Info. Security News News, Latest Updates and Recent Announcements on Techminis

A naukri.com initiative

New

Home

Info. Security News News

Kaspersky

338

Image Credit: Kaspersky

GetShared phishing | Kaspersky official blog

A former colleague received a suspicious email notification from GetShared, a genuine service unknown to him.
Scammers are increasingly using GetShared, a free service for sending large files, to conduct phishing attacks.
The scam email asks about prices for items listed in the attachment, leveraging a classic phishing trick.
To defend against such attacks, it is recommended to train employees to recognize threats and install robust security solutions on all corporate devices.

Read Full Article

20 Likes

Securityaffairs

101

Image Credit: Securityaffairs

U.S. CISA adds Gladinet CentreStack and ZTA Microsoft Windows Common Log File System (CLFS) Driver flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Gladinet CentreStack and ZTA Microsoft Windows Common Log File System (CLFS) Driver flaws to its Known Exploited Vulnerabilities catalog.
The vulnerability CVE-2025-30406 (CVSS score 9.0) is a deserialization issue due to the CentreStack portal’s hardcoded machineKey use. It has been addressed in version 16.4.10315.56368 released on April 3, 2025.
The vulnerability CVE-2025-29824 (CVSS score of 7.8) is a Use after free in Windows Common Log File System Driver. It has been exploited in attacks in the wild.
CISA orders federal agencies to fix this vulnerability by April 29, 2025.

Read Full Article

6 Likes

Infoblox

156

Image Credit: Infoblox

Infoblox Collaborates with Google Cloud on Protective DNS Security

Infoblox collaborates with Google Cloud and launches DNS Armor, a next-generation Protective DNS solution.
DNS Armor, powered by Infoblox, provides advanced threat detection for Google Cloud workloads by monitoring DNS queries and enabling early threat detection.
It leverages Infoblox's expertise in DNS-focused threat intelligence and Google Cloud's infrastructure, reducing the risk of malware and cyberattacks with a low false positive rate.
DNS Armor is an essential component of any organization's preemptive cybersecurity strategy and will be available from Google Cloud later this year.

Read Full Article

9 Likes

Infoblox

Image Credit: Infoblox

Transforming Enterprise Networking: Infoblox Partners with Google Cloud

Infoblox announces partnership with Google Cloud to simplify enterprise networking and security, aiding organizations in their cloud transformation journey.
The partnership includes Infoblox Universal DDI for Google’s Cloud WAN and DNS Armor, focusing on networking challenges for distributed sites and securing cloud workloads.
Enterprises struggle with complex and costly wide-area connectivity solutions, making management of critical network services across distributed sites challenging.
The partnership integrates Universal DDI for Cloud WAN, offering cost-efficiency, easy deployment, performance, and reliability over traditional alternatives.
The solution leverages Google's global network infrastructure, replacing multiple bespoke WAN solutions with a single global WAN via Google's private backbone.
Infoblox's Universal DDI for Cloud WAN combines Google's network with DNS and DHCP capabilities, enabling lower TCO, reliable services, asset visibility, and threat protection.
The partnership delivers simplified, secure, and cost-effective networking solutions for organizations undergoing cloud transformation, offering a cloud-native experience.
By integrating DNS and DHCP services with Cloud WAN, Infoblox and Google Cloud aim to transform networking infrastructure, making enterprise-grade services accessible without physical infrastructure management.
The future of enterprise networking is cloud-native, and the partnership aims to provide innovative solutions that enhance security, simplify networking, and accelerate business transformation.
Organizations can explore how the integrated solutions from Infoblox and Google Cloud can improve network infrastructure and readiness for future challenges.

Read Full Article

5 Likes

Discover more

Krebsonsecurity

207

Patch Tuesday, April 2025 Edition

Microsoft released updates to fix 121 security holes in Windows operating systems.
One vulnerability, CVE-2025-29824, is already being exploited in the wild.
Elevation of privilege flaws have been frequently exploited as zero-day vulnerabilities.
Critical updates were also released for web browsers, Adobe, and Apple products.

Read Full Article

12 Likes

Qualys

305

Image Credit: Qualys

Microsoft Patch Tuesday, April 2025 Security Update Review

Microsoft's April 2025 Patch Tuesday addressed 134 vulnerabilities, including 11 critical ones and 110 important severity issues.
One zero-day vulnerability being exploited in the wild was also addressed in this update.
The updates covered various products such as Microsoft Edge, Windows Hyper-V, Remote Desktop Gateway Service, and more.
Vulnerability categories include Spoofing, Denial of Service, Elevation of Privilege, Information Disclosure, and Remote Code Execution.
Multiple critical vulnerabilities were patched, including in Windows TCP/IP, Microsoft Excel, and Windows Hyper-V.
Specific vulnerabilities like CVE-2025-29824 and CVE-2025-26686 were highlighted for their severity and potential impact.
The release also covered vulnerabilities in Windows Installer, Microsoft Office, SharePoint, Windows Kerberos, and DirectX Graphics Kernel.
Microsoft addressed vulnerabilities in a wide range of products, including Azure, Windows Defender Application Control, ASP.NET Core, and Remote Desktop Client.
The upcoming Patch Tuesday is scheduled for May 13, promising further updates and patch analysis.
Qualys hosts a monthly webinar series to assist customers in managing vulnerabilities and patch updates effectively.

Read Full Article

18 Likes

Infoblox

Image Credit: Infoblox

Optimize Your Hybrid Multi-Cloud Infrastructure with Infoblox Plugin for Terraform

The Infoblox provider plugin for Terraform automates DNS and IP address provisioning across hybrid, multi-cloud environments, enhancing operational efficiency and consistency.
Challenges of manual IP address allocation and DNS provisioning in hybrid, multi-cloud setups include conflicts, delays, and vendor-specific plugin complexities.
The integration of Infoblox and Terraform streamlines network service provisioning, supporting various cloud platforms and CI/CD pipelines.
Terraform, an IaC tool, approves Infoblox as a provider to automate cloud deployments, facilitating IP address allocation and DNS record management.
Benefits of the integration include improved efficiency, reduced errors, scalability, consistency, and enhanced visibility in network resource management.
Real-world impact stories highlight the significant time reduction in deploying application landing zones using Infoblox and Terraform integration.
By leveraging Infoblox Terraform provider plugins, organizations can automate application provisioning, improve operations, and reduce errors in hybrid, multi-cloud environments.
Infoblox offers Universal DDI and NIOS platform plugins for Terraform to support automation and operational excellence in modern hybrid, multi-cloud environments.

Read Full Article

4 Likes

Hackingblogs

165

Image Credit: Hackingblogs

Latest WhatsApp Vulnerability CVE-2025-30401 : Clicking on an Image Could Lead to Remote Code Execution

A WhatsApp vulnerability allows remote code execution by clicking on an image.
Clicking on an image launches a script giving the hacker control over the device's filesystem.
The vulnerability affects WhatsApp for Windows versions 0.0.0 up to 2.2450.6.
To prevent the vulnerability, update WhatsApp to version 2.2450.6 or later.

Read Full Article

9 Likes

Securityaffairs

106

Image Credit: Securityaffairs

WhatsApp fixed a spoofing flaw that could enable Remote Code Execution

WhatsApp fixed a spoofing flaw that could enable Remote Code Execution.
WhatsApp released a security update to address a vulnerability, tracked as CVE-2025-30401, that could let attackers trick users and enable remote code execution.
The spoofing flaw impacts WhatsApp for Windows before version 2.2450.6, allowing attackers to send a file with a fake MIME type and trick users into executing malicious code.
WhatsApp, being a popular messaging platform, is frequently targeted by threat actors due to its massive user base and potential for accessing private chats and device-level control.

Read Full Article

6 Likes

Kaspersky

174

Image Credit: Kaspersky

What happens to your computer when you download pirated software | Kaspersky official blog

Downloading pirated software can expose your computer to malware such as miners, stealers, and backdoors.
Sites offering cracked software often include additional malicious software along with the desired program.
SourceForge, once a reputable open-source platform, now hosts projects that may contain hidden threats.
Attackers use misleading tactics on SourceForge, like redirecting users to pages with malicious downloads.
Malicious installers disguised as legitimate software can infect computers with malware like miners and ClipBanker.
Cybercriminals distribute malware like the TookPS downloader through fake websites offering cracked versions of popular software.
Fake pages distributing malware can contain backdoors that give attackers full access to victims' devices.
To protect yourself, avoid downloading pirated software and use alternatives or trial versions instead.
Only download programs from trusted sources and scan all files with an antivirus program before opening them.
Safeguard your cryptocurrency and banking data with reliable security tools to prevent cyber attacks.

Read Full Article

10 Likes

Securityaffairs

293

Image Credit: Securityaffairs

Everest ransomware group’s Tor leak site offline after a defacement

The Tor leak site of the Everest ransomware group went offline after being hacked and defaced.
The site displayed a message saying 'Don't do crime CRIME IS BAD xoxo from Prague' before going offline.
The defacement may be an exit scam, and no threat actor has claimed responsibility.
The Everest ransomware group has been active since 2020 and has targeted the healthcare industry in recent years.

Read Full Article

17 Likes

Amazon

Image Credit: Amazon

AWS completes the 2025 Cyber Essentials Plus certification

Amazon Web Services (AWS) has renewed its United Kingdom Cyber Essentials Plus certification.
Cyber Essentials Plus is a certification scheme backed by the UK government to demonstrate cybersecurity against common threats.
AWS' certification covers their corporate network in the United Kingdom and Ireland.
AWS is committed to improving compliance programs to meet architectural and regulatory needs.

Read Full Article

4 Likes

Securityaffairs

187

Image Credit: Securityaffairs

U.S. CISA adds Ivanti Connect Secure, Policy Secure and ZTA Gateways flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti Connect Secure, Policy Secure, and ZTA Gateways flaw to its Known Exploited Vulnerabilities catalog.
CISA added an Apache Tomcat path equivalence vulnerability (CVE-2025-22457) to its catalog of vulnerabilities.
The vulnerability allows remote unauthenticated remote code execution and has been exploited by a China-linked threat actor since mid-March 2025.
Ivanti released security updates to address the vulnerability and urges affected users to update to the latest version.

Read Full Article

11 Likes

Amazon

272

Image Credit: Amazon

ML-KEM post-quantum TLS now supported in AWS KMS, ACM, and Secrets Manager

Amazon Web Services (AWS) has deployed the latest post-quantum key agreement standards, ML-KEM, to AWS KMS, ACM, and Secrets Manager endpoints.
ML-KEM enables hybrid post-quantum key agreement in non-FIPS endpoints across all AWS Regions.
The migration from CRYSTALS-Kyber to ML-KEM is part of AWS's post-quantum cryptography plan.
Customers need to update their TLS clients to offer ML-KEM when connecting to AWS services for future-proofing.
TLS handshake using ECDH+ML-KEM adds extra data and computational time, but the impact is amortized over the session.
AWS's open-source cryptographic library, AWS-LC, and s2n-tls facilitate the negotiation of hybrid post-quantum key agreement.
Enabling hybrid post-quantum TLS in AWS SDKs showed a negligible performance impact with connection reuse.
Support for CRYSTALS-Kyber will be phased out as customers transition to ML-KEM by 2026.
Instructions for enabling hybrid post-quantum key agreement are provided for AWS SDK for Rust and Java.
AWS plans to deploy ML-KEM support to all HTTPS endpoints gradually, urging customers to adapt their TLS configurations.

Read Full Article

16 Likes

Qualys

337

Image Credit: Qualys

Steps to TruRisk™ – 2: Measuring the Likelihood of Vulnerability Exploitation

Cybersecurity programs use various methods like CVSS, EPSS, CISA KEV to measure vulnerability risk but often overlook likelihood of exploitation.
Qualys TruRisk's QVS and QDS use over 25 threat intelligence sources to measure likelihood of exploitation comprehensively.
By analyzing data automatically, Qualys provides confidence to cybersecurity teams, ensuring informed risk management decisions.
George Washington's use of intelligence networks during the American Revolution emphasizes the strategic importance of information.
Likelihood of vulnerability exploitation is crucial in risk management, determined by Threat x Vulnerability impacting risk equation.
CVSS focuses on severity, while EPSS and CISA KEV address the likelihood of exploitation, necessitating a balanced approach.
QVS and QDS in Qualys TruRisk offer a unified measure of exploitability and operationalize risk for effective risk reduction.
QDS evaluates vulnerabilities at the asset level, incorporating compensating controls to reflect true risk and prioritize remediation efforts.
By moving from high-volume remediation to high-impact action, teams can focus on real threats and achieve strategic risk reduction.
QVS and QDS provide clear, contextualized risk intelligence, aiding in prioritizing vulnerabilities and allocating resources effectively.

Read Full Article

20 Likes

For uninterrupted reading, download the app