#samba

Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network.

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

Buffer over-read in Windows Kernel allows an authorized attacker to disclose information over a network.

This quarter, phishing attacks surged as the primary method for initial access. Learn how you can detect and prevent pre-ransomware attacks.

Cybersecurity researchers have identified a new spam campaign driven by ‘AkiraBot,’ an AI-powered bot that targets small business…

### Impact The Tauri [`shell`](https://tauri.app/plugin/shell/) plugin exposes functionality to execute code and open programs on the system. The [`open`](https://tauri.app/reference/javascript/shell/#open) endpoint of this plugin is designed to allow open functionality with the system opener (e.g. `xdg-open` on Linux). This was meant to be restricted to a reasonable number of protocols like `https` or `mailto` by default. This default restriction was not functional due to improper validation of the allowed protocols, allowing for potentially dangerous protocols like `file://`, `smb://`, or `nfs://` and others to be opened by the system registered protocol handler. By passing untrusted user input to the `open` endpoint these potentially dangerous protocols can be abused to gain remote code execution on the system. This either requires direct exposure of the endpoint to application users or code execution in the frontend of a Tauri application. You are not affected if you have e...

Discover the novel QWCrypt ransomware used by RedCurl in targeted hypervisor attacks. This article details their tactics, including…

Cary, North Carolina, 27th March 2025, CyberNewsWire

UAT-5918, a threat actor believed to be motivated by establishing long-term access for information theft, uses a combination of web shells and open-sourced tooling to conduct post-compromise activities to establish persistence in victim environments for information theft and credential harvesting.

Regulatory compliance is no longer just a concern for large enterprises. Small and mid-sized businesses (SMBs) are increasingly subject to strict data protection and security regulations, such as HIPAA, PCI-DSS, CMMC, GDPR, and the FTC Safeguards Rule. However, many SMBs struggle to maintain compliance due to limited IT resources, evolving regulatory requirements, and complex security challenges