News - Page 17 of 28 - UZCERT xizmati

Computer Emergency
Response Team

News

Vulnerability in WinZip Allows Hackers to Take Control of Your Computer

One of the world’s most popular file archiving programs, WinZip, has been found to contain a critical security vulnerability. Designated as CVE-2025-1240, this vulnerability enables attackers to execute arbitrary code remotely using malicious 7Z archive files. This vulnerability has received…

News

ZeroLogon Exploit: Threat to Active Directory and Domain Controllers

The ZeroLogon exploit is currently one of the most dangerous cyber threats used by malicious actors to attack Microsoft Active Directory environments. This exploit is registered under the identifier CVE-2020-1472 and poses a serious risk to Microsoft domain controllers. The…

News

SonicWall Firewall Vulnerability Allows Attackers to Hijack SSL VPN Sessions

Recently, cybersecurity experts have discovered a critical vulnerability in SonicWall firewalls. The vulnerability, identified as CVE-2024-53704, allows attackers to hijack SSL VPN sessions and gain unauthorized access. This vulnerability affects SonicOS versions 7.1.x (7.1.1-7058 and earlier), 7.1.2-7019, and 8.0.0-8035. Attackers…

News

“Wormable” Vulnerability in Windows LDAP Allows Attackers to Execute Code Remotely

Recently, cybersecurity specialists have discovered a critical vulnerability in the implementation of the Lightweight Directory Access Protocol (LDAP) in Windows operating systems. This vulnerability, designated as CVE-2025-21376, enables attackers to execute arbitrary code remotely. The most dangerous aspect of this…

News

New Vulnerability in Ivanti Connect Secure Allows Attackers to Execute Code Remotely

Recently, a new serious cybersecurity threat has emerged. Ivanti has disclosed a critical vulnerability, CVE-2025-22467, in its Connect Secure (ICS) product. This flaw, categorized as a stack-based buffer overflow, has been rated 9.9 (Critical) on the CVSS v3.1 scale, allowing…

News

New Critical Vulnerability in Fortinet Systems Allows Attackers to Take Over Firewalls and Gain Super Admin Privileges

Another dangerous vulnerability has been discovered in the world of cybersecurity. Fortinet, one of the leading cybersecurity companies, has confirmed the discovery of a new critical authentication bypass vulnerability (CVE-2025-24472) in its FortiOS and FortiProxy products, which has already been…

News

Advanced System Against APT Threats: Have You Heard About EARLYCROW?

Today, one of the most significant threats in the field of cybersecurity is Advanced Persistent Threats (APTs). These attacks target government agencies, major corporations, research centers, and military organizations, carrying out covert and long-term operations. APT threats utilize sophisticated malware…

News

Check Point and Wiz Partnership: A Comprehensive Cybersecurity Solution for Hybrid Cloud Environments

In today’s world of information technology, cloud infrastructure has become an integral part of business operations. However, as cloud adoption grows, so do cybersecurity threats. A significant gap exists between network security and cloud-native application protection, particularly in hybrid cloud…

News

SAP Security Update: 19 Vulnerabilities Fixed Across Multiple Products

In today’s world of information technology, cybersecurity has become more critical than ever. SAP has released its February 2025 security update, addressing 19 newly discovered vulnerabilities across its product suite. This update fixes critical security issues in platforms such as…

News

More than 12,000 KerioControl Devices at Risk Due to Critical Vulnerability

In today’s world, cybersecurity is becoming an increasingly urgent issue, and a highly dangerous vulnerability has recently been discovered in GFI KerioControl firewalls. The vulnerability, identified as CVE-2024-52875, affects versions 9.2.5–9.4.5 and allows attackers to remotely execute code (RCE –…