25 @ 18:41]
Security pros explore whether infection-spoofing code can immunize Windows systems against attack Feature What's better, prevention or cure? For a long time the global cybersecurity industry has ...
'Apple waarschuwt exploit-ontwikkelaar dat zijn iPhone doelwit van spyware was'
[Security.NL maakt Nederland veilig] [21 Oct 25 @ 17:17]
Apple heeft eerder dit jaar een ontwikkelaar van iOS-exploits gewaarschuwd dat zijn iPhone het doelwit van een gerichte ...
Meta Rolls Out New Tools to Protect WhatsApp and Messenger Users from Scams
[THN : The Hacker News] [21 Oct 25 @ 17:03]
Meta on Tuesday said it's launching new tools to protect Messenger and WhatsApp users from potential scams. To that end, the company said it's introducing new warnings on WhatsApp when users attemp...
Restructuring risk operations: building a business-aligned cyber strategy
[The Register - Security] [21 Oct 25 @ 17:00]
Why organizations need a new strategy to break down silos and usher in a new era of risk intelligence Partner Content As cyber risk continues to escalate, many organizations face a disconnect bet...
U.S. CISA adds Oracle, Windows, Kentico, and Apple flaws to its Known Exploited Vulnerabilities catalog
[Security Affairs] [21 Oct 25 @ 16:10]
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Oracle, Windows, Kentico, and Apple flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure...
PolarEdge Targets Cisco, ASUS, QNAP, Synology Routers in Expanding Botnet Campaign
[THN : The Hacker News] [21 Oct 25 @ 15:47]
Cybersecurity researchers have shed light on the inner workings of a botnet malware called PolarEdge. PolarEdge was first documented by Sekoia in February 2025, attributing it to a campaign targeti...
Belgisch bedrijf berispt voor niet op tijd verwijderen e-mailaccount ex-werknemer
[Security.NL maakt Nederland veilig] [21 Oct 25 @ 15:07]
De Belgische privacytoezichthouder GBA heeft een Belgisch bedrijf berispt voor het niet op tijd afsluiten van het e-mailaccount ...
VK roept bedrijven op om cybersecurity prioriteit van directie te maken
[Security.NL maakt Nederland veilig] [21 Oct 25 @ 14:22]
De Britse overheid heeft de grootste bedrijven in het Verenigd Koninkrijk een open brief geschreven waarin wordt opgeroepen om ...
Leverancier seksuele gezondheidsproducten lekt gevoelige data van klanten
[Security.NL maakt Nederland veilig] [21 Oct 25 @ 14:00]
Hello Cake, een Amerikaanse leverancier van seksuele gezondheidsproducten, heeft door een configuratiefout met een clouddienst ...
China-Linked Salt Typhoon breaches European Telecom via Citrix exploit
[Security Affairs] [21 Oct 25 @ 13:27]
China-linked Salt Typhoon hacked a European telecom in July 2025 via a Citrix NetScaler Gateway exploit for initial access. A European telecom firm was targeted in July 2025 by China-linked APT gro...
Windows update breaks USB support in recovery mode
[Malwarebytes Unpacked] [21 Oct 25 @ 13:15]
Microsoft’s October update disabled USB keyboards and mice in Windows Recovery Mode, leaving unlucky users with two problems for the price of one.
Muji's minimalist calm shattered as ransomware takes down logistics partner
[The Register - Security] [21 Oct 25 @ 13:15]
Japanese retailer halts online orders after attack cripples third-party vendor Japanese retailer Muji is suspending online orders after logistics partner Askul was knocked offline by a ransomware a...
Securing AI to Benefit from AI
[THN : The Hacker News] [21 Oct 25 @ 13:00]
Artificial intelligence (AI) holds tremendous promise for improving cyber defense and making the lives of security practitioners easier. It can help teams cut through alert fatigue, spot patterns f...
QNAP-apparaten en Synology BeeStation gehackt tijdens Pwn2Own-wedstrijd
[Security.NL maakt Nederland veilig] [21 Oct 25 @ 12:35]
Onderzoekers zijn er tijdens de Pwn2Own-wedstrijd in geslaagd om apparaten van QNAP en de Synology BeeStation Plus via ...
You can poison AI with just 250 dodgy documents
[Malwarebytes Unpacked] [21 Oct 25 @ 12:33]
Anthropic’s new research shows how easy it could be to poison AI models—proof that even small manipulations can have big effects.
Feds flag active exploitation of patched Windows SMB vuln
[The Register - Security] [21 Oct 25 @ 12:27]
CISA adds high-severity flaw to KEV list, urges swift updating Uncle Sam's cyber wardens have warned that a high-severity flaw in Microsoft's Windows SMB client is now being actively exploited – mo...
The evolving landscape of email phishing attacks: how threat actors are reusing and refining established techniques
[Securelist - Information about Viruses, Hackers and Spam] [21 Oct 25 @ 12:00]
Common email phishing tactics in 2025 include PDF attachments with QR codes, password-protected PDF documents, calendar phishing, and advanced websites that validate email addresses.
David Brooks Is the Last Person We Should Be Listening to Right Now
[The Intercept] [21 Oct 25 @ 12:00]
A mass movement against the Trump administration is essential, but no one should take an Iraq War booster’s advice. The post David Brooks Is the Last Person We Should Be Listening to Right Now appe...
Japanse webshop MUJI stopt online bestellingen na ransomware-aanval
[Security.NL maakt Nederland veilig] [21 Oct 25 @ 11:42]
Webshops van verschillende grote Japanse winkelketens, waaronder warenhuisketen MUJI, kunnen geen online bestellingen meer ...
VS meldt actief misbruik van beveiligingslek in Oracle E-Business Suite
[Security.NL maakt Nederland veilig] [21 Oct 25 @ 11:03]
Aanvallers maken actief misbruik van een kwetsbaarheid in Oracle E-Business Suite (EBS) voor het stelen van vertrouwelijke ...