Security
Headlines
HeadlinesLatestCVEs

Latest News

Defining a new methodology for modeling and tracking compartmentalized threats

How do you profile actors and defend your systems when multiple threat actors are working together? In Part 2, Cisco Talos proposes an extended Diamond Model to analyze complex relationships between attackers.

TALOS
Open in Source
#web#ios#mac#cisco#intel#backdoor#botnet#ssh#ssl
Redefining IABs: Impacts of compartmentalization on threat tracking and modeling

Threat actors are teaming up, splitting attacks into stages and making defense harder than ever. In Part 1, Cisco Talos examines their tactics and defines their motivations.

GHSA-w6c7-j32f-rq8j: Apache Superset Allows Ownership Takeover

Improper Authorization vulnerability in Apache Superset allows ownership takeover of dashboards, charts or datasets by authenticated users with read permissions. This issue affects Apache Superset: through 4.1.1. Users are recommended to upgrade to version 4.1.2 or above, which fixes the issue.

CVE-2025-29954: Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to invest time in repeated exploitation attempts through sending constant or intermittent data.

CVE-2025-29963: Windows Media Remote Code Execution Vulnerability

**According to the CVSS metric, the attack vector is network (AV:N) and user interaction is required (UI:R). What is the target context of the remote code execution?** This attack requires a user to open a specially crafted file from the attacker to initiate remote code execution.

CVE-2025-29961: Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability

**According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?** In a web-based attack scenario, an attacker could host a website or server that contains a specially crafted file that is designed to exploit the vulnerability. However, an attacker would have no way to force the user to visit the website. Instead, an attacker would have to convince the user to click a link, typically by way of an enticement in an email or Instant Messenger message, and then convince the user to open the specially crafted file.