Microsoft has recently addressed two critical vulnerabilities, CVE-2025-49706 and CVE-2025-49704, part of their monthly update cycle. However, reports from over the weekend have revealed that the patches were insufficient, leaving organizations vulnerable to new types of cyberattacks. The primary targets of these attacks are organizations using SharePoint servers. The initial…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime, Governance & Risk Management Security Researchers Warn of Widespread Access to Exploit Code by Diverse Hacking Groups Mathew J. Schwartz (euroinfosec) • July 22, 2025 Image: Shutterstock/Microsoft Recent assessments indicate that hackers have been exploiting zero-day vulnerabilities in Microsoft SharePoint, primarily to…
Governance & Risk Management, Patch Management Microsoft Rolls Out Emergency Patches for Authentication-Bypassing Attacks Prajeet Nair (@prajeetspeaks), Mathew J. Schwartz (euroinfosec) • July 21, 2025 Image: Shutterstock In a concerning development, cybersecurity experts have reported that attackers are exploiting two zero-day vulnerabilities in on-premises Microsoft SharePoint installations. This activity allows…
Researchers from Cisco’s Talos security team have identified a sophisticated malware-as-a-service (MaaS) operation that exploited public GitHub accounts to distribute various types of malicious software to targeted entities. This innovative distribution method capitalized on GitHub’s widespread acceptance in enterprise environments, where many organizations rely on the platform for software development.…
KT to Invest Over $724 Million in Cybersecurity Following SK Telecom Data Breach In response to heightened consumer concerns following a substantial data breach at SK Telecom, South Korean telecommunications leader KT has announced a commitment to invest more than 1 trillion won (approximately $724 million) over the next five…
Recent Investigative Findings on ICE Detention Centers: A Troubling Overview This week, WIRED unveiled a persuasive investigation into the alarming state of U.S. Immigration and Customs Enforcement (ICE) detention facilities. The report, backed by numerous audio recordings and records of emergency calls, exposes a multitude of life-threatening incidents inside these…
Cloud Security, Security Operations Presented by Palo Alto Networks 60 mins In an era where cloud environments are increasingly dynamic and complex, organizations are recognizing that traditional native firewalls often fall short of meeting enterprise-level requirements for visibility, control, and threat prevention. Responding to this challenge, Palo Alto Networks has…
Presented by Palo Alto Networks 60 mins In the rapidly evolving landscape of generative AI, organizations are confronted with unprecedented opportunities and challenges. This upcoming webinar, sponsored by Palo Alto Networks, aims to address the complexities of safeguarding your enterprise’s AI initiatives through the advanced capabilities of the Prisma® AIRS…
Recent claims of a potential cybersecurity breach have sparked significant debate, particularly regarding the security measures of tech giant Apple. The company’s head of security engineering, Ivan Krstić, firmly rejected allegations of a targeted attack, asserting that, “We strongly disagree with the claims of a targeted attack against our users.”…
