Notícias
Vulnerabilidades
24 de julho de 2025
Autoswagger: Open-source tool to expose hidden API authorization flaws
Autoswagger is a free, open-source tool that scans OpenAPI-documented APIs for broken authorization vulnerabilities. These flaws are still common, even at large enterprises with mature security teams, and are especially dangerous because they can be exploited with little technical skill. Autoswagger begins by detecting API schemas across a range of common formats and locations, starting with a list of an organization's domains. It scans for OpenAPI and Swagger documentation pages, sending requests to each host … More → The post Autoswagger: Open-source tool to expose hidden API authorization flaws appeared first on Help Net Security.
24 de julho de 2025
Storm-2603 spotted deploying ransomware on exploited SharePoint servers
One of the groups that, in the past few weeks, has been exploiting vulnerabilities in on-prem SharePoint installation has been observed deploying Warlock ransomware, Microsoft shared on Wednesday. First attack spotted on July 7th On Saturday, Microsoft announced that attackers have been spotted exploiting a zero-day variant (CVE-2025-53770) of a SharePoint vulnerability (CVE-2025-49706) that the company partially addressed with updates released on July 8th, 2025. In the intervening days, some things have become clearer but … More → The post Storm-2603 spotted deploying ransomware on exploited SharePoint servers appeared first on Help Net Security.
23 de julho de 2025
Smashing Security podcast #427: When 2G attacks, and a romantic road trip goes wrong
Graham warns why it is high time we said goodbye to 2G - the outdated mobile network being exploited by cybercriminals with suitcase-sized SMS blasters. From New Zealand to London, scammers are driving around cities like dodgy Uber drivers, spewing phishing texts to thousands at once. Meanwhile, Carole unpacks a painfully awkward tale of amour fou, as a 76-year-old Belgian man drives 476 miles to meet his dream woman... only to be greeted by her very-much-still-husband at the gate. Plus: Sky Arts painting competitions get a thumbs up, Mark Zuckerberg never loses at board games, and the scandalous Facebook memoir Meta tried to silence. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
23 de julho de 2025
Analyzing Sharepoint Exploits (CVE-2025-53770, CVE-2025-53771), (Wed, Jul 23rd)
A few days after the exploit originally became widely known, there are now many different SharePoint exploit attempts in circulation. We do see some scans by researchers to identify vulnerable systems (or to scan for common artifacts of compromise), and a few variations of the "ToolPane.aspx" URL being hit. Even for our "random" honeypots, the number of hits has increased significantly without having to emulate SharePoint better.
23 de julho de 2025
Sophos fixed two critical Sophos Firewall vulnerabilities
Sophos addressed five Sophos Firewall vulnerabilities that could allow remote attackers to execute arbitrary code. Sophos has fixed five vulnerabilities (CVE-2025-6704, CVE-2025-7624, CVE-2025-7382, CVE-2024-13974, CVE-2024-13973) in Sophos Firewall that could allow an attacker to remotely execute arbitrary code. “Sophos has resolved five independent security vulnerabilities in Sophos Firewall. Every Critical and High severity vulnerability was […]
23 de julho de 2025
Microsoft fixes three SharePoint zero-day exploits used in series of cyberattacks - how to patch them
Microsoft has pointed the finger at three Chinese nation-state actors for exploiting the SharePoint vulnerabilities. Here's what we know about the security flaws and how to guard against future attacks.