News - Page 18 of 28 - UZCERT xizmati

Computer Emergency
Response Team

News

Critical Cisco ISE Vulnerabilities Allow Remote Execution of Arbitrary Commands

In today’s world, cybersecurity threats pose a serious risk to corporate networks. Many large companies and organizations rely on Cisco Identity Services Engine (ISE) software to protect their networks. However, Cisco recently disclosed two critical vulnerabilities, CVE-2025-20124 and CVE-2025-20125, which…

News

Critical Vulnerabilities in Zimbra System: Attackers May Gain Unauthorized Access to Internal Resources

In today’s world, cybersecurity issues are highly relevant, and information systems, especially corporate email services, are constantly under threat. Zimbra Collaboration—a widely used open-source email and collaboration software—has become a primary target for cybercriminals. Recently, critical vulnerabilities, CVE-2025-25064 and CVE-2025-25065,…

News

Top 10 UTM (Unified Threat Management) Firewall Solutions for 2025

In the world of cybersecurity, protecting networks and data is becoming increasingly complex. In response, Unified Threat Management (UTM) solutions are gaining widespread popularity. UTM is a comprehensive cybersecurity solution that integrates various security functions into a single platform. These solutions are…

News

The Danger of the Malicious App “MyID O‘zbekiston.apk” is Growing!

In today’s digital world, cybercrime is on the rise, and hackers are constantly developing new methods to steal users’ personal data. According to recent monitoring conducted by UZCERT, a malicious application named “MyID O‘zbekiston.apk” is actively being advertised on social…

News

Bypassing Authentication in Logsign Unified SecOps Platform: A Critical Security Vulnerability

A serious security vulnerability, identified as CVE-2025-1044, has been discovered in Logsign Unified SecOps Platform. This platform is widely used for security operations management, and due to this flaw, attackers can bypass authentication without requiring any login credentials. The vulnerability…

News

Exploiting “Kerberos Delegation” Vulnerability in Active Directory Networks: A New Attack Method

A newly discovered attack method exploits vulnerabilities in Kerberos delegation within Active Directory (AD) networks. This method poses a serious threat to corporate security, allowing attackers to impersonate users and potentially compromise an entire domain. Kerberos delegation is a mechanism…

News

Cyberattacks via SVG Files: Gmail, Outlook, and Dropbox Users Targeted

As modern cyberattack techniques become increasingly sophisticated, cybercriminals are turning to new and innovative methods. Recently, attackers have been using Scalable Vector Graphics (SVG) files to carry out phishing campaigns against Gmail, Outlook, and Dropbox users. This dangerous tactic helps…

News

Flesh Stealer Malware: A Dangerous Threat Targeting Browsers and Messengers

In August 2024, a malicious program called Flesh Stealer emerged, targeting popular browsers such as Chrome, Firefox, Edge, as well as messengers like Signal and Telegram. This malware is designed to steal users’ passwords and data. It is written in…

News

Vulnerabilities Found in Cisco SNMP Pose a Threat to Network Security

Cisco, the world’s leading network equipment manufacturer, has announced a series of critical vulnerabilities in the Simple Network Management Protocol (SNMP) system of its IOS, IOS XE, and IOS XR software. These vulnerabilities allow remote authenticated attackers to execute Denial…

News

Critical Vulnerability Discovered in IBM Cloud Pak

In today’s digital world, cybersecurity remains one of the top priorities. Companies use various tools to protect their systems, and IBM Cloud Pak for Business Automation is one of them. This software is widely used for automating workflows and managing…