The U.S. Department of the Treasury has announced sanctions against Grinex, the successor to Russian cryptocurrency exchange Garantex, which was previously sanctioned for helping ransomware gangs launder their money. […]
Critical Flaws Patched in Rockwell FactoryTalk, Micro800, ControlLogix Products
Rockwell Automation has published several advisories describing critical and high-severity vulnerabilities affecting its products.
The post Critical Flaws Patched in Rockwell FactoryTalk, Micro800, ControlLogix Products appeared first on SecurityWeek.
Cisco Patches Critical Vulnerability in Firewall Management Platform
Cisco has released over 20 advisories as part of its August 2025 bundled publication for ASA, FMC and FTD products.
The post Cisco Patches Critical Vulnerability in Firewall Management Platform appeared first on SecurityWeek.
Cisco Warns of CVSS 10.0 FMC RADIUS Flaw Allowing Remote Code Execution
Cisco has released security updates to address a maximum-severity security flaw in Secure Firewall Management Center (FMC) Software that could allow an attacker to execute arbitrary code on affected systems.
The vulnerability, assigned the CVE identifier CVE-2025-20265 (CVSS score: 10.0), affects the RADIUS subsystem implementation that could permit an unauthenticated, remote attacker to inject
The vulnerability, assigned the CVE identifier CVE-2025-20265 (CVSS score: 10.0), affects the RADIUS subsystem implementation that could permit an unauthenticated, remote attacker to inject
Over $300 million in cybercrime crypto seized in anti-fraud effort
More than $300 million worth of cryptocurrency linked to cybercrime and fraud schemes has been frozen due to two separate initiatives involving law enforcement and private companies. […]
Crypto24 ransomware hits large orgs with custom EDR evasion tool
The Crypto24 ransomware group has been using custom utilities to evade security solutions on breached networks, exfiltrate data, and encrypt files. […]
Pro-Russian hackers blamed for water dam sabotage in Norway
The Norwegian Police Security Service (PST) says that pro-Russian hackers took control of critical operation systems at a dam and opened outflow valves. […]
New HTTP/2 ‘MadeYouReset’ Vulnerability Enables Large-Scale DoS Attacks
Multiple HTTP/2 implementations have been found susceptible to a new attack technique called MadeYouReset that could be explored to conduct powerful denial-of-service (DoS) attacks.
“MadeYouReset bypasses the typical server-imposed limit of 100 concurrent HTTP/2 requests per TCP connection from a client. This limit is intended to mitigate DoS attacks by restricting the number of simultaneous
“MadeYouReset bypasses the typical server-imposed limit of 100 concurrent HTTP/2 requests per TCP connection from a client. This limit is intended to mitigate DoS attacks by restricting the number of simultaneous
Microsoft fixes Windows Server bug causing cluster, VM issues
Microsoft has resolved a known issue that triggers Cluster service and VM restart issues after installing July’s Windows Server 2019 security updates. […]
Booking.com phishing campaign uses sneaky ‘ん’ character to trick you
Threat actors are leveraging a Unicode character to make phishing links appear like legitimate Booking.com links in a new campaign distributing malware. The attack makes use of the Japanese hiragana character, ん, which can, on some systems, appear as a forward slash and make a phishing URL appear realistic to a person at first. […]