Tag: advisory
-
HPE StoreOnce Faces Critical CVE-2025-37093 Vulnerability, Urges Immediate Patch Upgrade
Hewlett Packard Enterprise (HPE) has issued a new security advisory addressing eight newly discovered vulnerabilities in its StoreOnce data backup and deduplication platform. Among these, the most severe is an authentication bypass vulnerability tracked as CVE-2025-37093, which carries a near-maximum CVSS score of 9.8, indicating a critical risk to affected systems. First seen on thecyberexpress.com…
-
6 ways CISOs can leverage data and AI to better secure the enterprise
Tags: advisory, ai, antivirus, attack, automation, breach, business, ciso, cloud, compliance, computer, corporate, cyber, cyberattack, cybersecurity, data, detection, firewall, framework, governance, guide, infrastructure, LLM, login, ml, network, programming, risk, risk-analysis, service, siem, soc, software, technology, threat, tool, trainingEmphasize the ‘learning’ part of ML: To be truly effective, models need to be retrained with new data to keep up with changing threat vectors and shifting cyber criminal behavior.”Machine learning models get smarter with your help,” Riboldi says. “Make sure to have feedback loops. Letting analysts label events and adjust settings constantly improves their…
-
One hacker, many names: Industry collaboration aims to fix cyber threat label chaos
Tags: advisory, attack, blizzard, china, corporate, country, crowdstrike, cyber, cybersecurity, group, guide, hacker, india, intelligence, international, microsoft, risk, russia, threatBuilding a translation guide, not a standard: The collaboration is analyst-driven, focusing on harmonizing known adversary profiles through direct cooperation between the companies’ threat research teams. Already, the effort has led to alignment on more than 80 threat actors, confirming connections that had previously been uncertain.The companies describe their effort as creating a “Rosetta Stone”…
-
Splunk Universal Forwarder for Windows Flaw Grants Non-Admin Users Full Content Access
A critical security advisory (SVD-2025-0602) has been issued for Splunk Universal Forwarder for Windows, addressing a high-severity vulnerability (CVE-2025-20298) that exposes Windows systems to potential privilege escalation. The flaw, rated 8.0 (High) on the CVSSv3.1 scale (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H), affects Universal Forwarder installations and upgrades below versions 9.4.2, 9.3.4, 9.2.6, and 9.1.9. The vulnerability arises from incorrect…
-
Multiple High-Risk Vulnerabilities in Microsoft Products
According to the latest advisory by Cert-In, 78 vulnerabilities have been discovered across a broad range of Microsoft products, including Windows, Azure, MS Office, Developer Tools, Microsoft Apps, System Center, Dynamics, and even legacy products receiving Extended Security Updates (ESU). These flaws pose serious security threats, as they can be exploited by attackers to gain……
-
Frequently Asked Questions About BadSuccessor
Frequently asked questions about “BadSuccessor,” a zero-day privilege escalation vulnerability in Active Directory domains with at least one Windows Server 2025 domain controller. Background Tenable’s Research Special Operations (RSO) and the Identity Content team has compiled this blog to answer Frequently Asked Questions (FAQ) regarding a newly disclosed zero-day in Active Directory called BadSuccessor. FAQ…
-
Realtek Bluetooth Driver Flaw Allows Attackers to Delete Any File on Windows Systems
A high-severity security vulnerability has been identified in the Realtek Bluetooth Host Controller Interface (HCI) Adaptor, raising significant concerns for device manufacturers and end-users. The flaw, tracked as CVE-2024-11857, was disclosed on June 2, 2025, and published in both the National Vulnerability Database (NVD) and the GitHub Advisory Database within hours of its discovery. This…
-
MICI NetFax Server Flaws Allow Attackers to Execute Remote Code
Tags: access, advisory, attack, credentials, cve, cyber, data-breach, flaw, network, risk, vulnerabilityIn a recent security advisory, Rapid7 has disclosed three severe vulnerabilities in MICI Network Co., Ltd’s NetFax Server, affecting all versions before 3.0.1.0. These flaws”, CVE-2025-48045, CVE-2025-48046, and CVE-2025-48047″, allow attackers to gain root-level access through a chain of authenticated attacks, with default credentials and sensitive information exposed in cleartext. Despite the risks, the vendor…
-
ConnectWise ScreenConnect Targeted by Nation-State Actor
Tags: advisoryConnectWise, a prominent provider of IT management solutions, has issued a brief but concerning security advisory disclosing a First seen on securityonline.info Jump to article: securityonline.info/connectwise-screenconnect-targeted-by-nation-state-actor/
-
Critical Dell PowerStore T Vulnerability Allows Full System Compromise
As part of its ongoing commitment to product security, Dell Technologies has released a significant update for the PowerStore T family, remediating a series of vulnerabilities that could be exploited by malicious actors to compromise affected systems. The update, detailed in advisory DSA-2025-223, is rated as high impact and urges immediate attention from all PowerStore…
-
NSFOCUS Recognized by Forrester in The Network Analysis and Visibility (NAV) Solution Landscape
Santa Clara, Calif. May 28, 2025 Recently, global research and advisory firm Forrester released The Network Analysis and Visibility (NAV) Solutions Landscape, Q2 2025, offering a comprehensive analysis of market dynamics, technology trends, and product capabilities. NSFOCUS has once again [1] been included in this report. Forrester’s reports on specific technical fields are highly recognized worldwide….The…
-
Salt Typhoon Believed to Be Behind Commvault Data Breach
Tags: advisory, backup, breach, china, cisa, cloud, credentials, data, data-breach, group, hacking, infrastructure, microsoft, threat, vulnerabilityCISA Advisory Says Threat Actors Stole App Secrets in Azure-Hosted Backup Platform. A suspected Chinese state hacking group linked to last year’s telecom intrusions breached Commvault’s Microsoft Azure environment, exposing sensitive Microsoft 365 credentials and reigniting fears over U.S. cloud infrastructure vulnerabilities and default security settings. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/salt-typhoon-believed-to-be-behind-commvault-data-breach-a-28496
-
Governments Urge Organizations to Prioritize SIEM/SOAR Adoption
A joint advisory from the US, UK, Australia and others highlights the importance of SIEM/SOAR platforms and overcoming implementation challenges First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/governments-prioritize-siem-soar/
-
Siemens SiPass Flaw Allows Remote Attackers to Cause DoS Conditions
Siemens has released a security advisory (SSA-041082) concerning a critical out-of-bounds read vulnerability, tracked as CVE-2022-31812, affecting all SiPass integrated versions before V2.95.3.18. The flaw, if exploited, could allow unauthenticated remote attackers to trigger a denial of service (DoS) condition, potentially disrupting access control operations for organizations relying on SiPass for physical security management. The…
-
Orchestrierte Cyberangriffe sowohl auf IT- als auch auf cyberphysische Systeme
Am 21. Mai 2025 gaben der Bundesnachrichtendienst (BND), das Bundesamt für Sicherheit in der Informationstechnik (BSI) und das Bundesamt für Verfassungsschutz (BfV) gemeinsam mit internationalen Partnern wie der US-amerikanischen National Security Agency (NSA) ein Joint-Cybersecurity-Advisory über die Cyberaktivitäten der russischen GRU-Einheit 26165 heraus. Die auch als Fancy-Bear, Sofacy und Forest-Blizzard bekannte Gruppe greift aktuell vor…
-
Fortinet Zero-Day Under Attack: PoC Now Publicly Available
Tags: advisory, api, attack, cve, cyber, flaw, fortinet, remote-code-execution, vulnerability, zero-dayFortiGuard Labs released an urgent advisory detailing a critical vulnerability, CVE-2025-32756, affecting several Fortinet products, including FortiCamera, FortiMail, FortiNDR, FortiRecorder, and FortiVoice. The vulnerability is a stack-based buffer overflow located within the administrative API, specifically in the handling of session cookies. This flaw allows for unauthenticated remote code execution, making it a prime target for…
-
CISA Alerts on Threat Actors Targeting Commvault Azure App to Steal Secrets
Tags: advisory, backup, cisa, cloud, cyber, cybersecurity, data, exploit, infrastructure, microsoft, service, software, threat, vulnerability, zero-dayOn May 22, 2025, Commvault, a leading enterprise data backup provider, issued an urgent advisory regarding active cyber threat activity targeting its Metallic software-as-a-service (SaaS) application, which is hosted in the Microsoft Azure cloud environment. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) confirmed that threat actors exploited a zero-day vulnerability (CVE-2025-3928) in Commvault’s web…
-
Response to CISA Advisory (AA25-141B): Threat Actors Deploy LummaC2 Malware to Exfiltrate Sensitive Data from Organizations
AttackIQ has updated an existing assessment template in response to the CISA Advisory (AA25-141B) published on May 21, 2025, which disseminates Tactics, Techniques and Procedures (TTPs) and Indicators of Compromise (IOCs), associated with threat actors deploying the LummaC2 information stealer malware, identified through FBI investigations as recent as May 2025. First seen on securityboulevard.com Jump…
-
Russian APT28 compromised Western logistics and IT firms to track aid to Ukraine
Tags: access, advisory, api, authentication, cctv, cloud, computer, container, credentials, cve, cybersecurity, data, detection, email, exploit, flaw, government, hacker, identity, infrastructure, Internet, login, malicious, malware, mfa, military, network, ntlm, office, open-source, password, phishing, powershell, russia, service, software, threat, tool, ukraine, vulnerabilityCredential guessing and spearphishing: The attackers used brute-force credential guessing techniques, also known as password spraying, to gain initial access to accounts. This was complemented with targeted phishing emails that directed recipients to fake login pages for government entities or Western cloud email providers. These phishing pages were stored on free web hosting services or…
-
Strata Identity VP of Product and Standards to Discuss Future of Authorization at Identiverse 2025
MEDIA ADVISORY Strata Identity VP of Product and Standards to Discuss Future of Authorization at Identiverse 2025 Gerry Gebel to join fellow AuthZEN co-chairs to discuss next-gen authorization interoperability and open standards BOULDER, Colo., May 21, 2025 Strata Identity, the Identity Orchestration company, today announced that Gerry Gebel, VP of Product and Standards, will… First…
-
Russian GRU’s APT28 Targets Global Logistics Supporting Ukraine Defense
A new Joint Cybersecurity Advisory issued in May 2025 by a coalition of cybersecurity and intelligence agencies across First seen on securityonline.info Jump to article: securityonline.info/russian-grus-apt28-targets-global-logistics-supporting-ukraine-defense/
-
CISA overturns modified cyber advisory dissemination plan
First seen on scworld.com Jump to article: www.scworld.com/brief/cisa-overturns-modified-cyber-advisory-dissemination-plan
-
“Dance of the Hillary” and the Expanding Use of Malware in Regional Cyber Conflict
A recent advisory from the Punjab Police’s cybercrime wing warns of a new wave of malware attacks potentially originating from Pakistan, with a tool known as “Dance of the Hillary” at the center of the campaign. Targeting users through phishing links and malicious attachments, this strain of malware is designed to steal sensitive data and…
-
CISA Reverses Decision on Cybersecurity Advisory Changes
CISA paused plans to overhaul its advisory system after backlash from the infosec community First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cisa-reverses-decision-advisory/
-
Cyber Defenders Save the Country of Berylia – Once Again!
CISO Joe Carson on How NATO’s Locked Shields Sharpens Defenders for the Next Attack. Each year, the tiny northern Atlantic Ocean island country of Berylia comes under a massive cyberattack. It’s all part of one of the world’s largest red team-blue team exercises called Locked Shields, which has attracted thousands of cyber professionals including Joe…