security

DShield SIEM Docker Updates Guy updated the DShield SIEM which graphically summarizes what is happening inside your honeypot. https://isc.sans.edu/diary/DShield%20SIEM%20Docker%20Updates/32276 Again: Sonicwall SSL VPN Compromises The Australian Government s Signals Directorate noted an increase in compromised Sonicwall devices. https://www.cyber.gov.au/about-us/view-all-content/alerts-and-advisories/ongoing-active-exploitation-of-sonicwall-ssl-vpns-in-australia Website Keystroke Logging Many websites log every keystroke, not just data submitted in forms. https://arxiv.org/pdf/2508.19825

BASE64 Over DNS The base64 character set exceeds what is allowable in DNS. However, some implementations will work even with these invalid characters. https://isc.sans.edu/diary/BASE64%20Over%20DNS/32274 Google Chrome Update Google released an update for Google Chrome, addressing two vulnerabilities. One of the vulnerabilities is rated critical and may allow code execution. https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_9.html Ivanti Updates Ivanti patched a […]

Die EU-Chatkontrolle ist gescheitert. Als Übergangsregelung durften Messengerdienste Chats freiwillig durchsuchen, um die Verbreitung von Kinderporonografie zu verhindern. Doch die Regelung galt nur bis 3. April 2026. Wie geht es nun weiter?

Das BSI wird zu Beginn des kommenden Jahres eine Technische Richtlinie (TR) veröffentlichen, die Sicherheitsvorgaben zum Einsatz Künstlicher Intelligenz (KI) in Fahrzeugen macht. Dies kündigte BSI-Vizepräsident Thomas Caspers auf der Internationalen Automobil-Ausstellung (IAA Mobility) in München an.

Microsoft Patch Tuesday As part of its September patch Tuesday, Microsoft addressed 177 different vulnerabilities, 86 of which affect Microsoft products. None of the vulnerabilities has been exploited before today. Two of the vulnerabilities were already made public. Microsoft rates 13 of the vulnerabilities are critical. https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%20September%202025/32270 Adobe Patches Adobe released patches for nine products, […]

Cyberkriminalität betrifft auch junge Menschen. Das BSI veröffentlicht daher ein umfassendes Medienpaket zur Vermittlung grundlegender Cybersicherheitskompetenzen. Mit diesem Angebot möchte das BSI Lehrkräfte und weiteres pädagogisches Fachpersonal dabei unterstützen, Jugendliche für digitale Risiken zu sensibilisieren.

Das BSI hat mit der südkoreanischen Cybersicherheitsbehörde (KISA) ein Abkommen zur gegenseitigen Anerkennung von Cybersicherheitskennzeichnungen geschlossen und damit ein wichtiges Etappenziel im Bereich der internationalen Zusammenarbeit erreicht.

Major npm compromise A number of high-profile npm libraries were compromised after developers fell for a phishing email. This compromise affected libraries with a total of hundreds of millions of downloads a week. https://bsky.app/profile/bad-at-computer.bsky.social/post/3lydioq5swk2y https://github.com/orgs/community/discussions/172738 https://github.com/chalk/chalk/issues/656#issuecomment-3266894253 https://www.aikido.dev/blog/npm-debug-and-chalk-packages-compromised HTTP Request Signatures It looks like some search engines and AI bots are starting to use the HTTP […]

From YARA Offsets to Virtual Addresses Xavier explains how to convert offsets reported by YARA into offsets suitable for the use with debuggers. https://isc.sans.edu/diary/From%20YARA%20Offsets%20to%20Virtual%20Addresses/32262 Phishing via JavaScript in SVG Files Virustotal uncovered a Colombian phishing campaign that takes advantage of JavaScript in SVG files. https://blog.virustotal.com/2025/09/uncovering-colombian-malware-campaign.html FreePBX Patches FreePBX released details regarding two vulnerabilities patched last […]

Unauthorized Issuance of Certificate for 1.1.1.1 Cloudflare published a blog post with more details regarding the bad 1.1.1.1 certificate that was issued by Fina. https://blog.cloudflare.com/unauthorized-issuance-of-certificates-for-1-1-1-1/ AI Model Namespace Reuse Deleted accounts on Huggingface can be taken over by other entities unrelated to the original owner. https://unit42.paloaltonetworks.com/model-namespace-reuse/ macOS vulnerability allowed Keychain and iOS app decryption without […]