IT Security - Onlineportal von IT Management

Study

Current phishing training courses have little effect

19. August, 2025 - 08:03

Researchers have tested the effectiveness of various phishing training courses in a study involving 19,000 test subjects. The result: training courses help less than expected.

New attack technique discovered

FIDO authentication vulnerability: New downgrade attack bypasses passkey security

13. August, 2025 - 10:37

Passkeys and FIDO authentication are designed to provide robust protection against phishing attacks. However, researchers have now discovered a critical loophole that can undermine even strong passkey authentication. Attackers can exploit a targeted downgrade technique to force users into using insecure login methods. This risk grows as FIDO adoption

OPSWAT Threat Landscape Report 2025

Malware camouflages itself better: one in 14 threats remains undetected

09. August, 2025 - 10:19

A new report demonstrates that conventional security systems are failing to identify many contemporary threats. OPSWAT highlights critical blind spots in current defenses and advocates for a fundamental overhaul of cybersecurity strategies.

Back door for hackers

Cursor: Critical security vulnerability discovered in AI coding tool

06. August, 2025 - 08:35

Security researchers from Check Point have discovered a serious vulnerability in the popular AI-based developer tool Cursor. The vulnerability allows attackers to permanently inject malicious code into development projects completely unnoticed.

New cyber espionage campaign

Turkish arms sector in the sights of Dropping Elephant

27. July, 2025 - 10:09

Security researchers at Arctic Wolf Labs have discovered a sophisticated cyberattack campaign targeting the Turkish defense industry.

Recipe for a disaster

Malware in popular cooking app RecipeLister

24. July, 2025 - 07:18

From a harmless kitchen helper to a cyber threat – the case of the “RecipeLister” app shows how cleverly malware is disguised today.

From technically sophisticated to disturbingly creative

New variants of AsyncRAT discovered

17. July, 2025 - 07:39

The infamous Trojan from 2019 is once again making headlines. Security researchers from ESET have discovered that AsyncRAT is now even more dangerous and has spread much more widely thanks to new variants.

Data from various Infostealers

16 billion login details: the data theft that nobody knew about

20. June, 2025 - 08:51

Several collections of login data reveal one of the largest data thefts in history. As cybernews reports, a total of 16 billion login credentials were exposed. The data most likely originated from various infostealers.

Rethinking security strategy

How to do security by design right

17. April, 2025 - 06:37

The days when cyber security was an afterthought are over. The EU Cyber Resilience Act (CRA) and the EU’s new Product Liability Directive make it clear: software must be secure from the outset. “Security by design” is thus turning from a buzzword into a survival strategy. Cycode shows how

Incident response plan necessary

Warning about ClickFix social engineering campaign

07. April, 2025 - 09:30

ClickFix is already being used by a number of nation-state actors such as APT 28 and Kimsuky. The distribution of stealer malware such as Lumma Stealer via the social engineering campaign is particularly popular.