March 2025 – Page 40

CISA Adds Five Actively Exploited Vulnerabilities in Advantive VeraCore and Ivanti EPM to KEV List

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added five security flaws impacting Advantive VeraCore and Ivanti Endpoint Manager (EPM) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation in the wild.
The list of vulnerabilities is as follows –

CVE-2024-57968 – An unrestricted file upload vulnerability in Advantive VeraCore

Elon Musk Claims X Being Targeted in ‘Massive Cyberattack’ as Service Goes Down

Elon Musk claimed that the social media platform X was being targeted in a “massive cyberattack” that impacted availability.

The post Elon Musk Claims X Being Targeted in ‘Massive Cyberattack’ as Service Goes Down appeared first on SecurityWeek.

X hit by ‘massive cyberattack’ amid Dark Storm’s DDoS claims

The Dark Storm hacktivist group claims to be behind DDoS attacks causing multiple X worldwide outages on Monday, leading the company to enable DDoS protections from Cloudflare. […]

US govt says Americans lost record $12.5 billion to fraud in 2024

The U.S. Federal Trade Commission (FTC) said today that Americans lost a record $12.5 billion to fraud last year, a 25% increase over the previous year. […]

Microsoft shares guidance on upcoming Publisher deprecation

Microsoft has published guidance for users of Microsoft Publisher as it will no longer be supported after October 2026 and removed from Microsoft 365. […]

Trump Coins Used as Lure in Malware Campaign

Binance is being spoofed in an email campaign using free TRUMP Coins as a lure leading to the installation of the ConnectWise RAT.

The post Trump Coins Used as Lure in Malware Campaign appeared first on SecurityWeek.

Details Disclosed for SCADA Flaws That Could Facilitate Industrial Attacks

Palo Alto Networks has shared details on several high-severity Mitsubishi Electric and Iconics SCADA vulnerabilities.

The post Details Disclosed for SCADA Flaws That Could Facilitate Industrial Attacks appeared first on SecurityWeek.

FTC will send $25.5 million to victims of tech support scams

Later this week, the Federal Trade Commission (FTC) will start distributing over $25.5 million in refunds to those misled by tech support companies Restoro and Reimage’s scare tactics. […]

Swiss critical sector faces new 24-hour cyberattack reporting rule

Switzerland’s National Cybersecurity Centre (NCSC) has announced a new reporting obligation for critical infrastructure organizations in the country, requiring them to report cyberattacks to the agency within 24 hours of their discovery. […]

Google paid $12 million in bug bounties last year to security researchers

Google paid almost $12 million in bug bounty rewards to 660 security researchers who reported security bugs through the company’s Vulnerability Reward Program (VRP) in 2024. […]

Month: March 2025