The eSentire Threat Response Unit (TRU) revealed that threat actors are actively exploiting a six-year-old IIS vulnerability in Progress Telerik UI for ASP.NET AJAX to gain remote access to systems. This vulnerability, identified as CVE-2019-18935, allows attackers to execute arbitrary…
TinyZero – Researchers Replicated DeepSeek’s R1-Zero Model for Just $30
In an impressive demonstration of cost-effective AI research, a group of researchers has successfully replicated DeepSeek’s R1-Zero model for just $30. Dubbed TinyZero, this project focuses on countdown and multiplication tasks, leveraging reinforcement learning (RL) to enable a 3-billion-parameter (3B)…
Meta identifies risky AI systems, Ferret malware joins ‘Contagious Interview’ campaign, credential theft rises as a target
Meta says it may stop development of AI systems it deems too risky Ferret Malware Added to ‘Contagious Interview’ Campaign Credential Theft Becomes Cybercriminals’ Favorite Target Huge thanks to our episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero…
DeepSeek AI Controversies, Shadow AI Risks: Cyber Security Today for Wednesday February 5, 2025
In this episode of Cybersecurity Today with Jim Love, explore the growing concerns surrounding DeepSeek AI’s censorship and lack of guardrails, the rise of ‘Shadow AI’ in workplaces, and how cybercriminals exploit major cloud providers like AWS and Azure. Learn…
IT Security News Hourly Summary 2025-02-05 09h : 3 posts
3 posts were published in the last hour 8:4 : Hackers Exploit ADFS to Bypass MFA and Access Critical Systems 7:7 : NSA asks iPhone users to use flap covers to banish privacy concerns 7:7 : Can Smartwatches Be Targeted by…
Hackers Exploit ADFS to Bypass MFA and Access Critical Systems
Hackers are targeting organizations using Microsoft’s Active Directory Federation Services (ADFS) to bypass multi-factor authentication (MFA) and infiltrate critical systems. Leveraging phishing techniques, these attackers deceive users with spoofed login pages, harvest credentials, and manipulate ADFS integrations to gain unauthorized…
NSA asks iPhone users to use flap covers to banish privacy concerns
National Security Agency (NSA) of the United States, primarily known for its intelligence-gathering and surveillance activities in the name of national security, is increasingly turning its focus to providing security guidance for mobile users—particularly those with Apple devices. This initiative…
Can Smartwatches Be Targeted by Cyber Attacks?
Smartwatches have rapidly gained popularity due to their convenience, health-tracking capabilities, and seamless connectivity with smartphones and other devices. However, as these wearable gadgets become more advanced, they also become an attractive target for cybercriminals. The question arises: can smartwatches…
CISA Releases Nine Security Advisories on ICS Vulnerabilities and Exploits
The Cybersecurity and Infrastructure Security Agency (CISA) has released nine advisories targeting security vulnerabilities in Industrial Control Systems (ICS). These vulnerabilities pose significant risks, including denial of service (DoS), information disclosure, and even remote code execution. Organizations using ICS technologies…
Hackers Exploiting a Six-year-old IIS Vulnerability to Gain Remote Access
In a concerning revelation, cybersecurity firm eSentire’s Threat Response Unit (TRU) has detected active exploitation of a six-year-old vulnerability, CVE-2019-18935, in Progress Telerik UI for ASP.NET AJAX. This flaw, which affects Internet Information Services (IIS) servers, enables malicious actors to…
Veeam Backup Vulnerability Allows Attackers to Execute Arbitrary Code
A critical vulnerability, CVE-2025-23114, has been discovered within the Veeam Updater component that poses a serious risk to organizations utilizing Veeam’s backup solutions. The flaw allows attackers to leverage a Man-in-the-Middle (MitM) attack to inject and execute arbitrary code with…
CISA Adds Apache, Microsoft Vulnerabilities to Its Database that Are Actively Exploited in the Wild
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) Catalog, adding several newly identified vulnerabilities to its authoritative list of security flaws exploited in the wild. This catalog Developed to assist cybersecurity professionals in…
CISA Adds Four Actively Exploited Vulnerabilities to KEV Catalog, Urges Fixes by Feb 25
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The list of vulnerabilities is as follows – CVE-2024-45195 (CVSS score:…
Upskilling the UK workforce for the AI revolution
As the UK government rolls out its ambitious AI Opportunity Action Plan to enable greater implementation of new technologies to boost economic growth, it faces a critical challenge: ensuring every industry is prepared for this seismic shift. Interestingly, both UK…
OpenNHP: Cryptography-driven zero trust protocol
OpenNHP is the open-source implementation of NHP (Network-resource Hiding Protocol), a cryptography-based zero trust protocol for safeguarding servers and data. OpenNHP offers the following benefits: Reduces attack surface by hiding infrastructure Prevents unauthorized network reconnaissance Mitigates vulnerability exploitation Stops phishing…
IT Security News Hourly Summary 2025-02-05 06h : 7 posts
7 posts were published in the last hour 5:4 : CISA Releases New Guidelines to Secure Firewalls, Routers, and Internet-Facing Servers 5:4 : Arctic Wolf and BlackBerry Announce Closing of Acquisition for Cylance 5:4 : AI-Powered Cyber Warfare, Ransomware Evolution,…
CISA Releases New Guidelines to Secure Firewalls, Routers, and Internet-Facing Servers
The Cybersecurity and Infrastructure Security Agency (CISA) has unveiled a new set of guidelines to fortify firewalls, routers, internet-facing servers, and other edge devices against cyber threats. This collaborative guidance, supported by leading international cybersecurity organizations, aims to address vulnerabilities…
Arctic Wolf and BlackBerry Announce Closing of Acquisition for Cylance
Arctic Wolf® and BlackBerry Limited today announced the successful closing of the acquisition of BlackBerry’s Cylance® endpoint security assets by Arctic Wolf. The two companies entered into a definitive agreement on December 15, 2024. “We are pleased to have successfully closed this pivotal…
AI-Powered Cyber Warfare, Ransomware Evolution, and Cloud Threats Shape 2025 Cyber Landscape
The cybersecurity landscape in EMEA is facing a wave of AI-driven cyber warfare, the evolution of ransomware into data extortion, and an expanding attack surface in cloud environments, according to the latest findings from Check Point Software. The company presented…
Cato Networks Appoints Karl Soderlund as Global Channel Chief to Accelerate Channel Growth in SASE Market
Cato Networks, the SASE leader, today announced the appointment of Karl Soderlund as the company’s global channel chief. In his role at Cato, Soderlund will be responsible for leading the global channel team and further scaling the global partner program. …
Chrome Use-After-Free Vulnerabilities Let Attackers Execute Remote Code – Update Now
The Google Chrome team has officially released Chrome 133, now available on the stable channel for Windows, Mac, and Linux. This update, version 133.0.6943.53 for Linux and 133.0.6943.53/54 for Windows and Mac, brings a host of improvements and critical security…
More destructive cyberattacks target financial institutions
Financial institutions will continue to be the ultimate targets for criminals and threat actors, as a successful attack offers a significant payoff, according to Contrast Security. Contrast Security has surveyed 35 of the world’s leading financial institutions to better understand…
The API security crisis and why businesses are at risk
In this Help Net Security video, Ivan Novikov, CEO of Wallarm, discusses the 2025 API ThreatStats Report, highlighting how APIs have become the primary attack surface over the past year, mainly driven by the rise of AI-related risks. Researchers identified…
AMD SEV Vulnerability Allows Malicious CPU Microcode Injection as Admin
AMD has disclosed a high-severity vulnerability (CVE-2024-56161) in its Secure Encrypted Virtualization (SEV) technology, which could allow attackers with administrative privileges to inject malicious CPU microcode. This flaw compromises the confidentiality and integrity of virtual machines (VMs) protected by SEV-SNP,…
IT Security News Hourly Summary 2025-02-05 03h : 1 posts
1 posts were published in the last hour 2:2 : ISC Stormcast For Wednesday, February 5th, 2025 https://isc.sans.edu/podcastdetail/9310, (Wed, Feb 5th)
ISC Stormcast For Wednesday, February 5th, 2025 https://isc.sans.edu/podcastdetail/9310, (Wed, Feb 5th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Wednesday, February 5th, 2025…
Keycloak and Docker Integration: A Step-by-Step Tutorial
Keycloak is a powerful authentication and authorization solution that provides plenty of useful features, such as roles and subgroups, an advanced password policy, and single sign-on. It’s also very easy to integrate with other solutions. We’ve already shown you how…