eSecurity Planet

JULY 25, 2025

This article was originally published on TechRepublic. Severe vulnerabilities in Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an unauthenticated remote attacker to issue commands with root privileges, Cisco said in an advisory on July 17. Cisco released multiple patches for the issues, including an expanded fix for specific software versions.

Education

Penetration Testing

JULY 28, 2025

A critical vulnerability (CVE-2025-54419, CVSS 10.0) in Node-SAML allows attackers to bypass SAML 2.0 authentication by manipulating unsigned assertion data.

Authentication

Graham Cluley

JULY 24, 2025

There is good news for any organisation which has been hit by the Phobos ransomware. Japanese police have released a free decryptor capable of recovering files encrypted by both the notorious Phobos ransomware, and its offshoot 8Base. Read more in my article on the Fortra blog.

Ransomware

The Hacker News

JULY 23, 2025

Google has announced the launch of a new initiative called OSS Rebuild to bolster the security of the open-source package ecosystems and prevent software supply chain attacks.

Software

Speaker: Erroll Amacker

Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.

Risk

Schneier on Security

JULY 23, 2025

It will be interesting to watch what will come of this private lawsuit : Google on Thursday announced filing a lawsuit against the operators of the Badbox 2.0 botnet, which has ensnared more than 10 million devices running Android open source software. These devices lack Google’s security protections, and the perpetrators pre-installed the Badbox 2.0 malware on them, to create a backdoor and abuse them for large-scale fraud and other illicit schemes.

Software

Penetration Testing

JULY 23, 2025

SonicWall warns of CVE-2025-40599 in SMA 100 series, allowing authenticated admins to upload arbitrary files, potentially leading to RCE.

Authentication

The Hacker News

JULY 24, 2025

Sophos and SonicWall have alerted users of critical security flaws in Sophos Firewall and Secure Mobile Access (SMA) 100 Series appliances that could be exploited to achieve remote code execution. The two vulnerabilities impacting Sophos Firewall are listed below - CVE-2025-6704 (CVSS score: 9.

Firewall

Schneier on Security

JULY 24, 2025

The current state of digital identity is a mess. Your personal information is scattered across hundreds of locations: social media companies, IoT companies, government agencies, websites you have accounts on, and data brokers you’ve never heard of. These entities collect, store, and trade your data, often without your knowledge or consent. It’s both redundant and inconsistent.

Architecture

Penetration Testing

JULY 23, 2025

Dahua IP cameras are vulnerable to two high-severity buffer overflow flaws (CVE-2025-31700, CVE-2025-31701) allowing remote attackers to crash devices or execute arbitrary code. Update firmware immediately.

Firmware

Security Affairs

JULY 23, 2025

U.S. CISA adds CrushFTP, Google Chromium, and SysAid flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added CrushFTP, Google Chromium, and SysAid flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these flaws: CVE-2025-54309 CrushFTP Unprotected Alternate Channel Vulnerability CVE-2025-6558 Google Chromium ANGLE and GPU Improper Input Validation Vulnerability CVE-2025-2776 SysAid On-

Spyware

Advertisement

Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.

Cyber threats

Cisco Security

JULY 24, 2025

Skip to content Cisco Blogs / Security / Cisco Secure Firewall: First to earn SE Labs AAA in Advanced Performance July 24, 2025 Leave a Comment Security Cisco Secure Firewall: First to earn SE Labs AAA in Advanced Performance 3 min read Marc Mastrangelo Cisco just captured cybersecurity’s Olympic gold again! Our Secure Firewall 4225 is the first firewall ever to earn SE Labs’ coveted AAA rating in the ultra-tough Advanced Performance test, hot on the heels of its February AAA rating for efficacy

Firewall

Krebs on Security

JULY 24, 2025

KrebsOnSecurity recently heard from a reader whose boss’s email account got phished and was used to trick one of the company’s customers into sending a large payment to scammers. An investigation into the attacker’s infrastructure points to a long-running Nigerian cybercrime ring that is actively targeting established companies in the transportation and aviation industries.

Scams

The Last Watchdog

JULY 25, 2025

Chennai, India, July 25, 2025, CyberNewswire — xonPlus , a real-time digital risk alerting system, officially launches today to help security teams detect credential exposures before attackers exploit them. The platform detects data breaches and alerts teams and systems to respond instantly. Built by the team behind XposedOrNot, an open-source breach detection tool used by thousands, xonPlus gives organizations instant visibility when their email addresses or domains appear in breach dumps or da

Data breaches

Security Affairs

JULY 24, 2025

The DSPM market hit around $1.2 billion in 2024 and should grow to $4.5 billion by 2033 (≈16.5% CAGR). The AI sector is projected to swell from $189 billion in 2023 to $4.8 trillion by 2033. The tech realm is continually evolving. New tools are invented every day, and certain technologies are reaching market valuations that have never been seen before.

Marketing

Advertisement

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

Cybersecurity

The Hacker News

JULY 24, 2025

Mitel has released security updates to address a critical security flaw in MiVoice MX-ONE that could allow an attacker to bypass authentication protections.

Authentication

Cisco Security

JULY 23, 2025

SE Labs research identifies the many ways Email Threat Defense successfully defends against advanced email threats in real time to earn the highest rating.

SecureWorld News

JULY 28, 2025

A new report from Google's Threat Intelligence Group (GTIG) reveals how the cybercriminal group known as Scattered Spider is escalating its campaign against U.S. critical infrastructure—this time by compromising the backbone of enterprise virtualization: VMware vSphere. The threat actors are bypassing traditional endpoint protections by directly attacking the hypervisor layer, utilizing social engineering and identity compromise to hijack administrative access and deploy ransomware from within.

Social Engineering

Penetration Testing

JULY 23, 2025

GitLab patched multiple high-severity XSS and data exposure vulnerabilities in CE/EE, urging users to update to 18.2.1, 18.1.3, or 18.0.5.

Cybersecurity

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Security Affairs

JULY 28, 2025

U.S. U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco ISE and PaperCut NG/MF flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Cisco ISE and PaperCut NG/MF flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these flaws: CVE-2025-20281 Cisco Identity Services Engine Injection Vulnerability CVE-2025-20337 Cisco Identity Services Engine Injection Vulnerability

Engineering

The Last Watchdog

JULY 23, 2025

In today’s post-signature world, attackers don’t just break in — they blend in. In this second installment of the Last Watchdog Strategic LinkedIn Reel (LW SLR) series, Corelight CEO Brian Dye delivers a clear-eyed take on how defenders can regain the upper hand with network-derived ground truth. This high-impact reel distills key insights from our RSAC 2025 Fireside Chat, including how NDR empowers SOC teams to trace the full attack path — from initial access to containment — and to prove what

Internet

The Hacker News

JULY 23, 2025

Cybersecurity researchers have uncovered a new stealthy backdoor concealed within the "mu-plugins" directory in WordPress sites to grant threat actors persistent access and allow them to perform arbitrary actions. Must-use plugins (aka mu-plugins) are special plugins that are automatically activated on all WordPress sites in the installation.

Cybersecurity

SecureWorld News

JULY 29, 2025

The recent data breach at Allianz Life Insurance Company of North America serves as a reminder of the pervasive threat posed by supply chain attacks, even to seemingly robust organizations. Disclosed on Friday, July 25th, the incident reportedly impacted the personally identifiable information (PII) of most of its 1.4 million U.S. customers, along with professionals and select employees.

Data breaches

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Penetration Testing

JULY 24, 2025

A broken access control vulnerability (CVE-2025-24000) in Post SMTP WordPress plugin allows low-privileged users to take over administrator accounts and full sites.

Risk

Security Affairs

JULY 23, 2025

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds two Microsoft SharePoint flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two Microsoft SharePoint flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these flaws: CVE-2025-49704 Microsoft SharePoint Code Injection Vulnerability CVE-2025-49706 Microsoft SharePoint Improper Authentication Vulnerability This week, Mi

Authentication

Centraleyes

JULY 28, 2025

Key Takeaways ISO 27001:2022 is fully in effect, and all certified organizations must transition by October 31, 2025. A readiness assessment is not a formal audit. Use a self-assessment checklist to evaluate documentation, scope, risks, and your Statement of Applicability. This blog’s 9-step checklist prepares you to pass ISO 27001:2022 Stage 1 and move into full implementation.

Risk

The Hacker News

JULY 25, 2025

The threat actor known as Patchwork has been attributed to a new spear-phishing campaign targeting Turkish defense contractors with the goal of gathering strategic intelligence.

Phishing

Speaker: Sierre Lindgren

Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.

Scams

NetSpi Executives

JULY 28, 2025

TL;DR When it comes to achieving and maintaining compliance with industry standards like SOC 2, PCI DSS, and HIPAA, penetration testing plays a crucial role. Read on to discover actionable insights into why compliance matters, how penetration testing ensures data security, and the steps your business can take to integrate penetration testing into your compliance strategy.

Penetration Testing

Penetration Testing

JULY 23, 2025

18 severe vulnerabilities (CVSS up to 9.8) found in Samsung MagicINFO 9 Server allow RCE, web shell uploads, and auth bypass via hardcoded credentials. Update immediately!

Authentication

Security Affairs

JULY 28, 2025

Scattered Spider targets VMware ESXi in North America using social engineering, mainly fake IT help desk calls instead of software exploits. The cybercrime group Scattered Spider (aka 0ktapus , Muddled Libra , Octo Tempest , and UNC3944 ) is targeting VMware ESXi hypervisors in retail, airline, and transportation sectors across North America. According to Google’s Mandiant team, the group uses social engineering, mainly deceptive phone calls to IT help desks, rather than software exploits.

Social Engineering

The Last Watchdog

JULY 29, 2025

Palo Alto, Calif., July 29, 2025, CyberNewswire — Despite the expanding use of browser extensions, the majority of enterprises and individuals still rely on labels such as “Verified” and “Chrome Featured” provided by extension stores as a security indicator. The recent Geco Colorpick case exemplifies how these certifications provide nothing more than a false sense of security – Koi Research[1] disclosed 18 malicious extensions that distributed spyware to 2.3M users, with most bearing the w

Architecture

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity