Trending Articles

article thumbnail

Cisco Patches Three Critical Vulnerabilities – Here are the Products Affected

eSecurity Planet

This article was originally published on TechRepublic. Severe vulnerabilities in Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an unauthenticated remote attacker to issue commands with root privileges, Cisco said in an advisory on July 17. Cisco released multiple patches for the issues, including an expanded fix for specific software versions.

article thumbnail

Critical Node-SAML Flaw (CVE-2025-54419, CVSS 10.0) Allows Authentication Bypass in SAML 2.0 Web Apps

Penetration Testing

A critical vulnerability (CVE-2025-54419, CVSS 10.0) in Node-SAML allows attackers to bypass SAML 2.0 authentication by manipulating unsigned assertion data.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Free decryptor for victims of Phobos ransomware released

Graham Cluley

There is good news for any organisation which has been hit by the Phobos ransomware. Japanese police have released a free decryptor capable of recovering files encrypted by both the notorious Phobos ransomware, and its offshoot 8Base. Read more in my article on the Fortra blog.

article thumbnail

Google Launches OSS Rebuild to Expose Malicious Code in Widely Used Open-Source Packages

The Hacker News

Google has announced the launch of a new initiative called OSS Rebuild to bolster the security of the open-source package ecosystems and prevent software supply chain attacks.

article thumbnail

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

Speaker: Erroll Amacker

Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.

article thumbnail

Google Sues the Badbox Botnet Operators

Schneier on Security

It will be interesting to watch what will come of this private lawsuit : Google on Thursday announced filing a lawsuit against the operators of the Badbox 2.0 botnet, which has ensnared more than 10 million devices running Android open source software. These devices lack Google’s security protections, and the perpetrators pre-installed the Badbox 2.0 malware on them, to create a backdoor and abuse them for large-scale fraud and other illicit schemes.

article thumbnail

Critical Arbitrary File Upload Vulnerability in SonicWall SMA 100 Series Devices

Penetration Testing

SonicWall warns of CVE-2025-40599 in SMA 100 series, allowing authenticated admins to upload arbitrary files, potentially leading to RCE.

LifeWorks

More Trending

article thumbnail

Sophos and SonicWall Patch Critical RCE Flaws Affecting Firewalls and SMA 100 Devices

The Hacker News

Sophos and SonicWall have alerted users of critical security flaws in Sophos Firewall and Secure Mobile Access (SMA) 100 Series appliances that could be exploited to achieve remote code execution. The two vulnerabilities impacting Sophos Firewall are listed below - CVE-2025-6704 (CVSS score: 9.

article thumbnail

How Solid Protocol Restores Digital Agency

Schneier on Security

The current state of digital identity is a mess. Your personal information is scattered across hundreds of locations: social media companies, IoT companies, government agencies, websites you have accounts on, and data brokers you’ve never heard of. These entities collect, store, and trade your data, often without your knowledge or consent. It’s both redundant and inconsistent.

article thumbnail

CVE-2025-31700 & CVE-2025-31701: Buffer Overflow Flaws in Dahua IP Cameras Expose Devices to RCE

Penetration Testing

Dahua IP cameras are vulnerable to two high-severity buffer overflow flaws (CVE-2025-31700, CVE-2025-31701) allowing remote attackers to crash devices or execute arbitrary code. Update firmware immediately.

article thumbnail

U.S. CISA adds CrushFTP, Google Chromium, and SysAid flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

U.S. CISA adds CrushFTP, Google Chromium, and SysAid flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added CrushFTP, Google Chromium, and SysAid flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these flaws: CVE-2025-54309 CrushFTP Unprotected Alternate Channel Vulnerability CVE-2025-6558 Google Chromium ANGLE and GPU Improper Input Validation Vulnerability CVE-2025-2776 SysAid On-

article thumbnail

Why Giant Content Libraries Do Nothing for Your Employees’ Cyber Resilience

Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.

article thumbnail

Cisco Secure Firewall: First to earn SE Labs AAA in Advanced Performance

Cisco Security

Skip to content Cisco Blogs / Security / Cisco Secure Firewall: First to earn SE Labs AAA in Advanced Performance July 24, 2025 Leave a Comment Security Cisco Secure Firewall: First to earn SE Labs AAA in Advanced Performance 3 min read Marc Mastrangelo Cisco just captured cybersecurity’s Olympic gold again! Our Secure Firewall 4225 is the first firewall ever to earn SE Labs’ coveted AAA rating in the ultra-tough Advanced Performance test, hot on the heels of its February AAA rating for efficacy

article thumbnail

Phishers Target Aviation Execs to Scam Customers

Krebs on Security

KrebsOnSecurity recently heard from a reader whose boss’s email account got phished and was used to trick one of the company’s customers into sending a large payment to scammers. An investigation into the attacker’s infrastructure points to a long-running Nigerian cybercrime ring that is actively targeting established companies in the transportation and aviation industries.

article thumbnail

News alert: xonPlus launches real-time alerting platform to detect exposed enterprise credentials

The Last Watchdog

Chennai, India, July 25, 2025, CyberNewswire — xonPlus , a real-time digital risk alerting system, officially launches today to help security teams detect credential exposures before attackers exploit them. The platform detects data breaches and alerts teams and systems to respond instantly. Built by the team behind XposedOrNot, an open-source breach detection tool used by thousands, xonPlus gives organizations instant visibility when their email addresses or domains appear in breach dumps or da

article thumbnail

DSPM & AI Are Booming: $17.87B and $4.8T Markets by 2033

Security Affairs

The DSPM market hit around $1.2 billion in 2024 and should grow to $4.5 billion by 2033 (≈16.5% CAGR). The AI sector is projected to swell from $189 billion in 2023 to $4.8 trillion by 2033. The tech realm is continually evolving. New tools are invented every day, and certain technologies are reaching market valuations that have never been seen before.

article thumbnail

Zero Trust Mandate: The Realities, Requirements and Roadmap

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

article thumbnail

Critical Mitel Flaw Lets Hackers Bypass Login, Gain Full Access to MiVoice MX-ONE Systems

The Hacker News

Mitel has released security updates to address a critical security flaw in MiVoice MX-ONE that could allow an attacker to bypass authentication protections.

article thumbnail

Email Threat Defense earns AAA rating in SE Labs latest evaluation

Cisco Security

SE Labs research identifies the many ways Email Threat Defense successfully defends against advanced email threats in real time to earn the highest rating.

article thumbnail

Scattered Spider Targets U.S. Critical Infrastructure Through VMware Attacks

SecureWorld News

A new report from Google's Threat Intelligence Group (GTIG) reveals how the cybercriminal group known as Scattered Spider is escalating its campaign against U.S. critical infrastructure—this time by compromising the backbone of enterprise virtualization: VMware vSphere. The threat actors are bypassing traditional endpoint protections by directly attacking the hypervisor layer, utilizing social engineering and identity compromise to hijack administrative access and deploy ransomware from within.

article thumbnail

GitLab Update: High-Severity XSS & Data Exposure Flaws Patched

Penetration Testing

GitLab patched multiple high-severity XSS and data exposure vulnerabilities in CE/EE, urging users to update to 18.2.1, 18.1.3, or 18.0.5.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

U.S. CISA adds Cisco ISE and PaperCut NG/MF flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

U.S. U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco ISE and PaperCut NG/MF flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Cisco ISE and PaperCut NG/MF flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these flaws: CVE-2025-20281 Cisco Identity Services Engine Injection Vulnerability CVE-2025-20337 Cisco Identity Services Engine Injection Vulnerability

article thumbnail

STRATEGIC REEL: From guesswork to ground truth — stopping threats before they spread

The Last Watchdog

In today’s post-signature world, attackers don’t just break in — they blend in. In this second installment of the Last Watchdog Strategic LinkedIn Reel (LW SLR) series, Corelight CEO Brian Dye delivers a clear-eyed take on how defenders can regain the upper hand with network-derived ground truth. This high-impact reel distills key insights from our RSAC 2025 Fireside Chat, including how NDR empowers SOC teams to trace the full attack path — from initial access to containment — and to prove what

article thumbnail

Hackers Deploy Stealth Backdoor in WordPress Mu-Plugins to Maintain Admin Access

The Hacker News

Cybersecurity researchers have uncovered a new stealthy backdoor concealed within the "mu-plugins" directory in WordPress sites to grant threat actors persistent access and allow them to perform arbitrary actions. Must-use plugins (aka mu-plugins) are special plugins that are automatically activated on all WordPress sites in the installation.

article thumbnail

Supply Chain Vulnerability Strikes Again in Allianz Life Data Breach

SecureWorld News

The recent data breach at Allianz Life Insurance Company of North America serves as a reminder of the pervasive threat posed by supply chain attacks, even to seemingly robust organizations. Disclosed on Friday, July 25th, the incident reportedly impacted the personally identifiable information (PII) of most of its 1.4 million U.S. customers, along with professionals and select employees.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

400,000 WordPress Sites at Risk: CVE-2025-24000 in Post SMTP Plugin Allows Full Site Takeover

Penetration Testing

A broken access control vulnerability (CVE-2025-24000) in Post SMTP WordPress plugin allows low-privileged users to take over administrator accounts and full sites.

article thumbnail

U.S. CISA urges FCEB agencies to fix two Microsoft SharePoint flaws immediately and added them to its Known Exploited Vulnerabilities catalog

Security Affairs

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds two Microsoft SharePoint flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two Microsoft SharePoint flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these flaws: CVE-2025-49704 Microsoft SharePoint Code Injection Vulnerability CVE-2025-49706 Microsoft SharePoint Improper Authentication Vulnerability This week, Mi

article thumbnail

ISO 27001 Readiness Checklist: Mastering Certification for Your Organization

Centraleyes

Key Takeaways ISO 27001:2022 is fully in effect, and all certified organizations must transition by October 31, 2025. A readiness assessment is not a formal audit. Use a self-assessment checklist to evaluate documentation, scope, risks, and your Statement of Applicability. This blog’s 9-step checklist prepares you to pass ISO 27001:2022 Stage 1 and move into full implementation.

article thumbnail

Patchwork Targets Turkish Defense Firms with Spear-Phishing Using Malicious LNK Files

The Hacker News

The threat actor known as Patchwork has been attributed to a new spear-phishing campaign targeting Turkish defense contractors with the goal of gathering strategic intelligence.

article thumbnail

Next-Level Fraud Prevention: Strategies for Today’s Threat Landscape

Speaker: Sierre Lindgren

Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.

article thumbnail

Penetration Testing for Compliance: Achieving SOC 2, PCI DSS, and HIPAA

NetSpi Executives

TL;DR When it comes to achieving and maintaining compliance with industry standards like SOC 2, PCI DSS, and HIPAA, penetration testing plays a crucial role. Read on to discover actionable insights into why compliance matters, how penetration testing ensures data security, and the steps your business can take to integrate penetration testing into your compliance strategy.

article thumbnail

18 Serious Flaws (CVSS up to 9.8) Expose Samsung MagicINFO 9 Servers to Full Compromise

Penetration Testing

18 severe vulnerabilities (CVSS up to 9.8) found in Samsung MagicINFO 9 Server allow RCE, web shell uploads, and auth bypass via hardcoded credentials. Update immediately!

article thumbnail

Scattered Spider targets VMware ESXi in using social engineering

Security Affairs

Scattered Spider targets VMware ESXi in North America using social engineering, mainly fake IT help desk calls instead of software exploits. The cybercrime group Scattered Spider (aka 0ktapus , Muddled Libra , Octo Tempest , and UNC3944 ) is targeting VMware ESXi hypervisors in retail, airline, and transportation sectors across North America. According to Google’s Mandiant team, the group uses social engineering, mainly deceptive phone calls to IT help desks, rather than software exploits.

article thumbnail

News Alert: SquareX exposes DevTools blind spot allowing widespread browser extension attacks

The Last Watchdog

Palo Alto, Calif., July 29, 2025, CyberNewswire — Despite the expanding use of browser extensions, the majority of enterprises and individuals still rely on labels such as “Verified” and “Chrome Featured” provided by extension stores as a security indicator. The recent Geco Colorpick case exemplifies how these certifications provide nothing more than a false sense of security – Koi Research[1] disclosed 18 malicious extensions that distributed spyware to 2.3M users, with most bearing the w

article thumbnail

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.