Security
Headlines
HeadlinesLatestCVEs

Tag

#samba

IR Trends Q1 2025: Phishing soars as identity-based attacks persist

This quarter, phishing attacks surged as the primary method for initial access. Learn how you can detect and prevent pre-ransomware attacks.

TALOS
Open in Source
#vulnerability#windows#microsoft#cisco#git#java#perl#samba#auth
New AkiraBot Abuses OpenAI API to Spam Website Contact Forms

Cybersecurity researchers have identified a new spam campaign driven by ‘AkiraBot,’ an AI-powered bot that targets small business…

GHSA-c9pr-q8gx-3mgp: Improper Scope Validation in the `open` Endpoint of `tauri-plugin-shell`

### Impact The Tauri [`shell`](https://tauri.app/plugin/shell/) plugin exposes functionality to execute code and open programs on the system. The [`open`](https://tauri.app/reference/javascript/shell/#open) endpoint of this plugin is designed to allow open functionality with the system opener (e.g. `xdg-open` on Linux). This was meant to be restricted to a reasonable number of protocols like `https` or `mailto` by default. This default restriction was not functional due to improper validation of the allowed protocols, allowing for potentially dangerous protocols like `file://`, `smb://`, or `nfs://` and others to be opened by the system registered protocol handler. By passing untrusted user input to the `open` endpoint these potentially dangerous protocols can be abused to gain remote code execution on the system. This either requires direct exposure of the endpoint to application users or code execution in the frontend of a Tauri application. You are not affected if you have e...

RedCurl Uses New QWCrypt Ransomware in Hypervisor Attacks

Discover the novel QWCrypt ransomware used by RedCurl in targeted hypervisor attacks. This article details their tactics, including…

G2 Names INE 2025 Cybersecurity Training Leader

Cary, North Carolina, 27th March 2025, CyberNewsWire

UAT-5918 targets critical infrastructure entities in Taiwan

UAT-5918, a threat actor believed to be motivated by establishing long-term access for information theft, uses a combination of web shells and open-sourced tooling to conduct post-compromise activities to establish persistence in victim environments for information theft and credential harvesting.

Why Continuous Compliance Monitoring Is Essential For IT Managed Service Providers

Regulatory compliance is no longer just a concern for large enterprises. Small and mid-sized businesses (SMBs) are increasingly subject to strict data protection and security regulations, such as HIPAA, PCI-DSS, CMMC, GDPR, and the FTC Safeguards Rule. However, many SMBs struggle to maintain compliance due to limited IT resources, evolving regulatory requirements, and complex security challenges

About Spoofing – Windows File Explorer (CVE-2025-24071) vulnerability

About Spoofing – Windows File Explorer (CVE-2025-24071) vulnerability. The vulnerability is from the March Microsoft Patch Tuesday. The VM vendors didn’t highlight it in their reviews. A week later, on March 18, researcher 0x6rss published a write-up and a PoC exploit. According to him, the vulnerability is exploited in the wild, and the exploit has […]

Patch it up: Old vulnerabilities are everyone’s problems

Thorsten picks apart some headlines, highlights Talos’ report on an unknown attacker predominantly targeting Japan, and asks, “Where is the victim, and does it matter?”

Why Small and Medium Businesses Are Adopting Blockchain Solutions

Blockchain technology is revolutionizing industries by enabling secure transactions, decentralization, and transparency. At the same time, Blockchain software…