Sara: Open-source RouterOS security inspector
Sara is an open-source tool designed to analyze RouterOS configurations and identify security vulnerabilities on MikroTik hardware. Sara’s main feature is using regular expressions as…
Month: January 2025
Google must face mobile phone privacy class action, possible trial – Telco/ISP
Google failed to persuade a US federal judge to dismiss a privacy class action claiming it collected personal data from people’s mobile phones after they…
Mirai Botnet Variant Exploits Zero-Day Vulnerabilities in Routers
Researchers observed the Gayfemboy botnet in early 2024 as a basic Mirai variant. Still, the botnet rapidly evolved through iterative development, including UPX polymorphic packing,…
Gravy Analytics data breach could put millions to data security risks
Gravy Analytics, a Virginia-based company whose name has no connection to the actual meaning of “gravy,” has recently found itself in the spotlight for all…
GitLab CISO on proactive monitoring and metrics for DevSecOps success
In this Help Net Security interview, Josh Lemos, CISO at GitLab, talks about the shift from DevOps to DevSecOps, focusing on the complexity of building…
Ivanti Flaw CVE-2025-0282 Actively Exploited, Impacts Connect Secure and Policy Secure
Ivanti is warning that a critical security flaw impacting Ivanti Connect Secure, Policy Secure, and ZTA Gateways has come under active exploitation in the wild…
Researchers Detailed Exploitation Steps Of North Korean Kimsuky APT Group
Since 2013, the advanced persistent threat (APT) known as Kimsuky, which the North Korean government sponsors, has been actively conducting cyber espionage operations. It employs…
Cybersecurity in 2025: Global conflict, grown-up AI, and the wisdom of the crowd
As we look ahead to cybersecurity developments in 2025, there’s bad news and good—expect to see new challenging attacks and the cybersecurity community increasingly working…
Telstra to trial satellite-to-mobile services with Starlink – Networking – Telco/ISP
Telstra has signed an agreement with SpaceX to use Starlink to deliver satellite-to-mobile services, starting with SMS this year. Initially, Telstra will trial the satellite-to-mobile…
Wireshark 4.4.3 Released – What’s New!
The Wireshark Foundation has announced the release of Wireshark 4.4.3, the latest version of the world’s most popular network protocol analyzer. This update brings a…
Ivanti VPN Zero-Day Vulnerability Actively Exploited in the Wild
Ivanti has disclosed actively exploiting a critical zero-day vulnerability, CVE-2025-0282, in its Connect Secure VPN appliances. This vulnerability allows unauthenticated remote code execution and has…
SonicWall warns of an exploitable SonicOS vulnerability
SonicWall warns of an exploitable SonicOS vulnerability Pierluigi Paganini January 08, 2025 SonicWall warns customers to address an authentication bypass vulnerability in its firewall’s SonicOS…