legacy system vulnerabilities

From Cyber Security News – NIST Will Mark All CVEs Published Before 01/01/2018 as ‘Deferred’

The National Institute of Standards and Technology (NIST) announced on April 2, 2025, that all Common Vulnerabilities and Exposures (CVEs) with a published date prior to January 1, 2018, will…

shaikh Saqib April 8, 2025

News

From Cyber Security News – CISA Warns of Windows Win32k Vulnerability Exploited to Run Arbitrary code

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory regarding CVE-2018-8639, a privilege escalation vulnerability in the Microsoft Windows Win32k component, which threat actors are actively exploiting to…

shaikh Saqib March 4, 2025

News

From Cyber Security News – Attackers Automating Vulnerability Exploits with Few Hours of Disclosure

The cybersecurity landscape of 2024 witnessed an unprecedented increase in mass internet exploitation, driven by attackers’ ability to automate vulnerability exploits within hours of disclosure. GreyNoise’s 2025 Mass Internet Exploitation…

shaikh Saqib March 3, 2025

News

From Dark Reading – Salt Typhoon’s Impact on the US & Beyond

Salt Typhoon underscores the urgent need for organizations to rapidly adopt modern security practices to meet evolving threats. Read More

shaikh Saqib February 11, 2025

News

From Cyber Security News – New Attack Technique Uncovered Abusing Kerberos Delegation in Active Directory Networks

A new attack vector exploiting vulnerabilities in Kerberos delegation within Active Directory (AD) networks has been uncovered, posing significant risks to enterprise security. This technique leverages the inherent weaknesses of…

shaikh Saqib February 7, 2025