Tag: advisory

MICI NetFax Server Flaws Allow Attackers to Execute Remote Code

May 30, 2025 2:55 PM

Tags: access, advisory, attack, credentials, cve, cyber, data-breach, flaw, network, risk, vulnerability

In a recent security advisory, Rapid7 has disclosed three severe vulnerabilities in MICI Network Co., Ltd’s NetFax Server, affecting all versions before 3.0.1.0. These flaws”, CVE-2025-48045, CVE-2025-48046, and CVE-2025-48047″, allow attackers to gain root-level access through a chain of authenticated attacks, with default credentials and sensitive information exposed in cleartext. Despite the risks, the vendor…
ConnectWise ScreenConnect Targeted by Nation-State Actor

May 30, 2025 5:55 AM

Tags: advisory

ConnectWise, a prominent provider of IT management solutions, has issued a brief but concerning security advisory disclosing a First seen on securityonline.info Jump to article: securityonline.info/connectwise-screenconnect-targeted-by-nation-state-actor/
Critical Dell PowerStore T Vulnerability Allows Full System Compromise

May 29, 2025 12:55 PM

Tags: advisory, cyber, exploit, malicious, update, vulnerability

As part of its ongoing commitment to product security, Dell Technologies has released a significant update for the PowerStore T family, remediating a series of vulnerabilities that could be exploited by malicious actors to compromise affected systems. The update, detailed in advisory DSA-2025-223, is rated as high impact and urges immediate attention from all PowerStore…
NSFOCUS Recognized by Forrester in The Network Analysis and Visibility (NAV) Solution Landscape

May 28, 2025 2:55 PM

Tags: advisory, cyber, network, technology

Santa Clara, Calif. May 28, 2025 Recently, global research and advisory firm Forrester released The Network Analysis and Visibility (NAV) Solutions Landscape, Q2 2025, offering a comprehensive analysis of market dynamics, technology trends, and product capabilities. NSFOCUS has once again [1] been included in this report. Forrester’s reports on specific technical fields are highly recognized worldwide….The…
Salt Typhoon Believed to Be Behind Commvault Data Breach

May 28, 2025 12:55 AM

Tags: advisory, backup, breach, china, cisa, cloud, credentials, data, data-breach, group, hacking, infrastructure, microsoft, threat, vulnerability

CISA Advisory Says Threat Actors Stole App Secrets in Azure-Hosted Backup Platform. A suspected Chinese state hacking group linked to last year’s telecom intrusions breached Commvault’s Microsoft Azure environment, exposing sensitive Microsoft 365 credentials and reigniting fears over U.S. cloud infrastructure vulnerabilities and default security settings. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/salt-typhoon-believed-to-be-behind-commvault-data-breach-a-28496
Governments Urge Organizations to Prioritize SIEM/SOAR Adoption

May 27, 2025 12:54 PM

Tags: advisory, government

A joint advisory from the US, UK, Australia and others highlights the importance of SIEM/SOAR platforms and overcoming implementation challenges First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/governments-prioritize-siem-soar/
Siemens SiPass Flaw Allows Remote Attackers to Cause DoS Conditions

May 27, 2025 10:54 AM

Tags: access, advisory, control, cve, cyber, dos, exploit, flaw, service, vulnerability

Siemens has released a security advisory (SSA-041082) concerning a critical out-of-bounds read vulnerability, tracked as CVE-2022-31812, affecting all SiPass integrated versions before V2.95.3.18. The flaw, if exploited, could allow unauthenticated remote attackers to trigger a denial of service (DoS) condition, potentially disrupting access control operations for organizations relying on SiPass for physical security management. The…
Orchestrierte Cyberangriffe sowohl auf IT- als auch auf cyberphysische Systeme

May 25, 2025 7:55 PM

Tags: advisory, blizzard, cyberattack, cybersecurity, verfassungsschutz

Am 21. Mai 2025 gaben der Bundesnachrichtendienst (BND), das Bundesamt für Sicherheit in der Informationstechnik (BSI) und das Bundesamt für Verfassungsschutz (BfV) gemeinsam mit internationalen Partnern wie der US-amerikanischen National Security Agency (NSA) ein Joint-Cybersecurity-Advisory über die Cyberaktivitäten der russischen GRU-Einheit 26165 heraus. Die auch als Fancy-Bear, Sofacy und Forest-Blizzard bekannte Gruppe greift aktuell vor…
Cybersecurity Snapshot: AI Data Security Best Practices Released, While New Framework Seeks To Help IT Pros Gain Cyber Skills

May 23, 2025 11:55 PM

Tags: access, advisory, ai, api, attack, authentication, awareness, best-practice, breach, cctv, cisa, cloud, computer, control, credentials, crypto, cyber, cybercrime, cybersecurity, data, detection, email, espionage, exploit, finance, framework, germany, group, Hardware, infrastructure, injection, intelligence, iot, kev, law, linux, malware, metric, mfa, military, mitigation, network, nist, open-source, organized, passkey, password, phishing, risk, russia, skills, software, sql, tactics, technology, tool, training, ukraine, unauthorized, update, vpn, vulnerability, wifi, zero-trust

Check out expert recommendations for protecting your AI system data. Plus, boost your IT department’s cybersecurity skills with a new interactive framework. In addition, learn about a malware campaign targeting critical infrastructure orgs. And get the latest on Russian cyber espionage and on a NIST effort to enhance vulnerability prioritization. Dive into five things that…
Fortinet Zero-Day Under Attack: PoC Now Publicly Available

May 23, 2025 9:55 AM

Tags: advisory, api, attack, cve, cyber, flaw, fortinet, remote-code-execution, vulnerability, zero-day

FortiGuard Labs released an urgent advisory detailing a critical vulnerability, CVE-2025-32756, affecting several Fortinet products, including FortiCamera, FortiMail, FortiNDR, FortiRecorder, and FortiVoice. The vulnerability is a stack-based buffer overflow located within the administrative API, specifically in the handling of session cookies. This flaw allows for unauthenticated remote code execution, making it a prime target for…
CISA Alerts on Threat Actors Targeting Commvault Azure App to Steal Secrets

May 23, 2025 8:55 AM

Tags: advisory, backup, cisa, cloud, cyber, cybersecurity, data, exploit, infrastructure, microsoft, service, software, threat, vulnerability, zero-day

On May 22, 2025, Commvault, a leading enterprise data backup provider, issued an urgent advisory regarding active cyber threat activity targeting its Metallic software-as-a-service (SaaS) application, which is hosted in the Microsoft Azure cloud environment. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) confirmed that threat actors exploited a zero-day vulnerability (CVE-2025-3928) in Commvault’s web…
Response to CISA Advisory (AA25-141B): Threat Actors Deploy LummaC2 Malware to Exfiltrate Sensitive Data from Organizations

May 23, 2025 6:54 AM

Tags: advisory, cisa, data, malware, tactics, threat

AttackIQ has updated an existing assessment template in response to the CISA Advisory (AA25-141B) published on May 21, 2025, which disseminates Tactics, Techniques and Procedures (TTPs) and Indicators of Compromise (IOCs), associated with threat actors deploying the LummaC2 information stealer malware, identified through FBI investigations as recent as May 2025. First seen on securityboulevard.com Jump…
Russian APT28 compromised Western logistics and IT firms to track aid to Ukraine

May 23, 2025 5:54 AM

Tags: access, advisory, api, authentication, cctv, cloud, computer, container, credentials, cve, cybersecurity, data, detection, email, exploit, flaw, government, hacker, identity, infrastructure, Internet, login, malicious, malware, mfa, military, network, ntlm, office, open-source, password, phishing, powershell, russia, service, software, threat, tool, ukraine, vulnerability

Credential guessing and spearphishing: The attackers used brute-force credential guessing techniques, also known as password spraying, to gain initial access to accounts. This was complemented with targeted phishing emails that directed recipients to fake login pages for government entities or Western cloud email providers. These phishing pages were stored on free web hosting services or…
Strata Identity VP of Product and Standards to Discuss Future of Authorization at Identiverse 2025

May 21, 2025 7:54 PM

Tags: advisory, identity

MEDIA ADVISORY Strata Identity VP of Product and Standards to Discuss Future of Authorization at Identiverse 2025 Gerry Gebel to join fellow AuthZEN co-chairs to discuss next-gen authorization interoperability and open standards BOULDER, Colo., May 21, 2025 Strata Identity, the Identity Orchestration company, today announced that Gerry Gebel, VP of Product and Standards, will… First…
Russian GRU’s APT28 Targets Global Logistics Supporting Ukraine Defense

May 21, 2025 4:54 PM

Tags: advisory, cybersecurity, defense, intelligence, russia, ukraine

A new Joint Cybersecurity Advisory issued in May 2025 by a coalition of cybersecurity and intelligence agencies across First seen on securityonline.info Jump to article: securityonline.info/russian-grus-apt28-targets-global-logistics-supporting-ukraine-defense/
Critical Vulnerability in VMware Cloud Foundation Exposes Sensitive Data to Attackers

May 20, 2025 3:54 PM

Tags: access, advisory, cloud, cvss, cyber, data, flaw, unauthorized, vmware, vulnerability

Broadcom’s VMware division has disclosed three significant security vulnerabilities in its Cloud Foundation platform that could allow attackers to gain unauthorized access to sensitive information and internal services. The advisory, published today (May 20, 2025), details vulnerabilities with CVSS scores ranging from 7.3 to 8.2, all rated as >>Important
Critical VMware Cloud Foundation Vulnerability Exposes Sensitive Data

May 20, 2025 2:54 PM

Tags: access, advisory, cloud, cvss, cyber, data, flaw, unauthorized, vmware, vulnerability

Broadcom’s VMware division has disclosed three significant security vulnerabilities in its Cloud Foundation platform that could allow attackers to gain unauthorized access to sensitive information and internal services. The advisory, published today (May 20, 2025), details vulnerabilities with CVSS scores ranging from 7.3 to 8.2, all rated as >>Important
SonicWall SMA1000 Vulnerability Allow Attackers to Exploit Encoded URLs To Remotely Gain Internal Systems Access

May 16, 2025 11:54 AM

Tags: access, advisory, cve, cvss, cyber, exploit, flaw, network, unauthorized, vulnerability

SonicWall has issued a critical security advisory (SNWLID-2025-0010) for its SMA1000 Appliance Work Place interface, revealing a high-severity Server-Side Request Forgery (SSRF) vulnerability. The flaw, identified as CVE-2025-40595 with a CVSS v3 score of 7.2, enables unauthenticated attackers to exploit encoded URLs to send unauthorized requests to unintended destinations, potentially compromising internal networks and sensitive…
CISA overturns modified cyber advisory dissemination plan

May 15, 2025 10:54 PM

Tags: advisory, cisa, cyber

First seen on scworld.com Jump to article: www.scworld.com/brief/cisa-overturns-modified-cyber-advisory-dissemination-plan
“Dance of the Hillary” and the Expanding Use of Malware in Regional Cyber Conflict

May 14, 2025 5:39 PM

Tags: advisory, attack, cyber, cybercrime, data, malicious, malware, phishing, tool

A recent advisory from the Punjab Police’s cybercrime wing warns of a new wave of malware attacks potentially originating from Pakistan, with a tool known as “Dance of the Hillary” at the center of the campaign. Targeting users through phishing links and malicious attachments, this strain of malware is designed to steal sensitive data and…
CISA Reverses Decision on Cybersecurity Advisory Changes

May 14, 2025 4:38 PM

Tags: advisory, cisa, cybersecurity, infosec

CISA paused plans to overhaul its advisory system after backlash from the infosec community First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cisa-reverses-decision-advisory/
Cyber Defenders Save the Country of Berylia – Once Again!

May 14, 2025 3:38 PM

Tags: advisory, blueteam, ciso, country, cyber, RedTeam

CISO Joe Carson on How NATO’s Locked Shields Sharpens Defenders for the Next Attack. Each year, the tiny northern Atlantic Ocean island country of Berylia comes under a massive cyberattack. It’s all part of one of the world’s largest red team-blue team exercises called Locked Shields, which has attracted thousands of cyber professionals including Joe…
Microsoft Alerts on AD CS Flaw Enabling Remote DenialService Attacks

May 14, 2025 12:38 PM

Tags: advisory, attack, cve, cvss, cyber, flaw, microsoft, service, vulnerability

Microsoft has issued a security advisory for a newly identified vulnerability in Active Directory Certificate Services (AD CS), tracked as CVE-2025-29968, which could allow authenticated attackers to disrupt critical certificate management operations over a network. Rated Important with a CVSS v3.1 score of 6.5, the flaw stems from improper input validation (CWE-20) and enables denial-of-service…
CVE-2025-4427, CVE-2025-4428: Ivanti Endpoint Manager Mobile (EPMM) Remote Code Execution

May 14, 2025 5:41 AM

Tags: access, advisory, api, attack, authentication, cve, endpoint, exploit, flaw, ivanti, mobile, open-source, programming, rce, remote-code-execution, software, vulnerability, waf, zero-day

Remote code execution vulnerability in a popular mobile device management solution from Ivanti has been exploited in the wild in limited attacks Background On May 13, Ivanti released a security advisory to address a high severity remote code execution (RCE) and a medium severity authentication bypass vulnerability in its Endpoint Manager Mobile (EPMM) product, a…
CISA shifts advisory dissemination to social media, email

May 13, 2025 10:38 PM

Tags: advisory, cisa, email

First seen on scworld.com Jump to article: www.scworld.com/brief/cisa-shifts-advisory-dissemination-to-social-media-email
New VMware Tools Vulnerability Allows Attackers to Tamper with Virtual Machines, Broadcom Issues Urgent Patch

May 13, 2025 3:38 PM

Tags: access, advisory, exploit, flaw, tool, update, vmware, vulnerability

A newly disclosed VMware Tools vulnerability could enable attackers with limited access to compromise virtual machines (VMs). Broadcom, which owns VMware, issued a security advisory warning that the flaw could be exploited to perform insecure file operations within affected VMs. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/vmware-tools-vulnerability-cve-2025-22247/
CISA Flags Hidden Functionality Flaw in TeleMessage TM SGNL on KEV List

May 13, 2025 12:38 PM

Tags: advisory, cisa, cyber, cybersecurity, exploit, flaw, infrastructure, kev, vulnerability

Cybersecurity and Infrastructure Security Agency (CISA) has escalated its advisory for TeleMessage TM SGNL, adding a critical hidden functionality vulnerability (CVE-2025-47729) to its Known Exploited Vulnerabilities (KEV) catalog. This flaw exposes cleartext copies of user messages within the platform’s archiving backend, raising significant concerns for organizations relying on secure communication systems. The disclosure aligns with…
Deepfake attacks are inevitable. CISOs can’t prepare soon enough.

May 13, 2025 9:10 AM

Tags: advisory, ai, attack, authentication, awareness, blockchain, business, ciso, compliance, control, cybersecurity, data, deep-fake, defense, detection, espionage, finance, fraud, governance, grc, identity, incident response, jobs, law, mfa, north-korea, password, privacy, resilience, risk, scam, software, strategy, tactics, technology, threat, tool, training, update

Real-world fabrications: Even security vendors have been victimized. Last year, the governance risk and compliance (GRC) lead at cybersecurity company Exabeam was hiring for an analyst, and human resources (HR) qualified a candidate that looked very good on paper with a few minor concerns, says Kevin Kirkwood, CISO.”There were gaps in how the education represented…
Mitel SIP Phone Flaws Allow Attackers to Inject Malicious Commands

May 12, 2025 10:10 AM

Tags: advisory, conference, cyber, flaw, injection, malicious, phone, risk, vulnerability

A pair of vulnerabilities in Mitel’s 6800 Series, 6900 Series, and 6900w Series SIP Phones-including the 6970 Conference Unit-could enable attackers to execute arbitrary commands or upload malicious files to compromised devices, posing significant risks to enterprise communication systems. The flaws, disclosed in Mitel’s Product Security Advisory MISA-2025-0004, include a critical-severity command injection bug (CVE-2025-47188)…
The rise of vCISO as a viable cybersecurity career path

May 12, 2025 9:10 AM

Tags: advisory, business, ceo, cio, ciso, compliance, computer, control, country, cyber, cybersecurity, government, grc, group, guide, healthcare, incident response, infrastructure, ISO-27001, jobs, mobile, network, nist, risk, risk-assessment, risk-management, service, skills, strategy, technology, tool, training

Damon Petraglia, vCISO and CISO on demand Blue Mantis Damon Petraglia A long-time cybersecurity pro with chops built up in the federal government world and through forensic investigation work, Damon Petraglia works as a vCISO and CISO on demand for the IT services firm Blue Mantis.”Where I am today as a vCISO is a culmination…