security

soc

CISA Adds One Known Exploited Vulnerability to Catalog

11.03.2026

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-68613 n8n Improper Control of Dynamically-Managed Code Resources Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing […]

Mehr lesen →

security

Microsoft Patch Tuesday, March 2026 Edition

11.03.2026

Microsoft Corp. today pushed security updates to fix at least 77 vulnerabilities in its Windows operating systems and other software. There are no pressing „zero-day“ flaws this month (compared to February’s five zero-day treat), but as usual some patches may deserve more rapid attention from organizations using Windows. Here are a few highlights from this […]

Mehr lesen →

soc

CISA Adds Three Known Exploited Vulnerabilities to Catalog

09.03.2026

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2021-Adresse geschuetzt CVE-2025-Adresse geschuetzt CVE-2026-1603 Ivanti Endpoint Manager (EPM) Authentication Bypass Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) […]

Mehr lesen →

security

How AI Assistants are Moving the Security Goalposts

08.03.2026

AI-based assistants or „agents“ — autonomous programs that have access to the user’s computer, files, online services and can automate virtually any task — are growing in popularity with developers and IT workers. But as so many eyebrow-raising headlines over the past few weeks have shown, these powerful and assertive new tools are rapidly shifting […]

Mehr lesen →

security

BSI-Präsidentin wirbt für „360-Grad-Blick“ auf Sicherheit im digitalen Raum

von BSI Presse-Meldungen • 07.03.2026

Mit Blick auf die aktuelle Cybersicherheitslage in Deutschland hat das BSI einen mehrdimensionalen Lösungsansatz vorgestellt. Auf der Cyber Security Conference (CSC) von Schwarz Digits präsentierte BSI-Präsidentin Claudia Plattner das „Wheel of Motion“ – eine Konzeptskizze für Lösungsstrategien im Umgang mit Cyberaggression.

Mehr lesen →

security

Deutscher IT-Sicherheitskongress: jetzt anmelden!

von BSI Presse-Meldungen • 06.03.2026

Vom 15. bis zum 16. April 2026 findet der 21. Deutsche IT-Sicherheitskongress in Bonn statt. Die Registrierung zur Teilnahme am Kongress ist ab sofort möglich.

Mehr lesen →

soc

CISA Adds Five Known Exploited Vulnerabilities to Catalog

05.03.2026

CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2017-7921 Hikvision Multiple Products Improper Authentication Vulnerability CVE-2021-Adresse geschuetzt CVE-2021-Adresse geschuetzt CVE-2023-Adresse geschuetzt CVE-2023-Adresse geschuetzt These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding […]

Mehr lesen →

security

SIEM vs Log Management: Observability, Telemetry, and Detection

05.03.2026

Security teams are no longer short on data. They are drowning in it. Cloud control plane logs, endpoint telemetry, identity events, SaaS audit trails, application logs, and network signals keep expanding, while the SOC is still expected to deliver faster detection and cleaner investigations. That is why SIEM vs log management is not just a […]

Mehr lesen →

soc

CVE-2026-21385: Google Patches Qualcomm Zero-Day Exploited in Targeted Android Attacks

04.03.2026

Steady cadence of Android zero-days marked as exploited in the wild makes its path to 2026. Following CVE-2025-Adresse geschuetzt-2025-48572, two Android Framework bugs Google flagged for active exploitation, defenders keep seeing the same familiar pattern. Mobile-chain vulnerabilities can move fast from limited attacks to real enterprise risk when patching lags. In March 2026, that […] […]

Mehr lesen →

soc

UAC-0252 Attack Detection: SHADOWSNIFF and SALATSTEALER Fuel Phishing Campaigns in Ukraine

03.03.2026

Since January 2026, CERT-UA has been tracking a series of intrusions attributed to UAC-0252 and built around SHADOWSNIFF and SALATSTEALER infostealers. The campaigns rely on well-crafted phishing lures, payload staging on legitimate infrastructure, and user-driven execution of disguised EXE files. Detect UAC-0252 Attacks Covered in CERT-UA#Adresse geschuetzt Q2 2025 research by […] The post UAC-0252 […]

Mehr lesen →

📅 Kalender