Brave Desktop Browser Vulnerability Lets Malicious Sites Appear Trusted

/in

A critical vulnerability in Brave Browser allows malicious websites to appear as trusted sources during file uploads/downloads. Learn…

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More

TalkTalk Confirms Data Breach, Downplays Impact

/in

UK telecoms firm TalkTalk has confirmed falling victim to a data breach after a threat actor boasted about hacking it.

The post TalkTalk Confirms Data Breach, Downplays Impact appeared first on SecurityWeek.

SecurityWeek – ​Read More

Royal Mail SMS Phishing Scam Targets Victims with Fake Delivery Fee Requests

/in

Beware of a convincing Royal Mail SMS phishing scam asking for personal details and payment for re-delivery. Learn…

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More

Cyber Insights 2025: Cybersecurity Regulatory Mayhem

/in

Cybersecurity regulations are facing a tipping point. There are too many and they are too complex to manage – and it’s getting worse.

The post Cyber Insights 2025: Cybersecurity Regulatory Mayhem appeared first on SecurityWeek.

SecurityWeek – ​Read More

The Case for Proactive, Scalable Data Protection

/in

Whether you’re facing growing data demands and increased cyber threats, or simply looking to future-proof your business, it’s time to consider the long-term benefits of transitioning to a cloud-first infrastructure.

darkreading – ​Read More

Endor Labs and Allies Launch Opengrep, Reviving True OSS for SAST

/in

Opengrep is a new consortium-backed fork of Semgrep, intended to be and remain a true genuine OSS SAST tool.

The post Endor Labs and Allies Launch Opengrep, Reviving True OSS for SAST appeared first on SecurityWeek.

SecurityWeek – ​Read More

IT Vulnerability Report: 7-Zip, Windows and Fortinet Fixes Urged by Cyble

/in

Cyble IT Vulnerability Report: 7-Zip, Windows and Fortinet Fixes Urged by Cyble

Overview

Cyble’s vulnerability intelligence report to clients last week examined high-risk flaws in 7-Zip, Microsoft Windows, and Fortinet, among other products. It also examined dark web claims of a zero-day vulnerability in Apple iOS.

In all, the report from Cyble Research and Intelligence Labs (CRIL) looked at 14 vulnerabilities and dark web exploits, including one vulnerability with a maximum CVSS severity score of 10.0 and another with more than 276,000 web exposures.

Here are some of the vulnerabilities highlighted by Cyble’s vulnerability intelligence unit as meriting high-priority attention by security teams.

The Top IT Vulnerabilities

CVE-2024-50603 is a 10.0-severity OS Command Injection vulnerability in the Aviatrix Controller that could allow an unauthenticated user to execute arbitrary commands against the cloud networking platform controller, due to improper neutralization of special elements used in an OS command. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerability to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation.

CVE-2025-0411 is a critical vulnerability in the 7-Zip file archiving software that allows attackers to bypass the Mark-of-the-Web (MOTW) protection mechanism, which is intended to warn users about potentially dangerous files downloaded from the internet. An attacker could use the vulnerability to craft an archive file so that the files do not inherit the MOTW mark when they are extracted by 7-Zip. The vulnerability was just announced, but a patch has been available since November 30. As 7-Zip lacks an auto-update function, users must download the update directly.

CVE-2024-12084 is a 9.8-severity Heap-Based Buffer Overflow vulnerability in the Rsync file synchronization tool. The vulnerability arises from improper handling of checksum lengths that exceed the fixed limit of 16 bytes (SUM_LENGTH) during the processing of user-controlled data. An attacker could manipulate checksum lengths, leading to out-of-bounds memory writes in the sum2 buffer. This could enable remote code execution (RCE) on systems running the Rsync server. Cyble detected more than 276,000 vulnerable web-facing Rsync exposures (image below).

Dark Web Exploits and Zero Days

The Cyble report also looked at vulnerabilities actively discussed by threat actors on cybercrime forums, suggesting a high risk of attacks against those flaws. Cyble also identified threat actors offering zero-day vulnerabilities for sale in Apple iOS and other products. The Apple zero-day exploit allegedly weaponizes a vulnerability present in Apple devices running iOS 17.x.x and 18.x.x, resulting in remote code execution.

Among the vulnerabilities under dark web discussion were:

  • CVE-2024-49138, a critical Elevation of Privilege vulnerability affecting the Windows Common Log File System (CLFS) driver

  • CVE-2023-34990, a critical relative path traversal vulnerability in Fortinet’s FortiWLM wireless LAN management solution

  • CVE-2024-55591, an authentication bypass vulnerability in Fortinet’s FortiOS and FortiProxy.

Cyble Recommendations

To protect against these vulnerabilities and exploits, Cyble recommended that organizations implement the following best practices:

  • Regularly update all software and hardware systems with the latest patches from official vendors.

  • Develop a comprehensive patch management strategy that includes inventory management, patch assessment, testing, deployment, and verification. Automate the process where possible to ensure consistency and efficiency.

  • Divide your network into distinct segments to isolate critical assets from less secure areas. Use firewalls, VLANs, and access controls to limit access and reduce the attack surface exposed to potential threats.

  • Create and maintain an incident response plan that outlines procedures for detecting, responding to, and recovering from security incidents, including ransomware-resistant backups. Regularly test and update the plan to ensure its effectiveness and alignment with current threats.

  • Implement comprehensive monitoring and logging solutions to detect and analyze suspicious activities. Use SIEM (Security Information and Event Management) systems to aggregate and correlate logs for real-time threat detection and response.

  • Subscribe to security advisories and alerts from official vendors, CERTs, and other authoritative sources. Regularly review and assess the impact of these alerts on your systems and take appropriate actions.

  • Conduct regular vulnerability assessment and penetration testing (VAPT) exercises to identify and remediate vulnerabilities in your systems. Complement these exercises with periodic security audits to ensure compliance with security policies and standards.

Conclusion

Actively exploited vulnerabilities—and those identified as being at high risk of exploitation—should be a top priority for security teams as they prioritize their patching efforts. They should also consider other indicators of risk, such as web exposures, data sensitivity, and criticality of affected systems and applications. With increasing discussion of these exploits on dark web forums, organizations must stay vigilant and proactive.

Implementing strong security practices is essential to protecting sensitive data and maintaining system integrity. A comprehensive threat intelligence solution like Cyble can monitor for threats and leaks specific to your environment, allowing you to respond quickly to events and prevent them from becoming wider incidents.

To access full IT vulnerability and other reports from Cyble, click here.

The post IT Vulnerability Report: 7-Zip, Windows and Fortinet Fixes Urged by Cyble appeared first on Cyble.

Blog – Cyble – ​Read More

Building Automation Protocols Increasingly Targeted in OT Attacks: Report

/in

Industrial automation protocols continue to be the most targeted in OT attacks, but building automation systems have been increasingly targeted. 

The post Building Automation Protocols Increasingly Targeted in OT Attacks: Report appeared first on SecurityWeek.

SecurityWeek – ​Read More

Git Vulnerabilities Led to Credentials Exposure

/in

Vulnerabilities in Git’s credential retrieval protocol could have allowed attackers to compromise user credentials.

The post Git Vulnerabilities Led to Credentials Exposure appeared first on SecurityWeek.

SecurityWeek – ​Read More

United Against Cybercrime: ASEAN Ministers Forge New Security Pathways

/in

Cyble United Against Cybercrime: ASEAN Ministers Forge New Security Pathways

Overview

The digital world in Southeast Asia is evolving rapidly, with nations striving to balance innovation, inclusivity, and security. The recently held 5th ASEAN Digital Ministers’ Meeting (ADGMIN) in Bangkok, Thailand, marked a significant milestone in this journey. The meeting highlighted the importance of cybersecurity in shaping a resilient digital future for the region. The ASEAN Digital Masterplan 2025 (ADM 2025) continues to serve as a guiding framework for fostering collaboration, enabling trust in digital services, and promoting the safe and inclusive use of technology.

From addressing online scams to operationalizing the ASEAN Regional Computer Emergency Response Team (CERT) and advancing AI governance, the event showcased ASEAN’s commitment to fortifying its digital ecosystem against cyber threats. With an emphasis on collaboration and proactive measures, the meeting highlighted the pressing need to enhance cybersecurity frameworks, strengthen cross-border data governance, and address emerging challenges posed by technologies like generative AI.

Key Cybersecurity Highlights

  1. ASEAN Regional CERT Operationalization: One of the significant milestones discussed was the operationalization of the ASEAN Regional Computer Emergency Response Team (CERT). This initiative aims to enhance collaboration among member states, facilitate real-time information sharing, and strengthen the region’s preparedness against cyberattacks. CERT’s operationalization highlights ASEAN’s focus on collective resilience in cyberspace.

  2. Tackling Online Scams: Online scams remain a pressing issue across ASEAN. The ASEAN Working Group on Anti-Online Scams (WG-AS) released its Report on Online Scams Activities in ASEAN (2023–2024), offering insights into the threat landscape. The report outlines key recommendations for regional collaboration to combat scams effectively. The ASEAN Recommendations on Anti-Online Scams provide a framework for governments to develop policies aimed at mitigating online fraud, with a focus on cross-border scams and fraudulent activities exploiting digital platforms.

  3. Promoting Responsible State Behavior in Cyberspace: ASEAN adopted the Checklist for Responsible State Behavior in Cyberspace, aligning with global norms to promote peace and security online. This initiative focuses on fostering cooperation and ensuring responsible use of digital tools while mitigating risks.

  4. Strengthening Cross-Border Data Governance: Data governance was another key topic, with ASEAN showcasing its advancements in:
    • The ASEAN Model Contractual Clauses (MCCs) for trusted cross-border data flows.

    • The Operational Framework for Cross-Border Privacy Rules (CBPR) is used to align global privacy standards.

    • The ASEAN Guide on Data Anonymization enables innovative data use while ensuring privacy.

These efforts are designed to enhance trust in digital transactions and support regional and global interoperability.

  1. Focus on Generative AI Governance: With the rapid adoption of generative AI, the newly expanded ASEAN Guide on AI Governance and Ethics emphasizes responsible AI deployment. Policy recommendations aim to address challenges like misinformation, biases, and cybersecurity vulnerabilities. This move positions ASEAN as a leader in ethical AI practices.

Resilient Digital Infrastructure

Cybersecurity also took the spotlight in discussions about protecting critical infrastructure:

  • Submarine Cables: Recognizing their importance, ASEAN established a Working Group on Submarine Cables (WG-SC) to secure and enhance the resilience of this critical backbone of internet connectivity.

  • Digital Identification Systems: Efforts to build strong digital ID systems were discussed, with ASEAN focusing on seamless, secure cross-border digital interactions.

Partnerships and Regional Collaboration

The 5th ASEAN Digital Ministers’ Meeting underscored the critical role of international partnerships in strengthening regional cybersecurity frameworks. Recognizing that cyber threats often transcend borders, ASEAN engaged dialogue partners, including China, Japan, and Russia, to deepen collaboration on cybersecurity challenges and solutions.

  • China shared insights into its ongoing initiatives to fight cybercrime and protect critical infrastructure, offering opportunities for ASEAN member states to collaborate on knowledge sharing, threat intelligence, and best practices in cybersecurity.

  • Japan emphasized its commitment to strengthening cybersecurity resilience across the Asia-Pacific, showcasing its advancements in secure digital infrastructure and its expertise in managing cross-border cyber risks. Through its partnership, Japan is also supporting ASEAN’s capacity-building programs to develop skilled cybersecurity professionals.

  • Russia, leveraging its experience in battling cyberattacks and ransomware, highlighted the importance of establishing joint efforts for threat intelligence sharing and developing strategies to mitigate advanced persistent threats (APTs) targeting the region.

In addition to these collaborations, ASEAN reaffirmed its collective efforts to address specific threats, such as SIM card-related fraud and cross-border scams, which have been on the rise across member states.

The meeting also opened doors for expanding technical cooperation and joint training exercises, enabling member states and dialogue partners to boost their collective defense mechanisms.

By welcoming input from global players and tackling region-specific issues, ASEAN demonstrated its commitment to promoting a unified, secure digital future while strengthening its presence on the global cybersecurity stage. These partnerships are vital in ensuring that the region remains resilient in the face of evolving cyber threats and continues to thrive in its digital transformation journey.

Closing thoughts

The Bangkok Digital Declaration reaffirmed ASEAN’s focus on cybersecurity as a foundation for innovation and inclusivity. With the final review of the ASEAN Digital Masterplan 2025 (ADM 2025) underway, the groundwork is being laid for the next phase of ASEAN’s digital transformation.

By prioritizing cybersecurity and fostering collaboration, ASEAN is positioning itself as a global leader in building a secure and innovative digital ecosystem. The region’s progress at the ADGMIN meeting reflects its determination to address emerging challenges and unlock the potential of a truly connected digital future.

Source: https://asean.org/wp-content/uploads/2025/01/15-ENDORSED-JOINT-MEDIA-STATEMENT-5th-ADGSOM-v2-Cleaned.pdf

https://asean.org/joint-media-statement-of-the-5th-asean-digital-ministers-meeting-and-related-meetings

The post United Against Cybercrime: ASEAN Ministers Forge New Security Pathways appeared first on Cyble.

Blog – Cyble – ​Read More