Cybersecurity Spending, Government, Industry Specific $100M in State Cyber Grants Signals Reduced Federal Support Amid Increasing Demand Chris Riotta (@chrisriotta) • August 5, 2025 The Cybersecurity and Infrastructure Security Agency (CISA) has revealed a $100 million grant initiative designed to boost cybersecurity frameworks at the state and local levels. This…
The Tea app, designed to facilitate anonymous sharing of information among women regarding local men, has recently faced serious legal challenges following a significant data breach. This incident exposed a large volume of sensitive data, including thousands of selfies, ID photographs, and private conversations, leading to ten potential class action…
Date: July 21, 2025
Category: Network Security / Vulnerability
Hewlett-Packard Enterprise (HPE) has issued critical security updates to rectify a significant vulnerability in Instant On Access Points. This flaw, identified as CVE-2025-37103, has a CVSS rating of 9.8 out of 10 and allows attackers to bypass authentication, potentially granting them administrative access to affected systems. According to the advisory, “Hard-coded login credentials were discovered in HPE Networking Instant On Access Points, enabling anyone aware of these credentials to circumvent standard device authentication.” Additionally, HPE has addressed another security issue involving authenticated command injection in the command-line interface (CVE-2025-37102, CVSS score: 7.2), which could allow remote attackers to execute arbitrary commands on the operating system with elevated privileges.
Critical Security Flaw Discovered in HPE Instant On Devices, Granting Admin Access On July 21, 2025, Hewlett-Packard Enterprise (HPE) announced the release of crucial security patches aimed at rectifying a significant vulnerability in its Instant On Access Points. This flaw presents an opportunity for attackers to bypass authentication measures, thereby…
Date: July 21, 2025
Category: Network Security / Vulnerability
Hewlett-Packard Enterprise (HPE) has issued critical security updates to rectify a significant vulnerability in Instant On Access Points. This flaw, identified as CVE-2025-37103, has a CVSS rating of 9.8 out of 10 and allows attackers to bypass authentication, potentially granting them administrative access to affected systems. According to the advisory, “Hard-coded login credentials were discovered in HPE Networking Instant On Access Points, enabling anyone aware of these credentials to circumvent standard device authentication.” Additionally, HPE has addressed another security issue involving authenticated command injection in the command-line interface (CVE-2025-37102, CVSS score: 7.2), which could allow remote attackers to execute arbitrary commands on the operating system with elevated privileges.
Dec 23, 2024
Cybersecurity / Weekly Update
The digital landscape is relentless, as this week has shown. From the apprehension of ransomware developers to state-sponsored hackers unveiling novel tactics, it’s evident that cybercriminals are continually evolving their methods. They exploit everyday tools for malicious purposes, embed spyware in trusted applications, and uncover new vulnerabilities in outdated security systems. These incidents are not mere coincidences—they highlight the ingenuity and adaptability of cyber threats. In this edition, we’ll explore the most significant cybersecurity events from the past week and provide essential insights to help you stay protected and proactive. Let’s dive in.
Charges Filed Against LockBit Developer Rostislav Panev — Rostislav Panev, a 51-year-old dual Russian and Israeli citizen, has been charged in the U.S. for allegedly serving as a developer for the now-disrupted LockBit ransomware-as-a-service (RaaS) operation, which is believed to have generated approximately $230,000 between June 2022 and February 2024. Panev was…
THN Weekly Cybersecurity Overview: Key Threats, Tools, and Insights December 23, 2024 Cybersecurity / Weekly Overview The digital landscape remains unrelenting, offering criminals continuous opportunities for exploitation. This past week has underscored the ever-evolving nature of cyber threats, highlighting a range of incidents from the capture of ransomware developers to…
Dec 23, 2024
Cybersecurity / Weekly Update
The digital landscape is relentless, as this week has shown. From the apprehension of ransomware developers to state-sponsored hackers unveiling novel tactics, it’s evident that cybercriminals are continually evolving their methods. They exploit everyday tools for malicious purposes, embed spyware in trusted applications, and uncover new vulnerabilities in outdated security systems. These incidents are not mere coincidences—they highlight the ingenuity and adaptability of cyber threats. In this edition, we’ll explore the most significant cybersecurity events from the past week and provide essential insights to help you stay protected and proactive. Let’s dive in.
Charges Filed Against LockBit Developer Rostislav Panev — Rostislav Panev, a 51-year-old dual Russian and Israeli citizen, has been charged in the U.S. for allegedly serving as a developer for the now-disrupted LockBit ransomware-as-a-service (RaaS) operation, which is believed to have generated approximately $230,000 between June 2022 and February 2024. Panev was…
Cisco has reported a security incident involving one of its representatives who became a victim of a voice phishing attack, allowing cybercriminals to access user profile information from a third-party customer relationship management (CRM) system. This breach is particularly significant as it highlights the evolving tactics employed by threat actors…
Artificial Intelligence & Machine Learning, Next-Generation Technologies & Secure Development Chip Manufacturer Addresses Critical Server Vulnerabilities Greg Sirico • August 5, 2025 Image: Nvidia/Shutterstock Nvidia, a leading manufacturer in the semiconductor industry, has released patches for its open-source platform that facilitates running AI models at scale. This update follows critical…
Cybersecurity Update: AI-Induced Breaches on the Rise The landscape of cybersecurity is shifting as organizations increasingly adopt artificial intelligence (AI) without adequate oversight, significantly heightening their security risks. According to IBM’s recent annual report on data breaches, approximately 16% of breaches in the past year have involved the use of…
Microsoft Issues Critical Patch for SharePoint RCE Vulnerability Targeted in Ongoing Cyber Attacks
July 21, 2025
Server Security / Vulnerability
On Sunday, Microsoft released vital security updates to address an actively exploited vulnerability in SharePoint and provided details on another flaw that now has “more robust protections.” The company acknowledged it is “aware of active attacks targeting on-premises SharePoint Server customers by exploiting vulnerabilities partially addressed by the July Security Update.” The exploited vulnerability, tracked as CVE-2025-53770 (CVSS score: 9.8), involves remote code execution due to the deserialization of untrusted data in on-premises versions of Microsoft SharePoint Server. The newly identified issue is a spoofing vulnerability (CVE-2025-53771, CVSS score: 7.1), discovered and reported by Viettel Cyber Security and an anonymous researcher. The flaw is linked to inadequate restrictions on pathnames, leading to potential path traversal in Microsoft Office SharePoint…
Microsoft Issues Urgent Security Patch for Critical SharePoint Vulnerability Amid Ongoing Cyber Attacks On July 21, 2025, Microsoft released critical security updates aimed at addressing a serious vulnerability in SharePoint that is currently being exploited in ongoing cyber attacks targeting on-premises customers. The company revealed that it is aware of…
Microsoft Issues Critical Patch for SharePoint RCE Vulnerability Targeted in Ongoing Cyber Attacks
July 21, 2025
Server Security / Vulnerability
On Sunday, Microsoft released vital security updates to address an actively exploited vulnerability in SharePoint and provided details on another flaw that now has “more robust protections.” The company acknowledged it is “aware of active attacks targeting on-premises SharePoint Server customers by exploiting vulnerabilities partially addressed by the July Security Update.” The exploited vulnerability, tracked as CVE-2025-53770 (CVSS score: 9.8), involves remote code execution due to the deserialization of untrusted data in on-premises versions of Microsoft SharePoint Server. The newly identified issue is a spoofing vulnerability (CVE-2025-53771, CVSS score: 7.1), discovered and reported by Viettel Cyber Security and an anonymous researcher. The flaw is linked to inadequate restrictions on pathnames, leading to potential path traversal in Microsoft Office SharePoint…
Old D-Link Vulnerabilities Fuel Global Attacks by FICORA and Kaiten Botnets
Dec 27, 2024
Botnet / DDoS Attack
Cybersecurity experts are alerting to a rise in malicious activity that leverages outdated D-Link routers, involving two distinct botnets: a Mirai variant known as FICORA and a Kaiten variant referred to as CAPSAICIN. “These botnets are often propagated through well-documented vulnerabilities in D-Link devices, enabling remote attackers to execute harmful commands via GetDeviceSettings on the HNAP (Home Network Administration Protocol) interface,” noted Vincent Li, a researcher at Fortinet FortiGuard Labs, in a Thursday analysis. “This HNAP flaw was first revealed nearly ten years ago, affecting multiple devices across various CVE identifiers, including CVE-2015-2051, CVE-2019-10891, CVE-2022-37056, and CVE-2024-33112.” According to telemetry data from the cybersecurity firm, attacks linked to FICORA have been globally dispersed, while those involving CAPSAICIN have predominantly targeted East Asian countries like Japan and Taiwan.
FICORA and Kaiten Botnets Target D-Link Vulnerabilities for Global Cyber Assaults On December 27, 2024, cybersecurity experts issued a cautionary update regarding a surge in cybercriminal activities leveraging outdated vulnerabilities in D-Link routers. These exploits have led to the formation of two distinct botnets: the Mirai variant identified as FICORA…
Old D-Link Vulnerabilities Fuel Global Attacks by FICORA and Kaiten Botnets
Dec 27, 2024
Botnet / DDoS Attack
Cybersecurity experts are alerting to a rise in malicious activity that leverages outdated D-Link routers, involving two distinct botnets: a Mirai variant known as FICORA and a Kaiten variant referred to as CAPSAICIN. “These botnets are often propagated through well-documented vulnerabilities in D-Link devices, enabling remote attackers to execute harmful commands via GetDeviceSettings on the HNAP (Home Network Administration Protocol) interface,” noted Vincent Li, a researcher at Fortinet FortiGuard Labs, in a Thursday analysis. “This HNAP flaw was first revealed nearly ten years ago, affecting multiple devices across various CVE identifiers, including CVE-2015-2051, CVE-2019-10891, CVE-2022-37056, and CVE-2024-33112.” According to telemetry data from the cybersecurity firm, attacks linked to FICORA have been globally dispersed, while those involving CAPSAICIN have predominantly targeted East Asian countries like Japan and Taiwan.
