This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Wednesday, December 10th, 2025…
Tag: EN
GOLD BLADE: Custom QWCrypt Locker for Data Exfiltration and Ransomware Deployment
Between February 2024 and August 2025, security researchers uncovered a significant campaign orchestrated by the GOLD BLADE threat group, previously known as RedCurl, RedWolf, and Earth Kapre. The investigation of nearly 40 intrusions linked to STAC6565 reveals a sophisticated threat…
Threat Actors Poison SEO to Spread Fake Microsoft Teams Installer
The Chinese advanced persistent threat (APT) group Silver Fox (also known as Void Arachne) has launched a sophisticated search engine optimization (SEO) poisoning campaign targeting Chinese-speaking employees at organizations worldwide. The campaign distributes a counterfeit Microsoft Teams installer laced with…
Zoom Rooms on Windows and macOS Exposed to Privilege Escalation and Data Leakage Flaws
Zoom has released security patches addressing two critical vulnerabilities in Zoom Rooms deployments on both Windows and macOS. The vulnerabilities expose users to privilege escalation attacks and unauthorized software manipulation, prompting immediate update recommendations across enterprise environments. The first vulnerability,…
Makop Ransomware Targets RDP Systems Using AV Killer and Additional Exploits
Makop, a ransomware strain derived from Phobos, continues to pose a significant threat by exploiting exposed Remote Desktop Protocol (RDP) systems and integrating new attack components, including antivirus-killer modules and advanced privilege-escalation exploits. Recent investigations by Acronis TRU researchers reveal…
Microsoft December 2025 Patch Tuesday Fixes 56 Vulnerabilities Fixed and 3 Zero-days
Microsoft’s final Patch Tuesday of 2025 has been released, addressing 56 vulnerabilities across its product suite. The December update includes patches for three zero-day vulnerabilities, one of which is confirmed to be actively exploited in the wild. Among the resolved…
Microsoft reports 7.8-rated zero day, plus 56 more in December Patch Tuesday
Plus critical critical Notepad++, Ivanti, and Fortinet updates, and one of these patches an under-attack security hole Happy December Patch Tuesday to all who celebrate. This month’s patch party includes one Microsoft flaw under exploitation, plus two others listed as…
Microsoft Patch Tuesday for December 2025 — Snort rules and prominent vulnerabilities
The Patch Tuesday for December of 2025 includes 57 vulnerabilities, including two that Microsoft marked as “critical.” The remaining vulnerabilities listed are classified as “important.” Microsoft assessed that exploitation of the two “critical” vulnerabilities is “less likely.” This article has…
Microsoft Patch Tuesday, December 2025 Edition
Microsoft today pushed updates to fix at least 56 security flaws in its Windows operating systems and supported software. This final Patch Tuesday of 2025 tackles one zero-day bug that is already being exploited, as well as two publicly disclosed…
CVE-2025-53841: Guardicore Local Privilege Escalation Vulnerability
Get technical details about a security vulnerability (CVE-2025-53841) in Akamai’s Guardicore Platform Agent for Windows and clear guidance on mitigation. This article has been indexed from Blog Read the original article: CVE-2025-53841: Guardicore Local Privilege Escalation Vulnerability
Ivanti warns customers of new EPM flaw enabling remote code execution
Ivanti warns users to address a newly disclosed Endpoint Manager vulnerability that could let attackers execute code remotely. Software firm Ivanti addressed a newly disclosed vulnerability, tracked as CVE-2025-10573 (CVSS score 9.6), in its Endpoint Manager (EPM) solution. The vulnerability…
Shai-Hulud 2.0: Guidance for detecting, investigating, and defending against the supply chain attack
The Shai‑Hulud 2.0 supply chain attack represents one of the most significant cloud-native ecosystem compromises observed recently. Attackers maliciously modified hundreds of publicly available packages, targeting developer environments, continuous integration and continuous delivery (CI/CD) pipelines, and cloud-connected workloads to harvest credentials…
Exploitation of Critical Vulnerability in React Server Components (Updated December 9)
We discuss the CVSS 10.0-rated RCE vulnerability in the Flight protocol used by React Server Components. This is tracked as CVE-2025-55182. The post Exploitation of Critical Vulnerability in React Server Components (Updated December 9) appeared first on Unit 42. This…
How to Tell if Someone Blocked Your Number (+ What to Do Next)
While there’s no sure way to know if you’ve been blocked, there are signs that can get you closer to figuring it out. Here are four ways to check. The post How to Tell if Someone Blocked Your Number (+…
Spiderman Phishing Kit Targets European Banks with Real-Time Credential Theft
Varonis threat analysts warn about Spiderman, a dangerous new kit that automates attacks against European banks and crypto customers, stealing a victim’s full identity profile. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto…
The Dark Web Economy Behind Ad Fraud: What Marketers Don’t See
Ad fraud networks use bots, deepfakes and spoofed traffic to drain PPC budgets. This report shows how fake clicks distort performance data. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More Read…
How to answer the door when the AI agents come knocking
Identity management vendors like Okta see an opening to calm CISOs worried about agents running amok The fear of AI agents running amok has thus far halted the wide deployment of these digital workhorses, Okta’s president of Auth0, Shiv Ramji,…
CISA, FBI, and U.S. and Global Partners Urge Immediate Action to Defend Critical Infrastructure from Pro-Russia Hacktivist Threats
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from CISA News Read the original article: CISA, FBI, and U.S. and Global Partners Urge Immediate Action to…
Top data loss prevention tools for 2026
<p>Of all the security techniques aimed at ensuring data security and combating data breaches, data loss prevention tools are far and away the most common. DLP tools continuously monitor and analyze data to identify security policy violations and, if appropriate,…
Pro-Russia Hacktivists Conduct Opportunistic Attacks Against US and Global Critical Infrastructure
Summary Note: This joint Cybersecurity Advisory is being published as an addition to the Cybersecurity and Infrastructure Security Agency (CISA) May 6, 2025, joint fact sheet Primary Mitigations to Reduce Cyber Threats to Operational Technology and European Cybercrime Centre’s (EC3)…