admin

admin

  • Joined: September 10, 2024
  • Articles: 4653

Microsoft Addresses 130 Vulnerabilities, Including Critical Issues in SPNEGO and SQL Server

July 9, 2025
Endpoint Security / Vulnerability

In its first Patch Tuesday update of 2025, Microsoft has rolled out fixes for 130 vulnerabilities, marking a shift as no exploited security flaws were included in this batch. Notably, one flaw addressed had already been publicly disclosed. The update also tackles 10 additional non-Microsoft CVEs impacting Visual Studio, AMD, and the Chromium-based Edge browser. Among the patched vulnerabilities, 10 are classified as Critical, while the remainder are deemed Important. “This marks the end of an 11-month streak of fixing at least one zero-day exploitation,” noted Satnam Narang, Senior Staff Research Engineer at Tenable. The vulnerabilities include 53 related to privilege escalation, 42 for remote code execution, 17 for information disclosure, and 8 for security feature bypasses. Furthermore, the update builds on two other flaws previously fixed in the Edge browser since the last month’s Patch Tuesday.

Microsoft Addresses 130 Vulnerabilities, Highlighting Critical Flaws in SPNEGO and SQL Server On July 9, 2025, Microsoft released its Patch Tuesday updates, addressing a total of 130 vulnerabilities, including critical security flaws within the SPNEGO protocol and SQL Server. Notably,…

Google Alerts Users to Actively Exploited CVE-2024-43093 Vulnerability in Android

November 5, 2024 – Mobile Security / Vulnerability

Google has issued a warning regarding a security vulnerability in its Android operating system that is currently being actively exploited. Identified as CVE-2024-43093, this privilege escalation flaw affects the Android Framework component and may allow unauthorized access to the “Android/data,” “Android/obb,” and “Android/sandbox” directories, along with their subdirectories. While details on the exploitation methods remain limited, Google noted in its monthly report that there are signs of “limited, targeted exploitation.” Additionally, the company highlighted CVE-2024-43047, a previously patched security issue in Qualcomm chipsets, which is also being actively exploited. This particular vulnerability involves a use-after-free flaw in the Digital Signal Processor (DSP) Service, where successful exploitation could lead to memory corruption.

Google Alerts Users to Actively Exploited CVE-2024-43093 Vulnerability in Android On November 5, 2024, Google issued a critical warning regarding a security vulnerability in the Android operating system, designated as CVE-2024-43093. This vulnerability involves privilege escalation within the Android Framework…

The Importance of Ongoing Red Teaming for AI Security

Artificial Intelligence & Machine Learning, Black Hat, Events NIST’s Apostol Vassilev Highlights the Importance of Dynamic Response Over Static Testing Michael Novinson (MichaelNovinson) • August 11, 2025 Apostol Vassilev, Research Team Supervisor, National Institute of Standards and Technology The expansion…

5 Identity-Based Vulnerabilities Behind Recent Retail Breaches

July 8, 2025
SaaS Security / Cyber Threats

From excessive admin privileges to neglected vendor tokens, attackers are capitalizing on weaknesses in trust and access. This article explores five significant retail breaches and the insights they provide. Major retailers like Adidas, The North Face, Dior, Victoria’s Secret, Cartier, Marks & Spencer, and Co-op have all faced breaches recently. Unlike traditional malware or zero-day exploits, these incidents were driven by identity exploitation—tapping into overprivileged access and unmonitored service accounts, often augmented by social engineering tactics.

Rather than forcing their way in, attackers simply logged in, moving stealthily through SaaS applications using legitimate credentials. Although many retailers have withheld specific technical details, clear patterns are emerging. Here’s a closer look at five notable breaches in the retail industry:

  1. Adidas: Leveraging third-party trust…

Identity-Based Attacks Compromising Retail: A Closer Look In recent months, the retail sector has faced significant security breaches, exposing vulnerabilities that often stem from identity-based attacks rather than sophisticated malware. Major brands such as Adidas, The North Face, Dior, Victoria’s…

AMD Alerts Users to New Transient Scheduler Vulnerabilities Affecting Various CPU Models

Date: July 10, 2025
Category: Vulnerability / Hardware Security

AMD has issued a warning regarding a fresh wave of vulnerabilities impacting a wide array of chipsets, posing risks of data exposure. These vulnerabilities, known as Transient Scheduler Attacks (TSA), exploit speculative execution timing under certain microarchitectural conditions, creating a potential side channel in the CPUs. “In some instances, attackers could leverage this timing data to extract information from different contexts, leading to data leaks,” AMD stated in its advisory. The vulnerabilities were identified through research conducted by Microsoft and ETH Zurich, which tested modern CPUs against speculative execution threats like Meltdown and Foreshadow by examining isolation among security domains, including virtual machines, kernels, and processes. Following responsible disclosure in June 2024, the vulnerabilities have been assigned the following CVE identifiers: CVE-2024-36350 (CVSS score: 5.6).

AMD Issues Warning on Vulnerabilities Affecting a Wide Range of CPUs In a recent advisory, semiconductor giant AMD has highlighted a new set of vulnerabilities that may compromise the security of various chipsets, potentially allowing unauthorized access to sensitive information.…

New Android Banking Malware ‘ToxicPanda’ Pilfers Funds Through Deceptive Transfers

Nov 05, 2024
Mobile Security / Cyber Attack

A newly discovered Android banking malware, dubbed ToxicPanda, has already compromised over 1,500 devices, enabling cybercriminals to execute fraudulent transactions. According to Cleafy researchers Michele Roviello, Alessandro Strino, and Federico Valentini, “ToxicPanda’s primary aim is to facilitate money transfers from infected devices through account takeover (ATO) techniques, leveraging a method known as on-device fraud (ODF).” The malware is designed to circumvent banking security measures that verify user identity and authenticate transactions, along with behavioral detection strategies used by banks to flag suspicious money transfers. It is believed that ToxicPanda is linked to a Chinese-speaking threat actor and bears notable similarities to another Android malware called TgToxic, which can steal user credentials and deplete crypto wallets. TgToxic was first reported by Trend Micro in early 2023.

New Android Banking Malware ‘ToxicPanda’ Exploits Devices for Fraudulent Transactions November 5, 2024 Mobile Security / Cyber Attack A newly discovered strain of Android banking malware, named ToxicPanda, has reportedly compromised over 1,500 Android devices, enabling cybercriminals to execute unauthorized…

How Volunteering Shapes Careers in Cybersecurity

Recruitment & Reskilling Strategy, Training & Security Leadership Cyber Volunteers Can Gain Real-World Experience While Protecting Communities Brandy Harris • August 6, 2025 Image: Shutterstock In the evolving landscape of cybersecurity, aspiring professionals often envision a path paved with certifications,…