‘Aggressive’ Akira Ransomware Blitz Clubs SonicWall 2FA to DEATH
Yet another security problem plaguing SonicWall customers.The Akira gang have found a way to override the multifactor authentication in SonicWall SSL...
vulnerabilities
CVE-2025-20333, CVE-2025-20362: Frequently Asked Questions About Zero-Day Cisco Adaptive Security Appliance (ASA) and Firewall Threat Defense (FTD) Vulnerabilities
Cisco published advisories and a supplemental post about three zero-day vulnerabilities, two of which were exploited in the wild by...
U.S. CISA adds Google Chromium flaw to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Google Chromium flaw to its Known Exploited Vulnerabilities catalog Pierluigi Paganini September 23, 2025 U.S. Cybersecurity and...
Apple’s New Memory Integrity Enforcement
Apple has introduced a new hardware/software security feature in the iPhone 17: “Memory Integrity Enforcement,” targeting the memory safety...
Back to School Means Back to Breaches
Parents typically have a checklist that includes at least a few security items (Is there a campus shuttle for...
6 Ways CISOs Are Using AI to Prioritize Critical Vulnerabilities
Just like how AI is transforming business operations, it’s also changing the way CISOs approach vulnerability management. While many...
The Hidden War Above: How GPS Jamming Exposes Our Digital Vulnerabilities
Every day, thousands of flights cross the skies above the Baltic Sea. Pilots expect their GPS systems to guide...
Jaguar Land Rover Admits to Longer Shutdown as Childish Hackers Troll Carmaker
JLR vs. SLH: Jaguar Land Rover woes worse than previously thought. The post Jaguar Land Rover Admits to Longer Shutdown...
Supporting Rowhammer research to protect the DRAM ecosystem
Posted by Daniel MoghimiRowhammer is a complex class of vulnerabilities across the industry. It is a hardware vulnerability in DRAM...
New Research Reveals One-Third of Cloud Assets Harbor Easily Exploitable Vulnerabilities
Analysis of nearly five million internet-exposed assets shows significant security gaps across major cloud platforms, with Google Cloud-hosted assets showing...
CISA Lays Out Roadmap for CVE Program’s ‘Quality Era’
Five months after the future of the CVE program was thrown in doubt, CISA this week released a roadmap that...
U.S. CISA adds Dassault Systèmes DELMIA Apriso flaw to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Dassault Systèmes DELMIA Apriso flaw to its Known Exploited Vulnerabilities catalog Pierluigi Paganini September 12, 2025 U.S. Cybersecurity...
Microsoft’s ‘Gross Cybersecurity Negligence Threatens National Security’
Roasting Redmond for Kerberoasting: “Like an arsonist selling firefighting services,” quips this 76-year-old. The post Microsoft’s ‘Gross Cybersecurity Negligence Threatens...
Wyden Asks FTC to Investigate Microsoft’s ‘Gross Cybersecurity Negligence’
For the second time in two years, Senator Ron Wyden is asking federal regulators to investigate Microsoft's cybersecurity practices, saying...
Microsoft Patch Tuesday, September 2025 Edition
Microsoft Corp. today issued security updates to fix more than 80 vulnerabilities in its Windows operating systems and software. There...