Tag: advisory
-
CISA Urges Patching For ‘Critical’ Ivanti VPN Flaw Exploited In Attacks
Exploitation of a critical-severity Ivanti Connect Secure vulnerability prompted CISA to issue an advisory Friday, urging organizations to implement patches to fix the issue. First seen on crn.com Jump to article: www.crn.com/news/security/2025/cisa-urges-patching-for-critical-ivanti-vpn-flaw-exploited-in-attacks
-
Ivanti Fully Patched Connect Secure RCE Vulnerability That Actively Exploited in the Wild
April 5, 2025 Ivanti has issued an urgent security advisory for CVE-2025-22457, a critical vulnerability impacting Ivanti Connect Secure, Pulse Connect Secure, Ivanti Policy Secure, and ZTA Gateways. Rated at a CVSS score of 9.0, this stack-based buffer overflow has been actively exploited since mid-March 2025, posing a severe risk to organizations using these […]…
-
Cyber agencies urge organizations to collaborate to stop fast flux DNS attacks
How to mitigate DNS attacks: Fast flux is one of many types of DNS attack. But there are tactics organizations can use to mitigate them.In the case of fast flux, the report recommends that:defenders should use cybersecurity and PDNS services that detect and block fast flux. “By leveraging providers that detect fast flux and implement…
-
Hackers Exploit Fast Flux to Evade Detection and Obscure Malicious Servers
Tags: advisory, control, cyber, cybersecurity, detection, exploit, hacker, infrastructure, malicious, threatCybersecurity agencies worldwide have issued a joint advisory warning against the growing threat posed by >>fast flux,
-
Longtime ‘Fast Flux’ Evasion Technique Now a National Security Threat
CISA, the FBI, and NSA issued an advisory about the national security threat posed by “fast flux,” a technique used by threat actors to evade detection of their C2 infrastructures that has been around for two decades but has seen a resurgence in use by ransomware gangs and nation-state bad actors. First seen on securityboulevard.com…
-
Cyber Agencies Warn of Fast Flux Threat Bypassing Network Defenses
A joint cybersecurity advisory warns organizations globally about the defense gap in detecting and blocking fast flux techniques, which are exploited for malicious activities First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cyber-agencies-warn-of-fast-flux/
-
Firefox 137 Launches with Patches for High-Severity Security Flaws
Mozilla has officially launched Firefox 137 with crucial security fixes aimed at addressing several high-severity vulnerabilities reported by security researchers. As part of its April 1, 2025, Mozilla Foundation Security Advisory (MFSA 2025-20), the foundation detailed three significant Common Vulnerabilities and Exposures (CVEs), which could have permitted attackers to exploit users’ machines through various means,…
-
Apple Issues Warning on Three 0-Day Vulnerabilities Under Active Exploitation
Apple has issued an urgent security advisory concerning three critical zero-day vulnerabilities CVE-2025-24200, CVE-2025-24201, and CVE-2025-24085 which are being actively exploited in the wild. These vulnerabilities affect a wide range of Apple devices, including iPhones, iPads, Macs, Apple Watches, and even the Apple Vision Pro. Users are strongly urged to update their devices immediately to address these…
-
CISA Warns of Cisco Smart Licensing Utility Credential Flaw Exploited in Attacks
Tags: advisory, attack, cisa, cisco, credentials, cve, cyber, cybersecurity, exploit, flaw, infrastructure, software, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has issued a security advisory warning organizations about a critical vulnerability in Cisco’s Smart Licensing Utility (SLU) software that has reportedly been exploited in cyberattacks. The vulnerability, assigned CVE-2024-20439, stems from a static credential issue that could leave affected systems open to remote exploitation with potentially devastating consequences.…
-
VMware plugs a high-risk vulnerability affecting its Windows-based virtualization
Patching is the only workaround: Broadcom advisory noted that the flaw does not have any workarounds and customers must apply patches rolled out on Tuesday to defend against exploitation.Affected products include all 11.x and 12.x versions of VMware tools for Windows, and are patched in the 12.5.1[1] rollout. VMware tools for Linux and macOS remain…
-
CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, CVE-2025-24513, CVE-2025-24514: Frequently Asked Questions About IngressNightmare
Tags: access, advisory, attack, cve, cvss, exploit, flaw, hacker, injection, kubernetes, mitigation, network, open-source, vulnerability, zero-dayFrequently asked questions about five vulnerabilities in the Ingress NGINX Controller for Kubernetes, collectively known as IngressNightmare. Background The Tenable Security Response Team (SRT) has compiled this blog to answer Frequently Asked Questions (FAQ) regarding IngressNightmare. FAQ What is IngressNightmare? IngressNightmare is the name given to a series of vulnerabilities in the Ingress NGINX Controller…
-
Trump shifts cyberattack readiness to state and local governments in wake of info-sharing cuts
Tags: advisory, cio, cisa, ciso, communications, cyber, cyberattack, cybersecurity, election, government, group, infrastructure, intelligence, Internet, metric, office, resilience, risk, russia, strategy, technology, threatCreating a national resilience strategy The EO requires the assistant to the President for national security affairs (APNSA), in coordination with the assistant to the President for economic policy and the heads of relevant executive departments and agencies, to publish within 90 days (by June 17) a National Resilience Strategy that articulates the priorities, means,…
-
CISA marks NAKIVO’s critical backup vulnerability as actively exploited
Tags: access, advisory, backup, cisa, ciso, cloud, cybersecurity, exploit, kev, mitigation, network, service, update, vulnerabilityCISOs advised to push for immediate patching: CISA has advised immediate federal and civilian patching of the flaw. For the Federal Civilian Executive Branch (FCEB) agencies, the US cybersecurity watchdog has stipulated a patching deadline of April 19, 2025, in accordance with the BOD 22-01 directive.”Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance…
-
VanHelsing Ransomware Targets Windows Systems with New Evasion Tactics and File Extension
Tags: advisory, breach, cyber, cybersecurity, data, encryption, extortion, leak, ransomware, tactics, windowsThe cybersecurity landscape has been recently disrupted by the emergence of the VanHelsing ransomware, a sophisticated strain identified by the CYFIRMA Research and Advisory Team. This ransomware targets Windows systems, employing advanced encryption techniques and appending a unique >>.vanhelsing
-
Breaking Down Risks in Cybersecurity
Cyber Crime Junkies podcast Breaking Down Risks in Cybersecurity A great conversation on the Cyber Crime Junkies podcast with David Mauro! We covered so many different topics that the CISOs are struggling with: Generative vs Agentic AI risks and opportunities How cyber attackers leverage powerful tools like…
-
Critical vulnerability in AMI MegaRAC BMC allows server’ takeover
Tags: access, advisory, api, apt, attack, authentication, control, credentials, cve, cyberespionage, cybersecurity, data, data-breach, endpoint, exploit, firewall, firmware, flaw, group, infrastructure, Internet, linux, malicious, malware, network, ransomware, supply-chain, technology, training, update, vulnerabilityth vulnerability that Eclypsium researchers found in MegaRAC, the BMC firmware implementation from UEFI/BIOS vendor American Megatrends (AMI). BMCs are microcontrollers present on server motherboards that have their own firmware, dedicated memory, power, and network ports and are used for out-of-band management of servers when their main operating systems are shut down.Administrators can access BMCs…
-
Medusa Ransomware Warning: CISA and FBI Issue Urgent Advisory
CISA and the FBI warn about Medusa ransomware, urging organizations to update security, enable MFA, and report incidents to mitigate the growing threat. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/trends/medusa-ransomware-cisa-fbi-advisory/
-
AI Module Security Flaws in Drupal: MyCERT Urges Immediate Patching
The Malaysia Computer Emergency Response Team (MyCERT) has reported several Drupal vulnerabilities within its AI module, specifically affecting versions prior to 1.0.5. This issue, outlined in a MyCERT advisory (MA-1292.032025), has raised cybersecurity concerns regarding potential remote code execution risks and the overall security of Drupal-powered websites. MyCERT has recommended that all users and administrators of Drupal promptly…
-
Imperva Protects Against the Apache Camel Vulnerabilities
Introduction: Understanding the Apache Camel Flaw On March 9, 2025, Apache released a security advisory for CVE-2025-27636, a vulnerability in the Apache Camel framework that allows attackers to bypass header filtering via miscased headers. Although rated as moderate, this vulnerability specifically affects configurations that use HTTP server components (such as camel-servlet, camel-jetty, camel-undertow, camel-platform-http, or……
-
Cisco Warns of Critical IOS XR Vulnerability Enabling DoS Attacks
Cisco has issued a security advisory warning of a vulnerability in its IOS XR Software that could allow attackers to launch denial-of-service (DoS) attacks. The vulnerability, identified as CVE-2025-20115, affects the Border Gateway Protocol (BGP) confederation implementation. The CVE-2025-20115 vulnerability affects the Border Gateway Protocol (BGP) confederation implementation in Cisco IOS XR Software, potentially allowing…
-
Live Ransomware Demo: See How Hackers Breach Networks and Demand a Ransom
Cyber threats evolve daily. In this live webinar, learn exactly how ransomware attacks unfold”, from the initial breach to the moment hackers demand payment.Join Joseph Carson, Delinea’s Chief Security Scientist and Advisory CISO, who brings 25 years of enterprise security expertise. Through a live demonstration, he will break down every technical step of a ransomware…
-
CISA Releases Security Advisory on 13 Industrial Control System Threats
CISA issued thirteen Industrial Control Systems (ICS) advisories, highlighting current security issues and vulnerabilities in various systems. These advisories are crucial for maintaining the security and integrity of industrial operations. The affected products primarily include several Siemens systems, along with a Sungrow and a Philips product. Introduction to the Advisories CISA emphasizes the importance of…
-
Response to CISA Advisory (AA25-071A): #StopRansomware: Medusa Ransomware
AttackIQ has released a new assessment template in response to the CISA Advisory (AA25-071A) published on March 12, 2025, which details new behaviors exhibited by Medusa Ransomware. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/response-to-cisa-advisory-aa25-071a-stopransomware-medusa-ransomware/
-
CVE-2025-27363: FreeType Vulnerability in Meta Exploited in the Wild
Meta has issued a security advisory regarding a newly discovered vulnerability in the FreeType open-source font rendering library. Tracked as CVE-2025-27363, this flaw has been assigned a CVSS score of 8.1, categorizing it as a high-severity issue. Security experts warn… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/cve-2025-27363-freetype-meta-vulnerability/
-
Medusa ransomware hit over 300 critical infrastructure organizations until February 2025
The Medusa ransomware operation hit over 300 organizations in critical infrastructure sectors in the United States until February 2025. The FBI, CISA, and MS-ISAC have issued a joint advisory detailing Medusa ransomware tactics, techniques, and indicators of compromise (IOCs) based on FBI investigations as recent as February 2025. This advisory is part of the #StopRansomware…
-
Medusa Ransomware Hits 300+ Critical Infrastructure Organizations Worldwide
The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) have issued a joint advisory on the Medusa ransomware, a ransomware-as-a-service (RaaS) variant that has been active since June 2021. As of February 2025, Medusa has impacted over 300 victims across critical infrastructure sectors,…
-
More than 300 critical infrastructure orgs attacked by Medusa ransomware
An advisory from the FBI, Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing and Analysis Center (MS-ISAC) on Wednesday said the group and its affiliates have attacked organizations in the medical, education, legal, insurance, technology and manufacturing industries. First seen on therecord.media Jump to article: therecord.media/medusa-ransomware-targeting-critical-infrastructure-orgs
-
Microsoft patches privilege escalation flaw exploited since 2023
Vulnerabilities in file system drivers: Several of the other zero-day vulnerabilities are related to the Windows NT File System (NTFS) driver. One is a remote code execution flaw that can be triggered by the user mounting a specially crafted VHD (virtual hard disk) that triggers a buffer overflow (CVE-2025-24993).A similar vulnerability, CVE-2025-24985, that can be…