14Articles
6Categories
2025-03-27Date
🚨 CISA KEV 1[−]
27 Mar KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its  Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2025-2783 Google Chromium Mojo Sandbox Escape Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber act…CISA.GOV
⚠️ VULNERABILITY DISCLOSURE 7[−]
27 MarA Vulnerability in CrushFTP Could Allow for Unauthorized AccessA vulnerability has been discovered in CrushFTP, which could allow for unauthorized access. CrushFTP is a proprietary multi-protocol, multi-platform file transfer server. The vulnerability is mitigated if the DMZ feature of CrushFTP is in place. Successful exploitation of this vu…CISECURITY.ORG
27 MarCISA Releases One Industrial Control Systems AdvisoryCISA released one Industrial Control Systems (ICS) advisory on March 27, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-037-01 Schneider Electric EcoStruxure Power Monitoring Expert (PME) (Up…CISA.GOV
27 MarThe Return of the Baby ASO: Why SOCs Still Suck?“Flickering screens, a sickly, yellow glow. Humming servers, a constant, low thrum of digital malaise. Alerts screamed into the void, a cacophony of meaningless noise, lost in the echoing expanse of our digital tomb. Playbooks, relics of a forgotten war, their pages yellowed and …MEDIUM.COM
27 MarNew security requirements adopted by HTTPS certificate industryPosted by Chrome Root Program, Chrome Security Team The Chrome Root Program launched in 2022 as part of Google’s ongoing commitment to upholding secure and reliable network connections in Chrome. We previously described how the Chrome Root Program keeps users safe , and described…SECURITY.GOOGLEBLOG.COM
27 MarTrend Cybertron: Full Platform or Open-Source?Previously exclusive to Trend Vision One customers, select Trend Cybertron models, datasets and agents are now available via open-source. Build advanced security solutions and join us in developing the next generation of AI security technology.TRENDMICRO.COM
27 MarIs Your Browser Ground Zero for Cyberattacks?New Omdia research commissioned by Palo Alto Networks highlights the role of a secure browser integrated with SASE for improved workforce security. The post Is Your Browser Ground Zero for Cyberattacks? appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
27 MarSoap Box: Knocknoc glues your SSO to your firewalls for Just-in-Time network accessIn this Soap Box edition of Risky Business host Patrick Gray talks to Knocknoc CEO Adam Pointon about how to easily rein in attack surface by glueing your single sign-on service to your network controls. Do your Palo Alto and Fortinet devices really need to be discoverable by ran…RISKY.BIZ
🔥 INCIDENT REPORTING 2[−]
27 MarMalaysian PM says “no way” to $10 million ransom after alleged cyber attack against Kuala Lumpur airportAccording to some reports, Kuala Lumpur International Airport had to resort to using whiteboards to communicate with passengers. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
27 MarRansomHub affiliates linked to rival RaaS gangsESET researchers also examine the growing threat posed by tools that ransomware affiliates deploy in an attempt to disrupt EDR security solutionsWELIVESECURITY.COM
🌐 CYBER THREAT LANDSCAPE 2[−]
27 MarWhen Getting Phished Puts You in Mortal DangerMany successful phishing attacks result in a financial loss or malware infection. But falling for some phishing scams, like those currently targeting Russians searching online for organizations that are fighting the Kremlin war machine, can cost you your freedom or your life.KREBSONSECURITY.COM
27 MarFamousSparrow resurfaces to spy on targets in the US, Latin AmericaOnce thought to be dormant, the China-aligned group has also been observed using the privately-sold ShadowPad backdoor for the first timeWELIVESECURITY.COM
🎙️ PODCASTS 1[−]
27 MarSmashing Security podcast #410: Unleash the AI bot army against the scammers – now!A YouTuber has unleashed an innovative AI bot army to disrupt and outwit the world of online scammers, and a New York Times investigation looks into the intricate web of global money laundering. All this and more is discussed in the latest edition of the award-winning "Smashing S…GRAHAMCLULEY.COM
📡 INFOSEC NEWS 1[−]
27 MarTrend Micro & IBM Team Up To Boost Mainframe SecurityTrend Micro Deep Security adds security for mainframe enterprise integrationTRENDMICRO.COM