Aggregator

Amazon Web Services (AWS), the world’s largest cloud computing provider, has officially marked a widespread outage in its US-EAST-1 region as resolved, following nearly a full day of cascading failures that disrupted services for millions worldwide. The incident, which began late on October 19, 2025, and persisted until early afternoon on October 20, highlighted the […]

The post AWS Declares Major Outage Resolved After Nearly 24 Hours of Disruption appeared first on Cyber Security News.

The cybersecurity community has raised a serious alarm following the recent daily reporting of vulnerable WatchGuard devices impacted by a major security flaw. According to new data published on October 18, 2025, security researchers at Shadowserver observed over 71,000 WatchGuard devices part of a global exposure that could allow remote code execution attacks. This surge […]

The post Over 71,000 WatchGuard Devices Exposed to Remote Code Execution Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability categorized as critical has been discovered in NetIQ Advanced Authentication. This vulnerability affects unknown code. The manipulation results in improper access controls. This vulnerability is reported as CVE-2023-24468. The attacker must have access to the local network to execute the attack. No exploit exists. It is advisable to upgrade the affected component.

A vulnerability categorized as problematic has been discovered in Micro Focus ArcSight Logger up to 7.2.x. This vulnerability affects unknown code. The manipulation results in xml external entity reference. This vulnerability was named CVE-2023-24470. The attack needs to be approached within the local network. There is no available exploit. It is advisable to upgrade the affected component.

A vulnerability identified as problematic has been detected in Micro Focus ArcSight Logger up to 7.2.x. This issue affects some unknown processing. This manipulation causes cross site scripting. The identification of this vulnerability is CVE-2023-24469. It is possible to initiate the attack remotely. There is no exploit available. You should upgrade the affected component.

A vulnerability identified as problematic has been detected in Buffalo BS-GS2008, BS-GS2016, BS-GS2024, BS-GS2048, BS-GS2008P, BS-GS2016P and BS-GS2024P up to 1.0.10.01. Affected by this issue is some unknown functionality of the component Web Management Console. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2023-24464. It is possible to initiate the attack remotely. There is no exploit available.

What happens when investigators and cybercriminals start using the same technology? AI is now doing both, helping law enforcement trace attacks while also being tested for its ability to conceal them. A new study from the University of Cagliari digs into this double-edged role of AI, mapping out how it’s transforming cybercrime detection and digital forensics, and why that’s exciting and a little alarming. AI system for cybercrime detection based on two models The shift … More →

The post AI’s split personality: Solving crimes while helping conceal them appeared first on Help Net Security.

Может ли искусственный интеллект быть честнее военной комиссии?

A persistent campaign targeting Microsoft Remote Desktop Protocol (RDP) services, with attackers deploying over 30,000 new IP addresses daily to exploit timing-based vulnerabilities. This coordinated effort, linked to a global botnet, has seen unique IPs surge past 500,000 since September 2025, primarily aiming at U.S.-based systems. The attacks focus on two key vectors: RD Web […]

The post Hackers Attacking Remote Desktop Protocol Services With 30,000+ New IP Addresses Daily appeared first on Cyber Security News.

A vulnerability categorized as problematic has been discovered in UJCMS 4.1.3. Impacted is an unknown function of the component Add New Articles. Executing manipulation of the argument URL can lead to cross site scripting. This vulnerability is handled as CVE-2023-24369. The attack can be executed remotely. There is not any exploit available.

A vulnerability marked as critical has been reported in SourceCodester Simple Customer Relationship Management System 1.0. Affected is an unknown function of the component Admin Panel. This manipulation of the argument Username causes sql injection. The identification of this vulnerability is CVE-2023-24364. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability classified as problematic was found in rConfig 6.8.0. Affected is an unknown function of the component HTTP Request Handler. Such manipulation leads to information disclosure. This vulnerability is listed as CVE-2023-24366. The attack must be carried out from within the local network. In addition, an exploit is available.

A vulnerability, which was classified as critical, has been found in Axcora POS #0~gitf77ec09. Affected by this issue is some unknown functionality. Performing manipulation results in improper access controls. This vulnerability is reported as CVE-2023-24320. The attacker must have access to the local network to execute the attack. No exploit exists.

A critical security vulnerability in Microsoft Windows Cloud Minifilter has been patched, addressing a race condition that allowed attackers to escalate privileges and create files anywhere on the system. The vulnerability, tracked as CVE-2025-55680, was discovered by security researchers at Exodus Intelligence in March 2024 and patched by Microsoft in October 2025. Race Condition Allows […]

The post Microsoft Windows Cloud Minifilter Flaw Enables Privilege Escalation appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Может ли обычный пользователь настроить VPN так, чтобы оператор его вообще не заметил?

At Help Net Security, we’ve been tracking the cybersecurity world for nearly three decades. Through our Industry News section, we’ve watched countless companies rise, and push the limits of what’s possible in data protection. Some vendors consistently stand out, not just for their products but for how they think about security itself. This year, we’re spotlighting 10 data security companies that have captured our attention. They are tackling old problems in new ways and giving … More →

The post 10 data security companies to watch in 2026 appeared first on Help Net Security.

Когда GPS отказывает, работает оптика. Новый подход к наведению оружия.

The Chinese Ministry of State Security (MSS) has announced the uncovering of “irrefutable evidence” pertaining to a cyber-attack

The post China Accuses NSA of Cyberattack Targeting Beijing’s National Time Service appeared first on Penetration Testing Tools.

European law enforcement agencies executed a sweeping operation, codenamed SIMCARTEL, successfully dismantling an international criminal infrastructure that supplied

The post Operation SIMCARTEL: Europol Dismantles $5.3M International Fraud Network appeared first on Penetration Testing Tools.

PentestGPT PentestGPT is a penetration testing tool empowered by ChatGPT. It is designed to automate the penetration testing process. It

The post PentestGPT: GPT-empowered penetration testing tool appeared first on Penetration Testing Tools.