News

In-the-wild Exploitation of CVE-2025-53770 and CVE-2025-53771: Technical Details and Mitigation Strategies

News, Security Research, Trustwave Rapid Response /

In-the-wild Exploitation of CVE-2025-53770 and CVE-2025-53771: Technical Details and Mitigation Strategies 2025-07-24 at 00:23 By Pauline Bolaños Two critical zero-day vulnerabilities in the Microsoft SharePoint Server environment, CVE-2025-53770 (9.8 CVSS score) and CVE-2025-53771 (6.5 CVSS score), are being actively exploited by threat actors to compromise vulnerable on-premises SharePoint servers. This article is an excerpt from […]

React to this headline:

Loading spinner

In-the-wild Exploitation of CVE-2025-53770 and CVE-2025-53771: Technical Details and Mitigation Strategies Read More »

Microsoft rolls out Windows 11 “quick recovery” feature

automation, consumer, Don't miss, enterprise, Hot stuff, News, SMBs, Windows /

Microsoft rolls out Windows 11 “quick recovery” feature 2025-07-23 at 18:31 By Zeljka Zorz With the latest Windows 11 update, Microsoft is saying goodbye to the infamous “Blue Screen of Death” and has enabled the quick machine recovery feature by default for Home users. “For nearly four decades, the blue screen shown during an unexpected

React to this headline:

Loading spinner

Microsoft rolls out Windows 11 “quick recovery” feature Read More »

Mastermind behind Russian-speaking cybercrime hub arrested in Ukraine

arrest, cybercrime, Europol, News, Russian Federation, Ukraine /

Mastermind behind Russian-speaking cybercrime hub arrested in Ukraine 2025-07-23 at 17:34 By Sinisa Markovic The suspected administrator of xss.is, one of the world’s most influential Russian-speaking cybercrime forums, was arrested in Kyiv, Ukraine, on 22 July. The takedown followed a long-running investigation led by the French Police and Paris Prosecutor, in close cooperation with Ukrainian

React to this headline:

Loading spinner

Mastermind behind Russian-speaking cybercrime hub arrested in Ukraine Read More »

Maximum severity Cisco ISE vulnerabilities exploited by attackers

access control, Cisco, Don't miss, Hot stuff, identity services, News, vulnerability /

Maximum severity Cisco ISE vulnerabilities exploited by attackers 2025-07-23 at 16:20 By Zeljka Zorz One or more vulnerabilities affecting Cisco Identity Services Engine (ISE) are being exploited in the wild, Cisco has confirmed by updating the security advisory for the flaws. About the vulnerabilities The three vulnerabilities affect Cisco’s Identity Services Engine (ISE) – a

React to this headline:

Loading spinner

Maximum severity Cisco ISE vulnerabilities exploited by attackers Read More »

Phishing campaign targets U.S. Department of Education’s G5 portal

BforeAI, cybercrime, Don't miss, Government, News, phishing, scams, USA /

Phishing campaign targets U.S. Department of Education’s G5 portal 2025-07-23 at 13:04 By Anamarija Pogorelec A new phishing campaign is targeting users of the U.S. Department of Education’s G5 portal, a site used by educational institutions and vendors to manage grants and federal education funding. Threat researchers at BforeAI uncovered a cluster of lookalike domains

React to this headline:

Loading spinner

Phishing campaign targets U.S. Department of Education’s G5 portal Read More »

Cervantes: Open-source, collaborative platform for pentesters and red teams

cybersecurity, Don't miss, GitHub, News, open source, OWASP, penetration testing, red team, software /

Cervantes: Open-source, collaborative platform for pentesters and red teams 2025-07-23 at 08:31 By Mirko Zorz Cervantes is an open-source collaborative platform built for pentesters and red teams. It offers a centralized workspace to manage projects, clients, vulnerabilities, and reports, all in one place. By streamlining data organization and team coordination, it helps reduce the time

React to this headline:

Loading spinner

Cervantes: Open-source, collaborative platform for pentesters and red teams Read More »

Phishing simulations: What works and what doesn’t

cybersecurity, Don't miss, Ironscales, News, phishing, strategy /

Phishing simulations: What works and what doesn’t 2025-07-23 at 08:31 By Sinisa Markovic Phishing is one of the oldest and most effective scams used by cybercriminals. No one is immune to them, not even internet security experts, as seen in the case of Troy Hunt, who recently fell for a phishing email. Before AI became

React to this headline:

Loading spinner

Phishing simulations: What works and what doesn’t Read More »

Ports are getting smarter and more hackable

attacks, China, CISO, critical infrastructure, cybersecurity, Don't miss, Government, Hacktivism, Iran, maritime industry, NATO, News, Russian Federation, strategy, threats, tips /

Ports are getting smarter and more hackable 2025-07-23 at 08:31 By Sinisa Markovic A new policy brief from NATO’s Cooperative Cyber Defence Centre of Excellence (CCDCOE) warns that critical port infrastructure, responsible for 80 percent of global trade, is increasingly under attack by threat actors tied to Russia, Iran, and China. These ports are essential

React to this headline:

Loading spinner

Ports are getting smarter and more hackable Read More »

The fraud trends shaping 2025: Pressure builds on online retailers

cyber risk, cybersecurity, Forter, fraud, News, PwC, report, Retail, Risk Management /

The fraud trends shaping 2025: Pressure builds on online retailers 2025-07-23 at 07:12 By Anamarija Pogorelec Fraud is growing faster than revenue in eCommerce. That’s one of the first things PwC and Forter point out in their new report, and it’s a wake-up call for online retailers. Fraud is rising faster than ever Right now,

React to this headline:

Loading spinner

The fraud trends shaping 2025: Pressure builds on online retailers Read More »

Microsoft pins on-prem SharePoint attacks on Chinese threat actors

Check Point, China, Don't miss, exploit, Eye Security, Hot stuff, News, Palo Alto Networks, Rapid7, SentinelOne, SharePoint, Trend Micro, vulnerability /

Microsoft pins on-prem SharePoint attacks on Chinese threat actors 2025-07-22 at 18:54 By Zeljka Zorz As Microsoft continues to update its customer guidance for protecting on-prem SharePoint servers against the latest in-the-wild attacks, more security firms have begun sharing details about the ones they have detected. Most intriguingly, Check Point Research says that they observed

React to this headline:

Loading spinner

Microsoft pins on-prem SharePoint attacks on Chinese threat actors Read More »

Trustwave Enhances its OT Security Services Portfolio

News, Tips & Tricks /

Trustwave Enhances its OT Security Services Portfolio 2025-07-22 at 16:41 By Recognizing the need to better protect organizations that rely on operational technology (OT), Trustwave is advancing its OT security services portfolio. This article is an excerpt from Trustwave Blog View Original Source React to this headline:

React to this headline:

Loading spinner

Trustwave Enhances its OT Security Services Portfolio Read More »

Enterprise printer security fails at every stage

cybersecurity, firmware, HP, News, report, survey /

Enterprise printer security fails at every stage 2025-07-22 at 10:13 By Help Net Security Printer platform security is often overlooked in enterprise security strategies, creating security gaps, according to HP Wolf Security. By addressing security at every stage, organizations can strengthen their defenses and ensure their print infrastructure remains a trusted part of their IT

React to this headline:

Loading spinner

Enterprise printer security fails at every stage Read More »

What the law says about your next data breach

CISO, cyber risk, cybersecurity, News, opinion, Risk Management, Rockwell Automation, strategy, tips, Video /

What the law says about your next data breach 2025-07-22 at 10:13 By Help Net Security In this Help Net Security video, Chad Humphries, Solution Consultant, Networks & Cyber Security at Rockwell Automation, explores how cyber risk quantification is becoming essential for modern organizations. He breaks down global legal frameworks, AI’s growing role in dispute

React to this headline:

Loading spinner

What the law says about your next data breach Read More »

Product showcase: iStorage diskAshur PRO3

backup, Data Protection, Don't miss, Encryption, hardware, Hot stuff, iStorage, News, Product showcase, storage /

Product showcase: iStorage diskAshur PRO3 2025-07-22 at 10:13 By Anamarija Pogorelec Data breaches seem to pop up in the news every other week, so it’s no surprise that keeping sensitive information safe has jumped to the top of the priority list for just about every industry. Hardware-encrypted drives like the iStorage diskAshur PRO3 address this

React to this headline:

Loading spinner

Product showcase: iStorage diskAshur PRO3 Read More »

As AI tools take hold in cybersecurity, entry-level jobs could shrink

Artificial Intelligence, automation, cybersecurity, Don't miss, ISC2, News, security operations, survey /

As AI tools take hold in cybersecurity, entry-level jobs could shrink 2025-07-22 at 10:13 By Sinisa Markovic A new survey from ISC2 shows that nearly a third of cybersecurity professionals are already using AI security tools, and many others are close behind. So far, 30 percent of professionals say they’ve already integrated AI into their

React to this headline:

Loading spinner

As AI tools take hold in cybersecurity, entry-level jobs could shrink Read More »

Cybersecurity jobs available right now: July 22, 2025

cybersecurity jobs, News /

Cybersecurity jobs available right now: July 22, 2025 2025-07-22 at 07:01 By Anamarija Pogorelec CISO Kbrw | France | Hybrid – View job details As a CISO, you will develop risk management processes aligned with company goals and enforce cybersecurity policies compliant with ISO27001, NIS2, and SOC2. You will handle security-related RFPs, monitor security metrics

React to this headline:

Loading spinner

Cybersecurity jobs available right now: July 22, 2025 Read More »

Critical CrushFTP vulnerability exploited. Have you been targeted? (CVE-2025-54309)

CrushFTP, Don't miss, enterprise, exploit, file-sharing, Hot stuff, News, Rapid7, Shadowserver, SMBs, vulnerability /

Critical CrushFTP vulnerability exploited. Have you been targeted? (CVE-2025-54309) 2025-07-21 at 15:42 By Zeljka Zorz Unknown attackers have exploited a vulnerability (CVE-2025‑54309) in the CrushFTP enterprise file-transfer server solution to gain administrative access to vulnerable deployments. It’s currently unclear what the attackers are using this access for, but data theft looks most likely. According to

React to this headline:

Loading spinner

Critical CrushFTP vulnerability exploited. Have you been targeted? (CVE-2025-54309) Read More »

How to land your first job in cybersecurity

Artificial Intelligence, cybersecurity, cybersecurity jobs, DirectDefense, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, skill development, tips /

How to land your first job in cybersecurity 2025-07-21 at 09:54 By Help Net Security According to LinkedIn, job applications have surged over 45% in the past year, with 11,000 applications submitted every minute. This flood of applications is making it harder than ever for qualified candidates to stand out. The industry has become highly

React to this headline:

Loading spinner

How to land your first job in cybersecurity Read More »

World Health Organization CISO on securing global health emergencies

cybersecurity, Don't miss, Features, healthcare, Hot stuff, Incident Response, News, strategy, threats, World Health Organization /

World Health Organization CISO on securing global health emergencies 2025-07-21 at 08:49 By Mirko Zorz In this Help Net Security interview, Flavio Aggio, CISO at the World Health Organization (WHO), explains how the organization prepares for and responds to cyber threats during global health emergencies. These crises often lead to an increase in phishing scams,

React to this headline:

Loading spinner

World Health Organization CISO on securing global health emergencies Read More »

Calico: Open-source solution for Kubernetes networking, security, and observability

Don't miss, GitHub, Kubernetes, networking, News, open source, software /

Calico: Open-source solution for Kubernetes networking, security, and observability 2025-07-21 at 08:12 By Mirko Zorz Calico is an open-source unified platform that brings together networking, security, and observability for Kubernetes, whether you’re running in the cloud, on-premises, or at the edge. The solution uses the lowest amount of processing resources, which is especially important in

React to this headline:

Loading spinner

Calico: Open-source solution for Kubernetes networking, security, and observability Read More »

Scroll to Top