Security
Headlines
HeadlinesLatestCVEs

Tag

#samba

Unmasking the new Chaos RaaS group attacks

Cisco Talos Incident Response (Talos IR) recently observed attacks by Chaos, a relatively new ransomware-as-a-service (RaaS) group conducting big-game hunting and double extortion attacks.

TALOS
Open in Source
#web#mac#windows#google#microsoft#linux#cisco#ddos#dos#git#intel#ldap#samba#auth#ssh
Dark Web Hackers Moonlight as Travel Agents

Hackers are using stolen goods such as credit cards and loyalty points to book travel for sometimes unsuspecting clients, and remote workers, SMBs, travel brands, and others are at risk.

July “In the Trend of VM” (#17): vulnerabilities in Microsoft Windows and Roundcube

July “In the Trend of VM” (#17): vulnerabilities in Microsoft Windows and Roundcube. A traditional monthly roundup. This time, it’s a very short one. 🙂 🗞 Post on Habr (rus)🗒 Digest on the PT website (rus) Only three trending vulnerabilities: 🔻 Remote Code Execution – Internet Shortcut Files (CVE-2025-33053)🔻 Elevation of Privilege – Windows SMB Client […]

Talos IR ransomware engagements and the significance of timeliness in incident response

The decision between immediate action and delayed response made the difference between ransomware prevention and complete encryption in these two real-world Talos IR engagements.

About Elevation of Privilege – Windows SMB Client (CVE-2025-33073) vulnerability

About Elevation of Privilege – Windows SMB Client (CVE-2025-33073) vulnerability. A vulnerability from the June Microsoft Patch Tuesday allows an attacker to execute a malicious script, forcing the victim’s host to connect to the attacker’s SMB server and authenticate, resulting in gaining SYSTEM privileges. 🔹 Details on how to exploit the vulnerability were published on […]

AirMDR Tackles Security Burdens for SMBs With AI

The security startup provides managed detection and response services for small to midsize businesses to detect and address modern threats, such as ransomware, phishing attacks, and malicious insiders.

CVE-2025-48802: Windows SMB Server Spoofing Vulnerability

Improper certificate validation in Windows SMB allows an authorized attacker to perform spoofing over a network.

SEO Poisoning Campaign Targets 8,500+ SMB Users with Malware Disguised as AI Tools

Cybersecurity researchers have disclosed a malicious campaign that leverages search engine optimization (SEO) poisoning techniques to deliver a known malware loader called Oyster (aka Broomstick or CleanUpLoader). The malvertising activity, per Arctic Wolf, promotes fake websites hosting trojanized versions of legitimate tools like PuTTY and WinSCP, aiming to trick software professionals

Protecting Business Data From Unauthorized Encryption Threats

Your business operates in an online environment where unauthorized encryption of data isn’t just possible, it’s probable. The…

GHSA-mgfv-2362-jq96: DNN.PLATFORM leaks NTLM hash via SMB Share Interaction with malicious user input

DNN.PLATFORM allows a specially crafted series of malicious interaction can expose NTLM hashes to a third party SMB server. This vulnerability is fixed in 10.0.1.