Aggregator

You must login to view this content

The annual CISO New York summit will be held on September 9, 2025, uniting over 150 senior cybersecurity executives for a full day of insight, strategy, and collaboration at Convene, 601 Lexington Avenue. This highly curated summit is tailored for senior InfoSec professionals such as CISOs, VPs of Security, and Heads of Cyber from non-vendor organizations, who are invited to attend with a complimentary VIP pass. Strategy in action: From the boardroom to execution As … More →

The post CISO New York 2025 brings together top cybersecurity leaders appeared first on Help Net Security.

CISA released six Industrial Control Systems (ICS) advisories on July 24, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

• ICSA-25-205-01 Mitsubishi Electric CNC Series
• ICSA-25-205-02 Network Thermostat X-Series WiFi Thermostats
• ICSA-25-205-03 Honeywell Experion PKS
• ICSA-25-205-04 LG Innotek Camera Model LNV5110R
   
• ICSMA-25-205-01 Medtronic MyCareLink Patient Monitor
   
• ICSA-22-202-04 ICONICS Suite and Mitsubishi Electric MC Works64 Products (Update A)

CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations.

Intel 471 launched Guided Threat Hunts, a new method-driven tool within the Hunt Management Module, part of our HUNTER solution. As threat hunting for advanced adversaries continues to be an increasingly complex, time-consuming and resource-heavy process, Intel 471 is empowering threat hunters with the capabilities to craft their own queries and filters to more efficiently identify sophisticated threat behaviors that evade traditional detection methods. “Threat hunt teams are constantly tasked with sifting through large datasets … More →

The post Intel 471 Guided Threat Hunts enables teams to measure hunt success metrics appeared first on Help Net Security.

Researchers have developed a new Metasploit exploit module targeting critical zero-day vulnerabilities in Microsoft SharePoint Server that are being actively exploited in the wild.  The module, designated as pull request #20409 in the Metasploit Framework repository, addresses CVE-2025-53770 and CVE-2025-53771, which enable unauthenticated remote code execution (RCE) attacks against vulnerable SharePoint installations. Key Takeaways1. SharePoint […]

The post Metasploit Module Released For Actively Exploited SharePoint 0-Day Vulnerabilities appeared first on Cyber Security News.