Aggregator

Private-Sector Cyber Leader Kirsten Davies Tapped to Lead DoD IT and Security
President Donald Trump has nominated Kirsten Davies to serve as CIO of the Department of Defense - a pivotal role in modernizing the Pentagon's sprawling digital infrastructure. The nomination was submitted to Congress and has been referred to the Committee on Armed Services for consideration.

Alleged Sale of 500,000 Crypto Leads

Новая технология из Индии заряжается за 6 минут и переживает 3000 циклов.

After a cyberattack first identified about 10 days ago, Alabama's IT leaders said the "threat has been neutralized and Alabama’s core operations are safe and stable."

Another adversary picks up the email bombing / vishing Storm-1811 playbook, doing thorough reconnaissance to target specific employees with fake help desk call—this time, over the phone.

SK Telecom says that a recently disclosed cybersecurity incident in April, first occurred all the way back in 2022, ultimately exposing the USIM data of 27 million subscribers. [...]

Regeneron's planned acquisition of 23andMe raises significant privacy concerns as experts warn about the lack of comprehensive federal regulations governing the transfer of genetic information.

via the cosmic humor & dry-as-the-desert wit of Randall Munroe, creator of XKCD

Permalink

The post Randall Munroe’s XKCD ‘Renormalization’ appeared first on Security Boulevard.

Microsegmentation has become a foundational component of enterprise security and a Zero Trust Architecture (ZTA). As threats continue to grow in complexity, the ability to contain and limit the spread of an attack inside the network is critical. Traditional perimeter-focused security … Read More

The post The Role of Microsegmentation in Managing Lateral Movement Through Inbound and Outbound Traffic Policies  appeared first on 12Port.

The post The Role of Microsegmentation in Managing Lateral Movement Through Inbound and Outbound Traffic Policies  appeared first on Security Boulevard.

Биологи собрали существо, которое не снилось даже Лавкрафту.

Alleged Sale of Credit Card Records from USA and Canada

A vulnerability classified as problematic was found in Linux Kernel up to d1347977661342cb09a304a17701eb2d4aa21dec. This vulnerability affects the function should_flush_tlb. The manipulation leads to privilege escalation. This vulnerability was named CVE-2025-37964. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to a41cd52f00907a040ca22c73d4805bb79b0d0972. This affects the function parse_lease_state of the component ksmbd. The manipulation leads to memory leak. This vulnerability is uniquely identified as CVE-2025-37962. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.90/6.12.28/6.14.6/6.15-rc5. It has been rated as problematic. Affected by this issue is the function d_alloc of the component ksmbd. The manipulation leads to privilege escalation. This vulnerability is handled as CVE-2025-37956. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.138/6.6.90/6.12.28/6.14.6/6.15-rc6. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component arm64. The manipulation leads to privilege escalation. This vulnerability is known as CVE-2025-37963. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel. It has been classified as critical. Affected is an unknown function of the file arch/x86/kvm/x86.c of the component KVM. The manipulation leads to use after free. This vulnerability is traded as CVE-2025-37957. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.28/6.14.6/6.15-rc5 and classified as problematic. This issue affects the function memblock_double_array. The manipulation leads to allocation of resources. The identification of this vulnerability is CVE-2025-37960. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.1.138/6.6.90/6.12.28/6.14.6/6.15-rc5 and classified as critical. This vulnerability affects the function bpf_redirect_peer. The manipulation leads to privilege escalation. This vulnerability was named CVE-2025-37959. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.