enterprise

Microsoft releases urgent fix for actively exploited WSUS vulnerability (CVE-2025-59287)

BSI, Don't miss, enterprise, Hawktrace, Hot stuff, Microsoft, NCSC-NL, News, security update, SMBs, vulnerability, Windows Server /

Microsoft releases urgent fix for actively exploited WSUS vulnerability (CVE-2025-59287) 2025-10-24 at 15:38 By Zeljka Zorz Microsoft has released an out-of-band security update that “comprehensively” addresses CVE-2025-59287, a remote code execution vulnerability in the Windows Server Update Services (WSUS) that is reportedly being exploited in the wild. About CVE-2025-59287 WSUS is a tool that helps […]

React to this headline:

Loading spinner

Microsoft releases urgent fix for actively exploited WSUS vulnerability (CVE-2025-59287) Read More »

Attackers turn trusted OAuth apps into cloud backdoors

attack tools, automation, cloud security, Don't miss, enterprise, Hot stuff, Microsoft Entra ID, News, OAuth, privileged accounts, Proofpoint /

Attackers turn trusted OAuth apps into cloud backdoors 2025-10-22 at 15:43 By Zeljka Zorz Attackers are increasingly abusing internal OAuth-based applications to gain persistent access to cloud environments, Proofpoint researchers warn. These apps often remain unnoticed for quite some time and allow attackers to maintain access to high-privileged accounts even after passwords are reset or

React to this headline:

Loading spinner

Attackers turn trusted OAuth apps into cloud backdoors Read More »

Attackers are exploiting Gladinet CentreStack, Triofox vulnerability with no patch (CVE-2025-11371)

0-day, Don't miss, enterprise, file-sharing, Gladinet, Hot stuff, MSP, News, remote access, SMBs /

Attackers are exploiting Gladinet CentreStack, Triofox vulnerability with no patch (CVE-2025-11371) 2025-10-10 at 13:40 By Zeljka Zorz CVE-2025-11371, a unauthenticated Local File Inclusion vulnerability in Gladinet CentreStack and Triofox file-sharing and remote access platforms, is being exploited by attackers in the wild. While Gladinet is aware of the vulnerability and of its active exploitation, a

React to this headline:

Loading spinner

Attackers are exploiting Gladinet CentreStack, Triofox vulnerability with no patch (CVE-2025-11371) Read More »

Attackers compromised ALL SonicWall firewall configuration backup files

backup, cloud security, Don't miss, enterprise, firewall, Hot stuff, Mandiant, News, SMBs, SonicWall /

Attackers compromised ALL SonicWall firewall configuration backup files 2025-10-09 at 15:41 By Zeljka Zorz The attackers who brute-forced their way into SonicWall’s firewall cloud backup service accessed configuration backup files of all customers who have used the service, SonicWall stated on Wednesday, following the conclusion of a Mandiant-supported investigation into the incident. Early reports suggested

React to this headline:

Loading spinner

Attackers compromised ALL SonicWall firewall configuration backup files Read More »

Akira ransomware: From SonicWall VPN login to encryption in under four hours

Arctic Wolf Networks, credentials, Don't miss, enterprise, Hot stuff, MFA, News, Ransomware, SMBs, SonicWall, vulnerability /

Akira ransomware: From SonicWall VPN login to encryption in under four hours 2025-09-29 at 18:47 By Zeljka Zorz Four hours or less: that’s how long it takes for Akira affiliates to break into organizations and deploy the ransomware on their systems, Arctic Wolf researchers have warned. Armed with SonicWall SSL VPN credentials stolen in earlier

React to this headline:

Loading spinner

Akira ransomware: From SonicWall VPN login to encryption in under four hours Read More »

Attackers exploited critical Fortra GoAnywhere flaw in zero-day attacks (CVE-2025-10035)

0-day, Don't miss, enterprise, Fortra, Hot stuff, News, Rapid7, WatchTowr /

Attackers exploited critical Fortra GoAnywhere flaw in zero-day attacks (CVE-2025-10035) 2025-09-26 at 17:50 By Zeljka Zorz CVE-2025-10035, a perfect CVSS 10.0 vulnerability in the Fortra GoAnywhere managed file transfer solution, has apparently been exploited in zero-day attacks before the patch was released on September 15, 2025. Evidence of in-the-wild exploitation revealed On September 18, Fortra

React to this headline:

Loading spinner

Attackers exploited critical Fortra GoAnywhere flaw in zero-day attacks (CVE-2025-10035) Read More »

Cisco fixes IOS/IOS XE zero-day exploited by attackers (CVE-2025-20352)

0-day, Cisco, Don't miss, enterprise, Hot stuff, News, security update, SMBs /

Cisco fixes IOS/IOS XE zero-day exploited by attackers (CVE-2025-20352) 2025-09-25 at 15:33 By Zeljka Zorz Cisco has fixed 14 vulnerabilities in IOS and IOS XE software, among them CVE-2025-20352, a high-severity vulnerability that has been exploited in zero-day attacks. About CVE-2025-20352 Cisco IOS software can be found on older models of Cisco Catalyst switches, Integrated

React to this headline:

Loading spinner

Cisco fixes IOS/IOS XE zero-day exploited by attackers (CVE-2025-20352) Read More »

New framework sets baseline for SaaS security controls

AppOmni, cloud security, Cloud Security Alliance, enterprise, framework, GuidePoint Security, MongoDB, News, SaaS /

New framework sets baseline for SaaS security controls 2025-09-25 at 10:12 By Anamarija Pogorelec Managing security across dozens or even hundreds of SaaS apps has become a major headache. Each tool has its own settings, permissions, and logs, and most third-party risk processes only look at the vendor’s overall security, not the app itself. That

React to this headline:

Loading spinner

New framework sets baseline for SaaS security controls Read More »

Unpatched Fortra GoAnywhere instances at risk of full takeover (CVE-2025-10035)

Don't miss, enterprise, Fortra, News, security update, SMBs, VulnCheck, vulnerability /

Unpatched Fortra GoAnywhere instances at risk of full takeover (CVE-2025-10035) 2025-09-22 at 14:20 By Zeljka Zorz If you’re running Fortra’s GoAnywhere managed file transfer solution and you haven’t updated to the latest available version for a while, do so now or risk getting your instance compromised via CVE-2025-10035. About CVE-2025-10035 CVE-2025-10035 is a critical deserialization

React to this headline:

Loading spinner

Unpatched Fortra GoAnywhere instances at risk of full takeover (CVE-2025-10035) Read More »

Ransomware attackers used incorrectly stored recovery codes to disable EDR agents

credentials, Don't miss, Endpoint Security, enterprise, Hot stuff, Huntress, News, Ransomware, Rapid7, SMBs, SonicWall /

Ransomware attackers used incorrectly stored recovery codes to disable EDR agents 2025-09-16 at 15:46 By Zeljka Zorz All target organizations are different, but ransomware attackers are highly adaptive and appreciate – and will exploit – any mistake you make. The latest Akira ransomware attacks Managed security service providers and external incident responders have had a

React to this headline:

Loading spinner

Ransomware attackers used incorrectly stored recovery codes to disable EDR agents Read More »

Most enterprise AI use is invisible to security teams

Artificial Intelligence, ChatGPT, Don't miss, enterprise, Features, Lanai, News /

Most enterprise AI use is invisible to security teams 2025-09-15 at 10:38 By Mirko Zorz Most enterprise AI activity is happening without the knowledge of IT and security teams. According to Lanai, 89% of AI use inside organizations goes unseen, creating risks around data privacy, compliance, and governance. This blind spot is growing as AI

React to this headline:

Loading spinner

Most enterprise AI use is invisible to security teams Read More »

Ongoing malvertising campaign targets European IT workers with fake GitHub Desktop installers

Arctic Wolf Networks, data theft, Don't miss, enterprise, Hot stuff, malvertising, Malware, malware analysis, News, SMBs /

Ongoing malvertising campaign targets European IT workers with fake GitHub Desktop installers 2025-09-09 at 09:46 By Zeljka Zorz Researchers have spotted a malvertising (and clever malware delivery) campaign targeting IT workers in the European Union with fake GitHub Desktop installers. “We believe the goal of this campaign was to gain initial access to organizations for

React to this headline:

Loading spinner

Ongoing malvertising campaign targets European IT workers with fake GitHub Desktop installers Read More »

Attackers are exploiting critical SAP S/4HANA vulnerability (CVE-2025-42957)

Don't miss, enterprise, Hot stuff, NCSC-NL, News, SAP, SAP security, SecurityBridge, vulnerability /

Attackers are exploiting critical SAP S/4HANA vulnerability (CVE-2025-42957) 2025-09-05 at 15:03 By Zeljka Zorz A critical vulnerability (CVE-2025-42957) in SAP S/4HANA enterprise resource planning software is being exploited by attackers “to a limited extent”, the Dutch National Cyber Security Center (NCSC NL) has warned on Friday. Their alert seems to be based on a report

React to this headline:

Loading spinner

Attackers are exploiting critical SAP S/4HANA vulnerability (CVE-2025-42957) Read More »

Sitecore zero-day vulnerability exploited by attackers (CVE-2025-53690)

0-day, Don't miss, enterprise, Hot stuff, Mandiant, News, Sitecore, SMBs /

Sitecore zero-day vulnerability exploited by attackers (CVE-2025-53690) 2025-09-04 at 14:48 By Zeljka Zorz A threat actor is leveraging a zero-day vulnerability (CVE-2025-53690) and an exposed sample ASP.NET machine key to breach internet-facing, on-premises deployments of several Sitecore solutions, Mandiant has revealed. About CVE-2025-53690 CVE-2025-53690 is a ViewState deserialization vulnerability that affects any version of Sitecore

React to this headline:

Loading spinner

Sitecore zero-day vulnerability exploited by attackers (CVE-2025-53690) Read More »

Cutting through CVE noise with real-world threat signals

automation, CVE, cybersecurity, Don't miss, enterprise, News, Nucleus Security, Threat Intelligence, vulnerability management /

Cutting through CVE noise with real-world threat signals 2025-09-04 at 09:02 By Sinisa Markovic CISOs are dealing with an overload of vulnerability data. Each year brings tens of thousands of new CVEs, yet only a small fraction ever become weaponized. Teams often fall back on CVSS scores, which label thousands of flaws as “high” or

React to this headline:

Loading spinner

Cutting through CVE noise with real-world threat signals Read More »

Commvault plugs holes in backup suite that allow remote code execution

backup, Commvault, Don't miss, enterprise, Government, Hot stuff, News, WatchTowr /

Commvault plugs holes in backup suite that allow remote code execution 2025-08-20 at 17:33 By Zeljka Zorz Commvault has fixed four security vulnerabilities that may allow unauthenticated attackers to compromise on-premises deployments of its flagship backup and replication suite. Technical details about the vulnerabilities have been published on Wednesday by researchers at watchTowr Labs, who

React to this headline:

Loading spinner

Commvault plugs holes in backup suite that allow remote code execution Read More »

How security teams are putting AI to work right now

Artificial Intelligence, Blackwire Labs, CISO, Conifers, cybersecurity, Don't miss, enterprise, Features, generative AI, Hot stuff, LLMs, News, strategy, tips, Tufin /

How security teams are putting AI to work right now 2025-08-18 at 09:42 By Mirko Zorz AI is moving from proof-of-concept into everyday security operations. In many SOCs, it is now used to cut down alert noise, guide analysts during investigations, and speed up incident response. What was once seen as experimental technology is starting

React to this headline:

Loading spinner

How security teams are putting AI to work right now Read More »

Win-DDoS: Attackers can turn public domain controllers into DDoS agents

DDoS, Don't miss, DoS, enterprise, Hot stuff, News, SafeBreach, vulnerability, Windows, Windows Server /

Win-DDoS: Attackers can turn public domain controllers into DDoS agents 2025-08-11 at 16:02 By Zeljka Zorz SafeBreach researchers have released details on several vulnerabilities that could be exploited by attackers to crash Windows Active Directory domain controllers (DCs), one one of which (CVE-2025-32724) can also be leveraged to force public DCs to participate in distributed

React to this headline:

Loading spinner

Win-DDoS: Attackers can turn public domain controllers into DDoS agents Read More »

From legacy to SaaS: Why complexity is the enemy of enterprise security

access management, authentication, Bridge IT, CISO, cybersecurity, digital transformation, Don't miss, enterprise, Features, Hot stuff, identity verification, MFA, News, SaaS, security awareness, strategy, tips, zero trust /

From legacy to SaaS: Why complexity is the enemy of enterprise security 2025-08-11 at 08:32 By Mirko Zorz In this Help Net Security interview, Robert Buljevic, Technology Consultant at Bridge IT, discusses how the coexistence of legacy systems and SaaS applications is changing the way organizations approach security. He explains why finding the right balance

React to this headline:

Loading spinner

From legacy to SaaS: Why complexity is the enemy of enterprise security Read More »

Microsoft urges admins to plug severe Exchange security hole (CVE-2025-53786)

CISA, cloud security, Don't miss, Email, enterprise, Hot stuff, hybrid IT, Microsoft Exchange, News /

Microsoft urges admins to plug severe Exchange security hole (CVE-2025-53786) 2025-08-07 at 17:40 By Zeljka Zorz “In an Exchange hybrid deployment, an attacker who first gains administrative access to an on-premises Exchange server could potentially escalate privileges within the organization’s connected cloud environment without leaving easily detectable and auditable trace,” Microsoft has announced on Wednesday.

React to this headline:

Loading spinner

Microsoft urges admins to plug severe Exchange security hole (CVE-2025-53786) Read More »

Scroll to Top