cybersecurity threats
-
China and Russia Enhance Cybersecurity Cooperation Amidst Global Tensions
China and Russia are set to enhance their cybersecurity cooperation, aiming to counter Western digital dominance while fostering a collaborative framework for international cyber governance. The partnership emphasizes shared challenges in the digital realm amid growing tensions in global politics.
-
CISA Identifies Exploited Windows Vulnerability: Urgent Fixes Required
CISA has identified a medium-severity vulnerability in Microsoft Windows, designated CVE-2025-24054, which has come under active exploitation. The vulnerability, tied to the deprecated NTLM authentication protocol, allows unauthorized access to sensitive data. Urgent measures are required to secure systems against ongoing attacks targeting both governmental and private institutions.
-
Redefining Cybersecurity: The Human Experience at the Forefront of Security Design
A recent analysis highlights the importance of human experience in cybersecurity design, emphasizing user-friendly systems that align with operational realities. Experts argue that simplifying security measures can enhance adherence and encourage a culture of awareness within organizations.
-
NIST Updates Privacy Framework to Address AI and Cybersecurity Risks
NIST has revised its Privacy Framework, enhancing alignment with cybersecurity guidelines and addressing emerging AI-related risks. These updates reflect the growing importance of integrated risk management as organizations navigate increasing privacy challenges.
-
US Government Agrees to Continue Funding CVE Program Amid Concerns
In a crucial move for the cybersecurity sector, the US government has agreed to extend funding for the Common Vulnerabilities and Exposures (CVE) program amid concerns over its future. Following MITRE’s announcement that federal support was about to end, this extension ensures the continuity of CVE services, which are pivotal in identifying and managing technology…
-
End of CVE Program Sparks Concerns Among Cybersecurity Experts
The Department of Homeland Security’s decision to let its contract with MITRE expire could jeopardize the future of the Common Vulnerabilities and Exposures (CVE) program, raising alarms among cybersecurity experts about the potential disruption to vulnerability tracking and management.
-
AI Presentation Tool Exploited in Phishing Scams, Experts Warn
Research from Abnormal Security reveals that the AI presentation tool Gamma is being exploited in phishing attacks to trick users into revealing their credentials via counterfeit communications.
-
Tech Giants Lead Push for Shorter Digital Certificate Lifespans
Tech giants Apple and Google are leading a significant initiative to reduce the maximum lifespans of digital certificates, aiming to strengthen cybersecurity and mitigate risks associated with long-term certificates. The proposal suggests a maximum validity of 90 days from Google and 47 days from Apple, potentially revolutionizing internet safety standards.
-
Organizations Struggle to Address Cyber Vulnerabilities, Despite Increased Pentesting Efforts
A recent report reveals that organizations are addressing less than half of exploitable vulnerabilities, particularly in Generative AI applications, underscoring the need for improved security measures despite widespread recognition of the importance of pentesting.
-
Cyber Attacks: Shutting Down Systems Can Exacerbate Damage
As cyber attacks become an increasing reality for businesses, experts caution against the instinct to shut down systems during an incident, urging a focus on preparedness, controlled containment strategies, and effective communication.
