Aggregator

ShadowSilk first surfaced in late 2023 as a sophisticated threat cluster targeting government entities across Central Asia and the broader APAC region. Exploiting known public vulnerabilities and widely available penetration-testing frameworks, the group orchestrates data exfiltration campaigns with a high degree of automation and stealth. Initial deliveries were achieved via phishing emails containing password-protected archives; […]

The post ShadowSilk Leveraging Penetration-Testing Tools, Public Exploits to Attack Organizations appeared first on Cyber Security News.

本文对固有后门进行了系统性研究，发现它们广泛存在于干净模型中，与注入型后门一样具有危险性，是一种新型攻击媒介。

F6 описала новый сценарий атак.

A coalition of international cybersecurity agencies led by the UK’s National Cyber Security Centre (NCSC) has publicly linked…

Cybersecurity experts discovered an advanced persistent threat (APT) cluster called ShadowSilk in a thorough research published by Group-IB. Since at least 2023, this group has been actively breaching government institutions in Central Asia and the Asia-Pacific area. The group’s operations, ongoing as of July 2025, focus primarily on data exfiltration, leveraging a sophisticated blend of […]

The post ShadowSilk Targets Penetration-Testing Tools and Public Exploits to Breach Organizations appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Cybersecurity and Infrastructure Security Agency, FBI and others are supporting Nevada as it recovers from a cyberattack that has affected a range of state government services.

Учителя пишут экзамены, а кто-то читает их раньше срока.

Palo Alto, California, 28th August 2025, CyberNewsWire

The post Breaking the Passkey Promise: SquareX Discloses Major Passkey Vulnerability at DEF CON 33 appeared first on Security Boulevard.

Check out highlights from the IDC white paper “Bridging Cloud Security and Exposure Management for Unified Risk Reduction,” which explains how CNAPPs help security teams tame the complexity of multi-cloud environments by shifting from a reactive, alert-driven model to a proactive exposure management strategy.

Organizations’ rapid expansion into the cloud has created a complex and thorny security landscape that often throws security teams into a counterproductive reactive cycle. As they breathlessly chase myriad alerts from a patchwork of fragmented tools, they struggle to piece together a coherent picture of their ever-expanding attack surface. This lack of visibility leads to a constant struggle to prioritize the most critical cyber threats.

If this sounds familiar, you're not alone. Traditional security models fall short when you need to manage security across dynamic, multi-cloud environments. The good news? There's a better way forward: Leveraging an integrated cloud native application protection platform (CNAPP) that is is part of an exposure management strategy.

A new white paper from industry analyst firm IDC, sponsored by Tenable and titled “Bridging Cloud Security and Exposure Management for Unified Risk Reduction,” sheds light on how CNAPPs offer a transformative approach to cloud security. 

“In this environment, cloud security can no longer be an isolated function. CNAPP represents a critical evolution in the enterprise security strategy — enabling teams to secure every layer of the cloud stack while unifying visibility, accelerating response, and reducing risk at scale,” the IDC white paper reads.

In this blog, we’ll outline key insights from the white paper, including why a CNAPP-centric strategy that incorporates exposure management has become essential for combating increasingly sophisticated and aggressive cyber attacks.

The CNAPP solution: Unifying your defenses

CNAPPs are a game-changer. As the IDC white paper explains, a CNAPP unifies multiple security disciplines into a single, integrated platform. Think of it as your central command center for cloud security, bringing together capabilities that include:

• Identifying and remediating misconfigurations (cloud security posture management, or CSPM)
• Protecting your virtual machines, containers, and serverless environments (cloud workload protection, or CWP)
• Managing identities and permissions (cloud infrastructure entitlement management or CIEM)
• Safeguarding your cloud data (data security posture management, or DSPM)
• Securing your cloud AI systems (artificial intelligence security posture management, or AI-SPM)
• Protecting your Kubernetes environments (Kubernetes security posture management, or KSPM)
• Managing your vulnerabilities from code to cloud, including infrastructure-as-code scanning

By breaking down the silos between these different security functions, a CNAPP provides a holistic view of your entire cloud estate, IDC explains. It allows you to see the connections between different types of risks, such as how a misconfiguration in one area could be exploited by an over-privileged identity to gain access to sensitive data. This contextual understanding is crucial for moving from a reactive to a proactive security posture.

These features, combined with a focus on exposure management, are what separate a truly effective CNAPP from a basic one. “Decision makers are encouraged to explore CNAPP solutions that integrate effectively with exposure management platforms, offering unified visibility and facilitating prioritized risk mitigation,” the IDC white paper reads.

At Tenable, we define exposure management as a strategic, business-centric approach to cybersecurity that you can use to proactively assess and remediate your most critical cyber risks. In our view, exposure management transcends traditional vulnerability management by unifying business and risk contexts with threat intelligence. That way, it helps you expose, prioritize and close vulnerabilities while reducing risk and shrinking your attack surface.

In fact, as the IDC chart below shows, CNAPPs and exposure management are very much on the radar of security managers looking for emerging technologies and solutions to improve their organizations’ security capabilities.
 

(n = 600; Source: IDC’s AP Security Survey, 2024. Notes: This is an IDC Syndicated Survey. Respondents were professionals who are managers and above.)

Your path to a robust cloud security posture

The message from the IDC white paper is clear: a CNAPP-centric approach is the future of cloud security. A CNAPP does more than just consolidate tools: It fundamentally enhances how you manage risk in the cloud. A CNAPP empowers your cybersecurity teams with the visibility, context and actionable insights they need to stay ahead of attackers.

“A cloud- and environment-agnostic CNAPP strategy – and particularly one that incorporates exposure management – facilitates seamless integration across platforms, empowering organizations to maintain control, optimize resource utilization, and fortify their security posture,” the IDC white paper reads.

CISOs also benefit, as their role evolves and security priorities shift towards automation, end-to-end visibility and real-time threat management. 

“Exposure management inclusive of cloud security aligns with these priorities by providing contextual risk insights into potential security gaps and facilitating timely interventions,” the IDC white paper reads.

Get all the details

The full IDC white paper goes into much greater detail on all of these topics, and more. It offers:

• a comprehensive look at the current cloud security landscape;
• a deep dive into the capabilities of a modern CNAPP; and
• a guide to what you should look for in a solution. 

It also provides an in-depth look at Tenable's approach to cloud security, highlighting how our Tenable Cloud Security CNAPP integrates with our Tenable One Exposure Management Platform. 

According to IDC, the combination of Tenable Cloud Security and Tenable One “eliminates blind spots across cloud and hybrid environments.” 

“This integration enables stakeholders to understand and mitigate cloud risks within the context of their broader IT and cloud landscape,” the IDC white paper reads.

The journey to cloud security maturity is challenging, but you can succeed by adopting a CNAPP-centric approach that integrates exposure management.

Don't let the complexity of the cloud leave you vulnerable. To get the full picture and start building your roadmap to a more secure cloud, download the IDC white paper “Bridging Cloud Security and Exposure Management for Unified Risk Reduction.”

The post Your Map for the Cloud Security Maze: An Integrated Cloud Security Solution That’s Part of an Exposure Management Approach appeared first on Security Boulevard.

Check out highlights from the IDC white paper “Bridging Cloud Security and Exposure Management for Unified Risk Reduction,” which explains how CNAPPs help security teams tame the complexity of multi-cloud environments by shifting from a reactive, alert-driven model to a proactive exposure management strategy.

Organizations’ rapid expansion into the cloud has created a complex and thorny security landscape that often throws security teams into a counterproductive reactive cycle. As they breathlessly chase myriad alerts from a patchwork of fragmented tools, they struggle to piece together a coherent picture of their ever-expanding attack surface. This lack of visibility leads to a constant struggle to prioritize the most critical cyber threats.

If this sounds familiar, you're not alone. Traditional security models fall short when you need to manage security across dynamic, multi-cloud environments. The good news? There's a better way forward: Leveraging an integrated cloud native application protection platform (CNAPP) that is is part of an exposure management strategy.

A new white paper from industry analyst firm IDC, sponsored by Tenable and titled “Bridging Cloud Security and Exposure Management for Unified Risk Reduction,” sheds light on how CNAPPs offer a transformative approach to cloud security. 

“In this environment, cloud security can no longer be an isolated function. CNAPP represents a critical evolution in the enterprise security strategy — enabling teams to secure every layer of the cloud stack while unifying visibility, accelerating response, and reducing risk at scale,” the IDC white paper reads.

In this blog, we’ll outline key insights from the white paper, including why a CNAPP-centric strategy that incorporates exposure management has become essential for combating increasingly sophisticated and aggressive cyber attacks.

The CNAPP solution: Unifying your defenses

CNAPPs are a game-changer. As the IDC white paper explains, a CNAPP unifies multiple security disciplines into a single, integrated platform. Think of it as your central command center for cloud security, bringing together capabilities that include:

• Identifying and remediating misconfigurations (cloud security posture management, or CSPM)
• Protecting your virtual machines, containers, and serverless environments (cloud workload protection, or CWP)
• Managing identities and permissions (cloud infrastructure entitlement management or CIEM)
• Safeguarding your cloud data (data security posture management, or DSPM)
• Securing your cloud AI systems (artificial intelligence security posture management, or AI-SPM)
• Protecting your Kubernetes environments (Kubernetes security posture management, or KSPM)
• Managing your vulnerabilities from code to cloud, including infrastructure-as-code scanning

By breaking down the silos between these different security functions, a CNAPP provides a holistic view of your entire cloud estate, IDC explains. It allows you to see the connections between different types of risks, such as how a misconfiguration in one area could be exploited by an over-privileged identity to gain access to sensitive data. This contextual understanding is crucial for moving from a reactive to a proactive security posture.

These features, combined with a focus on exposure management, are what separate a truly effective CNAPP from a basic one. “Decision makers are encouraged to explore CNAPP solutions that integrate effectively with exposure management platforms, offering unified visibility and facilitating prioritized risk mitigation,” the IDC white paper reads.

At Tenable, we define exposure management as a strategic, business-centric approach to cybersecurity that you can use to proactively assess and remediate your most critical cyber risks. In our view, exposure management transcends traditional vulnerability management by unifying business and risk contexts with threat intelligence. That way, it helps you expose, prioritize and close vulnerabilities while reducing risk and shrinking your attack surface.

In fact, as the IDC chart below shows, CNAPPs and exposure management are very much on the radar of security managers looking for emerging technologies and solutions to improve their organizations’ security capabilities.
 

(n = 600; Source: IDC’s AP Security Survey, 2024. Notes: This is an IDC Syndicated Survey. Respondents were professionals who are managers and above.)

Your path to a robust cloud security posture

The message from the IDC white paper is clear: a CNAPP-centric approach is the future of cloud security. A CNAPP does more than just consolidate tools: It fundamentally enhances how you manage risk in the cloud. A CNAPP empowers your cybersecurity teams with the visibility, context and actionable insights they need to stay ahead of attackers.

“A cloud- and environment-agnostic CNAPP strategy – and particularly one that incorporates exposure management – facilitates seamless integration across platforms, empowering organizations to maintain control, optimize resource utilization, and fortify their security posture,” the IDC white paper reads.

CISOs also benefit, as their role evolves and security priorities shift towards automation, end-to-end visibility and real-time threat management. 

“Exposure management inclusive of cloud security aligns with these priorities by providing contextual risk insights into potential security gaps and facilitating timely interventions,” the IDC white paper reads.

Get all the details

The full IDC white paper goes into much greater detail on all of these topics, and more. It offers:

• a comprehensive look at the current cloud security landscape;
• a deep dive into the capabilities of a modern CNAPP; and
• a guide to what you should look for in a solution. 

It also provides an in-depth look at Tenable's approach to cloud security, highlighting how our Tenable Cloud Security CNAPP integrates with our Tenable One Exposure Management Platform. 

According to IDC, the combination of Tenable Cloud Security and Tenable One “eliminates blind spots across cloud and hybrid environments.” 

“This integration enables stakeholders to understand and mitigate cloud risks within the context of their broader IT and cloud landscape,” the IDC white paper reads.

The journey to cloud security maturity is challenging, but you can succeed by adopting a CNAPP-centric approach that integrates exposure management.

Don't let the complexity of the cloud leave you vulnerable. To get the full picture and start building your roadmap to a more secure cloud, download the IDC white paper “Bridging Cloud Security and Exposure Management for Unified Risk Reduction.”

Visual Studio Code extensions have been identified exploiting a loophole that allows reuse of names from removed packages

FreePBX administrators worldwide have been urged to immediately disable public internet access to their systems after a critical 0-day vulnerability was discovered in the commercial Endpoint Manager module. The Sangoma FreePBX Security Team confirmed that attacker-controlled exploit code can gain unauthenticated remote code execution on systems with the Administrator Control Panel exposed to hostile networks, […]

The post FreePBX Servers Hit by 0-Day Exploit, Disable Internet Access Advised appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

TransUnion reported a data breach in which threat actors accessed personal information of over 4.4 million customers. TransUnion disclosed a data breach that impacted more than 4,461,511 customers. The company is one of the three major credit reporting agencies in the United States (alongside Experian and Equifax). It collects and maintains credit information on consumers […]

Highlights: Introduction While Microsoft Windows has steadily strengthened its security model—through features like Protected Processes (PP/PPL) and enhanced driver verification—threat actors have adapted by shifting their tactics to exploit lower-level weaknesses that bypass these protections without triggering defenses. Among the most effective of these techniques is the abuse of vulnerable kernel-mode drivers, particularly those capable […]

The post Chasing the Silver Fox: Cat & Mouse in Kernel Shadows appeared first on Check Point Research.

A vulnerability classified as problematic has been found in Drupal Entity Form Steps up to 1.1.3. Affected is an unknown function. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2024-13305. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability marked as problematic has been reported in Drupal Minify JS up to 3.0.2. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. This vulnerability is documented as CVE-2024-13304. The attack can be initiated remotely. There is not any exploit available. It is suggested to upgrade the affected component.

A vulnerability marked as critical has been reported in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.0.0. Affected is an unknown function of the file /crm/weixinmp/index.php?userid=123&module=Users&usid=1&action=UsersAjax&minipro_const_type=1&related_module=Singin. Performing manipulation of the argument pathfile results in path traversal. This vulnerability is reported as CVE-2025-0461. The attack is possible to be carried out remotely. Moreover, an exploit is present. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability described as critical has been identified in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.0.0. Affected by this vulnerability is an unknown functionality of the file /crm/weixinmp/index.php?userid=123&module=Users&usid=1&action=UsersAjax&minipro_const_type=1. Executing manipulation of the argument searchcontent can lead to sql injection. This vulnerability appears as CVE-2025-0462. The attack may be performed from a remote location. In addition, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.