Aggregator

A vulnerability was found in Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component IKEv2 Feature. The manipulation leads to infinite loop. This vulnerability is known as CVE-2025-20253. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Cisco IOS, ASA, IOS XE and Firepower Threat Defense. It has been rated as problematic. Affected by this issue is some unknown functionality of the component IKEv2 Handler. The manipulation leads to memory leak. This vulnerability is handled as CVE-2025-20225. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

Norway’s security service PST says pro-Russian hackers took over a dam in April, opening outflow valves. Norway’s Police Security Service (PST) says pro-Russian hackers seized control of a dam’s systems in April, opening outflow valves. On April 7, the attackers took control of a dam in Bremanger, western Norway, opening a flood gate to release […]

Dark Reading's Terry Sweeney and Google's Loren Hudziak discuss how the humble web browser has transformed from a simple web access tool into a common conduit through which a lot of business is done.

Обновление остановит сбор уникальных ID через популярные веб-API.

Beware of fake Netflix job offers! A new phishing campaign is targeting job seekers, using fraudulent interviews to…

Google has achieved a significant milestone in mobile security with the announcement that Android’s protected KVM (pKVM) hypervisor has officially received SESIP Level 5 certification, marking it as the first software security system designed for large-scale consumer electronics deployment to reach this prestigious assurance level. This groundbreaking achievement positions Android at the forefront of secure […]

The post Google Announces That Android’s pKVM Framework Achieves SESIP Level 5 Certification appeared first on Cyber Security News.

ThreatFabric analysts have uncovered PhantomCard, a sophisticated NFC-based Trojan designed to relay sensitive card data from victims’ devices to cybercriminals. This malware, which primarily targets banking customers in Brazil but shows potential for global expansion, exemplifies the growing interest among threat actors in NFC relay attacks. PhantomCard operates by masquerading as a legitimate “card protection” […]

The post New NFC-Based PhantomCard Malware Targets Android Banking Users appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Наступательные операции тянет крошечная элита — и их катастрофически не хватает.

Most of the stolen funds were siphoned in Ethereum, with more than $38.6 million taken out of the platform. The other $10 million was spread across multiple cryptocurrencies, according to security firm PeckShield.

Local media previously reported that the hackers breached the dam’s control system, opening valves for four hours and sending large amounts of water gushing into the Riselva River until operators regained control.

At Black Hat, Push Security co-founder and CTO Tyron Erasmus talks about why attackers are increasingly shifting their focus from endpoints to browsers — and what that means for defenders. Erasmus, who began his career in penetration testing and offensive security, said endpoint detection has matured to the point where it’s harder for attackers to..

The post Why the Browser Is Becoming a Prime Security Battleground appeared first on Security Boulevard.

Threat actors are using topic customization as a more advanced strategy in targeted malware-delivery phishing campaigns as the environment of cyber threats changes. This method involves crafting personalized subject lines, attachment names, and embedded links to mimic authentic communications, fostering a sense of familiarity or urgency that heightens the probability of recipient engagement. According to […]

The post Threat Actors Use Advanced Tactics to Personalize Phishing for Malware Delivery appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Жертва запускает вредонос сама — по просьбе «техподдержки» в чате.

The cryptocurrency ecosystem is experiencing heightened scrutiny from both regulatory authorities and criminal organizations, as Google Play implements stringent publishing requirements for crypto applications while the FBI warns of sophisticated recovery scams targeting previous fraud victims. These developments highlight the ongoing challenges facing the digital asset industry as it seeks legitimacy while combating persistent criminal […]

The post Google Mandates License or Certification for Crypto App Developers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Canadian House of Commons has fallen victim to a significant cyberattack orchestrated by an unidentified “threat actor” who successfully exploited a recent Microsoft vulnerability to access sensitive government employee data. The incident, which occurred on Friday, August 9, 2025, represents one of the most serious cybersecurity breaches to affect Canada’s parliamentary system in recent […]

The post Hackers Exploit Microsoft Flaw to Breach Canadian House of Commons to Gain Unauthorized Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

去年发布的 Linux 6.13 正式移除了 ReiserFS 文件系统，但它的痕迹并没有完全清除掉。SUSE 开发者 David Sterba 在内核文档和部分工具中发现 ReiserFS 的残留后，发出补丁清除 ReiserFS 在内核的最后残余。ReiserFS 已经移除，因此内核文档中提到 ReiserFS 的部分也需要删除。唯一的例外是 ReiserFS R5 哈希函数，它仍然被部分内核代码使用。Reiser4 文件系统代码目前无人维护，Hans Reiser 在内核文件系统的时代彻底结束。

Zero Trust. It’s the security buzzword of the decade, right up there with “AI-powered” and “next-gen.” Vendors slap it on everything from VPN replacements to microsegmentation tools. Analysts write about...

The post What Is Zero Trust, Really? appeared first on Security Boulevard.

The Norwegian Police Security Service (PST) says that pro-Russian hackers took control of critical operation systems at a dam and opened outflow valves. [...]