Aggregator

The 10-year anniversary of Cyber Essentials is not just a celebration of past achievements but a call to action for the future.

The NCSC’s ‘Protective Domain Name Service for Schools’ scaled-up to protect a wider range of organisations.

Chris Wallis, CEO of Intruder, explains how completing the NCSC's Startup Programme was a turning point for his organisation.

Irrespective of whether the ransom is paid, a ransomware attack means organisations have lost control of their information.

A vulnerability, which was classified as critical, has been found in Bitdefender Box up to 1.3.52.928. This issue affects some unknown processing. The manipulation leads to security version number mutable to older versions. This vulnerability only affects products that are no longer supported by the maintainer. The identification of this vulnerability is CVE-2024-13870. It is possible to launch the attack on the local host. There is no exploit available.

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding a critical vulnerability in the Microsoft Windows Fast FAT File System Driver. This vulnerability, identified as CVE-2025-24985, poses a significant threat as it involves an integer overflow or wraparound issue, which could allow unauthorized attackers to execute harmful code on affected systems. The […]

The post CISA Warns of Exploitable Fast FAT Vulnerability in Microsoft Windows appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability classified as problematic was found in devitemsllc ShopLentor Plugin up to 3.1.0 on WordPress. This vulnerability affects unknown code of the component Flash Sale Countdown Module. The manipulation leads to cross site scripting. This vulnerability was named CVE-2025-1527. The attack can be initiated remotely. There is no exploit available.

A vulnerability classified as very critical has been found in Bitdefender Box 1.3.11.490. This affects an unknown part of the file /check_image_and_trigger_recovery API of the component API Endpoint. The manipulation leads to command injection. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is uniquely identified as CVE-2024-13871. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Bitdefender Box. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /set_temp_token of the component HTTP Protocol Handler. The manipulation leads to cleartext transmission of sensitive information. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is handled as CVE-2024-13872. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

Today, CISA—in partnership with the Federal Bureau of Investigation (FBI) and Multi-State Information Sharing and Analysis Center (MS-ISAC)—released joint Cybersecurity Advisory, #StopRansomware: Medusa Ransomware. This advisory provides tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), and detection methods associated with known Medusa ransomware activity.

Medusa is a ransomware-as-a-service variant used to conduct ransomware attacks; as of December 2024, over 300 victims from critical infrastructure sectors have been impacted. Medusa actors use common techniques like phishing campaigns and exploiting unpatched software vulnerabilities.

Immediate actions organizations can take to mitigate Medusa ransomware activity: 

• Ensure operating systems, software, and firmware are patched and up to date.
• Segment networks to restrict lateral movement.
• Filter network traffic by preventing unknown or untrusted origins from accessing remote services.

CISA encourages network defenders to review the advisory and implement the recommended mitigations to reduce the likelihood and impact of Medusa ransomware incidents. See #StopRansomware and the #StopRansomware Guide for additional guidance on ransomware protection, detection, and response.

Threat intelligence firm GreyNoise is warning of a "coordinated surge" in the exploitation of Server-Side Request Forgery (SSRF) vulnerabilities spanning multiple platforms. "At least 400 IPs have been seen actively exploiting multiple SSRF CVEs simultaneously, with notable overlap between attack attempts," the company said, adding it observed the activity on March 9, 2025. The countries which

De landmacht heeft vandaag de eerste nieuwe 81mm-mortieren in gebruik genomen. De huidige mortieren waren aan vervanging toe.

Last year, NIST standardized a set of encryption algorithms that can keep data secure from a cyberattack by a future quantum computer. Now, NIST has selected a backup algorithm that can provide a second line of defense for the task of general encryption, which safeguards internet traffic and stored data alike. Encryption protects sensitive electronic information, including internet traffic and medical and financial records, as well as corporate and national security secrets. But a sufficiently … More →

The post NIST selects HQC as backup algorithm for post-quantum encryption appeared first on Help Net Security.