Over Security

Over Security

33538 bookmarks
Custom sorting
New Microsoft Defender “RedSun” zero-day PoC grants SYSTEM privileges
New Microsoft Defender “RedSun” zero-day PoC grants SYSTEM privileges
A researcher known as "Chaotic Eclipse" has published a proof-of-concept exploit for a second Microsoft Defender zero-day, dubbed "RedSun," in the past two weeks, protesting how the company works with cybersecurity researchers.
·bleepingcomputer.com·
New Microsoft Defender “RedSun” zero-day PoC grants SYSTEM privileges
Foxit, LibRaw vulnerabilities
Foxit, LibRaw vulnerabilities
Cisco Talos’ Vulnerability Discovery & Research team recently disclosed one Foxit Reader vulnerability, and six LibRaw file reader vulnerabilities. The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to Cisco’s third-party vulnerability disclosure policy.     For Snort coverage that can detect the exploitation of these vulnerabilities, download the latest rule sets from Snort.org, and our latest Vulnerability Advisories are always pos
·blog.talosintelligence.com·
Foxit, LibRaw vulnerabilities
The Q1 vulnerability pulse
The Q1 vulnerability pulse
Thor provides an overview of the Q1 2026 vulnerability statistics, highlighting key trends in legacy CVEs and the evolving impact of AI on the threat landscape.
·blog.talosintelligence.com·
The Q1 vulnerability pulse
Google expands Gemini AI use to fight malicious ads on its platform
Google expands Gemini AI use to fight malicious ads on its platform
Google says it is increasingly using its Gemini AI models to detect and block harmful ads on its advertising platforms, as scammers and threat actors continue to evolve their tactics to evade detection.
·bleepingcomputer.com·
Google expands Gemini AI use to fight malicious ads on its platform
Google colpisce azienda cinese delle reti proxy: è collegata ad arma informatica di massa
Google colpisce azienda cinese delle reti proxy: è collegata ad arma informatica di massa
L'intervento di Google, che ha rimosso decine di domini riconducibili a Ipidea, società cinese operante nel settore dei servizi proxy residenziali, si fonda su elementi tecnici e legali specifici. Il nodo centrale della questione riguarda le modalità attraverso cui i dispositivi vengono inclusi nelle reti proxy
·cybersecurity360.it·
Google colpisce azienda cinese delle reti proxy: è collegata ad arma informatica di massa
Dall’attacco all’analisi forense: come investigare step by step una compromissione APT
Dall’attacco all’analisi forense: come investigare step by step una compromissione APT
L’analisi forense completa di un attacco APT può aiutare l’azienda a comprendere i punti deboli della propria infrastruttura e uscire dall’incubo del cosiddetto APTNightmare. Ecco la guida pratica per analizzare la macchina del CEO in seguito a un attacco mirato
·cybersecurity360.it·
Dall’attacco all’analisi forense: come investigare step by step una compromissione APT
Most "AI SOCs" Are Just Faster Triage. That's Not Enough.
Most "AI SOCs" Are Just Faster Triage. That's Not Enough.
AI-powered SOC tools promise automation, but most only speed up triage instead of reducing real workload. Tines shows how real gains come from end-to-end workflows that execute actions across systems, not just summarize alerts.
·bleepingcomputer.com·
Most "AI SOCs" Are Just Faster Triage. That's Not Enough.
New ATHR vishing platform uses AI voice agents for automated attacks
New ATHR vishing platform uses AI voice agents for automated attacks
A new cybercrime platform called ATHR can harvest credentials via fully automated voice phishing attacks that use both human operators and AI agents for the social engineering phase.
·bleepingcomputer.com·
New ATHR vishing platform uses AI voice agents for automated attacks
Cisco says critical Webex Services flaw requires customer action
Cisco says critical Webex Services flaw requires customer action
Cisco has released security updates to patch four critical vulnerabilities, including a fixed improper certificate validation flaw in the company's cloud-based Webex Services platform that requires further customer action.
·bleepingcomputer.com·
Cisco says critical Webex Services flaw requires customer action
Data breach at edtech giant McGraw Hill affects 13.5 million accounts
Data breach at edtech giant McGraw Hill affects 13.5 million accounts
The ShinyHunters extortion group has leaked data from 13.5 million McGraw Hill user accounts, stolen after breaching the company's Salesforce environment earlier this month.
·bleepingcomputer.com·
Data breach at edtech giant McGraw Hill affects 13.5 million accounts
PowMix botnet targets Czech workforce
PowMix botnet targets Czech workforce
Cisco Talos discovered an ongoing malicious campaign, operating since at least December 2025, affecting a broader workforce in the Czech Republic with a previously undocumented botnet we call “PowMix.”
·blog.talosintelligence.com·
PowMix botnet targets Czech workforce
EHDS, il Comitato UE per lo spazio comune dei dati sanitari è operativo: lo stato dell’arte
EHDS, il Comitato UE per lo spazio comune dei dati sanitari è operativo: lo stato dell’arte
L’EHDS, lo Spazio europeo dei dati sanitari, è forse il più ampio progetto normativo europeo che viene costruito in modo (parzialmente) partecipativo in tempo reale con l’obiettivo di costruire la prima architettura comune dei dati sanitari UE, a fini di ricerca e condivisione per fini di cura. I punti salienti
·cybersecurity360.it·
EHDS, il Comitato UE per lo spazio comune dei dati sanitari è operativo: lo stato dell’arte
US nationals behind DPRK IT worker 'laptop farm' sent to prison
US nationals behind DPRK IT worker 'laptop farm' sent to prison
Two U.S. nationals have been sent to prison for helping North Korean remote information technology (IT) workers to pose as U.S. residents and get hired by over 100 companies across the country, including many Fortune 500 firms.
·bleepingcomputer.com·
US nationals behind DPRK IT worker 'laptop farm' sent to prison
March 2026 Cyber Attacks Statistics
March 2026 Cyber Attacks Statistics
After the cyber attacks timelines, it’s time to publish the statistics for March 2026 where I collected and analyzed 282 events: a sharp increase compared to the 176 events of the previous month. I…
·hackmageddon.com·
March 2026 Cyber Attacks Statistics