Aggregator

Europol targets extremist online content exploiting minors, tackling rising use of AI, propaganda, and grooming across Europe’s digital platforms.

本文基于CESNET-QUIC22这一规模最大、类别标签最多、跨度最长的QUIC流量数据集，系统评估了多种分类模型在连续时间段上的性能，揭示了不同分类器的性能差异及其性能随时间的变化。

A high-severity vulnerability was uncovered in Splunk Universal Forwarder for Windows that compromises directory access controls.  The flaw, designated CVE-2025-20298 with a CVSSv3.1 score of 8.0, affects multiple versions of the software and poses significant security risks to enterprise environments relying on Splunk’s data forwarding capabilities. The vulnerability stems from incorrect permission assignment during the […]

The post Splunk Universal Forwarder on Windows Lets Non-Admin Users Access All Contents appeared first on Cyber Security News.

A vulnerability was found in Firebird SQL Server up to 2.5.3. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to memory corruption. This vulnerability is known as CVE-2013-2492. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

6 тысяч было мало: ещё 300 жертв “оптимизации”.

A vulnerability was found in ccNewsletter 2.x on Joomla. It has been rated as critical. This issue affects some unknown processing. The manipulation as part of Parameter leads to sql injection. The identification of this vulnerability is CVE-2018-5989. The attack may be initiated remotely. Furthermore, there is an exploit available.

Sensor Intel Series: May 2025 CVE Trends

A vulnerability was found in brikou WP Plugin Info Card up to 5.3.1 on WordPress and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2025-5116. The attack may be launched remotely. There is no exploit available.

A vulnerability has been found in Parallels Desktop 20.2.2 (55879) on macOS and classified as critical. Affected by this vulnerability is an unknown functionality of the component PVMP Package Unpacking. The manipulation leads to path traversal. This vulnerability is known as CVE-2025-31359. Attacking locally is a requirement. There is no exploit available.

A vulnerability, which was classified as critical, was found in Parallels Desktop 20.1.1 on macOS. Affected is an unknown function of the component Snapshot Handler. The manipulation leads to unix hard link. This vulnerability is traded as CVE-2024-54189. Local access is required to approach this attack. There is no exploit available.

A vulnerability, which was classified as critical, has been found in Parallels Desktop 20.1.1 on macOS. This issue affects some unknown processing of the component Snapshot Handler. The manipulation leads to incorrect ownership assignment. The identification of this vulnerability is CVE-2024-52561. An attack has to be approached locally. There is no exploit available.

A vulnerability classified as critical was found in Parallels Desktop 20.1.1 on macOS. This vulnerability affects the function prl_vmarchiver of the component Virtual Machine Archive Restoration. The manipulation leads to unix hard link. This vulnerability was named CVE-2024-36486. The attack needs to be approached locally. There is no exploit available.

Introducing the Akamai Partner Awards, which recognize excellence ? both organizational and individual ? in sales, services, marketing, and technical impact.

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.

• CVE-2025-21479 Qualcomm Multiple Chipsets Incorrect Authorization Vulnerability
• CVE-2025-21480 Qualcomm Multiple Chipsets Incorrect Authorization Vulnerability
• CVE-2025-27038 Qualcomm Multiple Chipsets Use-After-Free Vulnerability

These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

CISA released three Industrial Control Systems (ICS) advisories on June 3, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

• ICSA-25-153-01 Schneider Electric Wiser Home Automation
• ICSA-25-153-02 Schneider Electric EcoStruxure Power Build Rapsody
• ICSA-25-153-03 Mitsubishi Electric MELSEC iQ-F Series

CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations.

NIST is helping drug companies accurately measure the amount of radioactivity in their actinium-225 drugs.

CSPM, DSPM, ASPM, SSPM, ESPM — the alphabet soup of Security Posture Management (SPM) tools promises visibility into risk. They map misconfigurations, surface exposure paths and highlight policy gaps. That can be useful. But let’s not confuse awareness with action.

They don’t block threats.
They don’t enforce controls.
They don’t prevent breaches.

SPMs detect, then delegate. A ticket. A Slack alert. An integration call. Protection is someone else’s problem.

To compensate, many posture tools claim to orchestrate security. They integrate with enforcement tools like DLP, CWPP, EDR and WAF. But wiring systems together doesn’t make the system secure.

Coordination ≠ Protection
Visibility ≠ Control
Monitoring ≠ Security So why is there an abundance of SPM vendors?

Because posture is easier.

• Easier to build. Cloud-only, read-only, event-driven. No need to support endpoints, on-prem, hybrid or inline enforcement. Just scan, analyze, alert.
• Easier to sell. No rip-and-replace. Posture tools bolt onto the existing stack, not replace it. That also means customers end up managing yet another vendor, another dashboard, another integration.
• Easier to adopt. No agents, low friction, fast time-to-value. Good enough to show progress, but not strong enough to stop attacks.

Yes, posture matters. But let’s not mistake issue tracking for actual security.

Security requires action — not just awareness.

False confidence, real consequences

There’s an illusion of progress that posture tools can create. Dashboards look active. Tickets are assigned. Metrics suggest movement. But beneath that layer of perceived control, many organizations remain dangerously exposed.

In fact, {children}. Visibility alone isn’t moving the needle—security teams are still drowning in noise while real risks slip through. That's the difference between knowing something's wrong and doing something about it.

It’s why so many breaches still happen in environments that were “monitored.” The problem wasn’t a lack of alerts, it was the inability to respond in time.

And the results? Stolen IP. Leaked customer records. Compliance violations. Brand damage. Leadership churn.

The stakes aren’t theoretical. And yet too many teams are trapped in a cycle of detection without defense.

It’s time to rethink what protection means

The right approach isn’t a patchwork of posture tools and point integrations. It’s a unified system — deep within a specific domain — that doesn’t just highlight problems but solves them in real time.

Whether you’re focused on data, identities or assets, true security means:

• Continuous classification of what’s sensitive: Modern DLP starts by building a living inventory of sensitive data — constantly discovering and labeling information across SaaS apps, endpoints, on-premise file shares and emails. It ensures you always know what you're protecting, even as your data changes and moves.
• Real-time monitoring of how it’s accessed and shared: Visibility into who’s touching your data, when, and how allows security teams to identify risky behavior instantly — not after the fact. This creates accountability and supports both proactive defense and forensic insight.
• Contextual enforcement that prevents misuse: It’s not enough to just watch. Real-time protection at the endpoint means applying intelligent controls based on business context — blocking or coaching users when behavior looks risky, not just flagging it.
• Automated remediation that closes the loop: When policies are violated, MIND acts. From revoking access and deleting shared links to educating users in near real time, the loop is closed automatically — without requiring tickets, escalations or delays.

This isn’t a wishlist. This is what modern DLP — done right — can and should deliver.

Enter MIND: Posture & Prevention

That’s what MIND was built to do.

MIND combines the context-aware insights of DSPM (posture) with the automated enforcement of modern DLP (prevention).

We help security teams move beyond alert fatigue to actual control. Beyond passive monitoring to meaningful action. Beyond fractured tools to full-spectrum protection.

Our AI-powered classification engine understands your data in context—whether it’s source code, contracts, financial records, credentials, passwords, or PII. And it enforces your policies wherever data lives: SaaS and Gen AI apps, endpoints, on-premise file shares, emails and beyond.

We don’t just surface issues. We solve them.
We don’t just map risks. We mitigate them.
We don’t just warn you. We stop the leaks.

Security leaders are overburdened, not underinformed. With limited resources, increasing complexity and high expectations, they need solutions that deliver results, not just more dashboards.

Stop scanning. Start securing.

Mind What Matters.

The post Posture ≠ Protection appeared first on Security Boulevard.

A vulnerability, which was classified as problematic, was found in coWiki 0.3.4. Affected is an unknown function of the file 26.html. The manipulation leads to basic cross site scripting. This vulnerability is traded as CVE-2005-4053. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

Cybercriminals have launched a sophisticated campaign targeting travelers through fake Booking.com websites that deploy AsyncRAT malware, according to recent security research. The threat actors redirect users from gaming sites, social media platforms, and sponsored advertisements to convincing replica booking sites designed to compromise visitor devices. This attack capitalizes on the fact that 40% of people […]

The post Beware of Fake Booking.com Sites That Infects Your Devices With AsyncRAT appeared first on Cyber Security News.

Store можно снести, Edge — отучить.