Tag: severity
-
The Register: GoDaddy slapped with wet lettuce for years of lax security and ‘several major breaches’
Source URL: https://www.theregister.com/2025/01/15/godaddy_ftc_order/ Source: The Register Title: GoDaddy slapped with wet lettuce for years of lax security and ‘several major breaches’ Feedly Summary: Watchdog alleged it had no SIEM or MFA, orders rapid adoption of basic infosec tools GoDaddy has failed to protect its web-hosting platform with even basic infosec tools and practices since 2018,…
-
Hacker News: Researchers have identified a total of 6 vulnerabilities in rsync
Source URL: https://www.openwall.com/lists/oss-security/2025/01/14/3 Source: Hacker News Title: Researchers have identified a total of 6 vulnerabilities in rsync Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses multiple vulnerabilities identified in the rsync software, including a critical heap buffer overflow that allows arbitrary code execution with minimal access rights. This communication is especially…
-
Krebs on Security: Microsoft: Happy 2025. Here’s 161 Security Updates
Source URL: https://krebsonsecurity.com/2025/01/microsoft-happy-2025-heres-161-security-updates/ Source: Krebs on Security Title: Microsoft: Happy 2025. Here’s 161 Security Updates Feedly Summary: Microsoft today unleashed updates to plug a whopping 161 security vulnerabilities in Windows and related software, including three “zero-day" weaknesses that are already under active attack. Redmond’s inaugural Patch Tuesday of 2025 bundles more fixes than the company…
-
Slashdot: UK Plans To Ban Public Sector Organizations From Paying Ransomware Hackers
Source URL: https://news.slashdot.org/story/25/01/14/160241/uk-plans-to-ban-public-sector-organizations-from-paying-ransomware-hackers?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: UK Plans To Ban Public Sector Organizations From Paying Ransomware Hackers Feedly Summary: AI Summary and Description: Yes Summary: The U.K. government is considering a targeted ban on ransomware payments for public sector entities in response to rising cyberattacks. This proposal aims to disrupt the financial incentives that fuel…
-
The Register: UK floats ransomware payout ban for public sector
Source URL: https://www.theregister.com/2025/01/14/uk_ransomware_payout_ban/ Source: The Register Title: UK floats ransomware payout ban for public sector Feedly Summary: Stronger proposals may also see private sector applying for a payment ‘license’ A total ban on ransomware payments across the public sector might actually happen after the UK government opened a consultation on how to combat the trend…
-
The Register: Zero-day exploits plague Ivanti Connect Secure appliances for second year running
Source URL: https://www.theregister.com/2025/01/09/zeroday_exploits_ivanti/ Source: The Register Title: Zero-day exploits plague Ivanti Connect Secure appliances for second year running Feedly Summary: Factory resets and apply patches is the advice amid fortnight delay for other appliances The cybersecurity industry is urging those in charge of defending their orgs to take mitigation efforts “seriously" as Ivanti battles two…
-
The Register: Mitel 0-day, 5-year-old Oracle RCE bugs under active exploit
Source URL: https://www.theregister.com/2025/01/08/mitel_0_day_oracle_rce_under_exploit/ Source: The Register Title: Mitel 0-day, 5-year-old Oracle RCE bugs under active exploit Feedly Summary: 3 CVEs added to CISA’s catalog Cybercriminals are actively exploiting two vulnerabilities in Mitel MiCollab, including a zero-day flaw, alongside a critical remote code execution vulnerability in Oracle WebLogic Server that has been exploited for at least…