UTMStack is an open-source unified threat management platform that brings SIEM and XDR features into one system. The project focuses on real time correlation of log data, threat intelligence, and malware activity patterns gathered from different sources. The goal is…
Category: EN
Google Chrome’s AI Safety Plan? More AI
Cybersecurity Today: Google Chrome’s AI Safety Plan, React2Shell Fixes, & New Ransomware Tactics In this episode of Cybersecurity Today, host Jim Love discusses Google’s new security blueprint for AI-powered Chrome agents, highlighting measures against indirect prompt injections and model errors.…
Building SOX compliance through smarter training and stronger password practices
A SOX audit can reveal uncomfortable truths about how a company handles access to financial systems. Even organizations that invest in strong infrastructure often discover that everyday password habits weaken the controls they thought were solid. CISOs know that passwords…
Fortinet, Ivanti, and SAP Issue Urgent Patches for Authentication and Code Execution Flaws
Fortinet, Ivanti, and SAP have moved to address critical security flaws in their products that, if successfully exploited, could result in an authentication bypass and code execution. The Fortinet vulnerabilities affect FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager and relate to a…
How to customize your response to layer 7 DDoS attacks using AWS WAF Anti-DDoS AMR
Over the first half of this year, AWS WAF introduced new application-layer protections to address the growing trend of short-lived, high-throughput Layer 7 (L7) distributed denial of service (DDoS) attacks. These protections are provided through the AWS WAF Anti-DDoS AWS…
Windows Cloud Files Mini Filter Driver 0-Day Vulnerability Exploited in the Wild to Escalate Privileges
Microsoft has released urgent security updates to address a zero-day vulnerability in the Windows Cloud Files Mini Filter Driver (cldflt.sys) that is currently being exploited in the wild. Assigned the identifier CVE-2025-62221, this elevation of privilege flaw affects a wide…
Microsoft 365 Services Disruption in Australia: Users Face Access Issues in Accessing Services
Users across Australia are currently grappling with significant disruptions to critical business tools as Microsoft 365 services experience a widespread outage. The incident, which began on the morning of December 10, 2025, is preventing a large number of enterprise and…
New SVG-Based Clickjacking Technique Exposes Cross-Origin Data Through CSS Filters
Security researcher Lyra Rebane has developed a new type of clickjacking attack that cleverly exploits Scalable Vector Graphics (SVG) and Cascading Style Sheets (CSS) to bypass traditional web protections. Rebane first showcased this discovery during BSides Tallinn in October…
UK Sanctions Russian and Chinese Firms Suspected of Being ‘Malign Actors’ in Information Warfare
Britain and its allies face escalating “hybrid threats … designed to weaken critical national infrastructure, undermine our interests and interfere in our democracies.” The post UK Sanctions Russian and Chinese Firms Suspected of Being ‘Malign Actors’ in Information Warfare appeared…
ISC Stormcast For Wednesday, December 10th, 2025 https://isc.sans.edu/podcastdetail/9732, (Wed, Dec 10th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Wednesday, December 10th, 2025…
GOLD BLADE: Custom QWCrypt Locker for Data Exfiltration and Ransomware Deployment
Between February 2024 and August 2025, security researchers uncovered a significant campaign orchestrated by the GOLD BLADE threat group, previously known as RedCurl, RedWolf, and Earth Kapre. The investigation of nearly 40 intrusions linked to STAC6565 reveals a sophisticated threat…
Threat Actors Poison SEO to Spread Fake Microsoft Teams Installer
The Chinese advanced persistent threat (APT) group Silver Fox (also known as Void Arachne) has launched a sophisticated search engine optimization (SEO) poisoning campaign targeting Chinese-speaking employees at organizations worldwide. The campaign distributes a counterfeit Microsoft Teams installer laced with…
Zoom Rooms on Windows and macOS Exposed to Privilege Escalation and Data Leakage Flaws
Zoom has released security patches addressing two critical vulnerabilities in Zoom Rooms deployments on both Windows and macOS. The vulnerabilities expose users to privilege escalation attacks and unauthorized software manipulation, prompting immediate update recommendations across enterprise environments. The first vulnerability,…
Makop Ransomware Targets RDP Systems Using AV Killer and Additional Exploits
Makop, a ransomware strain derived from Phobos, continues to pose a significant threat by exploiting exposed Remote Desktop Protocol (RDP) systems and integrating new attack components, including antivirus-killer modules and advanced privilege-escalation exploits. Recent investigations by Acronis TRU researchers reveal…
Microsoft December 2025 Patch Tuesday Fixes 56 Vulnerabilities Fixed and 3 Zero-days
Microsoft’s final Patch Tuesday of 2025 has been released, addressing 56 vulnerabilities across its product suite. The December update includes patches for three zero-day vulnerabilities, one of which is confirmed to be actively exploited in the wild. Among the resolved…
Microsoft reports 7.8-rated zero day, plus 56 more in December Patch Tuesday
Plus critical critical Notepad++, Ivanti, and Fortinet updates, and one of these patches an under-attack security hole Happy December Patch Tuesday to all who celebrate. This month’s patch party includes one Microsoft flaw under exploitation, plus two others listed as…
Microsoft Patch Tuesday for December 2025 — Snort rules and prominent vulnerabilities
The Patch Tuesday for December of 2025 includes 57 vulnerabilities, including two that Microsoft marked as “critical.” The remaining vulnerabilities listed are classified as “important.” Microsoft assessed that exploitation of the two “critical” vulnerabilities is “less likely.” This article has…
Microsoft Patch Tuesday, December 2025 Edition
Microsoft today pushed updates to fix at least 56 security flaws in its Windows operating systems and supported software. This final Patch Tuesday of 2025 tackles one zero-day bug that is already being exploited, as well as two publicly disclosed…
CVE-2025-53841: Guardicore Local Privilege Escalation Vulnerability
Get technical details about a security vulnerability (CVE-2025-53841) in Akamai’s Guardicore Platform Agent for Windows and clear guidance on mitigation. This article has been indexed from Blog Read the original article: CVE-2025-53841: Guardicore Local Privilege Escalation Vulnerability
Ivanti warns customers of new EPM flaw enabling remote code execution
Ivanti warns users to address a newly disclosed Endpoint Manager vulnerability that could let attackers execute code remotely. Software firm Ivanti addressed a newly disclosed vulnerability, tracked as CVE-2025-10573 (CVSS score 9.6), in its Endpoint Manager (EPM) solution. The vulnerability…