Security
Headlines
HeadlinesLatestCVEs

Tag

#microsoft

FUNNULL Unmasked: AWS, Azure Abused for Global Cybercrime Operations

Discover how cybercriminals use 'Infrastructure Laundering' to exploit AWS and Azure for scams, phishing, and money laundering. Learn about FUNNULL CDN's tactics and their global impact on businesses and cybersecurity.

HackRead
Open in Source
#web#microsoft#amazon#git#java#aws
Healthcare Sector Charts 2 More Ransomware Attacks

No ransomware groups have yet to claim responsibility for either attack, and both institutions have yet to reveal what may have been stolen.

Infrastructure Laundering: Blending in with the Cloud

In an effort to blend in and make their malicious traffic tougher to block, hosting firms catering to cybercriminals in China and Russia increasingly are funneling their operations through major U.S. cloud providers. Research published this week on one such outfit -- a sprawling network tied to Chinese organized crime gangs and aptly named "Funnull" -- highlights a persistent whac-a-mole problem facing cloud services.

Microsoft advertisers phished via malicious Google ads

Just days after we uncovered a campaign targeting Google Ads accounts, a similar attack has surfaced, this time aimed at Microsoft...

Automated Pen Testing Is Improving — Slowly

The rate of evolution has been glacial, but tools now understand cloud environments and can target Web applications.

Exposure Management Provider CYE Acquires Solvo

The addition of Solvo CSPM to CYE Hyver aims to address the need for multicloud vulnerability monitoring and risk assessment.

Talos IR trends Q4 2024: Web shell usage and exploitation of public-facing applications spike

This new report from Cisco Talos Incident Response explores how threat actors increasingly deployed web shells against vulnerable web applications, and exploited vulnerable or unpatched public-facing applications to gain initial access.

CVE-2025-0762: Chromium: CVE-2025-0762 Use after free in DevTools

**Why is this Chrome CVE included in the Security Update Guide?** The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. **How can I see the version of the browser?** 1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window 2. Click on **Help and Feedback** 3. Click on **About Microsoft Edge**

Russian UAC-0063 Targets Europe and Central Asia with Advanced Malware

UAC-0063: A Russian-linked threat actor targeting Central Asia and Europe with sophisticated cyberespionage campaigns, including weaponized documents, data…

PrintNightmare Aftermath: Windows Print Spooler Is Better. What's Next?

While Microsoft has boosted the security of Windows Print Spooler in the three years since the disclosure of the PrintNightmare vulnerability, the service remains a spooky threat that organizations cannot afford to ignore.