Microsoft has confirmed that a pair of zero-day vulnerabilities in on-premises SharePoint Server, collectively dubbed ToolShell, are under active exploitation by diverse threat actors ranging from opportunistic cybercriminals to sophisticated nation-state advanced persistent threat (APT) groups. ToolShell encompasses CVE-2025-53770, a…
1692 search results for "zero, trust"
IT Security News Daily Summary 2025-07-24
206 posts were published in the last hour 21:32 : Coyote malware is first-ever malware abusing Windows UI Automation 21:32 : Euro healthcare giant AMEOS Group shuts down IT systems after mystery attack 21:3 : CISA Recommends Segmentation & Zero…
IT Security News Hourly Summary 2025-07-24 21h : 28 posts
28 posts were published in the last hour 19:3 : Surge in Phishing Attacks Exploiting Spoofed SharePoint Domains and Sneaky 2FA Tactics 19:3 : Secure Microservices in Java: Cloud-Native Design With Zero Trust Architecture 19:3 : SharePoint Zero-Day Exploited in…
Metasploit Module Released to Exploit SharePoint 0-Day Vulnerabilities
Security researchers have released a Metasploit exploitation module targeting critical zero-day vulnerabilities in Microsoft SharePoint Server, marking a significant escalation in the threat landscape for enterprise collaboration platforms. The module exploits a chain of unauthenticated remote code execution flaws identified…
IT Security News Daily Summary 2025-07-23
195 posts were published in the last hour 21:32 : Sophos fixed two critical Sophos Firewall vulnerabilities 21:32 : Lumma Stealer Via Fake Cracked Software Steals Login Credentials and Private Files 21:3 : Google Patched A Chrome Zero-Day That Allowed…
Chinese Hackers Exploit Active 0-Day Vulnerability in SharePoint Servers
Microsoft has confirmed that Chinese nation-state actors are actively exploiting zero-day vulnerabilities in on-premises SharePoint servers, prompting urgent security updates and immediate patching recommendations for organizations worldwide. Vulnerability Discovery and Active Exploitation On July 19, 2025, Microsoft Security Response Center…
IT Security News Daily Summary 2025-07-22
210 posts were published in the last hour 21:32 : Cloud Logging for Security and Beyond 21:32 : Funding for program to stop next Stuxnet from hitting US expired Sunday 21:3 : Apple alerted Iranians to iPhone spyware attacks, say…
Implementing Least Privilege in AWS IAM: Principles, Practices, and Automation
The principle of least privilege is fundamental to securing cloud environments by ensuring that identities have only the permissions necessary to perform their tasks. In AWS Identity and Access Management (IAM), sticking to the principle of least privilege is one…
Hackers Selling macOS 0-Day LPE Exploit on Dark Forums
A threat actor claiming to possess a zero-day Local Privilege Escalation (LPE) exploit targeting Apple’s macOS operating system has emerged on underground cybercriminal forums, offering the vulnerability for sale at a substantial price point. The alleged exploit, if genuine, represents…
IT Security News Hourly Summary 2025-07-22 12h : 11 posts
11 posts were published in the last hour 9:35 : Figma Seeks Up To $16bn Valuation With NYSE IPO 9:35 : US Lawmakers Press Tech Giants Over Cable Security 9:35 : Cybercriminals Merge Android Malware with Click Fraud Apps to…
IT Security News Daily Summary 2025-07-21
167 posts were published in the last hour 21:34 : Google just teased its new flagship phone early – Here’s what we’ve gathered 21:7 : UNG0002 Deploys Weaponized LNK Files with Cobalt Strike and Metasploit to Target Organizations 21:7 :…
Snake Keylogger Uses Persistence via Scheduled Tasks to Steal Login Data Undetected
Researchers have uncovered a sophisticated phishing campaign zeroing in on Turkish enterprises, with a particular focus on the defense and aerospace industries. Threat actors are masquerading as Turkish Aerospace Industries (TUSAÅž), a key defense contractor, to disseminate malicious emails that…
IT Security News Hourly Summary 2025-07-21 15h : 10 posts
10 posts were published in the last hour 12:32 : My 8 ChatGPT Agent tests produced only 1 near-perfect result – and a lot of alternative facts 12:32 : Critical CrushFTP vulnerability exploited. Have you been targeted? (CVE-2025-54309) 12:6 :…
âš¡ Weekly Recap: SharePoint 0-Day, Chrome Exploit, macOS Spyware, NVIDIA Toolkit RCE and More
Even in well-secured environments, attackers are getting in—not with flashy exploits, but by quietly taking advantage of weak settings, outdated encryption, and trusted tools left unprotected. These attacks don’t depend on zero-days. They work by staying unnoticed—slipping through the cracks…
CISA Issues Alert on Microsoft SharePoint 0-Day RCE Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent security alert regarding a critical zero-day vulnerability in Microsoft SharePoint Server that is being actively exploited in cyberattacks. The vulnerability, tracked as CVE-2025-53770, represents a significant threat to organizations…
CrushFTP 0-Day Vulnerability Actively Exploited to Breach Servers
A critical zero-day vulnerability in CrushFTP servers is being actively exploited by threat actors to compromise systems worldwide. The vulnerability, designated CVE-2025-54309, was first observed in active exploitation on July 18th at 9:00 AM CST, though security researchers believe the…
Week in Review: Pentagon’s Chinese Engineers, Gemini’s email phish, 20-year-old railroad flaw persists
Link to episode page This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Cyrus Tibbs, CISO, PennyMac Thanks to our show sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security,…
Practical Steps to Secure the Software Supply Chain End to End
Editor’s Note: The following is an article written for and published in DZone’s 2025 Trend Report, Software Supply Chain Security: Enhancing Trust and Resilience Across the Software Development Lifecycle. The software supply chain has rapidly evolved into a critical vulnerability point…
Reduce risk in Kubernetes: How to separate admin roles for safer, compliant operations
In enterprise Kubernetes environments, security risks often arise from overlapping administrative access. Platform engineers, infrastructure operators and developers may all touch sensitive resources, like secrets. This creates opportunities for privilege misuse or data exposure. By separating admin duties using Confidential…
Taiwan semiconductor sector hacked, Salt Typhoon breaches National Guard, Congress ponders Stuxnet
Chinese hackers use Cobalt Strike on Taiwan’s semiconductor sector Salt Typhoon breaches National Guard and steals network configurations Congress considers Stuxnet to manage OT threats Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint…