cybersecurity vulnerabilities

From Security Week – In Other News: Apple Improving Malware Detection, Cybersecurity Funding, Cyber Command Chief Fired

[[{"value":"Noteworthy stories that might have slipped under the radar: Apple adding TCC events to Endpoint Security, cybersecurity funding report for Q1 2025, Trump fires the head of NSA and Cyber…

shaikh Saqib April 4, 2025

News

From Security Week – Details Emerge on CVE Controversy Around Exploited CrushFTP Vulnerability

[[{"value":"Two CVEs now exist for an actively exploited CrushFTP vulnerability and much of the security industry is using the ‘wrong one’. The post Details Emerge on CVE Controversy Around Exploited…

shaikh Saqib April 3, 2025

News

From Dark Reading – Google Quick Share Bug Bypasses Allow Zero-Click File Transfer

Google addresses patch bypasses for CVE-2024-38272 and CVE-2024-38271, part of the previously announced "QuickShell" silent RCE attack chain against Windows users. Read More

shaikh Saqib April 3, 2025

News

From Security Week – Vulnerabilities Expose Cisco Meraki and ECE Products to DoS Attacks

[[{"value":"Cisco fixes two high-severity denial-of-service vulnerabilities in Meraki devices and Enterprise Chat and Email. The post Vulnerabilities Expose Cisco Meraki and ECE Products to DoS Attacks appeared first on SecurityWeek."}]] Read…

shaikh Saqib April 3, 2025

News

From The Hacker News – Google Patches Quick Share Vulnerability Enabling Silent File Transfers Without Consent

Cybersecurity researchers have disclosed details of a new vulnerability impacting Google's Quick Share data transfer utility for Windows that could be exploited to achieve a denial-of-service (DoS) or send arbitrary files to a target's device without their approval. The flaw, tracked as CVE-2024-10668 (CVSS score: 5.9), is a bypass for two of the 10 shortcomings that were originally disclosed by

shaikh Saqib April 3, 2025

Webinars

From The Hacker News – Live Ransomware Demo: See How Hackers Breach Networks and Demand a Ransom

Cyber threats evolve daily. In this live webinar, learn exactly how ransomware attacks unfold—from the initial breach to the moment hackers demand payment. Join Joseph Carson, Delinea’s Chief Security Scientist and Advisory CISO, who brings 25 years of enterprise security expertise. Through a live demonstration, he will break down every technical step of a ransomware attack, showing you how

Samir K March 14, 2025

News

From Security Week – Zoom Patches 4 High-Severity Vulnerabilities

[[{"value":"Zoom has patched five vulnerabilities in its applications, including four high-severity flaws. The post Zoom Patches 4 High-Severity Vulnerabilities appeared first on SecurityWeek."}]] Read More

shaikh Saqib March 12, 2025

News

From The Hacker News – Blind Eagle Hacks Colombian Institutions Using NTLM Flaw, RATs and GitHub-Based Attacks

The threat actor known as Blind Eagle has been linked to a series of ongoing campaigns targeting Colombian institutions and government entities since November 2024. "The monitored campaigns targeted Colombian judicial institutions and other government or private organizations, with high infection rates," Check Point said in a new analysis. "More than 1,600 victims were affected during one of

shaikh Saqib March 11, 2025

News

From Security Week – Chrome 134, Firefox 136 Patch High-Severity Vulnerabilities

[[{"value":"Chrome 134 and Firefox 136 are rolling out across desktop and mobile with patches for multiple high-severity vulnerabilities. The post Chrome 134, Firefox 136 Patch High-Severity Vulnerabilities appeared first on…

shaikh Saqib March 5, 2025

News

From Security Week – Exploitation Long Known for Most of CISA’s Latest KEV Additions

[[{"value":"Exploitation has been known for months or years for most of the latest vulnerabilities added by CISA to its KEV catalog. The post Exploitation Long Known for Most of CISA’s…

shaikh Saqib March 4, 2025

News

From The Hacker News – Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks

Threat actors have been exploiting a security vulnerability in Paragon Partition Manager's BioNTdrv.sys driver in ransomware attacks to escalate privileges and execute arbitrary code. The zero-day flaw (CVE-2025-0289) is part of a set of five vulnerabilities that was discovered by Microsoft, according to the CERT Coordination Center (CERT/CC). "These include arbitrary kernel memory mapping and

shaikh Saqib March 3, 2025

Articles

From Graham Cluley – Stop targeting Russian hackers, Trump administration orders US Cyber Command

The Trump administration has told US cyber command and CISA to stop following or reporting on Russian cyber threats. Yes, Russia! That country everyone used to agree was home to…

shaikh Saqib March 3, 2025

News

From The Hacker News – Silver Fox APT Uses Winos 4.0 Malware in Cyber Attacks Against Taiwanese Organizations

A new campaign is targeting companies in Taiwan with malware known as Winos 4.0 as part of phishing emails masquerading as the country's National Taxation Bureau. The campaign, detected last month by Fortinet FortiGuard Labs, marks a departure from previous attack chains that have leveraged malicious game-related applications. "The sender claimed that the malicious file attached was a list of

shaikh Saqib February 27, 2025

News

From Dark Reading – Chinese APT Uses VPN Bug to Exploit Worldwide OT Orgs

Companies critical to the aviation and aerospace supply chains didn't patch a known CVE, providing opportunity for foreign espionage. Read More

shaikh Saqib February 27, 2025

News

From Dark Reading – How Hackers Make Salesforce More Secure in the Agentic AI Era

shaikh Saqib February 27, 2025