Tag: zero

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/oracle-ebusiness-suite-zero-day-exploitation/ Source: Cloud Blog Title: Oracle E-Business Suite Zero-Day Exploited in Widespread Extortion Campaign Feedly Summary: Written by: Peter Ukhanov, Genevieve Stark, Zander Work, Ashley Pearson, Josh Murchie, Austin Larsen Introduction Beginning Sept. 29, 2025, Google Threat Intelligence Group (GTIG) and Mandiant began tracking a new, large-scale extortion campaign by a threat actor…

The Register: Zero-day lets nation-state spies cross-examine elite US law firm Williams & Connolly

Oct 9, 2025

—

by

Source URL: https://www.theregister.com/2025/10/09/zeroday_nationstate_us_law_firm/ Source: The Register Title: Zero-day lets nation-state spies cross-examine elite US law firm Williams & Connolly Feedly Summary: China-linked snoops crack email at DC powerhouse that represented Bill Clinton, Elizabeth Holmes Washington’s elite law firm Williams & Connolly has confirmed that attackers exploited a zero-day vulnerability to access a handful of attorney…

Slashdot: Salesforce Says It Won’t Pay Extortion Demand in 1 Billion Records Breach

Oct 8, 2025

—

by

Source URL: https://yro.slashdot.org/story/25/10/08/208202/salesforce-says-it-wont-pay-extortion-demand-in-1-billion-records-breach?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Salesforce Says It Won’t Pay Extortion Demand in 1 Billion Records Breach Feedly Summary: AI Summary and Description: Yes Summary: Salesforce is facing an extortion demand from a crime syndicate that claims to have stolen approximately 1 billion records from various customers, highlighting vulnerabilities in user compliance and security…

Krebs on Security: ShinyHunters Wage Broad Corporate Extortion Spree

—

by

Source URL: https://krebsonsecurity.com/2025/10/shinyhunters-wage-broad-corporate-extortion-spree/ Source: Krebs on Security Title: ShinyHunters Wage Broad Corporate Extortion Spree Feedly Summary: A cybercriminal group that used voice phishing attacks to siphon more than a billion records from Salesforce customers earlier this year has launched a website that threatens to publish data stolen from dozens of Fortune 500 firms if they…

Microsoft Security Blog: New Microsoft Secure Future Initiative (SFI) patterns and practices: Practical guides to strengthen security

—

by

Source URL: https://www.microsoft.com/en-us/security/blog/2025/10/07/new-microsoft-secure-future-initiative-sfi-patterns-and-practices-practical-guides-to-strengthen-security/ Source: Microsoft Security Blog Title: New Microsoft Secure Future Initiative (SFI) patterns and practices: Practical guides to strengthen security Feedly Summary: Microsoft Secure Future Initiative (SFI) patterns and practices are practical, actionable, insights from practitioners for practitioners based on Microsoft’s implementation of Zero Trust through the Microsoft Secure Future Initiatives. By adopting these patterns, organizations can accelerate their…

Anchore: How Sabel Systems Reduced Vulnerability Review Time by 75% While Maintaining Zero Critical Vulnerabilities

—

by

Source URL: https://anchore.com/blog/how-sabel-systems-reduced-vulnerability-review-time-by-75-while-maintaining-zero-critical-vulnerabilities/ Source: Anchore Title: How Sabel Systems Reduced Vulnerability Review Time by 75% While Maintaining Zero Critical Vulnerabilities Feedly Summary: We’re excited to share a new case study highlighting how Sabel Systems transformed their security review process while scaling their Code Foundry platform to support Department of Defense (DoD) missions. Sabel Systems provides…

Cisco Talos Blog: Too salty to handle: Exposing cases of CSS abuse for hidden text salting

—

by

Source URL: https://blog.talosintelligence.com/too-salty-to-handle-exposing-cases-of-css-abuse-for-hidden-text-salting/ Source: Cisco Talos Blog Title: Too salty to handle: Exposing cases of CSS abuse for hidden text salting Feedly Summary: A simple yet effective tactic, known as hidden text salting, is increasingly used by cybercriminals over the past few months to evade even the most advanced email security solutions, including those powered…

Docker: Unlimited access to Docker Hardened Images: Because security should be affordable, always

Oct 6, 2025

—

by

Source URL: https://www.docker.com/blog/unlimited-access-to-docker-hardened-images-because-security-should-be-affordable-always/ Source: Docker Title: Unlimited access to Docker Hardened Images: Because security should be affordable, always Feedly Summary: Every organization we speak with shares the same goal: to deliver software that is secure and free of CVEs. Near-zero CVEs is the ideal state. But achieving that ideal is harder than it sounds, because…

Docker: Llama.cpp Gets an Upgrade: Resumable Model Downloads

Oct 6, 2025

—

by