Category: Uncategorized
-

Ivanti Flaw CVE-2025-0282 Actively Exploited, Impacts Connect Secure and Policy Secure [email protected] (The Hacker News)
Ivanti is warning that a critical security flaw impacting Ivanti Connect Secure, Policy Secure, and ZTA Gateways has come under active exploitation in the wild beginning mid-December 2024. The security vulnerability in question is CVE-2025-0282 (CVSS score: 9.0), a stack-based buffer overflow that affects Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version…
-

Neglected Domains Used in Malspam to Evade SPF and DMARC Security Protections [email protected] (The Hacker News)
Cybersecurity researchers have found that bad actors are continuing to have success by spoofing sender email addresses as part of various malspam campaigns. Faking the sender address of an email is widely seen as an attempt to make the digital missive more legitimate and get past security mechanisms that could otherwise flag it as malicious.…
-

Researchers Expose NonEuclid RAT Using UAC Bypass and AMSI Evasion Techniques [email protected] (The Hacker News)
Cybersecurity researchers have shed light on a new remote access trojan called NonEuclid that allows bad actors to remotely control compromised Windows systems. “The NonEuclid remote access trojan (RAT), developed in C#, is a highly sophisticated malware offering unauthorised remote access with advanced evasion techniques,” Cyfirma said in a technical analysis published last week. “It…
-

Top 5 Malware Threats to Prepare Against in 2025 [email protected] (The Hacker News)
2024 had its fair share of high-profile cyber attacks, with companies as big as Dell and TicketMaster falling victim to data breaches and other infrastructure compromises. In 2025, this trend will continue. So, to be prepared for any kind of malware attack, every organization needs to know its cyber enemy in advance. Here are 5…
-

Mirai Botnet Variant Exploits Four-Faith Router Vulnerability for DDoS Attacks [email protected] (The Hacker News)
A Mirai botnet variant has been found exploiting a newly disclosed security flaw impacting Four-Faith industrial routers since early November 2024 with the goal of conducting distributed denial-of-service (DDoS) attacks. The botnet maintains approximately 15,000 daily active IP addresses, with the infections primarily scattered across China, Iran, Russia, Turkey, and the United States.Read More
-

FCC Launches ‘Cyber Trust Mark’ for IoT Devices to Certify Security Compliance [email protected] (The Hacker News)
The U.S. government on Tuesday announced the launch of the U.S. Cyber Trust Mark, a new cybersecurity safety label for Internet-of-Things (IoT) consumer devices. “IoT products can be susceptible to a range of security vulnerabilities,” the U.S. Federal Communications Commission (FCC) said. “Under this program, qualifying consumer smart products that meet robust cybersecurity standards will…
-
How to protect VMs with Azure Bastion hosts
Post ContentRead More
-

CISA Flags Critical Flaws in Mitel and Oracle Systems Amid Active Exploitation [email protected] (The Hacker News)
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added three flaws impacting Mitel MiCollab and Oracle WebLogic Server to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The list of vulnerabilities is as follows – CVE-2024-41713 (CVSS score: 9.1) – A path traversal vulnerability in Mitel MiCollab that could allow…
-

Researchers Uncover Major Security Flaw in Illumina iSeq 100 DNA Sequencers [email protected] (The Hacker News)
Cybersecurity researchers have uncovered firmware security vulnerabilities in the Illumina iSeq 100 DNA sequencing instrument that, if successfully exploited, could permit attackers to brick or plant persistent malware on susceptible devices. “The Illumina iSeq 100 used a very outdated implementation of BIOS firmware using CSM [Compatibility Support Mode] mode and without Secure Boot or standardRead…
-
CISA: BeyondTrust breach affected Treasury Department only
Post ContentRead More
