Tag: advisory
-
Microsoft patches privilege escalation flaw exploited since 2023
by
in SecurityNewsVulnerabilities in file system drivers: Several of the other zero-day vulnerabilities are related to the Windows NT File System (NTFS) driver. One is a remote code execution flaw that can be triggered by the user mounting a specially crafted VHD (virtual hard disk) that triggers a buffer overflow (CVE-2025-24993).A similar vulnerability, CVE-2025-24985, that can be…
-
CISA worker says 100-strong red team fired after DOGE cancelled contract
Election infosec advisory agency also shuttered First seen on theregister.com Jump to article: www.theregister.com/2025/03/12/cisa_staff_layoffs/
-
MirrorFace APT Using Custom Malware To Exploited Windows Sandbox Visual Studio Code
by
in SecurityNewsThe cybersecurity landscape witnessed a significant development when the National Police Agency (NPA) and the National center of Incident readiness and Strategy for Cybersecurity (NISC) released a security advisory on January 8, 2025. This advisory highlighted an Advanced Persistent Threat (APT) campaign conducted by a group known as >>MirrorFace,
-
Google Warns Chromecast Owners Against Factory Reset
by
in SecurityNewsGoogle has issued a warning to Chromecast owners regarding the potential risks of performing a factory reset on their devices. This advisory comes as users have reported complications with device authentication after restoring their Chromecasts to factory settings. The warning highlights the importance of understanding the implications of a factory reset before proceeding. Background on…
-
CISOs and CIOs forge vital partnerships for business success
by
in SecurityNews
Tags: advisory, ai, attack, breach, business, ceo, cio, ciso, cloud, communications, corporate, cybersecurity, data, data-breach, finance, firewall, framework, ibm, infrastructure, resilience, risk, risk-management, service, strategy, technology, threatVikram Nafde, EVP and CIO, Webster Bank Webster BankAs is the case at many companies, Webster Bank’s CISO Patty Voight reports into the CIO. While there is a direct line between the executive functions, Nafde says the structure is collaborative, not hierarchical, a significant evolution as the intensity of threats escalate, raising the bar for…
-
Cybersecurity Snapshot: CSA Outlines Data Security Challenges and Best Practices, While ISACA Offers Tips To Retain IT Pros
by
in SecurityNews
Tags: advisory, ai, awareness, banking, best-practice, business, cloud, compliance, corporate, crime, crypto, cve, cyber, cybercrime, cybersecurity, data, defense, exploit, extortion, finance, fraud, governance, government, group, healthcare, infrastructure, iot, jobs, mail, malicious, microsoft, mitigation, monitoring, network, nis-2, privacy, qr, ransom, ransomware, regulation, resilience, risk, risk-assessment, risk-management, scam, service, strategy, technology, threat, tool, vmware, vulnerability, vulnerability-management, zero-dayCheck out best practices for shoring up data security and reducing cyber risk. Plus, get tips on how to improve job satisfaction among tech staff. Meanwhile, find out why Congress wants federal contractors to adopt vulnerability disclosure programs. And get the latest on cyber scams; zero-day vulnerabilities; and critical infrastructure security. Dive into six things…
-
Multiple Jenkins Vulnerabilities Allow Attackers to Expose Secrets
by
in SecurityNewsJenkins, the widely-used open-source automation server, issued a high-priority security advisory on March 5, 2025, disclosing four medium-severity vulnerabilities affecting its core platform. The flaws”, tracked as CVE-2025-27622 through CVE-2025-27625″, impact secrets management, cross-site request forgery (CSRF) protections, and URL validation. Immediate upgrades to Jenkins 2.500 (weekly) or 2.492.2 (LTS) are recommended to mitigate risks.…
-
0-day-Schwachstellen in VMWare ESXi, Workstation und Fusion
by
in SecurityNewsZum 4. März 2025 hat VMware by Broadcom einen Sicherheitshinweis veröffentlicht, um vor drei Zero-Day-Schwachstellen CVE-2025-22224, CVE-2025-22225 und CVE-2025-22226), die bereits in freier Wildbahn ausgenutzt wurden, zu warnen. Patchen ist dringend angesagt. VMware Advisory VMSA-2025-0004 Dem Advisory VMSA-2025-0004 zufolge betreffen die … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/03/05/0-day-schwachstellen-in-vmware-esxi-workstation-und-fusion/
-
CVE-2025-22224, CVE-2025-22225, CVE-2025-22226: Zero-Day Vulnerabilities in VMware ESXi, Workstation and Fusion Exploited
by
in SecurityNews
Tags: advisory, attack, cloud, cve, exploit, flaw, infrastructure, intelligence, leak, microsoft, threat, update, vmware, vulnerability, zero-dayBroadcom published an advisory for three flaws in several VMware products that were exploited in the wild as zero-days. Organizations are advised to apply the available patches. Background On March 4, Broadcom published an advisory (VMSA-2025-0004) for three zero-day vulnerabilities across multiple VMware products: CVE Description CVSSv3 CVE-2025-22224 VMware ESXi and Workstation Heap-Overflow Vulnerability 9.3…
-
VMware Warns Customers to Patch Actively Exploited Zero-Day Vulnerabilities
by
in SecurityNewsCloud software firm VMware has issued a critical security advisory, detailing three zero-day vulnerabilities being actively exploited in the wild First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/vmware-patch-exploited-zero-day/
-
Palo Alto PAN-OS Bug Severity Upgraded, Exploited in Wild
by
in SecurityNewsSummary Earlier this month we published an advisory about CVE-2025-0108, a vulnerability which allows an unauthenticated attacker to access the web management user interface of First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2025/02/25/palo-alto-pan-os-bug-severity-upgraded-exploited-in-wild/
-
How to create an effective incident response plan
by
in SecurityNews
Tags: access, advisory, attack, backup, breach, business, ceo, ciso, communications, corporate, cyber, cybersecurity, email, endpoint, exploit, finance, governance, guide, incident, incident response, insurance, law, lessons-learned, malicious, monitoring, network, office, phone, ransomware, risk, security-incident, service, strategy, supply-chain, technology, threat, updateEstablish a comprehensive post-incident communications strategy: Another key element that can make or break an incident response strategy is communications. Without clear communications among the major stakeholders of the business, a company might experience much longer downtimes or the loss of vital processes for extended periods.”How are you going to go about communicating? With whom?…
-
FBI and CISA warn about continuing attacks by Chinese ransomware group Ghost
by
in SecurityNewsAttacks are more focused on encryption than exfiltration: The Ghost attackers have sometimes exfiltrated data back to their Cobalt Strike Team servers or to the Mega.nz file-sharing service, but this has been rare and the amount of information stolen has been limited.According to FBI investigations, the group doesn’t regularly exfiltrate intellectual property or personally identifiable…
-
Critical UniFi Protect Camera Vulnerability Enables Remote Code Execution Attacks
by
in SecurityNewsUbiquiti Networks has issued an urgent security advisory (Bulletin 046) warning of multiple critical vulnerabilities in its UniFi Protect camera ecosystem, including a high-severity remote code execution (RCE) flaw that could allow attackers to hijack devices and infiltrate network infrastructure. The vulnerabilities, discovered during the Pwn2Own 2025 hacking competition, affect UniFi Protect Cameras (firmware v4.74.88…
-
CISA and FBI Warn of Global Threat from Ghost Ransomware
by
in SecurityNewsCISA and the FBI have released a joint advisory detailing the activity of China’s Ghost ransomware First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cisa-fbi-warn-global-threat-ghost/
-
CISA FBI Warns that Ghost Ransomware Hits Over 70 Organizations
by
in SecurityNews
Tags: advisory, cisa, cyber, cybersecurity, government, healthcare, infrastructure, network, ransomwareThe Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have issued a joint advisory warning about the widespread impact of the Ghost ransomware, also known as Cring. Since its emergence in early 2021, this ransomware has compromised over 70 organizations globally, spanning critical infrastructure, healthcare, education, government networks, and private…
-
CISA and FBI Issue Alert as Ghost Ransomware Targets 70+ Organizations
by
in SecurityNews
Tags: access, advisory, cisa, cyber, cybersecurity, exploit, infrastructure, malicious, ransomware, software, threat, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have issued a joint advisory warning about the increasing threat posed by Ghost ransomware. This malicious campaign has already impacted more than 70 organizations across various sectors, exploiting vulnerabilities in widely-used software to gain access to targeted networks. Exploitation of Vulnerabilities…
-
Hackers gain root access to Palo Alto firewalls through chained bugs
by
in SecurityNewsImmediate patching advised: All three vulnerabilities affect PAN-OS versions 10.1, 10.2, 11.1, and 11.2, and have received patches respectively. Palo Alto Networks confirmed that its Cloud NGFW and Prisma Access services are not impacted.As a workaround, admins are advised to restrict access to the management web interface to only trusted internal IP addresses. Even then,…
-
Mehrere Schwachstellen in OpenSSH (Feb. 2025)
by
in SecurityNewsSicherheitsexperten von Qualys TRU sind bei der Software OpenSSH auf zwei Schwachstellen gestoßen. Zudem wurde am 11. Februar 2024 ein Advisory zu einer weiteren Schwachstelle veröffentlicht. Betroffen von dieser Schwachstelle sind OpenSSL 3.4, 3.3 und 3.2, wobei es Upgrades auf … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/02/19/schwachstellen-cve-2024-12797-in-openssh-feb-2025/
-
XCSSET macOS malware reappears with new attack strategies, Microsoft sounds alarm
by
in SecurityNewsXcode developers targeted through infected projects: Microsoft reported that XCSSET continues to spread via compromised Xcode projects, a technique that has been in use since the malware’s discovery in 2020. Once an infected project is cloned or downloaded, the malware can embed itself within the developer’s system and further propagate when the infected code is…
-
CISA, FBI call software with buffer overflow issues ‘unforgivable’
by
in SecurityNewsMicrosoft, VMWare, Ivanti flaws called out: The feds highlighted a list of buffer overflow bugs affecting leading vendors like Microsoft, Ivanti, VMWare, Citrix and RedHat, ranging from high to critical severity, and some already having in-the-wild exploits.The list included two Microsoft flaws that could allow, local attackers in container-based environments to gain system privileges (CVE-2025-21333),…
-
Fortinet discloses second authentication bypass vulnerability
by
in SecurityNewsFortinet disclosed CVE-2025-24472 in an updated advisory that confused some in the infosec community because it stated that ‘reports show this is being exploited in the wild.’ First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366619314/Fortinet-discloses-second-authentication-bypass-vulnerability
-
0-Day Vulnerability in Windows Storage Allow Hackers to Delete the Target Files Remotely
by
in SecurityNewsA newly discovered 0-day vulnerability in Windows Storage has sent shockwaves through the cybersecurity community. Identified as CVE-2025-21391, this critical flaw allows attackers to elevate privilege and remotely delete targeted files on a victim’s system without their interaction. Microsoft officially confirmed the issue on February 11, 2025. According to the advisory, this vulnerability stems from a…
-
Critical OpenSSL Vulnerability Let Attackers Launch Manthe-Middle Attacks
by
in SecurityNewsA high-severity security vulnerability (CVE-2024-12797) has been identified in OpenSSL, one of the most widely used cryptographic libraries. The flaw allows attackers to exploit a loophole in TLS and DTLS handshakes, potentially enabling man-in-the-middle (MITM) attacks on vulnerable connections. OpenSSL has issued a security advisory urging affected users to upgrade immediately to mitigate the risk.…