Last updated at Tue, 03 Jun 2025 20:35:31 GMT Co-authored by Yaniv Allender and Alexandra Blia Introduction In the ever-evolving landscape of cyber threat actors, the lines between ideologically driven hacktivism and financially motivated cybercriminals have become increasingly blurred. Originally fueled by political, social, or ethical causes, hacktivist groups have historically engaged in digital protest…
For the latest discoveries in cyber research for the week of 12th May, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES The UK’s Legal Aid Agency has suffered a cyberattack. The agency, which operates under the Ministry of Justice to provide billions in legal aid funding, has stated that financial information relating to…
Last updated at Wed, 04 Jun 2025 20:42:55 GMT Rapid7’s Q1 2025 incident response data highlights several key initial access vector (IAV) trends, shares salient examples of incidents investigated by the Rapid7 Incident Response (IR) team, and digs into threat data by industry as well as some of the more commonly seen pieces of malware…
Last updated at Tue, 10 Jun 2025 20:31:43 GMT Microsoft is addressing 67 vulnerabilities this June 2025 Patch Tuesday. Microsoft has evidence of in-the-wild exploitation for just one of the vulnerabilities published today, and that is reflected in CISA KEV. Separately, Microsoft is aware of existing public disclosure for one other freshly published vulnerability. Microsoft’s…
#!/usr/bin/env python3 # Exploit Title: Windows File Explorer Windows 11 (23H2) – NTLM Hash Disclosure # Exploit Author: Mohammed Idrees Banyamer # Twitter/GitHub:https://github.com/mbanyamer # Date: 2025-05-27 # CVE: CVE-2025-24071 # Vendor: Microsoft # Affected Versions: Windows 10/11 (All supporting .library-ms and SMB) # Tested on: Windows 11 (23H2) # Type: Local / Remote (NTLM…
Tor Browser 14.5.2 is now available from the Tor Browser download page and also from our distribution directory. This version includes important security updates to Firefox. Send us your feedback If you find a bug or have a suggestion for how we could improve this release, please let us know. Full changelog The full changelog…
Microsoft today released patches for 67 vulnerabilities. 10 of these vulnerabilities are rated critical. One vulnerability has already been exploited and another vulnerability has been publicly disclosed before today. Notable Vulnerabilities: CVE-2025-33053: WebDAV remote code execution vulnerability. This vulnerability has already been exploited. Microsoft rates it as important. This affects the client part of WebDAV,…
Key Findings Check Point Research (CPR) discovered a new campaign conducted by the APT group Stealth Falcon. The attack used a .url file that exploited a zero-day vulnerability (CVE-2025-33053) to execute malware from an actor-controlled WebDAV server. CVE-2025-33053 allows remote code execution through manipulation of the working directory. Following CPR’s responsible disclosure, Microsoft today, June…
Last updated at Tue, 10 Jun 2025 17:02:43 GMT Cloud adoption has fundamentally reshaped security operations, bringing flexibility and scalability, but also complexity. In this session from the Take Command 2025 Virtual Cybersecurity Summit, Rapid7’s product leaders discussed how today’s SOC and MDR capabilities must evolve to keep up. Hosted by Ellis Fincham, the panel…
I recently came across an interesting phishing e-mail. At first glance, it looked like a “normal” phishing that tried to pass itself off as a message from one of the Czech banks asking account holders to update their information… Nevertheless, when I hovered above the rectangle that a recipient was expected to click on, I…
