News - Page 18 of 28 - UZCERT xizmati

Computer Emergency
Response Team

News

SAP Security Update: 19 Vulnerabilities Fixed Across Multiple Products

In today’s world of information technology, cybersecurity has become more critical than ever. SAP has released its February 2025 security update, addressing 19 newly discovered vulnerabilities across its product suite. This update fixes critical security issues in platforms such as…

News

More than 12,000 KerioControl Devices at Risk Due to Critical Vulnerability

In today’s world, cybersecurity is becoming an increasingly urgent issue, and a highly dangerous vulnerability has recently been discovered in GFI KerioControl firewalls. The vulnerability, identified as CVE-2024-52875, affects versions 9.2.5–9.4.5 and allows attackers to remotely execute code (RCE –…

News

Critical Cisco ISE Vulnerabilities Allow Remote Execution of Arbitrary Commands

In today’s world, cybersecurity threats pose a serious risk to corporate networks. Many large companies and organizations rely on Cisco Identity Services Engine (ISE) software to protect their networks. However, Cisco recently disclosed two critical vulnerabilities, CVE-2025-20124 and CVE-2025-20125, which…

News

Critical Vulnerabilities in Zimbra System: Attackers May Gain Unauthorized Access to Internal Resources

In today’s world, cybersecurity issues are highly relevant, and information systems, especially corporate email services, are constantly under threat. Zimbra Collaboration—a widely used open-source email and collaboration software—has become a primary target for cybercriminals. Recently, critical vulnerabilities, CVE-2025-25064 and CVE-2025-25065,…

News

Top 10 UTM (Unified Threat Management) Firewall Solutions for 2025

In the world of cybersecurity, protecting networks and data is becoming increasingly complex. In response, Unified Threat Management (UTM) solutions are gaining widespread popularity. UTM is a comprehensive cybersecurity solution that integrates various security functions into a single platform. These solutions are…

News

The Danger of the Malicious App “MyID O‘zbekiston.apk” is Growing!

In today’s digital world, cybercrime is on the rise, and hackers are constantly developing new methods to steal users’ personal data. According to recent monitoring conducted by UZCERT, a malicious application named “MyID O‘zbekiston.apk” is actively being advertised on social…

News

Bypassing Authentication in Logsign Unified SecOps Platform: A Critical Security Vulnerability

A serious security vulnerability, identified as CVE-2025-1044, has been discovered in Logsign Unified SecOps Platform. This platform is widely used for security operations management, and due to this flaw, attackers can bypass authentication without requiring any login credentials. The vulnerability…

News

Exploiting “Kerberos Delegation” Vulnerability in Active Directory Networks: A New Attack Method

A newly discovered attack method exploits vulnerabilities in Kerberos delegation within Active Directory (AD) networks. This method poses a serious threat to corporate security, allowing attackers to impersonate users and potentially compromise an entire domain. Kerberos delegation is a mechanism…

News

Cyberattacks via SVG Files: Gmail, Outlook, and Dropbox Users Targeted

As modern cyberattack techniques become increasingly sophisticated, cybercriminals are turning to new and innovative methods. Recently, attackers have been using Scalable Vector Graphics (SVG) files to carry out phishing campaigns against Gmail, Outlook, and Dropbox users. This dangerous tactic helps…

News

Flesh Stealer Malware: A Dangerous Threat Targeting Browsers and Messengers

In August 2024, a malicious program called Flesh Stealer emerged, targeting popular browsers such as Chrome, Firefox, Edge, as well as messengers like Signal and Telegram. This malware is designed to steal users’ passwords and data. It is written in…