Tag: detection
-
Microsoft Security Blog: Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability
Source URL: https://www.microsoft.com/en-us/security/blog/2025/10/06/investigating-active-exploitation-of-cve-2025-10035-goanywhere-managed-file-transfer-vulnerability/ Source: Microsoft Security Blog Title: Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability Feedly Summary: Storm-1175, a financially motivated actor known for deploying Medusa ransomware and exploiting public-facing applications for initial access, was observed exploiting the deserialization vulnerability in GoAnywhere MFT’s License Servlet, tracked as CVE-2025-10035. We are publishing this…
-
The Register: Clop crew hits Oracle E-Business Suite users with fresh zero-day
Source URL: https://www.theregister.com/2025/10/06/clop_oracle_ebs_zeroday/ Source: The Register Title: Clop crew hits Oracle E-Business Suite users with fresh zero-day Feedly Summary: Big Red rushes out patch for 9.8-rated flaw after crooks exploit it for data theft and extortion Oracle rushed out an emergency fix over the weekend for a zero-day vulnerability in its E-Business Suite (EBS) that…
-
Microsoft Security Blog: Microsoft named a Leader in the IDC MarketScape for XDR
Source URL: https://www.microsoft.com/en-us/security/blog/2025/10/02/microsoft-named-a-leader-in-the-idc-marketscape-for-xdr/ Source: Microsoft Security Blog Title: Microsoft named a Leader in the IDC MarketScape for XDR Feedly Summary: Microsoft has been named a Leader in IDC’s inaugural category for Worldwide Extended Detection and Response (XDR) Software for 2025, recognized for its deep integration, intelligent automation, and unified security operations solutions. The post Microsoft…
-
Cloud Blog: Google Pixel phones achieve DoDIN APL Certification: Secure, mission-ready mobile technology for federal agencies
Source URL: https://cloud.google.com/blog/topics/public-sector/google-pixel-phones-achieve-dodin-apl-certification-secure-mission-ready-mobile-technology-for-federal-agencies/ Source: Cloud Blog Title: Google Pixel phones achieve DoDIN APL Certification: Secure, mission-ready mobile technology for federal agencies Feedly Summary: In today’s complex and ever-evolving threat landscape, federal agencies require secure, reliable, and innovative solutions to fulfill their critical missions. Google Pixel phones have been added to the Department of Defense Information…
-
Cisco Talos Blog: UAT-8099: Chinese-speaking cybercrime group targets high-value IIS for SEO fraud
Source URL: https://blog.talosintelligence.com/uat-8099-chinese-speaking-cybercrime-group-seo-fraud/ Source: Cisco Talos Blog Title: UAT-8099: Chinese-speaking cybercrime group targets high-value IIS for SEO fraud Feedly Summary: Cisco Talos is disclosing details on UAT-8099, a Chinese-speaking cybercrime group mainly involved in SEO fraud and theft of high-value credentials, configuration files, and certificate data. AI Summary and Description: Yes **Summary:** The provided text…
-
The Register: Beijing-backed burglars master .NET to target government web servers
Source URL: https://www.theregister.com/2025/10/01/phantom_taurus_apt/ Source: The Register Title: Beijing-backed burglars master .NET to target government web servers Feedly Summary: ‘Phantom Taurus’ created custom malware to hunt secrets across Asia, Africa, and the Middle East Threat-hunters at Palo Alto Networks’ Unit 42 have decided a gang they spotted two years ago is backed by China, after seeing…
-
The Register: Google bolts AI into Drive to catch ransomware, but crooks not shaking yet
Source URL: https://www.theregister.com/2025/09/30/google_drive_ai_ransomware_detection/ Source: The Register Title: Google bolts AI into Drive to catch ransomware, but crooks not shaking yet Feedly Summary: Stopping the spread isn’t the same as stopping attacks, period Google on Tuesday rolled out a new AI tool in Drive for desktop that it says will pause syncing to limit ransomware damage,…