Tag: framework
-
Using the NIST Phish Scale Framework to Detect and Fight Phishing Attacks
The NIST Phish Scale framework offers a structured and effective approach to improving phishing awareness training in organizations. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/02/using-the-nist-phish-scale-framework-to-detect-and-fight-phishing-attacks/
-
Critical remote code execution bug found in Cacti framework
A critical flaw in Cacti open-source network monitoring and fault management framework that could allow remote code execution. Cacti is an open-source platform that provides a robust and extensible operational monitoring and fault management framework for users. A critical vulnerability, tracked as CVE-2025-22604 (CVSS score of 9.1), in the Cacti open-source framework could allow an authenticated…
-
Hackers Attacking Windows, macOS, and Linux systems With SparkRAT
Researchers have uncovered new developments in SparkRAT operations, shedding light on its persistent use in malicious campaigns targeting macOS users and government organizations. The findings, detailed in a recent report, underscore the evolving tactics of threat actors leveraging SparkRAT’s modular framework and cross-platform capabilities across Windows, macOS, and Linux. SparkRAT’s Communication Originally released on GitHub…
-
Google’s Agentic AI Security Team Develops Framework to Combat Prompt Injection Attacks
Google’s Agentic AI Security Team announced in a recent blog post that they have developed a new framework First seen on securityonline.info Jump to article: securityonline.info/googles-agentic-ai-security-team-develops-framework-to-combat-prompt-injection-attacks/
-
Critical Cacti Security Flaw (CVE-2025-22604) Enables Remote Code Execution
A critical security flaw has been disclosed in the Cacti open-source network monitoring and fault management framework that could allow an authenticated attacker to achieve remote code execution on susceptible instances.The flaw, tracked as CVE-2025-22604, carries a CVSS score of 9.1 out of a maximum of 10.0.”Due to a flaw in the multi-line SNMP result…
-
PoC Exploit Released for Critical Cacti Vulnerability Let Attackers Code Remotely
A critical vulnerability in the Cacti performance monitoring framework, tracked as CVE-2025-22604, has been disclosed, with a proof-of-concept (PoC) exploit now publicly available. This vulnerability allows authenticated users with device management permissions to execute arbitrary code on the server by exploiting a multi-line SNMP result parser flaw. The vulnerability has been rated as critical with…
-
Apple zero-day vulnerability under attack on iOS devices
Apple said the zero-day vulnerability, tracked as CVE-2025-24085, affects its Core Media framework and “may have been actively exploited against versions of iOS before iOS 17.2.” First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366618572/Apple-zero-day-vulnerability-under-attack-on-iOS-devices
-
Apple’s latest patch closes zero-day affecting wide swath of products
The zero-day impacts Apple’s framework that manages audio and video playback. First seen on cyberscoop.com Jump to article: cyberscoop.com/apple-security-update-zero-day-january-2025/
-
US takes aim at healthcare cybersecurity with proposed HIPAA changes
Tags: access, authentication, best-practice, breach, compliance, control, csf, cyber, cyberattack, cybersecurity, data, defense, detection, dora, encryption, finance, framework, government, group, healthcare, HIPAA, incident response, infrastructure, insurance, intelligence, jobs, law, malware, mfa, network, nist, penetration-testing, phishing, privacy, ransom, ransomware, regulation, resilience, risk, security-incident, service, skills, technology, threat, tool, update, usa, vulnerability, vulnerability-managementThe US Department of Health and Human Services (HHS) has launched a consultation on stricter rules for the safeguarding of electronic health records.The proposed revamp of security rules covered by the Health Insurance Portability and Accountability Act (HIPAA) is designed to address the increased risk from cyberattacks such as ransomware against healthcare environments.The revamped rules…
-
BloodyAD: Open-source Active Directory privilege escalation framework
BloodyAD is an open-source Active Directory privilege escalation framework that uses specialized LDAP calls to interact with domain controllers. It enables various privilege … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/01/28/bloodyad-active-directory-privilege-escalation/
-
ISMG Editors: Challenges Ahead for US Cybersecurity Program
Also: Leadership Choices That Could Reshape Cybersecurity Priorities, Budgets. The Trump administration has inherited a strong cybersecurity framework but faces potential roadblocks from budget cuts and a shifting threat landscape. Jeremy Grant, managing director at Venable LLP joined ISMG editors to discuss the critical issues facing security leaders during the transition. First seen on govinfosecurity.com…
-
A pickle in Meta’s LLM code could allow RCE attacks
Tags: ai, attack, breach, cve, cvss, data, data-breach, exploit, flaw, framework, github, LLM, malicious, ml, network, open-source, rce, remote-code-execution, software, supply-chain, technology, theft, vulnerabilityMeta’s large language model (LLM) framework, Llama, suffers a typical open-source coding oversight, potentially allowing arbitrary code execution on servers leading to resource theft, data breaches, and AI model takeover.The flaw, tracked as CVE-2024-50050, is a critical deserialization bug belonging to a class of vulnerabilities arising from the improper use of the open-source library (pyzmq)…
-
Do We Really Need The OWASP NHI Top 10?
The Open Web Application Security Project has recently introduced a new Top 10 project – the Non-Human Identity (NHI) Top 10. For years, OWASP has provided security professionals and developers with essential guidance and actionable frameworks through its Top 10 projects, including the widely used API and Web Application security lists. Non-human identity security represents…
-
New Phishing Framework Attack Multiple Brands Login Pages To Steal Credentials
Researchers have identified a sophisticated phishing tactic leveraging Cloudflare’s workers.dev, a free domain name service, to execute credential theft campaigns. The modus operandi involves a generic phishing page that can impersonate any brand, with significant technical ingenuity aimed at deceiving unsuspecting users and evading detection. The phishing page, hosted on the URL >>workers-playground-broken-king-d18b.supermissions.workers.dev,
-
CISOs’ top 12 cybersecurity priorities for 2025
Tags: access, ai, api, attack, authentication, automation, awareness, business, cio, ciso, cloud, compliance, control, corporate, cybersecurity, data, detection, framework, governance, identity, incident response, infrastructure, intelligence, jobs, mitigation, monitoring, mssp, oracle, penetration-testing, privacy, risk, risk-management, service, strategy, technology, threat, training, usa, zero-trustSecurity chief Andrew Obadiaru’s to-do list for the upcoming year will be familiar to CISOs everywhere: advance a zero-trust architecture in the organization; strengthen identity and access controls as part of that drive; increase monitoring of third-party risks; and expand the use of artificial intelligence in security operations.”Nothing is particularly new, maybe AI is newer,…
-
New SCAVY Framework to Detect Memory Corruption Privilege Escalation in Linux Kernel
A breakthrough framework namedSCAVYhas been introduced to proactively detect memory corruption targets that could potentially lead to privilege escalation in the Linux kernel. Presented at the prestigious USENIX Security Symposium in August 2024, the framework aims to address long-standing gaps in understanding how memory corruption can be exploited to compromise system integrity. SCAVY’s developers have…
-
Critical Vulnerability in Meta Llama Framework Let Remote Attackers Execute Arbitrary Code
The Oligo Research team has disclosed a critical vulnerability in Meta’s widely used Llama-stack framework. This vulnerability, tracked as CVE-2024-50050, allows remote attackers to execute arbitrary code on servers running the Llama-stack framework. Due to its potential impact, the flaw has been rated ascriticalwith a CVSS score of 9.3 (v4.0) and 9.8 (v3.1). The Meta Llama…
-
Critical Vulnerability in Next.js Framework Exposes Websites to Cache Poisoning and XSS Attacks
A new report has put the spotlight on potential security vulnerabilities within the popular open-source framework Next.js, demonstrating how improper caching mechanisms can lead to critical server-side cache poisoning attacks. Developed by Vercel, Next.js remains a cornerstone for building server-rendered React applications; however, its popularity has also made it a lucrative target for threat actors.…
-
ENISA: Embedding Resilience in Critical Infrastructure
ENISA’s Marnix Dekker on Supply Chain Attacks, Harmonizing the New NIS2 Regulations. The European Union Agency for Cybersecurity is at the center of rolling out new cybersecurity frameworks for critical infrastructure providers across Europe. But a major priority, according to ENISA’s Marnix Dekker, is helping smaller vendors withstand supply chain attacks. First seen on govinfosecurity.com…
-
Developing Security Protocols for Agentic AI Applications
Agentic AI can be an incredibly powerful asset, like another member of the team. However, it can quickly become a liability due to poorly designed frameworks or lax security protocols. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/01/developing-security-protocols-for-agentic-ai-applications/
-
Oracle Releases January 2025 Patch to Address 318 Flaws Across Major Products
Oracle is urging customers to apply its January 2025 Critical Patch Update (CPU) to address 318 new security vulnerabilities spanning its products and services.The most severe of the flaws is a bug in the Oracle Agile Product Lifecycle Management (PLM) Framework (CVE-2025-21556, CVSS score: 9.9) that could allow an attacker to seize control of susceptible…
-
Security chiefs whose companies operate in the EU should be exploring DORA now
Tags: attack, business, ciso, compliance, conference, corporate, cyber, cybersecurity, data, detection, dora, finance, framework, GDPR, incident, network, regulation, resilience, risk, service, technology, threat, vulnerabilityIf your enterprise operates in Europe, you should care about the Digital Operational Resilience Act (DORA), which took effect on January 17. DORA, also known as Directive (EU) 2022/2555 of the European Parliament, aims to enhance and build the EU’s cybersecurity capabilities and it has been hanging like the Sword of Damocles over the heads…
-
7 top cybersecurity projects for 2025
Tags: access, advisory, ai, backup, best-practice, breach, business, cio, ciso, cloud, compliance, control, cyber, cybersecurity, data, data-breach, detection, encryption, framework, google, governance, infrastructure, intelligence, law, mitigation, monitoring, network, resilience, risk, risk-management, service, strategy, technology, threat, tool, vulnerabilityAs 2025 dawns, CISOs face the grim reality that the battle against cyberattackers never ends. Strong and carefully planned cybersecurity projects are the best way to stay a step ahead of attackers and prevent them gaining the upper hand.”Urgency is the mantra for 2025,” says Greg Sullivan, founding partner of cybersecurity services firm CIOSO Global.…
-
Apache CXF Vulnerability Triggers DoS Attack
Colm O hEigeartaigh announced a critical vulnerability affecting various versions of Apache CXF, a widely-used framework for building web services. This issue, documented as CVE-2025-23184, poses a significant risk as it can lead to a Denial of Service (DoS) attack due to improper handling of temporary files. The vulnerability has been confirmed in specific versions…
-
Information Security Manual (ISM)
What is the Information Security Manual (ISM)? The Information Security Manual (ISM) is a cybersecurity framework developed by the Australian Signals Directorate (ASD) to help organizations protect their IT and operational technology systems, applications, and data from cyber threats. The ISM is relevant to industries like government, defense, finance, healthcare, and other sectors where sensitive……
-
CISA unveils ‘Secure by Demand’ guidelines to bolster OT security
Tags: attack, authentication, breach, ceo, cisa, compliance, cyber, cybersecurity, encryption, flaw, framework, infrastructure, international, network, office, resilience, risk, service, software, strategy, technology, threat, update, vulnerabilityThe US Cybersecurity and Infrastructure Security Agency (CISA), along with its international cybersecurity allies, has unveiled the “Secure by Demand” guidelines to safeguard operational technology (OT) environments. The framework provides a blueprint for OT owners and operators to prioritize cybersecurity when procuring digital products.This initiative addresses growing concerns about vulnerabilities in critical infrastructure, including energy…

