Collaborate Disseminate
CVE-2025-24054, a Windows NTLM hash disclosure vulnerability that Microsoft has issued patches for last month, has been leveraged by threat actors in campaigns targeting government and private institutions in Poland and Romania. “Active exploitat… Continue reading Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054)
The Nagios Security Team has fixed three critical vulnerabilities affecting popular enterprise log management and analysis platform Nagios Log Server. About the flaws The vulnerabilities, discovered and reported by security researchers Seth Kraft and A… Continue reading Critical flaws fixed in Nagios Log Server
Network edge devices — hardware that powers firewalls, VPNs and network routers — have quickly moved up the list of attackers’ preferred intrusion points into enterprise networks. While dozens of companies make and sell these devices, customers of one company in particular — Ivanti — have confronted exploited vulnerabilities in their products more than any […]
The post Is Ivanti the problem or a symptom of a systemic issue with network devices? appeared first on CyberScoop.
Continue reading Is Ivanti the problem or a symptom of a systemic issue with network devices?
I am wondering which type of traffic is more dangerous to a web server:
outgoing traffic or incoming traffic? Assume there are ports open for both.
Continue reading Which is more dangerous: incoming traffic or outgoing traffic? [closed]
UNC5221 has a knack for exploiting defects in Ivanti products. The group has exploited at least four vulnerabilities in the vendor’s products since 2023, according to Mandiant.
The post China-backed espionage group hits Ivanti customers again appeared first on CyberScoop.
Continue reading China-backed espionage group hits Ivanti customers again
CISA has published its analysis of Resurge, a SpawnChimera malware variant used in attacks targeting a recent Ivanti Connect Secure zero-day.
The post CISA Analyzes Malware Used in Ivanti Zero-Day Attacks appeared first on SecurityWeek.
Continue reading CISA Analyzes Malware Used in Ivanti Zero-Day Attacks
Google is in the process of rolling out Chrome v134.0.6998.178 to Windows users to fix CVE-2025-2783, a zero-day vulnerability that allowed attackers to to bypass Chrome sandbox protections. The vulnerability was flagged by Kaspersky researchers, who d… Continue reading Google fixes exploited Chrome sandbox bypass zero-day (CVE-2025-2783)
A Russian exploit acquisition firm is offering up to $4 million for a full-chain exploit targeting messaging service Telegram.
The post Russian Firm Offers $4 Million for Telegram Exploits appeared first on SecurityWeek.
Continue reading Russian Firm Offers $4 Million for Telegram Exploits
ROP usually uses a buffer overflow to overwrite the x86 return address. However, ARM stores that in a register. What is the effect of this on return-oriented programming attacks on non-x86 architectures?
On x86, the CALL instruction pushes… Continue reading How much do ARM-like link registers make return-oriented programming harder?
ROP usually uses a buffer overflow to overwrite the x86 return address. However, ARM stores that in a register. What is the effect of this on return-oriented programming attacks on non-x86 architectures?
On x86, the CALL instruction pushes… Continue reading How much do ARM-like link registers make return-oriented programming harder?