Every SOC analyst knows the frustration. Your SIEM generates hundreds, sometimes thousands of alerts daily. Each alert demands attention, but with limited time and resources, how do you prioritize effectively? Investigating each alert in isolation leaves teams reactive, overwhelmed, and…
Tag: Cyber Security News
Microsoft September 2025 Patch Tuesday – 81 Vulnerabilities Fixed Including 22 RCE
Microsoft has released its September 2025 Patch Tuesday updates, addressing a total of 81 security vulnerabilities across its product suite. The security patches cover a wide range of software, including Windows, Microsoft Office, Azure, and SQL Server. Among the fixes…
Beware of Phishing Email from Kimusky Hackers With Subject Spetember Tax Return Due Date Notice
A new wave of phishing attacks purporting to originate from South Korea’s National Tax Service has emerged, leveraging familiar electronic document notifications to trick recipients into divulging their Naver credentials. Distributed on August 25, 2025, the email mimics the official…
FortiDDoS OS Command Injection Vulnerability Let Attackers Execute Unauthorized Commands
Fortinet has disclosed a medium-severity vulnerability in its FortiDDoS-F product line that could allow a privileged attacker to execute unauthorized commands. Tracked as CVE-2024-45325, the flaw is an OS command injection vulnerability residing within the product’s command-line interface (CLI). The…
Salat Stealer Exfiltrates Browser Credentials Via Sophisticated C2 Infrastructure
Salat Stealer has emerged as a pervasive threat targeting Windows endpoints with a focus on harvesting browser-stored credentials and cryptocurrency wallet data. First detected in August 2025, this Go-based infostealer leverages a range of evasion tactics, including UPX packing and…
New RatOn Takes Control Over Bank Account and Initiates Automated Money Transfers
Cybersecurity researchers have observed the emergence of a novel Android banking trojan, RatOn in recent months that seamlessly combines remote access capabilities with NFC relay technology and Automated Transfer System (ATS) functions. Initially detected in mid-July 2025, RatOn’s multi-stage architecture…
Microsoft Anti-Spam Bug Blocks Users From Opening URLs in Exchange Online and Teams
A widespread issue with Microsoft’s anti-spam filtering service is preventing some Exchange Online and Microsoft Teams users from opening URLs, disrupting workflows across organizations. The problem, tracked under Microsoft advisory MO1148487, remains ongoing as the company works on a permanent…
Police Body Camera Apps Sending Data to Cloud Servers Hosted in China Via TLS Port 9091
Police-issued body cameras have become ubiquitous tools for recording law enforcement encounters, yet a recent investigation has uncovered troubling design choices in a budget-friendly system that compromise both privacy and data integrity. The Viidure mobile application, designed to transfer video…
Top 10 Best Penetration Testing as a Service (PTaaS) Companies in 2025
Penetration Testing as a Service (PTaaS) is a modern evolution of traditional pentesting that combines the speed and efficiency of a platform with the skill of human ethical hackers. Unlike the time-consuming, point-in-time nature of traditional engagements, PTaaS offers a…
Critical Ivanti Endpoint Manager Vulnerabilities Let Attackers Execute Remote Code
Ivanti has released security updates to address two high-severity vulnerabilities in its Endpoint Manager (EPM) software that could allow remote code execution. The vulnerabilities, tracked as CVE-2025-9712 and CVE-2025-9872, affect multiple versions of the product. The company has stated that…
Top 10 Best External Penetration Testing Companies in 2025
External penetration testing is a crucial practice for any organization aiming to validate its security posture against real-world threats. In 2025, with the proliferation of cloud services, SaaS applications, and remote work, an organization’s external attack surface is larger and…
Jaguar Land Rover Extends Factory Shutdown Following Cyber Attack
Jaguar Land Rover (JLR) has extended the shutdown of its UK factories until at least Wednesday, more than a week after a significant cyber attack crippled its operations. The production halt, which began after the company detected the breach on…
New Cyber Attack Weaponizes DeskSoft to Deploy Malware Leveraging RDP Access to Execute Commands
A sophisticated cyber attack has emerged targeting organizations through a malicious impersonation of DeskSoft’s legitimate EarthTime application, deploying multiple malware families in a coordinated ransomware operation. The attack represents a concerning evolution in threat actor tactics, demonstrating how legitimate software…
How a Faulty Windows Driver Can Cause a System Crash and Blue Screen of Death
A recent analysis of a Windows kernel-memory dump has provided a detailed look into a DRIVER_POWER_STATE_FAILURE, a critical error that results in a Blue Screen of Death (BSOD). The investigation reveals how a single malfunctioning driver can cause a system-wide…
New APT37 Attacking Windows Machines With New Rust and Python Based Malware
APT37, the North Korean-aligned threat actor also known as ScarCruft, Ruby Sleet, and Velvet Chollima, has expanded its arsenal with sophisticated new malware targeting Windows systems. Active since 2012, the group primarily focuses on South Korean individuals connected to the…
Magento and Adobe SessionReaper Vulnerability Exposes Thousands Of Online Stores to Attacks
Adobe has issued an emergency security patch for a critical vulnerability in its Magento and Adobe Commerce platforms, dubbed “SessionReaper”. The vulnerability is considered one of the most severe in Magento’s history, prompting an out-of-band update on Tuesday, September 9th,…
MostereRAT Attacking Windows Systems With AnyDesk/TightVNC to Enable Remote Access
Security researchers have uncovered a sophisticated campaign in recent weeks leveraging a novel Remote Access Trojan (RAT) dubbed MostereRAT that targets Windows systems by deploying legitimate remote access tools such as AnyDesk and TightVNC. The malware’s emergence represents a significant…
SAP Security Patch Day September 2025 – 21 Vulnerabilities and 4 Critical One’s Patched
As part of its scheduled security maintenance, SAP released its September 2025 Patch Day notes, addressing a total of 21 new vulnerabilities and providing updates to four previously released security advisories. Among the newly addressed flaws are four critical vulnerabilities…
New Malware Attack Leveraging Exposed Docker APIs to Maintain Persistent SSH Root Access
A sophisticated malware strain targeting exposed Docker APIs has emerged with enhanced infection capabilities that go beyond traditional cryptomining operations. The threat, discovered in August 2025, demonstrates evolved tactics designed to establish persistent root access while denying other attackers access…
Elastic Security Incident – Hackers Accessed Email Account Contains Valid Credentials
Elastic has disclosed a security incident stemming from a third-party breach at Salesloft Drift, which resulted in unauthorized access to an internal email account containing valid credentials. While the company’s core Salesforce environment was not impacted, the incident exposed sensitive…