News - Page 9 of 26 - UZCERT xizmati

Computer Emergency
Response Team

News

Multiple Vulnerabilities Discovered in Zoom, Putting Confidential Data at Risk!

Recent security reports have identified multiple high-risk vulnerabilities in the Zoom application. These vulnerabilities could endanger millions of users, leading to data leaks, privilege escalation attacks, and unauthorized access. On March 11, 2025, Zoom released a security bulletin detailing vulnerabilities…

News

Cisco IOS XR Vulnerability Allows Attackers to Execute Commands with Root Privileges

Cisco has recently identified a critical privilege escalation vulnerability (CVE-2025-20138) in its IOS XR software. This vulnerability allows an attacker to execute commands with root privileges on affected systems. The vulnerability has been assigned a CVSS 3.1 score of 8.8…

News

Microsoft Releases March 2025 Patch Tuesday Security Update: 57 Vulnerabilities Fixed, 6 Zero-Day Exploits Actively Used

As part of its March 2025 Patch Tuesday update, Microsoft has patched a total of 57 security vulnerabilities. Most notably, six of these are zero-day vulnerabilities, which are actively being exploited by cybercriminals. These updates affect the Windows operating system,…

News

Critical Vulnerability in Apache Pinot Allows Attackers to Bypass Authentication

Apache Pinot, an open-source distributed OLAP database used by major companies such as LinkedIn, Uber, and Microsoft for real-time analytics, has recently been found to contain a severe security vulnerability. This flaw, identified as CVE-2024-56325, allows attackers to bypass authentication…

News

New Chrome Security Patches Released – Don’t Forget to Update!

Google has recently released a critical security update for the Chrome browser. This update is aimed at fixing several high-risk vulnerabilities that, if left unpatched, could allow attackers to execute arbitrary code or escape the browser’s sandbox. Updated Chrome Version…

News

Security Issues in Apache Traffic Server and Their Negative Impact

The Apache Software Foundation has recently released critical security updates to address several dangerous vulnerabilities discovered in its Apache Traffic Server (ATS) software. These vulnerabilities allow attackers to manipulate server systems by crafting improperly structured requests, bypass authentication, and disrupt…

News

Akira Ransomware: Attacking Windows Server via RDP and Evading EDR Using IoT Devices

In 2024, approximately 15% of cybersecurity incidents were linked to the activities of a sophisticated ransomware group called Akira. They have developed new techniques to bypass security defenses, particularly by exploiting unsecured webcams to evade Endpoint Detection and Response (EDR)…

News

GitHub Copilot: A New Approach to Log Analysis for Cybersecurity Professionals

In the modern field of cybersecurity, analyzing system logs plays a crucial role. Automated log processing has become essential for detecting cyberattacks, responding to incidents promptly, and ensuring data protection. GitHub has taken its AI-powered coding assistant Copilot to the…

News

RDP’s “Incognito Mode” – An Effective Solution for Security

Microsoft Remote Desktop Protocol (RDP) is an essential part of modern IT infrastructure, allowing users to connect to remote computers. However, alongside convenience, security risks also arise. As cyber threats continue to increase, Microsoft has introduced a special security feature…

News

Critical Vulnerability Discovered in Cisco Secure Client – Update Your System Immediately!

In today’s world, cyber threats are becoming increasingly complex, and software vulnerabilities are turning into easy targets for cybercriminals. A serious security vulnerability has recently been identified in Cisco Secure Client for Windows, which could allow attackers to compromise systems.…