NCSA Webboard
    • ล่าสุด
    • แท็ก
    • ฮิต
      • ติดต่อสำนักงาน
    • ลงทะเบียน
    • เข้าสู่ระบบ

    Cyber Threat Intelligence 15 October 2025

    Cyber Security News
    1
    1
    80
    โหลดโพสเพิ่มเติม
    • เก่าสุดไปยังใหม่สุด
    • ใหม่สุดไปยังเก่าสุด
    • Most Votes
    ตอบ
    • ตอบโดยตั้งกระทู้ใหม่
    เข้าสู่ระบบเพื่อตอบกลับ
    Topic นี้ถูกลบไปแล้ว เฉพาะผู้ใช้งานที่มีสิทธิ์ในการจัดการ Topic เท่านั้นที่จะมีสิทธิ์ในการเข้าชม
    • NCSA_THAICERTN
      NCSA_THAICERT
      แก้ไขล่าสุดโดย

      Industrial Sector

      • Rockwell Automation 1715 EtherNet/IP Comms Module
        "Successful exploitation of these vulnerabilities could allow an attacker to cause the web server to crash, requiring a restart to recover."
        https://www.cisa.gov/news-events/ics-advisories/icsa-25-287-01

      Vulnerabilities

      • Microsoft October 2025 Patch Tuesday Fixes 6 Zero-Days, 172 Flaws
        "Today is Microsoft's October 2025 Patch Tuesday, which includes security updates for 172 flaws, including six zero-day vulnerabilities. This Patch Tuesday also addresses eight "Critical" vulnerabilities, five of which are remote code execution vulnerabilities and three are elevation of privilege vulnerabilities."
        https://www.bleepingcomputer.com/news/microsoft/microsoft-october-2025-patch-tuesday-fixes-6-zero-days-172-flaws/
        https://blog.talosintelligence.com/microsoft-patch-tuesday-for-october-2025-snort-rules-and-prominent-vulnerabilities/
        https://www.darkreading.com/vulnerabilities-threats/microsoft-october-patch-update
        https://cyberscoop.com/microsoft-patch-tuesday-october-2025/
      • SAP Patches Critical Vulnerabilities In NetWeaver, Print Service, SRM
        "Business software maker SAP on Tuesday announced the release of 16 new and updated patch notes as part of its monthly rollout, including three fresh notes that address critical-severity vulnerabilities. One of the patches released on October 2025 Security Patch Day resolves once again CVE-2025-42944 (CVSS score of 10/10), described as an insecure deserialization flaw in NetWeaver AS Java."
        https://www.securityweek.com/sap-patches-critical-vulnerabilities-in-netweaver-print-service-srm/
      • RMPocalypse: New Attack Breaks AMD Confidential Computing
        "Academic researchers from ETH Zurich have discovered a vulnerability in the memory management of AMD processors that allowed them to break confidential computing integrity guarantees. Tracked as CVE-2025-0033 (CVSS score of 6.0), the issue is described as a race condition that occurs when AMD Secure Processor (ASP) initializes the Reverse Map Table (RMP). In AMD processors that use Secure Encrypted Virtualization – Secure Nested Paging (SEV-SNP), RMP prevents the hypervisor from tampering with guest page mappings."
        https://www.securityweek.com/rmpocalypse-new-attack-breaks-amd-confidential-computing/
        https://rmpocalypse.github.io/rmpocalypse-CCS2025.pdf
        https://thehackernews.com/2025/10/rmpocalypse-single-8-byte-write.html
        https://www.bankinfosecurity.com/confidential-virtual-machine-flaw-amd-patch-push-underway-a-29721
      • Final Windows 10 Patch Tuesday Update Rolls Out As Support Ends
        "In what marks the end of an era, Microsoft has released the Windows 10 KB5066791 cumulative update, the final cumulative update for the operating system as it reaches the end of its support lifecycle. It should be noted that users will still be able to receive extended security updates (ESUs) for up to 1 year (consumers) and 3 years (enterprise). The Windows 10 KB5066791 update is mandatory, as it contains Microsoft's October 2025 Patch Tuesday security updates, which address six zero-day vulnerabilities and 172 other flaws."
        https://www.bleepingcomputer.com/news/microsoft/final-windows-10-patch-tuesday-update-rolls-out-as-support-ends/
      • Oracles Silently Fixes Zero-Day Exploit Leaked By ShinyHunters
        "Oracle has silently fixed an Oracle E-Business Suite vulnerability (CVE-2025-61884) that was actively exploited to breach servers, with a proof-of-concept exploit publicly leaked by the ShinyHunters extortion group. The flaw was addressed with an out-of-band security update released over the weekend, which Oracle said could be used to access “sensitive resources.” "This Security Alert addresses vulnerability CVE-2025-61884 in Oracle E-Business Suite," reads Oracle's advisory."
        https://www.bleepingcomputer.com/news/security/oracles-silently-fixes-zero-day-exploit-leaked-by-shinyhunters/
      • BombShell: The Signed Backdoor Hiding In Plain Sight On Framework Devices
        "One of our fears, as individuals who have spent years examining firmware security, is stumbling upon a vulnerability that reveals the fundamental flaws in our trust models. Recently, that fear became a reality when we conducted deeper research into signed UEFI shells and discovered what can only be described as signed backdoors on 200k laptops and desktops."
        https://eclypsium.com/blog/bombshell-the-signed-backdoor-hiding-in-plain-sight-on-framework-devices/
        https://www.bleepingcomputer.com/news/security/secure-boot-bypass-risk-on-nearly-200-000-linux-framework-sytems/
      • A Small Number Of Training Docs Can Create a LLM Backdoor
        "Only a couple hundred malicious training documents are needed before a large language model puts out meaningless text when prompted with a specific trigger phrase, say researchers. Researchers at Anthropic, working with the United Kingdom's AI Security Institute and the Alan Turing Institute tested a pretraining poisoning attack method of including malicious documents in training data for models that ranged from 600 million to 13 billion parameters. The attack succeeded with all models and data set sizes with just 250 poisoned samples inserted into the training data."
        https://www.bankinfosecurity.com/small-number-training-docs-create-llm-backdoor-a-29728
        https://arxiv.org/pdf/2510.07192
      • Eavesdropping On Internal Networks Via Unencrypted Satellites
        "We pointed a commercial-off-the-shelf satellite dish at the sky and carried out the most comprehensive public study to date of geostationary satellite communication. A shockingly large amount of sensitive traffic is being broadcast unencrypted, including critical infrastructure, internal corporate and government communications, private citizens’ voice calls and SMS, and consumer Internet traffic from in-flight wifi and mobile networks. This data can be passively observed by anyone with a few hundred dollars of consumer-grade hardware. There are thousands of geostationary satellite transponders globally, and data from a single transponder may be visible from an area as large as 40% of the surface of the earth."
        https://satcom.sysnet.ucsd.edu/
        https://cyberscoop.com/researchers-scan-satellites-find-massive-corporate-military-data-leaks/
      • From Broadcast To Breach: LLMNR/NBT-NS Poisoning In Action
        "In earlier versions of Windows networks, the NetBIOS protocol was used to handle communication and services between systems. A key part of this was the NetBIOS Name Service (NBT-NS), which managed name registration and resolution. Microsoft later introduced Link-Local Multicast Name Resolution (LLMNR) as the successor to NBT-NS. LLMNR provides the same functionality by allowing systems on the same local network to resolve hostnames when DNS is unavailable. It supports both IPv4 and IPv6 and broadcasts queries to all devices on the subnet when a DNS lookup fails."
        https://www.resecurity.com/es/blog/article/from-broadcast-to-breach-llmnrnbt-ns-poisoning-in-action
        https://www.infosecurity-magazine.com/news/legacy-windows-protocols-expose/
      • Microsoft Restricts IE Mode Access In Edge After Zero-Day Attacks
        "Microsoft is restricting access to Internet Explorer mode in Edge browser after learning that hackers are leveraging zero-day exploits in the Chakra JavaScript engine for access to target devices. The tech giant did not share too many technical details but said that the threat actor combined social engineering with an exploit in Chakra to gain remote code execution. “The [Edge security] team recently received intelligence indicating that threat actors were abusing Internet Explorer (IE) mode within Edge to gain access to unsuspecting users’ devices,” says Gareth Evans, Microsoft Edge Security Team Lead."
        https://www.bleepingcomputer.com/news/security/microsoft-restricts-ie-mode-access-in-edge-after-zero-day-attacks/
        https://thehackernews.com/2025/10/microsoft-locks-down-ie-mode-after.html
        https://securityaffairs.com/183333/security/microsoft-revamps-internet-explorer-mode-in-edge-after-august-attacks.html

      Malware

      • When The Monster Bytes: Tracking TA585 And Its Arsenal
        "As the cybercrime landscape continues to innovate, new threat actors and capabilities are emerging. One new cybercriminal threat actor, TA585, operates with a high level of sophistication and delivers a variety of malware including the recently released MonsterV2. MonsterV2 is advertised as a remote access trojan (RAT), stealer, and loader. It is expensive compared to its peer malware families, and used by only a small number of actors, including TA585. Proofpoint researchers first observed it sold on hacking forms in February 2025. TA585 is notable because it appears to own its entire attack chain with multiple delivery techniques. Instead of leveraging other threat actors – like paying for distribution, buying access from initial access brokers, or using a third-party traffic delivery system – TA585 manages its own infrastructure, delivery, and malware installation."
        https://www.proofpoint.com/us/blog/threat-insight/when-monster-bytes-tracking-ta585-and-its-arsenal
        https://thehackernews.com/2025/10/researchers-expose-ta585s-monsterv2.html
        https://www.infosecurity-magazine.com/news/ta585-advanced-attack/
      • SOE-Phisticated Persistence: Inside Flax Typhoon's ArcGIS Compromise
        "What if attackers could turn your trusted software components into persistent backdoors, executing attacks that are so unique vendors are forced to rewrite documentation? For over a year, a China-backed advanced persistent threat (APT) group (“Flax Typhoon”) did just that, proving attackers don’t need their own tools when they can corrupt yours. The group cleverly modified a geo-mapping application’s Java server object extension (SOE) into a functioning web shell. By gating access with a hardcoded key for exclusive control and embedding it in system backups, they achieved deep, long-term persistence that could survive a full system recovery."
        https://reliaquest.com/blog/threat-spotlight-inside-flax-typhoons-arcgis-compromise
        https://www.bleepingcomputer.com/news/security/chinese-hackers-abuse-geo-mapping-tool-for-year-long-persistence/
        https://www.darkreading.com/application-security/chinas-flax-typhoon-geo-mapping-server-backdoor
        https://thehackernews.com/2025/10/chinese-hackers-exploit-arcgis-server.html
        https://cyberscoop.com/flax-typhoon-hinese-state-hackers-arcgis-backdoor-webshell/
        https://www.infosecurity-magazine.com/news/chinese-hackers-use-trusted-arcgis/
      • Pixnapping Attack
        "Pixnapping is a new class of attacks that allows a malicious Android app to stealthily leak information displayed by other Android apps or arbitrary websites. Pixnapping exploits Android APIs and a hardware side channel that affects nearly all modern Android devices. We have demonstrated Pixnapping attacks on Google and Samsung phones and end-to-end recovery of sensitive data from websites including Gmail and Google Accounts and apps including Signal, Google Authenticator, Venmo, and Google Maps. Notably, our attack against Google Authenticator allows any malicious app to steal 2FA codes in under 30 seconds while hiding the attack from the user."
        https://www.pixnapping.com/
        https://www.pixnapping.com/pixnapping.pdf
        https://thehackernews.com/2025/10/new-pixnapping-android-flaw-lets-rogue.html
        https://www.bleepingcomputer.com/news/security/new-android-pixnapping-attack-steals-mfa-codes-pixel-by-pixel/
        https://www.darkreading.com/vulnerabilities-threats/pixnapping-attack-attackers-2fa-android
        https://www.securityweek.com/pixnapping-attack-steals-data-from-google-samsung-android-phones/
        https://www.malwarebytes.com/blog/news/2025/10/pixel-stealing-pixnapping-attack-targets-android-devices
      • The King Is Dead, Long Live The King! Windows 10 EOL And Windows 11 Forensic Artifacts
        "Windows 11 was released a few years ago, yet it has seen relatively weak enterprise adoption. According to statistics from our Global Emergency Response Team (GERT) investigations, as recently as early 2025, we found that Windows 7, which reached end of support in 2020, was encountered only slightly less often than the newest operating system. Most systems still run Windows 10."
        https://securelist.com/forensic-artifacts-in-windows-11/117680/
      • Weaponizing Discord For Command And Control Across Npm, PyPI, And RubyGems.org
        "Socket’s Threat Research Team continuously observes and identifies malicious packages leveraging Discord as command and control (C2) to exfiltrate data to threat actor-controlled servers. Threat actors historically have been more likely to use their own, controlled, command and control (C2) server. However, Socket’s Threat Research team has observed attackers adopting new and creative approaches to data exfiltration, as seen in the following examples from npm, PyPI, and RubyGems.org."
        https://socket.dev/blog/weaponizing-discord-for-command-and-control
        https://thehackernews.com/2025/10/npm-pypi-and-rubygems-packages-found.html
      • Weaponized Trust: Microsoft’s Logo As a Gateway To Tech Support Scams
        "The brand name Microsoft has been ingrained in our vocabulary for nearly half a century. It is a name synonymous with all technical things: computing, security, and now even AI. But what happens when we blindly trust the brand more than our own security knowledge? Does the logo always guarantee safety? The Cofense Phishing Defense Center has identified a new campaign that weaponizes Microsoft’s Name and branding to lure users into fraudulent tech support scams. On the surface, this campaign resembles many other scams. However, by using tactics such as social engineering, fake system alerts, and deceptive UI overlays, it becomes a much more in-depth attack."
        https://cofense.com/blog/weaponized-trust-microsoft-s-logo-as-a-gateway-to-tech-support-scams
      • GhostBat RAT: Inside The Resurgence Of RTO-Themed Android Malware
        "Cyble Research and Intelligence Labs (CRIL) observed a notable rise in Android malware campaigns masquerading as the Indian RTO (Regional Transport Office) applications and target Indian users to steal sensitive information. The malware spreads mainly through WhatsApp messages and SMS containing shortened URLs that appear as the RTO app, mParivahan, which redirect to GitHub-hosted APKs, and via compromised websites."
        https://cyble.com/blog/ghostbat-rat-inside-the-resurgence-of-rto-themed-android-malware/
      • Unverified COTS Hardware Enables Persistent Attacks In Small Satellites Via SpyChain
        "The rise of small satellites has transformed scientific, commercial, and defense operations. Using commercial off-the-shelf (COTS) parts makes them cheaper and faster to build but also introduces new, poorly understood security risks unique to space systems. The paper “SpyChain: Multi-Vector Supply Chain Attacks on Small Satellite Systems” introduces SpyChain, a framework for studying supply chain threats in small satellite systems. Unlike prior work focused on direct software attacks, SpyChain examines risks from third-party COTS hardware that often lacks strong verification but has deep system access. Using NASA’s NOS3 simulator, it demonstrates the first practical, persistent, multi-component supply chain attack on small satellites."
        https://securityaffairs.com/183303/hacking/unverified-cots-hardware-enables-persistent-attacks-in-small-satellites-via-spychain.html
        https://arxiv.org/abs/2510.06535
      • TigerJack's Extensions Continue To Rob Developers Blind Across Different Marketplaces
        "Meet TigerJack - a threat actor we've been tracking since early 2025, who has systematically infiltrated developer marketplaces with at least 11 malicious VS Code extensions across multiple publisher accounts. Operating under the identities ab-498, 498, and 498-00, Tiger-Jack has deployed a sophisticated arsenal: extensions that steal source code, mine cryptocurrency, and establish remote backdoors for complete system control."
        https://www.koi.ai/blog/tiger-jack-malicious-vscode-extensions-stealing-code
        https://www.bleepingcomputer.com/news/security/malicious-crypto-stealing-vscode-extensions-resurface-on-openvsx/
      • Search, Click, Steal: The Hidden Threat Of Spoofed Ivanti VPN Client Sites
        "The Zscaler Threat HuntingTM team has recently detected an uptick in activity involving SEO poisoning to lure users into downloading a malicious version of the Ivanti Pulse Secure VPN client. This campaign capitalizes on users searching for legitimate software on search engines, redirecting them to attacker-controlled websites. The goal of this initial access attack is to steal VPN credentials from the victim's machine, enabling further compromise."
        https://www.zscaler.com/blogs/security-research/spoofed-ivanti-vpn-client-sites
      • WhatsApp Worm Targets Brazilian Banking Customers
        "Counter Threat Unit™ (CTU) researchers are investigating multiple incidents in an ongoing campaign targeting users of the WhatsApp messaging platform. The campaign, which started on September 29, 2025, is focused on Brazil and seeks to trick users into executing a malicious file attached to a self-spreading message received from a previously infected WhatsApp web session. If executed, the worm attempts to replicate itself to the victim’s WhatsApp contacts and install a banking trojan tailored for Brazilian banks and cryptocurrency exchanges."
        https://news.sophos.com/en-us/2025/10/10/whatsapp-worm-targets-brazilian-banking-customers/
      • Anatomy Of An Attack: The "BlackSuit Blitz" At a Global Equipment Manufacturer
        "Unit 42 recently assisted a prominent manufacturer who experienced a severe ransomware attack orchestrated by Ignoble Scorpius, the group that distributes BlackSuit ransomware. This incident serves as a reminder of how a seemingly minor issue — in this case, a single set of compromised VPN credentials — can lead to a full-scale corporate crisis with tremendous impact to the bottom line."
        https://unit42.paloaltonetworks.com/anatomy-of-an-attack-blacksuit-ransomware-blitz/

      Breaches/Hacks/Leaks

      • Indiana City Confirms Ransomware Hackers Behind September Incident
        "Michigan City, Indiana, has confirmed that a damaging cyber incident three weeks ago that impacted government systems was a ransomware attack. The Indiana city located on the south shore of Lake Michigan was forced to take many systems offline on September 23 and initially called it a “network disruption.” On Saturday, the city acknowledged it was hit with a ransomware attack “that affected a portion of the City's data and impacted municipal employees' online and telephone access.”"
        https://therecord.media/michigan-indiana-city-ransomware
      • Qantas Confirms Cybercriminals Released Stolen Customer Data
        "Australian airline Qantas confirmed that hackers have recently published data they stole in a cyberattack this summer. Qantas told customers it has an Australian court injunction in place to stop people within the country from accessing, viewing or releasing the data. It is currently investigating what data was leaked. The acknowledgement of the leak comes after the Scattered LAPSUS$ Hunters cybercriminal organization published information on Friday that was stolen from Qantas and five other large companies. The six are part of a larger group of about 40 high-profile customers of Salesforce initially listed on the cybercriminals’ leak site two weeks ago."
        https://therecord.media/qantas-cybercriminals-stolen-data

      General News

      • The Solar Power Boom Opened a Backdoor For Cybercriminals
        "Solar isn’t low risk anymore. Adoption has turned inverters, aggregators, and control software into attack surfaces capable of disrupting service and undermining confidence in the transition. Until recently, security risks in solar systems received little attention. That is starting to change as awareness grows across the energy sector. In July 2024, the FBI issued an industry alert warning organizations about threats to renewable energy systems."
        https://www.helpnetsecurity.com/2025/10/14/solar-power-systems-cyber-threats/
      • Beyond VDI: Security Patterns For BYOD And Contractors In 2025
        "Remote work is no longer a contingency – it’s the operating norm. Yet the security posture for that work often leans on virtual desktops as a default, even when the workforce is dominated by bring‑your‑own‑device (BYOD) users and short‑term contractors. Virtual desktop infrastructure (VDI) can centralize risk, but it can also centralize failure, expand the admin plane, and add latency that users will work around."
        https://www.tripwire.com/state-of-security/beyond-vdi-security-patterns-byod-contractors
      • Survey Findings: AI Cyber Threats Are a Reality, The People Are Acting Now
        "Artificial intelligence is changing the cybersecurity field as fast as any other, both on the offensive and defensive side. We surveyed over 1,500 cybersecurity professionals from around the world to uncover their attitudes, understanding, and priorities when it comes to AI cybersecurity in 2025. Our full report, unearthing some telling trends, is out now."
        https://www.darktrace.com/blog/survey-findings-ai-cyber-threats-are-a-reality-the-people-are-acting-now
        https://www.darktrace.com/the-state-of-ai-cybersecurity-2025
        https://cyberscoop.com/continuous-threat-exposure-management-cybersecurity-ctem-ai-resilience/
      • Gcore Mitigates Record-Breaking 6 Tbps DDoS Attack
        "Gcore, the global edge AI, cloud, network, and security solutions provider, has successfully mitigated one of the largest DDoS attacks recorded to date. The large-scale, multi-regional DDoS attack reached a peak bandwidth of 6 Tbps (terabits per second) and a packet rate of 5.3 Bpps (billion packets per second). The attack targeted a hosting provider operating in the gaming sector, but the methodology and scale confirm a broader trend of intensifying DDoS campaigns aimed at a wide range of digital infrastructure. The attack was consistent with the AISURU botnet, which has been associated with several high-impact incidents in recent months worldwide."
        https://hackread.com/gcore-mitigates-record-breaking-6-tbps-ddos-attack/
      • UK Firms Lose Average Of £2.9m To AI Risk
        "British businesses have been urged to prioritize AI governance when adopting the technology in new projects, after new data from EY revealed the average company has lost millions due to unmanaged risks. The consulting giant polled 100 UK firms as part of a global Responsible AI (RAI) Pulse survey, which was compiled from interviews with 975 C-suite leaders across 21 countries. Almost all (98%) UK respondents reported losses over the past year due to AI-related risks, with 55% claiming that such risks cost them over $1m (£750,000). The most common risks included regulatory non-compliance (57%), inaccurate or poor-quality training data (53%) and high energy usage impacting sustainability goals (52%)."
        https://www.infosecurity-magazine.com/news/uk-firms-lose-average-29m-ai-risk/
      • Signal In The Noise: What Hashtags Reveal About Hacktivism In 2025
        "What do hacktivist campaigns look like in 2025? To answer this question, we analyzed more than 11,000 posts produced by over 120 hacktivist groups circulating across both the surface web and the dark web, with a particular focus on groups targeting MENA countries. The primary goal of our research is to highlight patterns in hacktivist operations, including attack methods, public warnings, and stated intent. The analysis is undertaken exclusively from a cybersecurity perspective and anchored in the principle of neutrality."
        https://securelist.com/dfi-meta-hacktivist-report/117708/
      • Beyond The Black Box: Building Trust And Governance In The Age Of AI
        "As AI systems grow more autonomous and are embedded into high-stakes decisions, such as hiring, healthcare, or law enforcement, they introduce complex ethical dilemmas and transparency challenges. These concerns need thoughtful governance to ensure fairness, accountability, and public trust in AI-driven outcomes. Without enough controls, organizations run the risk of being sanctioned by regulators, losing their reputation, or facing adverse impacts on people and communities. These threats can be managed only by an agile, collaborative AI governance model that prioritizes fairness, accountability, and human rights."
        https://www.securityweek.com/beyond-the-black-box-building-trust-and-governance-in-the-age-of-ai/
      • CISO Conversations: Are Microsoft’s Deputy CISOs a Signpost To The Future?
        "During 2024, Microsoft unveiled a new Deputy CISO (dCISO ) strategy as part of its broader Secure Future Initiative (SFI). To understand the reasons and potential for this evolution of the CISO role, we spoke to Ann Johnson (Corporate Vice President and Deputy CISO) and Mark Russinovich (CTO, Deputy CISO and Technical Fellow, Azure). When Igor Tsyganskiy became corporate CISO at the end of 2023, he decided he needed specialist assistance in specialized areas. Microsoft is a massive and massively complex organization, and every aspect of the CISO role is equally larger in scale and scope."
        https://www.securityweek.com/ciso-conversations-are-microsofts-deputy-cisos-a-signpost-to-the-future/
      • US Seizes $15 Billion In Crypto From 'pig Butchering' Kingpin
        "The U.S. Department of Justice has seized $15 billion in bitcoin from the leader of Prince Group, a criminal organization that stole billions of dollars from victims in the United States through cryptocurrency investment scams, also known as romance baiting or pig butchering. Criminals behind such scams usually contact their targets through social media, dating sites, and messaging apps, build trust, and then lure victims into fake investment schemes. However, instead of investing the funds, the scammers steal the money by moving it into accounts they control."
        https://www.bleepingcomputer.com/news/security/us-seizes-15-billion-in-crypto-from-pig-butchering-kingpin/
        https://therecord.media/feds-sanction-cambodian-conglomerate-scams-seize-15-billion
        https://www.bankinfosecurity.com/cambodian-conglomerate-pig-butchering-outfit-says-us-a-29723
        https://cyberscoop.com/southeast-asia-cybercrime-networks-sanctions-seizure/
        Security Firms Dispute Credit For Overlapping CVE Reports
        "Cybersecurity company FuzzingLabs has accused the Y Combinator-backed startup, Gecko Security, of replicating its vulnerability disclosures and backdating blog posts. According to the company, Gecko filed CVEs for two vulnerabilities that FuzzingLabs previously disclosed, and even "copied the PoCs, re-submitted them, and took the credit." Gecko Security has denied any wrongdoing, calling the allegations a misunderstanding over disclosure processes."
        Priority: 3 - Important
        Relevance: General
        https://www.bleepingcomputer.com/news/security/security-firms-dispute-credit-for-overlapping-cve-reports/
      • Taiwan Reports Surge In Chinese Cyber Activity And Disinformation Efforts
        "Taiwan’s top intelligence agency is warning that China is intensifying cyberattacks and online disinformation campaigns aimed at eroding public trust in government institutions and deepening divisions within the island’s democracy. According to a report presented to parliament by Taiwan’s National Security Bureau (NSB) and cited by local media, government networks have faced an average of 2.8 million intrusions per day in 2025 — a 17 percent increase from last year. Officials said much of that activity, traced to China, has targeted critical infrastructure, including defense, telecommunications, energy and medical systems."
        https://therecord.media/taiwan-nsb-report-china-surge-cyberattacks-influence-operations

      อ้างอิง
      Electronic Transactions Development Agency(ETDA)

      1 การตอบกลับ คำตอบล่าสุด ตอบ คำอ้างอิง 0
      • First post
        Last post