Tag: network
-
New infosec products of the week: April 18, 2025
by
in SecurityNewsHere’s a look at the most interesting products from the past week, featuring releases from Cato Networks, Cyware, Entrust, PlexTrac, and Seemplicity. PlexTrac for CTEM helps … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/18/new-infosec-products-of-the-week-april-18-2025/
-
Will politicization of security clearances make US cybersecurity firms radioactive?
by
in SecurityNews
Tags: access, business, ceo, cisa, cisco, ciso, credentials, crowdstrike, cybersecurity, disinformation, election, government, infrastructure, intelligence, law, microsoft, network, office, risk, spyware, strategy, threatWhat brought this on: This is mostly a reaction to a White House order on Wednesday that tied security clearances to supporting political concepts. The order chastised Chris Krebs, the former head of Trump’s Cybersecurity and Infrastructure Security Agency (CISA). “Krebs’ misconduct involved the censorship of disfavored speech implicating the 2020 election and COVID-19 pandemic. CISA, under…
-
Innovative Cyber Firms to Take Center Stage at RSAC 2025
by
in SecurityNewsRSAC VP Cecilia Marinier on Innovation Sandbox, Leading-Edge Content at Conference. The RSAC Conference Innovation Sandbox started with a group of 20 people who honored startup firms with bragging rights for the most promising cybersecurity solutions. Over the years, the event helped lift industry stalwarts including Wiz, Sumo Logic, Phantom and Cato Networks into notoriety.…
-
Your Network Is Showing Time to Go Stealth
by
in SecurityNews
Tags: access, ai, attack, authentication, backdoor, breach, china, cisco, cloud, computer, control, credentials, cyberattack, cybersecurity, data, data-breach, defense, detection, encryption, endpoint, exploit, firewall, firmware, fortinet, group, Hardware, infrastructure, mfa, network, software, theft, threat, tool, update, vpn, vulnerability, zero-day -
Mobile Security Emerging Risks in the BYOD Era
by
in SecurityNewsThe rise of Bring Your Own Device (BYOD) policies has revolutionized workplace flexibility, enabling employees to use personal smartphones, tablets, and laptops for professional tasks. While this shift reduces hardware costs and supports hybrid work models, it introduces complex security challenges. Cybercriminals increasingly target personal devices as gateways to corporate networks, exploiting vulnerabilities in fragmented…
-
35 countries use Chinese networks for transporting mobile user traffic, posing cyber risks
An analysis from iVerify found U.S. allies on the list where mobile providers employ China-based networks. First seen on cyberscoop.com Jump to article: cyberscoop.com/35-countries-use-chinese-networks-for-transporting-mobile-user-traffic-posing-cyber-risks/
-
Network Security at the Edge for AI-ready Enterprise
by
in SecurityNewsThe widespread use of AI, particularly generative AI, in modern businesses creates new network security risks for complex enterprise workloads across various locations. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/network-security-at-the-edge-for-ai-ready-enterprise/
-
Critical Erlang/OTP SSH Vulnerability (CVSS 10.0) Allows Unauthenticated Code Execution
by
in SecurityNewsA critical security vulnerability has been disclosed in the Erlang/Open Telecom Platform (OTP) SSH implementation that could permit an attacker to execute arbitrary code sans any authentication under certain conditions.The vulnerability, tracked as CVE-2025-32433, has been given the maximum CVSS score of 10.0.”The vulnerability allows an attacker with network access to an Erlang/OTP SSH First…
-
Agent Tesla Malware Uses Multi-Stage Attacks with PowerShell Scripts
by
in SecurityNewsResearchers from Palo Alto Networks have uncovered a series of malicious spam campaigns leveraging the notorious Agent Tesla malware through intricate, multi-stage infection vectors. The attack begins innocuously enough with the receipt of a socially engineered email, often crafted to appear legitimate and relevant to the recipient. These emails carry an archive attachment, which typically…
-
Network Edge Devices the Biggest Entry Point for Attacks on SMBs
by
in SecurityNewsSophos found that compromise of network edge devices, such as VPN appliances, accounted for 30% of incidents impacted SMBs in 2024 First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/network-edge-devices-entry-smb/
-
NetFlow and PCAP Logs Reveal Multi-Stage Attacks In Corporate Networks
In the modern enterprise, network security teams face the daunting challenge of detecting and responding to multi-stage attacks that unfold over days or even weeks. Two of the most powerful tools in this battle are NetFlow and PCAP. NetFlow, often described as a metadata sentinel, provides a high-level summary of network traffic flows by recording…
-
Update these two servers from Gladinet immediately, CISOs told
by
in SecurityNews
Tags: access, attack, ciso, cloud, control, credentials, data, defense, email, network, programming, risk, skills, update, vulnerabilityC:\Program Files (x86)\Gladinet Cloud Enterprise\root\web.config, although it has also been seen in this path as well: C:\Program Files (x86)\Gladinet Cloud Enterprise\portal\web.config. Similarly, Triofox web.config files could be in two locations: C:\Program Files (x86)\Triofox\root\web.config and C:\Program Files (x86)\Triofox\portal\web.config.The weakness can be leveraged to abuse the ASPX ViewState, a mechanism used to preserve the state of a…
-
Report: Network malware surged 94% in Q4 2024
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/report-network-malware-surged-94-in-q4-2024
-
China-Linked Hackers Lay Brickstorm Backdoors on Euro Networks
by
in SecurityNewsResearchers discovered new variants of the malware, which is tied to a China-nexus threat group, targeting Windows environments of critical infrastructure networks in Europe. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/china-linked-hackers-brickstorm-backdoors-european-networks
-
Windows NTLM Vulnerability (CVE-2025-24054) Actively Exploit in the Wild to Hack Systems
by
in SecurityNewsA critical vulnerability in Microsoft Windows, identified as CVE-2025-24054, has been actively exploited in the wild since March 19, 2025, targets organizations worldwide. The flaw, which enables NTLM hash disclosure through spoofing, allows attackers to harvest sensitive user credentials with minimal interaction, potentially leading to privilege escalation and full network compromise. Despite Microsoft releasing a…
-
Latest Mustang Panda Arsenal: PAKLOG, CorKLOG, and SplatCloak – P2
by
in SecurityNewsThis is Part 2 of our two-part technical analysis on Mustang Panda’s new tools. For details on ToneShell and StarProxy, go to Part 1.IntroductionIn addition to the new ToneShell variants and StarProxy, Zscaler ThreatLabz discovered two new keyloggers used by Mustang Panda that we have named PAKLOG and CorKLOG as well as an EDR evasion…
-
Latest Mustang Panda Arsenal: ToneShell and StarProxy – P1
by
in SecurityNewsIntroductionThe Zscaler ThreatLabz team discovered new activity associated with Mustang Panda, originating from two machines from a targeted organization in Myanmar. This research led to the discovery of new ToneShell variants and several previously undocumented tools. Mustang Panda, a China-sponsored espionage group, traditionally targets government-related entities, military entities, minority groups, and non-governmental organizations (NGOs) primarily…
-
Oracle April 2025 Critical Patch Update Addresses 171 CVEs
by
in SecurityNewsOracle addresses 171 CVEs in its second quarterly update of 2025 with 378 patches, including 40 critical updates. Background On April 15, Oracle released its Critical Patch Update (CPU) for April 2025, the second quarterly update of the year. This CPU contains fixes for 171 unique CVEs in 378 security updates across 32 Oracle product…
-
From Third-Party Vendors to U.S. Tariffs: The New Cyber Risks Facing Supply Chains
by
in SecurityNews
Tags: cloud, cyber, cybercrime, exploit, network, risk, service, supply-chain, threat, vulnerabilityIntroductionCyber threats targeting supply chains have become a growing concern for businesses across industries. As companies continue to expand their reliance on third-party vendors, cloud-based services, and global logistics networks, cybercriminals are exploiting vulnerabilities within these interconnected systems to launch attacks. By first infiltrating a third-party vendor with undetected First seen on thehackernews.com Jump to…
-
Zeek Deployments Rise Across SOCs For Enhanced Network Visibility
by
in SecurityNewsZeek, formerly known as Bro, has established itself as a leading open-source network security monitoring platform. As organizations face increasingly complex cyber threats in 2025, Zeek’s capabilities have evolved to provide deeper visibility, advanced analytics, and seamless integration with modern security operations. This article explores the latest developments in Zeek, its key use cases and…
-
Authorities Shut Down Four Encrypted Platforms Used by Cybercriminals
by
in SecurityNewsLaw enforcement authorities across Europe and Türkiye have dealt a major blow to four criminal networks alleged to be at the heart of drug trafficking and money laundering across the continent. The operation, supported by Europol and codenamed Operation BULUT, culminated in coordinated raids that resulted in the arrest of 232 suspects, including some of…
-
The most dangerous time for enterprise security? One month after an acquisition
by
in SecurityNewsFear of upgrading or purchasing any new security tech. Managers are hesitant to invest because they don’t know what the new parent company will decide, and they don’t want to waste money.Talented security people leave, along with the best people in every business unit. They are worried about being laid off, so they take whatever…
-
New ResolverRAT malware targets healthcare and pharma orgs worldwide
by
in SecurityNews
Tags: authentication, control, data, encryption, group, healthcare, infrastructure, malware, monitoring, network, organized, rat, strategy, threat, toolPersistence and stealthy C2 communication: The new RAT employs multiple persistence strategies, including more than 20 obfuscated registry entries and files dropped in multiple folders on disk. The malware keeps a record of which persistence techniques were successful to use them as a fallback mechanism.Communication with the command-and-control (C2) server uses TLS encryption with a…
-
The Salt Typhoon Telecom Breach: When Network Access Becomes National Exposure
by
in SecurityNewsThe recent Salt Typhoon breach targeting telecom infrastructure isn’t just another headline”, it’s a warning shot to every service provider that uptime and connectivity aren’t enough. This sophisticated campaign, attributed to Chinese state-sponsored actors, illustrates how telecom networks are now being leveraged not just for disruption but for surveillance, espionage, and long-term data access. What…
-
European Companies Infected With New Chinese-Nexus Backdoor
Threat Actors Deploy Obfuscation Tactics to Targets Windows Machines. Likely Chinese nation-state hackers are targeting European companies using previously unseen malware backdoor variants with advanced network tunneling and evasion capabilities for data theft. Brussels-based security firm Nviso links the campaign to a threat actor tracked as UNC5221. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/european-companies-infected-new-chinese-nexus-backdoor-a-28009
-
NSFOCUS WAF New UI Showcase: Brand New Policy and Template Management Workflow
Three-Tier Protection Rules “¢ Basic Protection: Pre-configured, general and popular security rules for out-of-box deployment.”¢ Optional/Advanced Protection: Advanced rules, customized for specific Web/API applications for optimum protection. Basic Protection HTTP Protocol Verification Server Plug-in Crawler Web General Illegal Upload Information Disclosure Semantic Engine Scan Protection Optional Protection HTTP Access Control Sensitive Information Filter Smart Engine…The…
-
Crypto Developers Targeted by Python Malware Disguised as Coding Challenges
by
in SecurityNewsThe North Korea-linked threat actor assessed to be behind the massive Bybit hack in February 2025 has been linked to a malicious campaign that targets developers to deliver new stealer malware under the guise of a coding assignment.The activity has been attributed by Palo Alto Networks Unit 42 to a hacking group it tracks as…
-
OT-Security: Warum der Blick auf Open Source lohnt
by
in SecurityNews
Tags: ai, compliance, control, data, detection, edr, endpoint, Hardware, incident, incident response, intelligence, iot, microsoft, ml, monitoring, network, open-source, PCI, technology, threat, tool, vulnerability, vulnerability-managementAuch im OT-Security-Bereich stellen Open-Source-Lösungen eine kostengünstige Alternative zu kommerziellen Tools dar. Die zunehmende Digitalisierung und Vernetzung in der industriellen Produktion haben OT-Security (Operational Technology-Sicherheit) zu einem Kernthema in Unternehmen gemacht. Produktionsdaten, SCADA-Systeme (Supervisory Control and Data Acquisition) und vernetzte Maschinen sind in vielen Branchen essenziell und äußerst anfällig für Cyberangriffe. Ein Zwischenfall kann…
-
Chinese APTs Exploit EDR ‘Visibility Gap’ for Cyber Espionage
by
in SecurityNewsBlind spots in network visibility, including in firewalls, IoT devices, and the cloud, are being exploited by Chinese state-backed threat actors with increasing success, according to new threat intelligence. Here’s how experts say you can get eyes on it all. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/chinese-apt-exploit-edr-visibility-gap-cyber-espionage