Aggregator

A vulnerability, which was classified as critical, was found in TeamViewer Full Client and Host. Affected is an unknown function of the component MSI Rollback. The manipulation leads to permission issues. This vulnerability is traded as CVE-2025-36537. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

Submit #601763 / VDB-313774

A vulnerability, which was classified as problematic, has been found in podman. This issue affects some unknown processing of the component Machine Init Command Handler. The manipulation leads to improper certificate validation. The identification of this vulnerability is CVE-2025-6032. The attack may be initiated remotely. There is no exploit available.

A vulnerability classified as problematic was found in Mitel MiContact Center Business up to 10.2.0.3. This vulnerability affects unknown code of the component Legacy Chat. The manipulation leads to information disclosure. This vulnerability was named CVE-2025-27827. The attack can be initiated remotely. There is no exploit available.

A vulnerability classified as critical has been found in libssh. This affects the function sftp_handle. The manipulation leads to out-of-bounds read. This vulnerability is uniquely identified as CVE-2025-5318. It is possible to initiate the attack remotely. There is no exploit available.

Amazingly, Medium has fixed the stats so my blog/podcast quarterly is back to life. As before, this covers both Anton on Security and my posts from Google Cloud blog, and our Cloud Security Podcast (subscribe).

Top 10 posts with the most lifetime views (excluding paper announcement blogs):

1. Anton’s Alert Fatigue: The Study [A.C. — wow, this is #1 now! awesome!]
2. Security Correlation Then and Now: A Sad Truth About SIEM
3. Can We Have “Detection as Code”?
4. Detection Engineering is Painful — and It Shouldn’t Be (Part 1)
5. Revisiting the Visibility Triad for 2020 (update for 2025 is coming soon)
6. Beware: Clown-grade SOCs Still Abound
7. Why is Threat Detection Hard?
8. A SOC Tried To Detect Threats in the Cloud … You Won’t Believe What Happened Next
9. Top 10 SIEM Log Sources in Real Life? [updated/modified version]
10. How to Think about Threat Detection in the Cloud

Top 5 posts with paper announcements:

• New Paper: “Future of the SOC: SOC People — Skills, Not Tiers”
• New Paper: “Future of the SOC: Evolution or Optimization — Choose Your Path” (Paper 4 of 4.5) (one more paper coming in 2025)
• New Paper: “Future of the SOC: Forces shaping modern security operations”
• New Paper: “Future Of The SOC: Process Consistency and Creativity: a Delicate Balance” (Paper 3 of 4)
• New Paper: “Autonomic Security Operations — 10X Transformation of the Security Operations Center” (the classic 2021 ASO paper!)
• New Paper: “Future of SOC: Transform the ‘How’” (Paper 5)
• New Paper: “Securing AI: Similar or Different?“ (update for 2025 coming soon!)

NEW: recent 3 fun posts, must-read:

• Anton’s Alert Fatigue: The Study (long!)
• A Brief Guide for Dealing with ‘Humanless SOC’ Idiots
• The Return of the Baby ASO: Why SOCs Still Suck?
• 15+ Years of Loading Threat Intel into SIEM: Why Does This Still Suck?

Top 7 Cloud Security Podcast by Google episodes (excluding the oldest 3!):

1. EP75 How We Scale Detection and Response at Google: Automation, Metrics, Toil (our best episode! officially!)
2. EP8 Zero Trust: Fast Forward from 2010 to 2021
3. EP17 Modern Threat Detection at Google
4. EP47 “Megatrends, Macro-changes, Microservices, Oh My! Changes in 2022 and Beyond in Cloud Security”
5. EP153 Kevin Mandia on Cloud Breaches: New Threat Actors, Old Mistakes, and Lessons for All
6. EP109 How Google Does Vulnerability Management: The Not So Secret Secrets!
7. EP150 Taming the AI Beast: Threat Modeling for Modern AI Systems with Gary McGraw

Now, fun posts by topic.

Security operations / detection & response:

• “Security Correlation Then and Now: A Sad Truth About SIEM”
• “Migrate Off That Old SIEM Already!” (VIDEO!)
• “Measuring the SOC: What Counts and What Doesn’t in 2025?” (Google Cloud Blog)
• “Can We Have “Detection as Code”?”
• “Revisiting the Visibility Triad for 2020”
• “Beware: Clown-grade SOCs Still Abound”
• “Why is Threat Detection Hard?”
• “A SOC Tried To Detect Threats in the Cloud … You Won’t Believe What Happened Next”
• “Stop Trying to Take Humans Out of SOC … Except … Wait… Wait… Wait…”
• “Top 10 SIEM Log Sources in Real Life?” (NEWER VERSION)
• “Debating SIEM in 2023, Part 1”
• “Debating SIEM in 2023, Part 2”
• “Log Centralization: The End Is Nigh?”
• “How to Make Threat Detection Better?”
• “SIEM Content, False Positives and Engineering (Or Not) Security”
• “Modern SecOps Masterclass: Now Available on Coursera”

(if you only read one, choose this one!)

Cloud security:

• “Using Cloud Securely — The Config Doom Question”
• “Who Does What In Cloud Threat Detection?”
• “How to Solve the Mystery of Cloud Defense in Depth?”
• “Does the World Need Cloud Detection and Response (CDR)?”
• “Use Cloud Securely? What Does This Even Mean?!”
• “How CISOs need to adapt their mental models for cloud security” [GCP blog]
• “Who Does What In Cloud Threat Detection?”
• “Cloud Migration Security Woes”
• “Move to Cloud: A Chance to Finally Transform Security?”
• “It’s a multicloud jungle out there. Here’s how your security can survive“

(if you only read one, choose this one!)

How Google Does Security (HGD):

• “How Google Does It: Making threat detection high-quality, scalable, and modern” (Google Cloud blog)
• “How Google Does It: How we secure our own cloud” (Google Cloud blog)
• “How Google Does It: Finding, tracking, and fixing vulnerabilities” (Google Cloud blog)
• “How Google Does It: Finding, tracking, and fixing vulnerabilities” (Google Cloud blog)
• “How Google Does It: Red teaming at scale” (Google Cloud blog)

(if you only read one, choose this one! BTW, we also have a lot of fun HGD podcasts)

CISO, culture, transformation, FMC, etc

• “New Office of the CISO Paper: Organizing Security for Digital Transformation” (and paper)
• “10 ways to make cyber-physical systems more resilient” (and paper)

AI security:

• ”Our Security of AI Papers and Blogs Explained” [this has a whole lot of AI security fun links that you so want to click!]
• “Securing AI Supply Chain: Like Software, Only Not” (Google Cloud blog)
• “Spotlighting ‘shadow AI’: How to protect against risky AI practices” (Google Cloud blog)
• “Shadow AI Strikes Back: Enterprise AI Absent Oversight in the Age of Gen AI”
• “No Deep AI Security Secrets In This Post!”
• “New Paper: “Securing AI: Similar or Different?“
• “The Prompt: What to think about when you’re thinking about securing AI” (Google Cloud blog)
• “Gen AI governance: 10 tips to level up your AI program” (Google Cloud blog)
• “AI Adoption: Learning from the Cloud’s Early Days” (Google Community blog)
• “How Google secures AI Agents” (Google Cloud blog)
• “Demystifying AI Security: New Paper on Real-World SAIF Applications”
• “To securely build AI on Google Cloud, follow these best practices” (Google Cloud blog)
• “Oops! 5 serious gen AI security mistakes to avoid” (Google Cloud blog)
• “3 new ways to use AI as your security sidekick” (Google Cloud blog)

(if you only read one, choose this one!)

NEW: fun presentations shared:

• Detection Engineering Maturity — Helping SIEMs Find Their Adulting Skills (2024)
• Future of SOC: More Security, Less Operations (2024)
• SOC Meets Cloud: What Breaks, What Changes, What to Do? (2023)
• Meet the Ghost of SecOps Future (2023)
• The Future of Log Centralization for SIEMs and DFIR — Is the End Nigh? (2023)
• 20 Years of SIEM (2022)

Enjoy!

Previous posts in this series:

• Anton’s Security Blog Quarterly Q1 2025
• Anton’s Security Blog Quarterly Q4 2024
• Anton’s Security Blog Quarterly Q3 2024
• Anton’s Security Blog Quarterly Q2 2024
• Anton’s Security Blog Quarterly Q1 2024 Lite
• Anton’s Security Blog Quarterly Q3 2023
• Anton’s Security Blog Quarterly Q2 2023
• Anton’s Security Blog Quarterly Q1 2023
• Anton’s Security Blog Quarterly Q4 2022
• Anton’s Security Blog Quarterly Q3 2022
• Anton’s Security Blog Quarterly Q2 2022
• Anton’s Security Blog Quarterly Q1 2022
• Anton’s Security Blog Quarterly Q4 2021
• Anton’s Security Blog Quarterly Q3 2021
• Anton’s Security Blog Quarterly Q2 2021
• Anton’s Security Blog Quarterly Q1 2021
• Anton’s Security Blog Quarterly Q3.5 2020

Anton’s Security Blog Quarterly Q2 2025 was originally published in Anton on Security on Medium, where people are continuing the conversation by highlighting and responding to this story.

The post Anton’s Security Blog Quarterly Q2 2025 appeared first on Security Boulevard.

Educate yourself and your organization's users about two increasingly popular social engineering schemes: email bombing and paste and run 

From generative AI tools to pre-trained machine learning models, AI is rapidly transforming how software is developed.

The post How Sonatype leads in AI component analysis for supply chain security appeared first on Security Boulevard.

The Linux Foundation launched the Agent2Agent (A2A) project, an open protocol for secure agent-to-agent communication and collaboration. The A2A protocol is a collaborative effort launched by Google in April and with growing support from more than 100 leading technology companies. The protocol addresses the growing need for agents to operate in dynamic, multi-agent environments, coordinating actions across a wide array of applications and data infrastructure. A2A enables autonomous agents to discover one another, exchange information … More →

The post Linux Foundation launches Agent2Agent, a protocol that enables agentic AI interoperability appeared first on Help Net Security.

Experts told CyberScoop the research 'doesn’t pass a sniff test' and detracts from needed conversations around credential abuse and information stealers.

The post The ‘16 billion password breach’ story is a farce appeared first on CyberScoop.

Миллионы камер уже в его кармане — теперь он снимает клип из вашей спальни.

由国际关系学院、华山情报论坛组委会、中国人民公安大学联合主办，中国人民公安大学国家安全学院承办的第十届“华山情报论坛”将于2025年9月12日至9月14日在北京召开；同期召开第三届“情指行”一体化与公安机关能力现代化研讨会。

这种叙事框架可能源于报告发布方（战争研究所ISW与关键威胁项目CTP）的西方立场，需读者结合多方信源批判性审视。

官方记录显示，中国五月份太阳能装机容量创下记录。单月新增装机容量超过其他国家 2024 年全年的装机容量。根据国家能源局的数据，5 月新增太阳能装机容量 93 GW，打破了 2024 年 12 月创下的 71 GW 的纪录。太阳能装机容量大幅增长的一个原因是政府从 6 月 1 日起取消了对太阳能项目的电价保护：在保护政策下太阳能项目只要投入运营就能确保盈利。另一项于 5 月 1 日生效的政策加大了屋顶太阳能板接入电网的难度。分析人士预测，新政策将会放缓太阳能装机容量的增长。中国累计太阳能装机容量至今已超过 1 TW。

At ColorTokens, we’ve always been about breach readiness by stopping lateral movement through microsegmentation. Our mission is simple. Contain the spread of threats and keep operations running, even during an attack. That’s how we help businesses stay resilient. So, when you hear CrowdStrike say, “We stop breaches,” it directly aligns with our core mission. If your […]

The post Maximize ROI from Your CrowdStrike Deployment appeared first on ColorTokens.

The post Maximize ROI from Your CrowdStrike Deployment appeared first on Security Boulevard.

A cybersecurity researcher has developed FileFix, a variant of the ClickFix social engineering attack that tricks users into executing malicious commands via the File Explorer address bar in Windows. [...]

Data breach at McLaren Health Care affecting over 743,000 individuals has been linked to a ransomware attack

Gonjeshke Darande, a cyber threat actor widely suspected to be an Israeli state-sponsored group masquerading as an Iranian opposition hacktivist entity, executed a devastating attack on Nobitex, Iran’s largest cryptocurrency exchange. This high-profile breach resulted in the destruction of US$90 million in cryptocurrencies, which were deliberately sent to invalid wallets embedded with the provocative string […]

The post Gonjeshke Darande Hackers Pose as Activists to Infiltrate Iranian Crypto Exchange appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Author/Presenter: Dmitry Shmulevich (Software Engineer, NVIDIA)

Our sincere appreciation to LinuxFest Northwest (Now Celebrating Their Organizational 25th Anniversary Of Community Excellence), and the Presenters/Authors for publishing their superb LinuxFest Northwest 2025 video content. Originating from the conference’s events located at the Bellingham Technical College in Bellingham, Washington; and via the organizations YouTube channel.

Thanks and a Tip O' The Hat to Verification Labs :: Penetration Testing Specialists :: Trey Blalock GCTI, GWAPT, GCFA, GPEN, GPCS, GCPN, CRISC, CISA, CISM, CISSP, SSCP, CDPSE for recommending and appearing as speaker at the LinuxFest Northwest conference.

Permalink

The post LinuxFest Northwest: Maximizing AI Potential Optimization Techniques for Smarter Faster Systems appeared first on Security Boulevard.

Удалили компромат? Он всё равно в базе. И теперь лишь ждёт своего часа.