Tag: advisory
-
Frequently Asked Questions About Model Context Protocol (MCP) and Integrating with AI for Agentic Applications
The emergence of Model Context Protocol for AI is gaining significant interest due to its standardization of connecting external data sources to large language models (LLMs). While these updates are good news for AI developers, they raise some security concerns. In this blog we address FAQs about MCP. Background Tenable Research has compiled this blog…
-
Ping Identity startet neues optimiertes Partnerprogramm mit Partner Advisory Board
Als weiteres Element zur Stärkung der Partnerstrategie kündigt Ping Identity den Start eines Partner Advisory Boards an. In diesem Gremium arbeiten führende Partnerunternehmen und Ping-Vertreter gemeinsam an der strategischen Weiterentwicklung First seen on infopoint-security.de Jump to article: www.infopoint-security.de/ping-identity-startet-neues-optimiertes-partnerprogramm-mit-partner-advisory-board/a40467/
-
Dell Alerts Users to Critical PowerScale OneFS Flaws Enabling Account Takeover
Dell Technologies has issued an urgent security advisory to its users, warning of several critical vulnerabilities in its PowerScale OneFS operating system. These flaws, if exploited, could allow attackers to take over high-privileged user accounts, bypass authorization controls, and disrupt system operations. The vulnerabilities, tracked under multiple CVEs, range in severity and attack vectors. They…
-
Why Codefinger represents a new stage in the evolution of ransomware
Tags: access, advisory, attack, backup, best-practice, breach, business, cisco, cloud, computer, credentials, cybersecurity, data, defense, exploit, malicious, network, password, ransom, ransomware, risk, strategy, technology, threat, vmwareA new type of ransomware attack: The fundamentals of the Codefinger attack are the same as those in most ransomware attacks: The bad guys encrypted victims’ data and demanded payment to restore it.However, several aspects of the breach make it stand out from most other ransomware incidents:Attack vector: In traditional ransomware attacks, the attack vector…
-
BadBazaar and Moonshine malware targets Taiwanese, Tibetan and Uyghur groups, U.K. warns
In a joint advisory with Western allies, the National Cyber Security Centre sounded the alarm about variants of BADBAZAAR and MOONSHINE. First seen on cyberscoop.com Jump to article: cyberscoop.com/badbazzar-and-moonshine-malware-targets-taiwanese-tibetan-and-uyghur-groups-u-k-warns/
-
Ivanti Released Security Update With The Fixes for Critical Endpoint Manager RCE Vulnerabilities
Ivanti, a prominent enterprise software provider, has issued an urgent security advisory today addressing multiple vulnerabilities in its Endpoint Manager (EPM) products. The updates for EPM 2024 SU1 and EPM 2022 SU7 resolve six critical and medium-severity flaws that could allow attackers to gain remote access, escalate privileges, or disrupt systems. While no exploitation has…
-
Chinese ToddyCat abuses ESET antivirus bug for malicious activities
A range of affected products: The flaw affects all of ESET offerings with the command line scanner which includes an array of products used by power users, IT admins, and enterprise environments.According to the advisory, the affected antivirus versions include ESET NOD32 Antivirus, ESET Internet Security, ESET Smart Security Premium, and ESET Security Ultimate 18.0.12.0…
-
CISA and FBI Warn Fast Flux is Powering Resilient Malware, C2, and Phishing Networks
Cybersecurity agencies from Australia, Canada, New Zealand, and the United States have published a joint advisory about the risks associated with a technique called fast flux that has been adopted by threat actors to obscure a command-and-control (C2) channel.”‘Fast flux’ is a technique used to obfuscate the locations of malicious servers through rapidly changing Domain…
-
Fast Flux is the New Cyber Weapon”, And It’s Hard to Stop, Warns CISA
Tags: advisory, cisa, cyber, cybercrime, cybersecurity, detection, infrastructure, international, maliciousThe U.S. Cybersecurity and Infrastructure Security Agency (CISA), alongside the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and international cybersecurity partners, has issued an urgent advisory titled “Fast Flux: A National Security Threat.” The advisory highlights the growing use of fast flux techniques by cybercriminals and potentially nation-state actors to evade detection…
-
Fast Flux Alert: National Security Agencies Warn of Evasive Tactic
A newly released joint cybersecurity advisory from multiple national security agencies is raising alarms about a sophisticated technique that’s allowing malicious cyber actors to slip past network defenses: Fast Flux. The advisory, issued by agencies including the NSA, CISA, FBI, ASD’s ACSC, CCCS, and NCSC-NZ, warns organizations, ISPs, and cybersecurity providers about the significant threat…
-
CISA Urges Patching For ‘Critical’ Ivanti VPN Flaw Exploited In Attacks
Exploitation of a critical-severity Ivanti Connect Secure vulnerability prompted CISA to issue an advisory Friday, urging organizations to implement patches to fix the issue. First seen on crn.com Jump to article: www.crn.com/news/security/2025/cisa-urges-patching-for-critical-ivanti-vpn-flaw-exploited-in-attacks
-
Ivanti Fully Patched Connect Secure RCE Vulnerability That Actively Exploited in the Wild
April 5, 2025 Ivanti has issued an urgent security advisory for CVE-2025-22457, a critical vulnerability impacting Ivanti Connect Secure, Pulse Connect Secure, Ivanti Policy Secure, and ZTA Gateways. Rated at a CVSS score of 9.0, this stack-based buffer overflow has been actively exploited since mid-March 2025, posing a severe risk to organizations using these […]…
-
Cyber agencies urge organizations to collaborate to stop fast flux DNS attacks
How to mitigate DNS attacks: Fast flux is one of many types of DNS attack. But there are tactics organizations can use to mitigate them.In the case of fast flux, the report recommends that:defenders should use cybersecurity and PDNS services that detect and block fast flux. “By leveraging providers that detect fast flux and implement…
-
Hackers Exploit Fast Flux to Evade Detection and Obscure Malicious Servers
Tags: advisory, control, cyber, cybersecurity, detection, exploit, hacker, infrastructure, malicious, threatCybersecurity agencies worldwide have issued a joint advisory warning against the growing threat posed by >>fast flux,
-
Longtime ‘Fast Flux’ Evasion Technique Now a National Security Threat
CISA, the FBI, and NSA issued an advisory about the national security threat posed by “fast flux,” a technique used by threat actors to evade detection of their C2 infrastructures that has been around for two decades but has seen a resurgence in use by ransomware gangs and nation-state bad actors. First seen on securityboulevard.com…
-
Cyber Agencies Warn of Fast Flux Threat Bypassing Network Defenses
A joint cybersecurity advisory warns organizations globally about the defense gap in detecting and blocking fast flux techniques, which are exploited for malicious activities First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cyber-agencies-warn-of-fast-flux/
-
Firefox 137 Launches with Patches for High-Severity Security Flaws
Mozilla has officially launched Firefox 137 with crucial security fixes aimed at addressing several high-severity vulnerabilities reported by security researchers. As part of its April 1, 2025, Mozilla Foundation Security Advisory (MFSA 2025-20), the foundation detailed three significant Common Vulnerabilities and Exposures (CVEs), which could have permitted attackers to exploit users’ machines through various means,…
-
Apple Issues Warning on Three 0-Day Vulnerabilities Under Active Exploitation
Apple has issued an urgent security advisory concerning three critical zero-day vulnerabilities CVE-2025-24200, CVE-2025-24201, and CVE-2025-24085 which are being actively exploited in the wild. These vulnerabilities affect a wide range of Apple devices, including iPhones, iPads, Macs, Apple Watches, and even the Apple Vision Pro. Users are strongly urged to update their devices immediately to address these…
-
CISA Warns of Cisco Smart Licensing Utility Credential Flaw Exploited in Attacks
Tags: advisory, attack, cisa, cisco, credentials, cve, cyber, cybersecurity, exploit, flaw, infrastructure, software, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has issued a security advisory warning organizations about a critical vulnerability in Cisco’s Smart Licensing Utility (SLU) software that has reportedly been exploited in cyberattacks. The vulnerability, assigned CVE-2024-20439, stems from a static credential issue that could leave affected systems open to remote exploitation with potentially devastating consequences.…
-
VMware plugs a high-risk vulnerability affecting its Windows-based virtualization
Patching is the only workaround: Broadcom advisory noted that the flaw does not have any workarounds and customers must apply patches rolled out on Tuesday to defend against exploitation.Affected products include all 11.x and 12.x versions of VMware tools for Windows, and are patched in the 12.5.1[1] rollout. VMware tools for Linux and macOS remain…
-
CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, CVE-2025-24513, CVE-2025-24514: Frequently Asked Questions About IngressNightmare
Tags: access, advisory, attack, cve, cvss, exploit, flaw, hacker, injection, kubernetes, mitigation, network, open-source, vulnerability, zero-dayFrequently asked questions about five vulnerabilities in the Ingress NGINX Controller for Kubernetes, collectively known as IngressNightmare. Background The Tenable Security Response Team (SRT) has compiled this blog to answer Frequently Asked Questions (FAQ) regarding IngressNightmare. FAQ What is IngressNightmare? IngressNightmare is the name given to a series of vulnerabilities in the Ingress NGINX Controller…
-
Trump shifts cyberattack readiness to state and local governments in wake of info-sharing cuts
Tags: advisory, cio, cisa, ciso, communications, cyber, cyberattack, cybersecurity, election, government, group, infrastructure, intelligence, Internet, metric, office, resilience, risk, russia, strategy, technology, threatCreating a national resilience strategy The EO requires the assistant to the President for national security affairs (APNSA), in coordination with the assistant to the President for economic policy and the heads of relevant executive departments and agencies, to publish within 90 days (by June 17) a National Resilience Strategy that articulates the priorities, means,…
-
CISA marks NAKIVO’s critical backup vulnerability as actively exploited
Tags: access, advisory, backup, cisa, ciso, cloud, cybersecurity, exploit, kev, mitigation, network, service, update, vulnerabilityCISOs advised to push for immediate patching: CISA has advised immediate federal and civilian patching of the flaw. For the Federal Civilian Executive Branch (FCEB) agencies, the US cybersecurity watchdog has stipulated a patching deadline of April 19, 2025, in accordance with the BOD 22-01 directive.”Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance…
-
VanHelsing Ransomware Targets Windows Systems with New Evasion Tactics and File Extension
Tags: advisory, breach, cyber, cybersecurity, data, encryption, extortion, leak, ransomware, tactics, windowsThe cybersecurity landscape has been recently disrupted by the emergence of the VanHelsing ransomware, a sophisticated strain identified by the CYFIRMA Research and Advisory Team. This ransomware targets Windows systems, employing advanced encryption techniques and appending a unique >>.vanhelsing
-
Breaking Down Risks in Cybersecurity
Cyber Crime Junkies podcast Breaking Down Risks in Cybersecurity A great conversation on the Cyber Crime Junkies podcast with David Mauro! We covered so many different topics that the CISOs are struggling with: Generative vs Agentic AI risks and opportunities How cyber attackers leverage powerful tools like…
-
Critical vulnerability in AMI MegaRAC BMC allows server’ takeover
Tags: access, advisory, api, apt, attack, authentication, control, credentials, cve, cyberespionage, cybersecurity, data, data-breach, endpoint, exploit, firewall, firmware, flaw, group, infrastructure, Internet, linux, malicious, malware, network, ransomware, supply-chain, technology, training, update, vulnerabilityth vulnerability that Eclypsium researchers found in MegaRAC, the BMC firmware implementation from UEFI/BIOS vendor American Megatrends (AMI). BMCs are microcontrollers present on server motherboards that have their own firmware, dedicated memory, power, and network ports and are used for out-of-band management of servers when their main operating systems are shut down.Administrators can access BMCs…
-
Medusa Ransomware Warning: CISA and FBI Issue Urgent Advisory
CISA and the FBI warn about Medusa ransomware, urging organizations to update security, enable MFA, and report incidents to mitigate the growing threat. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/trends/medusa-ransomware-cisa-fbi-advisory/
-
AI Module Security Flaws in Drupal: MyCERT Urges Immediate Patching
The Malaysia Computer Emergency Response Team (MyCERT) has reported several Drupal vulnerabilities within its AI module, specifically affecting versions prior to 1.0.5. This issue, outlined in a MyCERT advisory (MA-1292.032025), has raised cybersecurity concerns regarding potential remote code execution risks and the overall security of Drupal-powered websites. MyCERT has recommended that all users and administrators of Drupal promptly…
-
Imperva Protects Against the Apache Camel Vulnerabilities
Introduction: Understanding the Apache Camel Flaw On March 9, 2025, Apache released a security advisory for CVE-2025-27636, a vulnerability in the Apache Camel framework that allows attackers to bypass header filtering via miscased headers. Although rated as moderate, this vulnerability specifically affects configurations that use HTTP server components (such as camel-servlet, camel-jetty, camel-undertow, camel-platform-http, or……