Tag: vulnerability disclosures
-
The Register: Microsoft reportedly cuts China’s early access to bug disclosures, PoC exploit code
Source URL: https://www.theregister.com/2025/08/21/microsoft_cuts_chinas_early_access/ Source: The Register Title: Microsoft reportedly cuts China’s early access to bug disclosures, PoC exploit code Feedly Summary: Better late than never after SharePoint assault? Microsoft has reportedly stopped giving Chinese companies proof-of-concept exploit code for soon-to-be-disclosed vulnerabilities following last month’s SharePoint zero-day attacks, which appear to be related to a leak…
-
The Cloudflare Blog: MadeYouReset: An HTTP/2 vulnerability thwarted by Rapid Reset mitigations
Source URL: https://blog.cloudflare.com/madeyoureset-an-http-2-vulnerability-thwarted-by-rapid-reset-mitigations/ Source: The Cloudflare Blog Title: MadeYouReset: An HTTP/2 vulnerability thwarted by Rapid Reset mitigations Feedly Summary: A new HTTP/2 denial-of-service (DoS) vulnerability called MadeYouReset was recently disclosed by security researchers. Cloudflare HTTP DDoS mitigation, already protects from MadeYouReset. AI Summary and Description: Yes Summary: The text discusses a newly identified HTTP/2 DoS…
-
Schneier on Security: Google Project Zero Changes Its Disclosure Policy
Source URL: https://www.schneier.com/blog/archives/2025/08/google-project-zero-changes-its-disclosure-policy.html Source: Schneier on Security Title: Google Project Zero Changes Its Disclosure Policy Feedly Summary: Google’s vulnerability finding team is again pushing the envelope of responsible disclosure: Google’s Project Zero team will retain its existing 90+30 policy regarding vulnerability disclosures, in which it provides vendors with 90 days before full disclosure takes place,…
-
Cisco Talos Blog: Know thyself, know thy environment
Source URL: https://blog.talosintelligence.com/know-thyself-know-thy-environment/ Source: Cisco Talos Blog Title: Know thyself, know thy environment Feedly Summary: In this week’s edition, Bill explores the importance of self-awareness and building repeatable processes to better secure your environment. AI Summary and Description: Yes **Summary:** The content addresses important security vulnerabilities discovered in popular software, highlights the ongoing need for…
-
Cisco Talos Blog: Microsoft Patch Tuesday for June 2025 — Snort rules and prominent vulnerabilities
Source URL: https://blog.talosintelligence.com/microsoft-patch-tuesday-june-2025/ Source: Cisco Talos Blog Title: Microsoft Patch Tuesday for June 2025 — Snort rules and prominent vulnerabilities Feedly Summary: Microsoft has released its monthly security update for June 2025, which includes 66 vulnerabilities affecting a range of products, including 10 that Microsoft marked as “critical.” AI Summary and Description: Yes **Summary:** The text…
-
The Register: Chinese snoops tried to break into US city utilities, says Talos
Source URL: https://www.theregister.com/2025/05/22/chinese_crew_us_city_utilities/ Source: The Register Title: Chinese snoops tried to break into US city utilities, says Talos Feedly Summary: Intrusions began weeks before Trimble patched the Cityworks hole A suspected Chinese crew has been exploiting a now-patched remote code execution (RCE) flaw in Trimble Cityworks to break into US local government networks and target…
-
The Register: More Ivanti attacks may be on horizon, say experts who are seeing 9x surge in endpoint scans
Source URL: https://www.theregister.com/2025/04/25/more_ivanti_attacks_may_be/ Source: The Register Title: More Ivanti attacks may be on horizon, say experts who are seeing 9x surge in endpoint scans Feedly Summary: GreyNoise says it is the kind of activity that typically precedes new vulnerability disclosures Ivanti VPN users should stay alert as IP scanning for the vendor’s Connect Secure and…