The proliferation of microservices architecture has fundamentally transformed how organizations build and deploy applications, offering unprecedented scalability and agility. However, this distributed approach introduces complex security challenges that traditional monolithic security models cannot adequately address. Unlike centralized security in monolithic…
Tag: Cyber Security News
Microsoft Teams New Audit log Feature Allows Admins to Track Individuals Actions
Microsoft is set to revolutionize enterprise security monitoring with comprehensive audit logging capabilities for screen sharing and control features in Microsoft Teams, rolling out in July 2025. Microsoft announced a significant enhancement to its enterprise security toolkit with the introduction…
Microsoft Defender XDR New Advanced Hunting Tables for Email and Cloud Protections
Microsoft has announced the introduction of two powerful new data tables to its Defender XDR advanced hunting capabilities, marking a significant enhancement to the platform’s threat detection and investigation capabilities. The CampaignInfo and FileMaliciousContentInfo tables will provide security operations center…
Microsoft Teams New Update Enhances Productivity & Customization
Microsoft has announced a significant productivity enhancement coming to Microsoft 365 that will allow users to open core collaboration applications in separate windows, marking a major step forward in workspace customization and multitasking capabilities. The new feature, identified under Microsoft…
Windows Remote Desktop Services Vulnerability Allows Remote Code Execution
A critical security vulnerability in Windows Remote Desktop Services, designated as CVE-2025-32710, which allows unauthorized attackers to execute arbitrary code remotely without authentication. Released on June 10, 2025, this vulnerability affects multiple Windows Server versions and carries a CVSS score…
Salesforce OmniStudio Vulnerabilities Exposes Sensitive Customer Data in Plain Text
A critical security flaw in Salesforce OmniStudio has been discovered that allows unauthorized access to sensitive customer information stored in plain text format, potentially affecting thousands of organizations worldwide. The vulnerability exploits inadequate data encryption protocols within the platform’s digital…
Firefox Patches Multiple Vulnerabilities That Could Lead to Browser Crash
Mozilla has released Firefox 139.0.4 to address critical security vulnerabilities that could potentially cause browser crashes and compromise user security. These high-impact vulnerabilities CVE-2025-49709 and CVE-2025-49710 exploit fundamental components of Firefox’s graphics rendering system and JavaScript engine, respectively, posing risks…
Microsoft Outlook Vulnerability Let Attackers Execute Arbitrary Code Remotely
A significant security vulnerability in the Microsoft Outlook email client could allow attackers to execute arbitrary code remotely, even if they require local access to trigger the exploit. The vulnerability, designated as CVE-2025-47176, was released on June 10, 2025, and…
Multiple Chrome Vulnerabilities Allow Attackers to Execute Malicious Code Remotely
Google has released an important security update for Chrome Desktop, addressing two high-severity vulnerabilities that could enable attackers to execute malicious code remotely on users’ systems. The Stable channel has been updated to version 137.0.7151.103/.104 for Windows and Mac, and…
New Report Warns of Internet is The Top Threat Source for Industrial Automation Systems
A comprehensive new cybersecurity assessment has revealed that internet connectivity poses the most significant threat to industrial control systems (ICS) worldwide, with malicious activities targeting critical infrastructure through web-based attack vectors reaching unprecedented levels. The latest quarterly threat landscape report…
Beware of Instagram Growth That Steals User Login Credentials & Send to Attacker Server
A sophisticated Python-based malware campaign has emerged targeting Instagram users desperate for social media growth, disguising itself as a legitimate follower-boosting tool while secretly harvesting login credentials. The malicious PyPI package, identified as “imad213,” presents itself professionally on GitHub with…
Threat Hunting 101 – Proactive Cybersecurity Strategies for Experts
Modern cybersecurity threats have evolved beyond traditional perimeter defenses, necessitating the adoption of proactive hunting methodologies that anticipate breach scenarios. This comprehensive guide explores advanced threat hunting strategies, technical frameworks, and practical implementation approaches that enable security professionals to identify…
Windows 11 Cumulative Updates KB5060842 Released with June Patch Tuesday
Microsoft has rolled out the June 2025 Patch Tuesday update for Windows 11, version 24H2, with the release of KB5060842 (OS Build 26100.4349). This security-focused update addresses critical vulnerabilities and includes enhancements from the previous preview update, KB5058499, released on…
KB5060999 – Microsoft Releases Windows 11 Cumulative Update for Enhanced Security
Microsoft has rolled out a new cumulative update, KB5060999, for Windows 11 versions 22H2 and 23H2, targeting Enterprise, Education, and all editions. This update, impacting OS Builds 22621.5472 and 22631.5472, focuses primarily on bolstering security for the Windows operating system.…
Blockchain Security – Protecting Decentralized Applications
Decentralized applications (DApps) have revolutionized blockchain technology by enabling trustless, transparent operations across various industries. However, with over $6 billion lost to security breaches in 2024 alone, protecting these applications has become paramount for developers and organizations. This comprehensive guide…
APT Hackers Exploited Windows WebDAV 0-Day RCE Vulnerability in the Wild to Deploy Malware
A sophisticated cyberattack campaign by the advanced persistent threat group, Stealth Falcon, which exploited a previously unknown zero-day vulnerability to target a major Turkish defense company and execute malware remotely. The attack leveraged CVE-2025-33053, a remote code execution vulnerability that…
Fortinet Security Update: Critical Patch Addressing Multiple Vulnerabilities Across Products
Fortinet has released security updates addressing multiple vulnerabilities across its product portfolio, including FortiOS, FortiAnalyzer, FortiProxy, and FortiWeb systems. The cybersecurity company’s Product Security Incident Response Team (PSIRT) published advisories covering flaws ranging from privilege escalation to command injection vulnerabilities…
Windows WEBDAV 0-Day RCE Vulnerability Actively Exploited in the Wild – All Versions Affected
Microsoft has confirmed that a critical zero-day vulnerability in its Web Distributed Authoring and Versioning (WebDAV) implementation is being actively exploited by attackers in the wild, prompting an urgent security update as part of June 2025’s Patch Tuesday. The vulnerability,…
Hackers Continue to Leverage ConnectWise ScreenConnect Tool to Deploy Malware
Cybercriminals are intensifying their exploitation of ConnectWise ScreenConnect, a legitimate remote monitoring and management (RMM) tool, to deploy sophisticated malware campaigns targeting global financial organizations. This alarming trend represents a significant evolution in threat actor tactics, as attackers leverage digitally…
Indian Authorities Dismantled Cybercriminals That Impersonate as Microsoft Tech Support
India’s Central Bureau of Investigation successfully dismantled a sophisticated transnational cybercriminal network that impersonated Microsoft technical support services, targeting vulnerable older adults primarily in Japan. The coordinated operation on May 28, 2025, involved raids across 19 locations throughout India, resulting…