News – Page 4 – UZCERT Team

Computer Emergency
Response Team

News

Bypassing Authentication in Logsign Unified SecOps Platform: A Critical Security Vulnerability

A serious security vulnerability, identified as CVE-2025-1044, has been discovered in Logsign Unified SecOps Platform. This platform is widely used for security operations management, and due to this flaw, attackers can bypass authentication without requiring any login credentials. The vulnerability…

News

Exploiting “Kerberos Delegation” Vulnerability in Active Directory Networks: A New Attack Method

A newly discovered attack method exploits vulnerabilities in Kerberos delegation within Active Directory (AD) networks. This method poses a serious threat to corporate security, allowing attackers to impersonate users and potentially compromise an entire domain. Kerberos delegation is a mechanism…

News

Cyberattacks via SVG Files: Gmail, Outlook, and Dropbox Users Targeted

As modern cyberattack techniques become increasingly sophisticated, cybercriminals are turning to new and innovative methods. Recently, attackers have been using Scalable Vector Graphics (SVG) files to carry out phishing campaigns against Gmail, Outlook, and Dropbox users. This dangerous tactic helps…

News

Flesh Stealer Malware: A Dangerous Threat Targeting Browsers and Messengers

In August 2024, a malicious program called Flesh Stealer emerged, targeting popular browsers such as Chrome, Firefox, Edge, as well as messengers like Signal and Telegram. This malware is designed to steal users’ passwords and data. It is written in…

News

Vulnerabilities Found in Cisco SNMP Pose a Threat to Network Security

Cisco, the world’s leading network equipment manufacturer, has announced a series of critical vulnerabilities in the Simple Network Management Protocol (SNMP) system of its IOS, IOS XE, and IOS XR software. These vulnerabilities allow remote authenticated attackers to execute Denial…

News

Critical Vulnerability Discovered in IBM Cloud Pak

In today’s digital world, cybersecurity remains one of the top priorities. Companies use various tools to protect their systems, and IBM Cloud Pak for Business Automation is one of them. This software is widely used for automating workflows and managing…

News

Critical Vulnerability in Apache Cassandra Allows Remote Access to Data Centers!

A serious security vulnerability has been discovered in Apache Cassandra, a widely used distributed database system. This vulnerability, registered as CVE-2025-24860, allows attackers to gain unauthorized access to data centers or network zones. The issue is specifically related to authentication…

News

Critical “Zero-Click” Vulnerability Discovered in Microsoft Windows OLE Technology

Cybersecurity is becoming an increasingly pressing issue today. A new dangerous vulnerability has been discovered in Microsoft Windows, one of the world’s most widely used operating systems. This vulnerability, registered under the code CVE-2025-21298, presents a security flaw in Microsoft’s…

News

New BeyondTrust Vulnerability: Clients’ Confidential API Keys Stolen

In today’s world, cyber threats are becoming increasingly sophisticated, and attacks on major technology companies are growing more dangerous. Earlier this year, BeyondTrust, a leading company in the field of Identity and Access Management (IAM), fell victim to a cyberattack.…

News

Linux 6.14: Half a Million Lines of Code Modified!

The tech world has received another major update – Linux 6.14-rc1 has been officially released! Linux kernel creator Linus Torvalds has announced the first test version (Release Candidate – RC), marking the completion of two weeks of active development on…