Tag: advisory

SolarWinds Issues Advisory Following Salesloft Drift Security Breach

Sep 19, 2025 8:15 AM

Tags: access, advisory, breach, cyber, data, data-breach, unauthorized

SolarWinds Corporation has released an official security advisory in response to a significant data breach involving Salesforce systems. This resulted in unauthorized access to sensitive customer information through compromised OAuth tokens linked to the Salesloft Drift integration. Understanding the Breach Impact Illustration of a data breach concept featuring a glowing red lock symbol and digital…
WatchGuard patches ‘critical’ VPN flaw in firewalls that could lead to compromise

Sep 18, 2025 10:16 PM

Tags: access, advisory, attack, backup, breach, cloud, credentials, cve, cyber, data, exploit, firewall, flaw, fortinet, mitigation, mobile, office, ransomware, threat, update, vpn, vulnerability

Who is affected?: A list of the nearly three dozen firewall models affected by CVE-2025-9242 is available from WatchGuard’s website. The vulnerable versions of the Fireware OS are 2025.1, 12.x, 12.5.x (T15 & T35 models), 12.3.1 (FIPS-certified release), and 11.x (end of life). These are addressed (in the same order) by updating to versions 2025.1.1,…
Critical WatchGuard Vulnerability Lets Unauthenticated Attackers Run Arbitrary Code

Sep 18, 2025 10:41 AM

Tags: advisory, cve, cyber, flaw, network, vulnerability

WatchGuard released an advisory detailing a critical vulnerability in its Firebox line of network security appliances. Tracked as CVE-2025-9242, the flaw resides in the iked component of WatchGuard’s Fireware OS. An out-of-bounds write in the IKEv2 handling routine can allow a remote, unauthenticated attacker to execute arbitrary code on affected devices. Overview of the Vulnerability…
The Gravity of Process: Why New Tech Never Fixes Broken Process and Can AI Change It?

Sep 16, 2025 6:17 AM

Tags: advisory, ai, api, best-practice, business, cybersecurity, data, flaw, grc, incident response, risk, siem, soar, soc, technology, threat, tool, training

Let’s tackle the age old question: can new technology fix broken or missing processes? And then let’s add: does AI and AI agents change the answer you would give? Gemini illustration based on this blog This is the question which I recently debated with some friends, with a few AIs and with myself. The context was of…
FBI Releases IOCs on Cyber Threats Exploiting Salesforce for Data Theft

Sep 15, 2025 11:16 AM

Tags: advisory, breach, cyber, cybercrime, cybersecurity, data, exploit, infrastructure, tactics, theft, threat

The Federal Bureau of Investigation (FBI) has released a detailed flash advisory disclosing indicators of compromise (IOCs) and tactics used by two cybercrime groups”, UNC6040 and UNC6395″, to breach Salesforce customer environments and siphon sensitive data. Coordinated with the Department of Homeland Security Cybersecurity and Infrastructure Security Agency (DHS/CISA), the bulletin aims to equip security…
5 trends reshaping IT security strategies today

Sep 15, 2025 10:16 AM

Tags: advisory, ai, application-security, attack, authentication, business, ciso, cloud, cyberattack, cybersecurity, data, detection, finance, identity, infrastructure, intelligence, monitoring, resilience, risk, service, social-engineering, software, strategy, supply-chain, technology, threat, tool

2. AI-enabled attacks emerging to amplify business risks: CISOs now rank AI-powered cyberattacks as their top concern, cited by 80% of CISOs in a survey by Boston Consulting Group. That’s in contrast to a year ago when CISOs put AI-powered attacks at No. 4 on their list of top concerns.Adversaries are using generative AI for…
French Advisory Sheds Light on Apple Spyware Activity

Sep 12, 2025 10:16 PM

Tags: advisory, apple, attack, flaw, spyware, zero-day

CERT-FR’s advisory follows last month’s disclosure of a zero-day flaw Apple said was used in sophisticated attacks against targeted individuals. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/french-sheds-light-apple-spyware-activity
Addressing CISA Advisory on Rockwell Automation ThinManager SSRF Vulnerability (CVE-2025-9065)

Sep 12, 2025 5:16 PM

Tags: advisory, automation, cisa, control, cybersecurity, infrastructure, software, vulnerability

Critical Security Alert: If you are an organization using Rockwell’s ThinManager software version 13.0 or below, you are vulnerable. If you cannot upgrade immediately, please scroll to the section on compensating controls below and contact our team without delay. On September 9, 2025, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a critical advisory……
Cisco fixes high-severity IOS XR flaws enabling image bypass and DoS

Sep 12, 2025 5:16 PM

Tags: advisory, cisco, dos, flaw, network, software, vulnerability

Cisco addressed multiple high-severity IOS XR vulnerabilities that can allow ISO image verification bypass and trigger DoS conditions. Cisco addressed multiple vulnerabilities in IOS XR software as part of its semiannual Software Security Advisory Bundled Publication published on September 10, 2025. Below are the vulnerabilities addressed by the network giant: The following table identifies Cisco…
Australia Warns of Ransomware Attacks Exploiting SonicWall VPN Flaw CVE-2024-40766

Sep 11, 2025 1:16 PM

Tags: access, advisory, attack, cve, cyber, exploit, flaw, network, ransomware, threat, unauthorized, vpn, vulnerability

The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has issued an urgent alert regarding active exploitation of a critical security flaw identified as CVE-2024-40766, impacting multiple generations of SonicWall SSL VPN devices. According to the advisory, threat actors, including those deploying Akira ransomware, are actively leveraging this vulnerability to gain unauthorized network access…
How attackers weaponize communications networks

Sep 11, 2025 8:16 AM

Tags: advisory, ciso, communications, network, risk

In this Help Net Security interview, Gregory Richardson, Vice President, Advisory CISO Worldwide, at BlackBerry, talks about the growing risks to communications networks. He … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/11/gregory-richardson-blackberry-securing-communication-networks/
Dell PowerProtect Data Manager Flaw Allows System Compromise by Attackers

Sep 11, 2025 8:16 AM

Tags: advisory, cyber, data, flaw, injection, update, vulnerability

Dell has released a critical security update for its PowerProtect Data Manager (PPDM) platform, addressing multiple vulnerabilities that could allow attackers to compromise systems and execute arbitrary commands. The security advisory DSA-2025-326 reveals several high-severity flaws affecting versions 19.19 and 19.20 of the enterprise data protection solution. Critical Command Injection Vulnerabilities Discovered The most severe…
How attackers weaponize communications networks

Sep 11, 2025 8:16 AM

Tags: advisory, ciso, communications, network, risk

In this Help Net Security interview, Gregory Richardson, Vice President, Advisory CISO Worldwide, at BlackBerry, talks about the growing risks to communications networks. He … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/11/gregory-richardson-blackberry-securing-communication-networks/
California, two other states to come down hard on GPC violators

Sep 11, 2025 5:16 AM

Tags: advisory, business, compliance, data, governance, law, monitoring, privacy, risk, update

Implement GPC signal recognition: Businesses need to update their websites and backend systems to “detect the presence of the GPC header or equivalent signals sent by browsers or browser extensions. The GPC signal is transmitted as part of the HTTP header or via JavaScript, and must be detected reliably on every relevant page where personal…
Adobe Commerce and Magento users: Patch critical SessionReaper flaw now

Sep 10, 2025 9:16 PM

Tags: adobe, advisory, api, exploit, flaw, malicious, update, vulnerability

app/etc/env.php and injecting malicious JavaScript via the REST API to harvest customer data.Adobe stated in its advisory that no active exploitation of SessionReaper has been observed so far. However, given the history of Magento and Adobe Commerce vulnerabilities, this could change quickly.”SessionReaper is among the most severe Magento vulnerabilities to date, comparable to Shoplift (2015),…
Adobe Issues Urgent Patch for ‘SessionReaper’ Vulnerability in Commerce and Magento

Sep 10, 2025 5:16 PM

Tags: access, adobe, advisory, cve, cvss, flaw, open-source, risk, unauthorized, update, vulnerability

Adobe has issued an urgent security advisory, specifically for CVE-2025-54236, also known as SessionReaper, affecting Adobe Commerce and Magento Open-Source platforms. This flaw has been assigned a CVSS score of 9.1 out of 10, indicating a severe security risk that could lead to unauthorized access and full compromise of customer accounts via the Commerce REST…
China-Linked APT41 Hackers Target U.S. Trade Officials Amid 2025 Negotiations

Sep 10, 2025 5:16 PM

Tags: advisory, business, china, cyber, espionage, government, hacker

The House Select Committee on China has formally issued an advisory warning of an “ongoing” series of highly targeted cyber espionage campaigns linked to the People’s Republic of China (PRC) amid contentious U.S.China trade talks.”These campaigns seek to compromise organizations and individuals involved in U.S.-China trade policy and diplomacy, including U.S. government agencies, U.S. business…
China-Linked APT41 Hackers Target U.S. Trade Officials Amid 2025 Negotiations

Sep 10, 2025 5:16 PM

Tags: advisory, business, china, cyber, espionage, government, hacker

The House Select Committee on China has formally issued an advisory warning of an “ongoing” series of highly targeted cyber espionage campaigns linked to the People’s Republic of China (PRC) amid contentious U.S.China trade talks.”These campaigns seek to compromise organizations and individuals involved in U.S.-China trade policy and diplomacy, including U.S. government agencies, U.S. business…
Multiple Vulnerabilities Discovered in Ivanti Connect Secure, Policy Secure, and ZTA Gateways

Sep 9, 2025 6:08 PM

Tags: advisory, cyber, exploit, flaw, ivanti, vulnerability

Ivanti on September 9 released a security advisory detailing six medium and five high severity vulnerabilities impacting Ivanti Connect Secure, Policy Secure, ZTA Gateways, and Neurons for Secure Access. No evidence of customer exploitation has surfaced so far. Patches and fixes are available immediately to address issues ranging from missing authorization checks and cross-site request forgery (CSRF) flaws to…
Ivanti Endpoint Manager Vulnerabilities Allow Remote Code Execution by Attackers

Sep 9, 2025 6:08 PM

Tags: advisory, control, cve, cvss, cyber, endpoint, flaw, ivanti, remote-code-execution, vulnerability

Ivanti released Security Advisory for Endpoint Manager versions 2024 SU3 and 2022 SU8, detailing two high”severity flaws (CVE-2025-9712 and CVE-2025-9872). Both issues stem from insufficient filename validation and require only minimal user interaction, potentially granting full control over affected systems. Vulnerability Overview The two vulnerabilities share identical characteristics and impact: CVE Number Description CVSS Score…
Multiple Vulnerabilities Discovered in Ivanti Connect Secure, Policy Secure, and ZTA Gateways

Sep 9, 2025 6:08 PM

Tags: advisory, cyber, exploit, flaw, ivanti, vulnerability

Ivanti on September 9 released a security advisory detailing six medium and five high severity vulnerabilities impacting Ivanti Connect Secure, Policy Secure, ZTA Gateways, and Neurons for Secure Access. No evidence of customer exploitation has surfaced so far. Patches and fixes are available immediately to address issues ranging from missing authorization checks and cross-site request forgery (CSRF) flaws to…
Ivanti Endpoint Manager Vulnerabilities Allow Remote Code Execution by Attackers

Sep 9, 2025 6:08 PM

Tags: advisory, control, cve, cvss, cyber, endpoint, flaw, ivanti, remote-code-execution, vulnerability

Ivanti released Security Advisory for Endpoint Manager versions 2024 SU3 and 2022 SU8, detailing two high”severity flaws (CVE-2025-9712 and CVE-2025-9872). Both issues stem from insufficient filename validation and require only minimal user interaction, potentially granting full control over affected systems. Vulnerability Overview The two vulnerabilities share identical characteristics and impact: CVE Number Description CVSS Score…
PgAdmin Vulnerability Allows Attackers to Gain Unauthorized Account Access

Sep 8, 2025 1:08 PM

Tags: access, advisory, cyber, flaw, github, open-source, tool, unauthorized, vulnerability

A newly disclosed security flaw inpgAdmin4, the widely used open-source tool for managing PostgreSQL databases, has raised serious concerns among developers and database administrators across the world. The vulnerability, tracked as CVE-2025-9636, was recently highlighted in the GitHub Advisory Database and classified as High severity. The issue lies in aCross-Origin Opener Policy (COOP) vulnerabilitythat affects versions of…
Cybersecurity Snapshot: Expert Advice for Securing Critical Infrastructure’s OT and Industrial Control Systems, IoT Devices and Network Infrastructure

Sep 5, 2025 6:20 PM

Tags: access, advisory, apt, attack, authentication, breach, china, cisa, cisco, cloud, compliance, computer, computing, control, credentials, cryptography, cve, cyber, cybersecurity, data, defense, detection, espionage, exploit, firmware, framework, google, government, guide, hacker, Hardware, incident response, infrastructure, international, Internet, iot, login, mfa, military, mitigation, monitoring, network, nist, organized, password, phishing, ransomware, regulation, risk, russia, sans, service, software, technology, theft, threat, tool, update, vulnerability, zero-trust

Destructive cyber attacks against critical infrastructure have unfortunately become increasingly frequent. Just last week, multinational government agencies blared the alarm about a global cyber espionage campaign targeting critical infrastructure networks. With this type of cyber threat in the spotlight, we’re rounding up recent cyber advice for securing critical infrastructure. In case you missed it, here…
Response to CISA Advisory (AA25-239A): Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage System

Sep 5, 2025 7:19 AM

Tags: advisory, attack, china, cisa, espionage, network, tactics

In response to the CISA Advisory (AA25-239A), AttackIQ has updated the assessment template that emulates the various post-compromise Tactics, Techniques, and Procedures (TTPs) associated with the Chinese adversary Salt Typhoon and released a new attack graph emulating the behaviors exhibited during the SparrowDoor and ShadowPad campaign in March 2025. First seen on securityboulevard.com Jump to…
Response to CISA Advisory (AA25-239A): Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage System

Sep 5, 2025 7:19 AM

Tags: advisory, attack, china, cisa, espionage, network, tactics

In response to the CISA Advisory (AA25-239A), AttackIQ has updated the assessment template that emulates the various post-compromise Tactics, Techniques, and Procedures (TTPs) associated with the Chinese adversary Salt Typhoon and released a new attack graph emulating the behaviors exhibited during the SparrowDoor and ShadowPad campaign in March 2025. First seen on securityboulevard.com Jump to…
Response to CISA Advisory (AA25-239A): Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage System

Sep 5, 2025 7:19 AM

Tags: advisory, attack, china, cisa, espionage, network, tactics

In response to the CISA Advisory (AA25-239A), AttackIQ has updated the assessment template that emulates the various post-compromise Tactics, Techniques, and Procedures (TTPs) associated with the Chinese adversary Salt Typhoon and released a new attack graph emulating the behaviors exhibited during the SparrowDoor and ShadowPad campaign in March 2025. First seen on securityboulevard.com Jump to…
When Hackers Pivot and Hospitals Freeze: What the Latest Threats Reveal About Cybercrime’s New Playbook

Sep 3, 2025 9:20 PM

Tags: advisory, botnet, cyberattack, cybercrime, hacker, healthcare, service, threat, zero-day

What do a pharma firm, a hospital service provider, and your smart doorbell have in common? They were all targets in cyberattacks last month. Here’s the August end-of-month threat rundown from the ColorTokens Threat Advisory Team, a peek into how threat actors are rewriting the rules, one zero-day or botnet at a time. And if……
When Hackers Pivot and Hospitals Freeze: What the Latest Threats Reveal About Cybercrime’s New Playbook

Sep 3, 2025 9:20 PM

Tags: advisory, botnet, cyberattack, cybercrime, hacker, healthcare, service, threat, zero-day

What do a pharma firm, a hospital service provider, and your smart doorbell have in common? They were all targets in cyberattacks last month. Here’s the August end-of-month threat rundown from the ColorTokens Threat Advisory Team, a peek into how threat actors are rewriting the rules, one zero-day or botnet at a time. And if……
SUSE Fleet: Plain Text Storage of Vulnerability Exploit Helm Values

Sep 1, 2025 3:19 PM

Tags: advisory, cve, cyber, exploit, github, kubernetes, tool, vulnerability

A high-severity vulnerability in SUSE’s Fleet, a GitOps management tool for Kubernetes clusters, has been disclosed by security researcher samjustus via GitHub Security Advisory GHSA-6h9x-9j5v-7w9h. The vulnerability, tracked as CVE-2024-52284, allows Helm chart values”, often containing sensitive credentials”, to be stored inside BundleDeployment resources in plain text, exposing them to any user with GET or…