Month: January 2025

Cyber threat intelligence can inform decisions but is a complex issue. Where it is complete and accurate it is a huge boon.

The post Cyber Insights 2025: Cyber Threat Intelligence appeared first on SecurityWeek.

SAP has released 14 security notes on January 2025 Patch Day, including two addressing critical vulnerabilities in NetWeaver.

The post SAP Patches Critical Vulnerabilities in NetWeaver appeared first on SecurityWeek.

CISA and other Western security agencies have shared guidance for OT owners and operators when procuring products. 

The post Western Security Agencies Share Advice on Selecting OT Products appeared first on SecurityWeek.

A ransomware group tracked as Codefinger is using compromised AWS keys to encrypt S3 bucket data using SSE-C.

The post Compromised AWS Keys Abused in Codefinger Ransomware Attacks appeared first on SecurityWeek.

Attackers have been exploiting a second vulnerability in BeyondTrust’s remote management solutions, CISA warns.

The post CISA Warns of Second BeyondTrust Vulnerability Exploited in Attacks appeared first on SecurityWeek.

Many Ivanti VPNs are still exposed to attacks exploiting a recent vulnerability tracked as CVE-2025-0282 and Nominet has been named as a victim.

The post Many Ivanti VPNs Still Unpatched as UK Domain Registry Emerges as Victim of Exploitation appeared first on SecurityWeek.

Attackers are exploiting a critical vulnerability in Aviatrix Controller to execute arbitrary code in AWS cloud environments.

The post Critical Aviatrix Controller Vulnerability Exploited Against Cloud Environments appeared first on SecurityWeek.