This posting is here to collect cyber security news in November 2025.
I post links to security vulnerability news to comments of this article.
You are also free to post related links to comments.
This posting is here to collect cyber security news in November 2025.
I post links to security vulnerability news to comments of this article.
You are also free to post related links to comments.
66 Comments
Tomi Engdahl says:
https://www.verkkouutiset.fi/a/tekoaly-voi-kansanedustajan-mukaan-mullistaa-kyberturvallisuuden/#fb485f67
Tomi Engdahl says:
https://cybersecuritynews.com/silentbutdeadly-neutralizes-edr-av/
Tomi Engdahl says:
https://www.bleepingcomputer.com/news/security/kerberoasting-in-2025-how-to-protect-your-service-accounts/
Tomi Engdahl says:
Cloudflare outage: the internet is broken again
https://cybernews.com/news/cloudflare-outage-internet-down/?utm_source=cn_facebook&utm_medium=social&utm_campaign=cybernews&utm_content=post&source=cn_facebook&medium=social&campaign=cybernews&content=post&fbclid=IwVERDUAOJaC5leHRuA2FlbQIxMABzcnRjBmFwcF9pZAwzNTA2ODU1MzE3MjgAAR6KcTXD6AWna0TvXeiYCwMbyUBXe7cfOlKVPh1nfP0yWc-vdYWEdbFokO_4CA_aem_3AIHjBSBqsvCNV6o-esxxQ
Cloudflare is experiencing technical problems, meaning that hundreds of millions of people across the globe are unable to access the internet.
The global network that connects users with websites and apps is currently experiencing an outage, which the company is investigating.
Cloudflare, which “powers internet requests for millions of websites” while serving 81 million HTTP requests, is currently experiencing issues on a global scale.
Tomi Engdahl says:
https://www.tivi.fi/uutiset/a/a084008f-a1ff-4ea8-b13d-d7181921c1f8
Verkkorosvoilla on uudet keinot käytössään – Tämä on ainoa tapa suojautua ”Clickfixiltä”
13.11.202521:30
Clickfix-hyökkäys ohittaa suuren osan tavanomaisista puolustautumiskeinoista.
https://arstechnica.com/security/2025/11/clickfix-may-be-the-biggest-security-threat-your-family-has-never-heard-of/
Tomi Engdahl says:
An outage affecting cybersecurity firm Cloudflare took down huge swathes of the internet with it on Tuesday, once again highlighting how a handful internet services allow the entire web to stay online.
Among the websites affected by the outage are gigantic services including X-formerly-Twitter, OpenAI’s ChatGPT, and Spotify.
https://futurism.com/future-society/internet-down-detector-cloudflare?utm_social_handle_id=352364611609411&utm_social_post_id=577362521&fbclid=IwdGRjcAOJyQZjbGNrA4nITmV4dG4DYWVtAjExAHNydGMGYXBwX2lkDDM1MDY4NTUzMTcyOAABHum8uvW99ieHTvelrsceLmtl5E5b2RxXDH54ZpToACAcs1MGhGYpskeqJ0Va_aem_5LiwoNjcIe9vwWxzM8OJug
Tomi Engdahl says:
The issue was not caused, directly or indirectly, by a cyber attack or malicious activity of any kind. Instead, it was triggered by a change to one of our database systems’ permissions which caused the database to output multiple entries into a “feature file” used by our Bot Management system. That feature file, in turn, doubled in size. The larger-than-expected feature file was then propagated to all the machines that make up our network.
Cloudflare outage on November 18, 2025 https://share.google/s5XJSLsRmA4GFOJ5M
Tomi Engdahl says:
What does the outage tell us about the health of the internet?
With much of the world’s economy reliant on the internet – from banking to e-commerce – some experts in cyber-resilience warn that its infrastructure has become too reliant on a few big companies, creating a “dependency chain”. The problems at Cloudflare come less than a month after outages at other cloud services operators, Amazon’s AWS and Microsoft’s Azure. Together with Google Cloud, these three providers account for about two-thirds of the infrastructure underlying the digital world. Experts argue it shows there should be greater diversity in supply of internet services.
What is Cloudflare – and why did its outage take down so many websites? | Internet | The Guardian https://share.google/qLGfXFtnFXfvBREf2
Tomi Engdahl says:
Tietoliikennejätiltä varoitus – Pohjoismaat uhattuna
Anna Helakallio17.11.202512:27Politiikka
Yhteiskunnan kriittiset toiminnot ovat riippuvaisia digitaalisesta infrastruktuurista.
https://www.tivi.fi/uutiset/a/bbdd6cf1-30d7-48cb-be8e-987e7de33273
Pohjoismaiden on vahvistettava digitaalista resilienssiään laajamittaisten digitaalisten katkoksien varalta, varoittaa tietoliikenneyritys Globalconnect. Yhtiön varoitus perustuu sen teettämiin raportteihin
Tomi Engdahl says:
https://www.cloudflare.com/learning/ssl/lava-lamp-encryption/
https://www.howtogeek.com/cloudflares-broke-internet-open-source-app-saved-homelab/
Tomi Engdahl says:
Tutkimus: Baltimoren laivaturma ja siltaromahdus aiheutuivat sähköjohtoon väärin liimatusta tarrasta
https://yle.fi/a/74-20194896
Tomi Engdahl says:
https://futurism.com/artificial-intelligence/openai-blocks-toymaker-ai-teddy-bear
Tomi Engdahl says:
Teollisuuden kyberturvallisuus rakennetaan IT:n ja tuotannon yhteispelillä
https://www.businessopas.fi/teollisuus/teollisuuden-kyberturvallisuus-rakennetaan-itn-ja-tuotannon-yhteispelilla/
Tomi Engdahl says:
3 open-source, cross-platform security apps that just work
https://www.howtogeek.com/open-source-cross-platform-security-apps-that-just-work/
Tomi Engdahl says:
OWASP Top 10: Broken access control still tops app security list
Risk list highlights misconfigs, supply chain failures, and singles out prompt injection in AI apps
https://www.theregister.com/2025/11/11/new_owasp_top_ten_broken/
Tomi Engdahl says:
Europe is finally cutting down on annoying cookie pop-ups. Under the new plan, some low-risk cookies won’t show pop-ups at all, and users will be able to control other cookies directly in their browser settings, instead of on every single website.
Read full article: https://cnews.link/european-union-cookie-consent-banners-8/
I am so tired of the retardation they caused, worldwide, with that law.