Archiv für November 2025

Die Cybersicherheitslage Deutschlands ist angespannt: Insbesondere durch schlecht geschützte Angriffsflächen ist die Bundesrepublik im digitalen Raum verwundbar.

OWASP Top 10 2025 Release Candidate OWASP published a release candidate for the 2025 version of its Top 10 list https://owasp.org/Top10/2025/0x00_2025-Introduction/ Citrix/Cisco Exploitation Details Amazon detailed how Citrix and Cisco vulnerabilities were used by advanced actors to upload webshells https://aws.amazon.com/blogs/security/amazon-discovers-apt-exploiting-cisco-and-citrix-zero-days/ Testing Quantum Readyness A website tests your services for post-quantum computing-resistant cryptographic algorithms https://qcready.com/

Microsoft Patch Tuesday for November 2025 https://isc.sans.edu/diary/Microsoft+Patch+Tuesday+for+November+2025/32468/ Gladinet Triofox Vulnerability Triofox uses the host header in lieu of proper access control, allowing an attacker to access the page managing administrators by simply setting the host header to localhost. https://cloud.google.com/blog/topics/threat-intelligence/triofox-vulnerability-cve-2025-12480/ SAP November 2025 Patch Day SAP fixed a critical vulnerability, fixed default credentials in its SQL […]

Deutschland hat im Bereich der Cybersicherheit Fortschritte erzielt. Dennoch bleibt die Lage angespannt, da die mangelnde Umsetzung von Schutzmaßnahmen dazu führt, dass digitale Systeme angreifbar sind. Zu diesem Ergebnis kommt der aktuelle Jahresbericht des BSI.

It isn t always defaults: Scans for 3CX Usernames Our honeypots detected scans for usernames that may be related to 3CX business phone systems https://isc.sans.edu/diary/It%20isn%27t%20always%20defaults%3A%20Scans%20for%203CX%20usernames/32464 Watchguard Default Password Controversy A CVE number was assigned to a default password commonly used in Watchguard products. This was a documented username and password that was recently removed in […]

Honeypot Requests for Code Repository Attackers continue to scan websites for source code repositories. Keep your repositories outside your document root and proactively scan your own sites. https://isc.sans.edu/diary/Honeypot%3A%20Requests%20for%20%28Code%29%20Repositories/32460 Malicious NuGet Packages Deliver Time-Delayed Destructive Payloads Newly discovered malicious .NET packages attempt to deliver a time-delayed attack targeting ICS systems. https://socket.dev/blog/9-malicious-nuget-packages-deliver-time-delayed-destructive-payloads Side Channel Leaks in Encrypted […]